Privacy Policy

Last updated: 02/12/2024 Bagni D’Arienzo S.r.l. ("Arienzo Beach Club") is committed to protecting the privacy of its customers and website users, in compliance with global data protection regulations, including:

  • GDPR (General Data Protection Regulation - EU),
  • CCPA/CPRA (California Consumer Privacy Act/California Privacy Rights Act - USA),
  • DMA (Digital Markets Act - EU),
  • LGPD (Lei Geral de Proteção de Dados - Brazil),
  • POPIA (Protection of Personal Information Act - South Africa).

This policy outlines the methods for collecting, using, sharing, and protecting personal data and includes specific details regarding the use of WhatsApp, SMS, and consent mechanisms for marketing purposes.

1. Data Controller The Data Controller is Bagni D’Arienzo S.r.l., with its registered office at Via Pasitea, 71, 84017 Positano (SA), Italy, VAT ID: 02972990655. Contacts:

  • Email: reservation@arienzobeachclub.com
  • WhatsApp and SMS: +39 089 812002

For inquiries or to exercise your rights, you can use the contacts listed above.

2. Applicable Laws and Scope This Privacy Policy applies to personal data collected through:

  • https://arienzobeachclub.com/
  • https://booking.arienzobeachclub.com/

Global compliance includes:

  • GDPR (EU): Rights to access, rectification, deletion, portability, and objection.
  • CCPA/CPRA (California): Rights to know, delete, and limit the sale/sharing of data.
  • DMA (EU): Rules for fair and transparent data processing.
  • LGPD (Brazil): Principles of purpose, transparency, and minimization.
  • POPIA (South Africa): Protection against unauthorized processing and explicit consent obligations.

3. Purposes and Legal Bases for Processing | Purpose | Legal Basis | |---------------------------|---------------------------| | Booking management, pre- and post-sales support | GDPR: Contract (Art. 6(1)(b)); CCPA/CPRA: Operational purposes; LGPD: Contract execution. | | Communications via WhatsApp/SMS (informational and transactional) | Explicit consent requested during booking. | | Sending newsletters/promotional offers | Explicit consent (non-customers) or legitimate interest (existing customers). | | Administrative, accounting, and tax compliance | GDPR: Legal obligation (Art. 6(1)(c)); LGPD: Regulatory obligations; POPIA: Specific purposes. | | Targeted advertising (Google Consent Mode, retargeting) | Consent for profiling and advertising cookies; CCPA/CPRA: Limitation on "sale" of data. | Note: Failure to provide essential data may prevent service provision.

4. Marketing and Direct Communications

  1. WhatsApp and SMS:
  • During booking, users can opt to receive communications via WhatsApp or SMS.
  • Purposes: Reservation confirmations, service updates, or promotions.
  • Opt-out: You can unsubscribe at any time by replying “STOP” or contacting us via email.
  1. Newsletter:
  • Consent is required for non-customers. For existing customers, communications are sent based on legitimate interest.
  • An "unsubscribe" link is included in every email.
  1. Google Consent Mode:
  • Users can manage their cookie preferences for tracking and advertising activities.
  • Detailed information is available in the Cookie Policy.

5. Rights of Data Subjects Rights vary by jurisdiction:

  • GDPR (EU): -- Access, rectification, deletion, restriction, portability, objection.
  • CCPA/CPRA (California): -- Request access to data collected in the past 12 months. -- Right to deletion and to limit sharing of personal data.
  • LGPD (Brazil): -- Confirmation of data processing; anonymization; explanations on processing.
  • POPIA (South Africa): -- Right to rectification; consent withdrawal; portability. How to exercise your rights:
  • Email: reservation@arienzobeachclub.com
  • WhatsApp/SMS: +39 338 8778082

6. Data Recipients Personal data may be shared with:

  • Technical service providers (servers, email marketing).
  • Legal and administrative entities (to comply with legal obligations).
  • Advertising partners for retargeting (with explicit consent).

Data will not be transferred outside the EU without adequate guarantees (e.g., Standard Contractual Clauses).

7. Retention Period

  • Bookings and contracts: Up to 5 years after the relationship ends (Art. 2948 of the Italian Civil Code).
  • Tax data: Retained for 10 years (Art. 2220 of the Italian Civil Code).
  • Marketing data: Retained until consent is withdrawn.

8. Cookie Policy and Online Advertising We use cookies for analytics, marketing, and essential functionality:

  • Technical cookies: Necessary for website functionality.
  • Marketing cookies (Google Ads, Meta): Subject to explicit consent.

Manage preferences through the cookie banner or visit our Cookie Policy.

9. Data Security Bagni D’Arienzo S.r.l. adopts appropriate technical and organizational security measures to prevent unauthorized access, loss, or unlawful processing of data.

** 10. Changes to the Privacy Policy** We periodically update this Policy to ensure compliance with applicable regulations. Users will be informed via the website or email.

Contact us: Bagni D’Arienzo S.r.l. Via Pasitea, 71, 84017 Positano (SA), Italy Email: reservation@arienzobeachclub.com WhatsApp: +39 338 8778082