Privacy Policy

The purpose of this document is to inform Users of the Personal Data collected from the website (hereinafter “Application”), under the responsibility of Socci Anna Maria.

The Data Controller, as subsequently identified, may modify or simply update, in whole or in part, this Information by informing Users. The changes and updates will be binding as soon as they are published on the Application. The User is therefore invited to read the Privacy Notice at each access to the Application.

In case of non-acceptance of the changes made to this Privacy Policy,
the User is required to cease using this Application and may request the Data Controller to remove his Personal Data.

Personal data collected by the Application

The Data Controller collects the following types of Personal Data:

Content and information voluntarily provided by the User

Contact data, credentials, content: for example personal data, e-mail or postal address and other contact data, password and security information used for authentication and access to the account, personal interests and preferences and other content personal, etc.

Personal data collected from Social Media: Users can share data communicated to social media with the Application. The User has the right to control the Personal Data to which the Application can access when he allows access to his social media accounts and through the privacy settings available in the social media in question. By associating accounts managed by social media with the Application and authorizing the Owner to access such Data, the User gives consent to the acquisition, treatment and
storage of data provided by said social media in accordance with this Privacy Policy.

Failure by the User to provide some Data could prevent this Application from providing its services.

The User assumes responsibility for the Personal Data of third parties published or shared through this Application and guarantees to have the right to communicate or disseminate them, freeing the Owner from any liability to third parties.

If the processing of Personal Data is based on the User’s consent, the same can revoke it at any time.

Data and content automatically acquired during the use of the Application

Technical data: the IT systems and software procedures used to operate this Application may acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could,
through processing and association with data held by third parties, allow users to be identified. This category includes the IP addresses, or the domain names used by the Users who connect to the Application, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained, etc.

Usage data: Data relating to the use of the Application by the User may also be collected, such as for example the pages visited, the actions performed, the functions and the services used.

Geolocation data: the Application can collect Location data, which can be precise or inaccurate. The precise position data can be GNSS data (Global Navigation Satellite System, for example GPS), in addition to the Data identifying the closest repeater, the Wi-Fi and Bluetooth hotspots, communicated when enabling products or functions based on the position.

Personal data collected through cookies or similar technologies

This Application uses cookies, web beacons, unique identifiers and other similar technologies to collect Data on the pages, links visited and other actions you perform when you use our Services, within advertising or e-mail content. They are stored in order to be retransmitted to the same sites on the next visit by the same User.

The User can view the complete Cookie Policy at the following address:


The collected data can be used for the following purposes:

  • access to accounts on third party services
  • statistics only with anonymous data
  • e-mail or newsletter sending and mailing list management

Method of treatment

The processing of Personal Data is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.

In addition to the Data Controller, in some cases, other parties involved in the organization of this Application may have access to the Data, providing assistance in the management of the Application and the activity or ensuring the provision of services to the User. These subjects appointed, if necessary, Data Processors by the Data Controller, will be able to access Users’ Personal Data whenever this becomes necessary and will be contractually obliged to keep them confidential.

In particular, the subjects who will be able to access Users’ Personal Data are Paypal, Google, Facebook, Instagram, Tripadvisor,

The updated list of Managers can be requested via email at the address

Legal basis of the treatment

The Data Controller processes Personal Data relating to the User if one of the following conditions exists:

  • he User has given consent for one or more specific purposes:
  • processing is necessary for the execution of a contract with the User and / or for the execution of measures
    pre-contract; processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
  • the processing is necessary for the execution of a public interest task or for the exercise of publics
    powers with which the Data Controller is invested; processing is necessary for the pursuit of legitimate interest
    of the owner or third parties.

However, it is always possible to request the Data Controller to clarify the concrete legal basis of each treatment.


The Data are processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. For further information, contact the Data Controller at the following e-mail address

Security measures

The treatment is carried out according to methods and with suitable tools to guarantee the security and confidentiality of the data, having the owner adopted adequate technical and organizational measures that guarantee, and allow to demonstrate, that the treatment is and carried out in compliance with the legislation of reference.

Data retention period

The Data Controller will process the Personal Data for the time necessary to fulfill the purposes connected with the execution of a contract between the Data Controller and the User and, in any case, no longer than the duration of 15 years from the termination of the relationship with the User.

When the processing of Personal Data is necessary for the pursuit of a legitimate interest of the Data Controller, Personal Data will be kept until such interest is satisfied.

If the processing of Personal Data is based on the User’s consent, the Data Controller can keep Personal Data until revocation.

Personal Data may be kept for a longer period if necessary to fulfill a legal obligation or by order of an authority.

All Personal Data will be deleted upon expiry of the retention period. At the end of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

Automated decision-making processes

All the Data collected will not be subject to any automated decision-making process, including profiling, which can produce or affect the person’s legal effects and that could significantly affect them.

User rights

Users can exercise certain rights with reference to the data processed by the owner.
In particular, the User has the right to:

  • withdraw consent at any time;
  • oppose the processing of your data;
  • access your data;
  • verify and request correction;
  • obtain the limitation of the treatment;
  • obtain the cancellation or removal of their Personal Data;
  • receive your data or have it transferred to another holder;
  • propose a complaint to the supervisory authority for the protection of personal data and / or act in court.

To exercise their rights, Users can send a request to the owner’s contact details indicated in this document. Requests are and made free of charge and processed by the Owner as soon as possible, in any case within 30 days.

Holder of the treatment

The Data Controller is Socci Anna Maria, registered office Via Lamole, 65 – 50022 Greve in Chianti (Florence),
VAT IT04880940483, e-mail