The purpose of this privacy policy (hereinafter the "Policy") is to explain to you the rules governing the various processing operations that may be carried out when you use our website accessible from the URL address: lucysroof.it (hereinafter the "Site").
The processing of personal data implemented from the Site is the responsibility of two co-responsible controllers.
The persons responsible for processing your personal data are:
The company Amenitiz Solutions (hereinafter "Amenitiz") which manages the website ofLucy's Roof
Amenitiz is registered under CIF number B67096750 in Barcelona, Spain. Its registered office is located at 4, Plaza d'Urquinaona, 08010 Barcelona, Spain.
Amenitiz supports hosting professionals by offering them a digital platform hosted in SaaS mode allowing them to create a website for their hosting activity.
Lucy's Roof
This company is registered with the Italia administration of Roma under number CIR: 27710 / CIN: IT058091C2O7BBHP9J (hereinafter the "Establishment"). Its registered office is located at Via Sisto IV, 219 Roma, 00167, Italia.
Amenitiz and the Institution are hereinafter referred to together as the "Data Controller". The terms "we", "us" and "our" in this Privacy Policy refer to the Data Controller.
As the person responsible for processing your Personal Data, we do everything in our power to protect your privacy when you visit the Site.
This Policy allows you to learn more about the origin and use of your Personal Data and your browsing information processed when you visit our Site.
For the purposes of this Policy, the term "Personal Data" refers to any data that relates to you alone and allows you to be identified directly or indirectly, regardless of the Terminal you are using.
The term "Terminal" refers to the physical equipment (computer, tablet, smartphone, telephone, etc.) that you use to view and navigate the Site.
The term "Regulation" refers to the regulation relating to personal data, and in particular to Regulation No. 2016/679, known as the General Data Protection Regulation, the French Data Protection Act No. 78-17 of 6 January 1978 and the French Act No. 2018-493 on the protection of personal data.
By using our Site, you declare that you accept the terms of this Policy in their entirety.
If you do not agree with any of these terms, you are free to stop using our Site.
This Privacy Policy is updated regularly. In order for you to be properly informed of any significant changes in advance, we will notify you by means of notifications on the relevant services or by email as appropriate.
The Site will always display the most current version of this Privacy Policy.
1. Protection of your personal data
In accordance with the Regulations, we list all processing operations carried out in a processing register that we leave at the disposal of the competent authorities.
All information you may have provided us during your visits to the Site is strictly confidential. This information is necessary for the purpose of their processing.
1.1. What Personal Data is collected and processed?
The information that may be collected and processed is as follows:
- Identification data and contact details: your first name, last name, gender, postal address, telephone number, email address, language and the country from which you interact with us;
- Financial and payment data: your bank details (in this respect we inform you that all payment transactions are encrypted by the receiving bank or accredited storage centre and that we do not keep any credit card number), information on your reservations, etc..;
- Connection, geolocation (only with your consent) and navigation data; and
- Personal preferences: This includes your cookie preferences.
When we ask you to enter your personal data to access a feature, some data are mandatory fields since they are data that we need to allow you to access this feature (for example, to register your reservation we need your first and last name).
It is important that the personal information shared about you is correct and up to date.
We do not process any personal data that could be qualified as "sensitive" (information concerning racial or ethnic origin, political, philosophical or religious opinions, trade union membership, health or sex life) within the meaning of the Personal Data Regulations.
In this respect, it is specified that our Site is not intended for children and that we therefore do not process any data relating to them.
We undertake not to transfer your personal data to third parties unless otherwise specified below in Article 1.3.
1.2. For what purposes are your Personal Data collected and processed?
The Personal Data listed above may be collected and processed for the following purposes:
Booking management
The processing of your data is necessary to keep you informed of the status of your reservation, the summary of your reservation, accept your payment, etc.
Access to customer service
We process your Personal Data as part of our customer service in order to answer your requests, in particular by using the contact form.
Improving our services
We process your navigation and booking data for analysis and statistics. Indeed, this data allows us to analyze how you use our Site and to improve its ergonomics and quality.
Marketing
As part of your subscription to our newsletter, we process your data in order to manage your subscription and send you targeted information by email or SMS according to your preferences. We may also contact you via push notifications if you subscribe to this service.
Processing for marketing purposes requires your consent. Thus, you can unsubscribe from our communications at any time.
