Privacy policy
Last updated: June 2026
This Privacy Policy is intended to describe the management methods of this website with regard to the processing of personal data of users/customers who consult it and use the booking service. Data processing is inspired by the principles of fairness, lawfulness, transparency, protection of privacy and user rights, in accordance with EU Regulation 2016/679 (GDPR).
1. Data Controller The Data Controller is: Name/Company Name: Emiliana Piera Sarzotti / Simone Sarzotti Contact Email: lafrase.se@gmail.com
2. Type of Data Collected: Personal data collected through the site, independently or through third parties, includes: Browsing data: IP address, data, browser type, device parameters used to connect to the site (collected automatically for the sole purpose of ensuring the proper functioning of the site). Booking data: Name, surname, email address, telephone number, dates of stay, number of guests, and any special notes or requests. Payment data: Credit card or payment method data are not collected or stored by the Data Controller, but are managed directly by the secure payment gateway Stripe.
3. Purpose and Legal Basis of the Processing
The personal data provided by users will be used exclusively for the following purposes: Booking and accommodation management: To confirm, modify, or manage the stay at the apartment, communicate with the guest before and during the stay, and fulfill contractual obligations. Legal obligations: To fulfill tax and accounting obligations and to communicate guest data to public security authorities (e.g., the Guest Portal Web), where required by applicable law.
⚠️ Transparency note: Your data will not be used for marketing, profiling, or transferred to third parties for commercial purposes.
4. Processing Methods and Payment Security: Data is processed using IT and/or electronic means, using methods strictly related to the purposes indicated and, in any case, ensuring the security and confidentiality of the data. Payment Security (Stripe): To manage online payments, the site uses the secure Stripe platform. Stripe acts as an independent data controller for transaction management. Credit card data is encrypted and transmitted directly to Stripe without passing through our servers. For more information, please consult Stripe's Privacy Policy.
5. Communication and Scope of Data Dissemination: Personal data will not be disseminated, but may be disclosed to third parties closely involved in managing the service, such as: Internal facility management personnel (e.g., cleaning or reception staff). Public Security Authorities (e.g., Police Headquarters) in compliance with legal obligations regarding guest registration.
6. Data Retention Period: The data will be retained only for the time strictly necessary to manage the booking and stay, and subsequently for the period required by applicable tax and civil regulations (generally 10 years from the invoice date). Browsing data is deleted immediately after their anonymous statistical processing.
7. Rights of the Data Subject. In accordance with the GDPR, you have the right to: Access your personal data in our possession. Request the rectification of inaccurate data or the completion of incomplete data. Request the deletion of your data (right to be forgotten), if it is no longer necessary or there are no legal obligations requiring its retention. Request the restriction of processing or object to it. File a complaint with the Italian Data Protection Authority (www.garanteprivacy.it). To exercise these rights, you may send a written communication to the Data Controller's email address indicated in point 1.
8. Changes to this Privacy Policy The Data Controller reserves the right to make changes to this privacy policy at any time, informing users on this page. Therefore, please check this page periodically, referring to the last update date indicated at the top.