Finestra Sul Borgo Holiday apartment | Trevignano Romano Book

Legal

Privacy Policy

Last updated: February 15, 2026

Data controller

Finestra Sul Borgo is the data controller for the website and direct booking services. For privacy-related requests you can write to info@finestrasulborgo.it.

Data we process

We only process the data needed to provide the services requested by the guest:

  • contact details sent through the contact form, such as name, email address and message;
  • booking details required to manage a direct stay, such as guest identity, stay dates and party size;
  • limited technical data needed for security, service operation and audit purposes;
  • payment-related data handled by external providers such as Stripe under their own policies.

Purpose and legal basis

  • replying to information requests before booking: pre-contractual measures requested by the guest;
  • managing bookings and payments: performance of a contract;
  • tax, legal and compliance obligations: compliance with applicable law;
  • security, abuse prevention and legal defence: legitimate interest of the controller.

How data is processed

Data is processed with digital tools and appropriate technical and organisational safeguards, in line with the principles of minimisation, integrity and confidentiality.

Data retention

  • contact requests: up to 12 months, unless followed by an actual booking or service request;
  • booking and payment data: for as long as needed to manage the stay and meet legal obligations;
  • technical and security logs: only for the time strictly necessary for operational and security purposes.

Processors and service providers

Data may be processed by technical providers strictly necessary to operate the service, including:

  • Cloudflare for hosting and infrastructure;
  • Stripe for online payment processing;
  • integrated guest-compliance platforms when needed, such as Chekin.

International transfers

Some providers may process data outside the European Economic Area. In those cases, processing takes place with appropriate GDPR safeguards, such as standard contractual clauses where applicable.

Your rights

You may exercise the rights granted by Articles 15-22 GDPR at any time, including:

  • access to your data;
  • rectification and update of inaccurate data;
  • erasure where legally applicable;
  • restriction of or objection to processing;
  • data portability where applicable.

To exercise your rights, please write to info@finestrasulborgo.it. You also have the right to lodge a complaint with the Italian Data Protection Authority.

Book WhatsApp