In the event that you have given us your consent to receive our communications, whether via our newsletter or via push notifications, we may use the information you have provided to us for the following purposes:
- Sharing information on our current events, products, services, offers;
- Recommendations on certain products or services that may be of interest to you; and
- Customer research to better understand your expectations regarding the products and services offered by our Site.
1.3. Who are the recipients of your Personal Data?
In the course of using our Site, you may receive information from third parties with whom we collaborate in order to offer you certain services. It may be a question of:
- Accredited financial institutions and storage centres;
- Fraud detection and prevention entities; and
- Service providers related to marketing, communication and advertising.
Personal Data collected from the Site are mainly processed by the internal services of the Data Controller.
However, we may share your information with the third parties listed above for the following reasons, among others:
- make payment in the case of financial institutions and accredited storage centres;
verify your credit and identity with respect to fraud detection and prevention entities; and
- optimize your experience on our Site and improve our services for service providers related to marketing, communication and advertising.
We ask third parties who receive your personal data to undertake to comply with the Regulation on personal data. The third parties listed above may only use your personal information in accordance with our instructions and not for their own use.
Your login and browsing data can also be transferred to Google Analytics.
We may also disclose your Personal Data to respond to an injunction from the legal authorities.
1.4. How long is your Personal Data kept?
We will keep your data for a period of ten (10) years following your last reservation in order to answer any questions, complaints or to maintain all the data necessary to meet legal, accounting or analytical requirements (article L.123-22 of the French Commercial Code).
We may also keep your data for research or statistical analysis; it will then be anonymized.
As part of a subscription to our newsletter, we will not contact you again if you have not opened our newsletters for more than twelve (12) months.
Any change to this Policy will be made on this page and will be notified to you by e-mail in the event of a material change.
The Data Controller may also keep your data for research or statistical analysis. As these are then anonymized, no retention period is imposed by the Regulations as it is no longer possible to "re-identify" you afterwards.
1.5. Hosting your Personal Data
Your Personal Data is hosted by Heroku Inc. The Landmark @ 1 Market St., Suite 300, San Francisco, CA, 94105, United States.'
The servers on which your Personal Data is stored are located Frankfurt, Germany.
In any event, the Data Controller has put in place appropriate technical measures to maintain the security of your Personal Data.
1.6. What are your rights?
1.6.1. The consent
Your consent must be given in a clear and unambiguous manner. This is why, when you agree to fill in the contact form of the Site
- you are informed of the use that will be made of your Personal Data;
- you must check a box to validate your consent; and
- children under 13 years of age cannot give their consent.
1.6.2. Other rights
In accordance with the Regulations, you have the following rights over your Personal Data:
- Right of access to data: this right allows you to receive a copy of the Personal Data we hold about you;
- Right to rectification: this right gives you the possibility to request the correction of inaccurate or incomplete Personal Data concerning you;
- Right to delete your Personal Data: this right gives you the possibility to ask us to delete your Personal Data if one of the legal grounds is fulfilled:
the Personal Data are no longer necessary for the purposes of the processing;
you have withdrawn your consent on which the processing is based ;
you have objected to the processing operation by means of your right of objection;
the processing of your Personal Data is unlawful; or
your Personal Data must be deleted under a legal obligation.
- Right to limit the processing of your Personal Data; this limitation of processing may be carried out when:
you dispute the accuracy of your Personal Data;
you do not object to the deletion of your Personal Data in the context of unlawful processing, but require that it be limited;
your Personal Data are no longer used by our services but that their storage is only necessary for the recognition, exercise or defence of a legal claim; or
you object to us using your Personal Data through your right of objection.
- Right to the portability of your Personal Data: you can contact us to have your Personal Data provided to you or directly to another controller in a structured, commonly used and machine-readable format;
- Right of objection: you can contact us when
the processing is carried out in the public interest or for the purposes of our legitimate interests; you may object to it only for reasons relating to your situation; or
the processing is carried out for the purpose of commercial prospecting; you may object to it at any time and without any explanation being given to us.
- Right to determine the fate of your Personal Data after your death (the e-Testament): one of the specific features of French law is that it allows you to send us your instructions concerning the way we will handle your Personal Data after your death. As such, you can choose whether they are deleted or transmitted to one of your relatives.
Regardless of the purpose or legal basis under which we process your data, you can therefore, at any time and at no cost, send us an e-mail to benefit from your rights at the following address:
[email protected]
Or send us a letter to the following address:
Via Sisto IV, 219 Roma, 00167, Italia
Please note, however, that we are not always able to respond positively to your request for legal reasons that we will bring to your attention, if necessary, after we receive your request.
In any case, we remind you that you have the right to lodge a complaint with the competent administrative authority.
1.7. What are the legal grounds for the processing?
For the processing of your data, we rely on legal grounds that depend on how you interact with our Site.
When you purchase products from our Site, we collect and process your personal data to perform the contract between us and you. For example, we need your postal details to deliver your order or your bank details to process payment.
We also rely on other legal grounds such as your legitimate interests. For example, we consider it in your interest that your identity cannot be used for fraudulent purposes, that our customer service staff have access to your order information to better serve you, or that we can better understand your use of our Site to improve its usability and the services we offer you.
Finally, when it comes to the processing of Personal Data for the purpose of prospecting, the legal basis for the processing is your consent (see above Article 1.6.1.).
2. Security of Internet browsing
2.1. Integrity of your data on the Internet
The Site has appropriate security measures in place to prevent any loss, unauthorized use or access, modification or disclosure of your Personal Data
All personal data collected is stored on secure servers. The Data Controller has also put in place procedures to manage any violation of personal data.
2.2. Malicious uses
It is recommended that you connect only to secure networks, preferably private networks. Be aware of the risks involved on public wifi networks.
Regardless of the Data Controller to whom you have voluntarily transmitted your Personal Data and taking into account the nature of the Internet network, other operators, without any link with the Data Controller, are able to collect them without your consent, in particular during your browsing on the Internet. Therefore, we recommend that you install anti-virus and anti-spyware software on your computer and update it regularly.
2.3. Usurpation/ Phishing/ Phishing
The Data Controller will never solicit you by e-mail to obtain personal information.
If you receive an e-mail on behalf of the Data Controller asking you to provide sensitive personal information (bank details, data relating to your private life, etc.), please do not reply and forward this e-mail to us so that we can take the necessary action.
You should only provide your account information after you have logged into the Site directly through your browser.
3. Cookies policy
A cookie is a cookie, i.e. a text file that can be stored in a dedicated space on your Terminal's hard disk when you visit a website. A cookie allows its issuer to identify the Terminal in which it is stored, during the period of validity or registration of the cookie.
When you consult the Site, information relating to the navigation of your Terminal (computer, tablet, smartphone, etc.) may be recorded through cookies installed on your Terminal, subject to the choices you have made regarding cookies and that you can modify at any time.
3.1 What are the cookies on our Site used for?
Only the issuer of a cookie is likely to read or modify the information contained therein.
When you connect to the Site, the Data Controller may, subject to your choices, install various cookies on your Terminal to recognize your Terminal's browser during the validity period of the cookie concerned. The cookies we issue are used for the purposes described below.
The cookies we issue allow us to:
to carry out studies and establish statistics and volumes of visits and use of the various elements composing our Site (sections and contents visited, routes), allowing the Data Controller to improve the interest and ergonomics of his services;
adapt the presentation of the Site to the display preferences of your Terminal (language used, display resolution, operating system used, etc.) when you visit the Site, depending on the display or reading hardware and software that your Terminal contains; and
to implement security measures, for example when you are asked to reconnect to content or a service after a certain period of time.
3.2. Your choices regarding cookies
There are several ways to manage cookies. Any settings you may make may affect your Internet browsing and your access to certain services that require the use of cookies.
You can choose at any time to express and modify your wishes regarding cookies by the means described below.
In particular, you can configure your browser software so that cookies are stored on your Terminal or, on the contrary, that they are rejected, either systematically or according to their origin.
You can also configure your browser software so that you are offered the option of accepting or rejecting cookies from time to time, before a cookie is likely to be stored on your Device. For more information, see "How to make your choices, depending on the browser you use" in Article 4.2.3. below.
3.2.1. The cookie agreement
The recording of a cookie on a Terminal is essentially subject to the will of the Terminal user, who can express and modify it at any time and free of charge through the choices offered to him by his browser software.
If you have accepted the registration of cookies in your Terminal in your browser, the cookies embedded in the pages and content you have viewed may be temporarily stored in a dedicated area of your Terminal. They will be readable only by their transmitter.
3.2.2. Refusal of cookies
If you refuse to accept cookies on your Terminal, or delete those already stored on your Terminal, the quality of the operation of the services offered by the Site will not be degraded.
However, you will no longer be able to benefit from a number of features that may be necessary to navigate in certain areas of the Site. This would be the case if you tried to access the content or services for which the installation of cookies is strictly necessary (e.g. booking a stay). This would also be the case if the Data Controller - or his service providers - could not recognize, for technical compatibility purposes, the type of browser used by your Terminal, its language and display settings or the country from which your Terminal seems connected to the Internet.
If necessary, the Data Controller declines any responsibility relating to the consequences related to the operation of his services resulting from the impossibility for him to record or consult the cookies necessary for their operation and that you have refused or deleted.
We would like to point out that some cookies cannot be deleted as they are strictly necessary for the technical functioning of the Site.
3.2.3. How to make your choices, depending on the browser you use?
For the management of cookies and your choices, the configuration of each browser is different. It is described in the help menu of your browser, which will allow you to find out how to change your cookie preferences.
3.2.4. Delete your cookies
You can delete all your cookies or only those you want. Deleting cookies does not prevent browsing or reinstalling them while browsing. This allows you to control your browser's cookie library at some point. Technical cookies, necessary for navigation, will be reinstalled if you visit the Site.
Below, we explain the procedure to follow depending on your browser.
Chrome
In the Chrome menu, select "Settings".
Display advanced settings
Go to the "Confidentiality" section
Click on "Content Settings".
In the "Cookies" paragraph (first paragraph), click on "Cookies and site data".
Look for the cookies you want to delete and click on "OK". You can also choose to delete all your cookies.
Firefox
In the Firefox menu, go to "Tools" then "Options.
On the "Privacy" tab, click on "Show cookies".
Look for the cookies you want to delete and click on "Delete Cookies".
Internet Explorer
Internet Explorer does not allow cookie management on a case-by-case basis. To delete all your cookies:
Click on "Tools" then on "Internet Options".
In the "General" tab, under "Navigation history", click on "Delete".
Check the "Cookies" box and click on "Delete".
Safari
In the Safari menu, select "Preferences".
In the window that has opened, go to the "Security" tab
Click on "Show cookies".
In the window that opened, locate and select the cookies you want to delete, and click on "Delete".
3.2.5. Private Browsing
The "Private browsing" mode, now offered by all browsers, mainly allows you to browse the Internet without keeping a history of the pages visited or downloads. Regarding cookies, all cookies that were saved during your browsing will be deleted when you close your browser. It is therefore not a solution to refuse cookies; however, their lifespan remains limited to the duration of your browsing.
3.2.6. Disabling third-party cookies
The deactivation of third-party cookies makes it possible to accept only cookies placed by the Site, which you also have the option of deactivating, deleting or limiting.
Here is the procedure to follow, depending on your browser, if you wish to refuse third-party cookies:
Chrome
In the Chrome menu, select "Settings".
Display advanced settings
Go to the "Confidentiality" section
Click on "Content Settings"
In the "Cookies" paragraph (first paragraph), click on "Cookies and site data".
Look for the cookies you want to delete and click on "OK". You can also choose to delete all your cookies.
Firefox
In the Firefox menu, go to "Tools" then "Options".
On the "Privacy" tab, tick the box "Accept cookies".
For the "Accept third-party cookies" setting, select "Never".
Save the changes by clicking on "OK".
Internet Explorer
In the Internet Explorer menu, go to "Internet Options"
In the "Privacy" tab, click on the "Advanced" button
Accept internal cookies, reject third-party cookies
Save the changes by clicking on "OK".
Safari
In the Safari menu, select "Preferences".
In the window that has opened, go to the "Security" tab
To choose, "Accept cookies", select "Only from the sites I visit".
3.2.7. Your choices expressed online directly with us
If you do not wish:
that we collect data on your browsing,
that in the context of a registration via a special operation we can identify the original special operation,
you may choose to disable all third-party cookies, which are not essential for browsing the Site.
We will then store a cookie on your Terminal whose sole purpose is to disable the placement of these cookies on your computer. This cookie will be valid for twelve (12) months.
Attention, the consideration of your wish is based on a cookie. If you delete all cookies stored on your Device (via your browser), the Data Controller - or his service providers - will no longer know that you have chosen this option.