The group
menu
altlogo
Book
menu
eng
The group
The group
Rebirth Hospitality
Italy
Home & Guesthouse
Rebirth Guesthouse - Lazio Rebirth Home - Sardegna
Coming soon Guesthouse Radici
Coming soon
Albergo Diffuso
Marta Lake
Coming soon
Canary Islands
Home
Rebirth Home - Fuerteventura
Coming soon
GPS
GPS
Book
Call
Privacy Policy 1

Privacy Policy

Information on the processing of personal data of users who consult the website www.re-birth.it pursuant to Art. 13 of EU Regulation 2016/679 (GDPR)


Why this notice

This page describes the methods of managing the website in relation to the processing of personal data of those who interact with the web services of the company REBIRTH HOSPITALITY S.R.L. (hereinafter referred to as the "Controller"). This information notice is provided pursuant to Art. 13 of EU Regulation 2016/679 (hereinafter the "Regulation"). The information notice is provided only for the Controller’s website and not for other websites that may be consulted by the user through links from the site.


Data Controller

Following consultation of this site, data relating to identified or identifiable persons may be processed. The "Controller" of personal data processing is REBIRTH HOSPITALITY S.R.L., headquartered in Via di Santa Cornelia, 5 - 00060 Formello, Rome, IT. Contacts and details: Phone +39 350 001 4290 / +39 342 190 6334 - Email address: info@re-birth.it - Certified email (PEC): rebirthhospitality@legalmail.it

The Data Protection Officer, appointed pursuant to EU Regulation 679/2016, can be contacted at the following email address: dpo@re-birth.it


Place of data processing

The processing operations connected to the web services of this site take place at the aforementioned headquarters of the Controller and are carried out only by technical staff authorized to process data. If necessary, data related to certain services may be processed by personnel of companies responsible for maintaining the website’s technological infrastructure (these subjects are appointed as data processors pursuant to Art. 28 of EU Regulation 2016/679), at the offices of such companies. An updated list of these processors is available at the Controller’s headquarters.


Categories of personal data processed

Personal Data. What are personal data? Personal data are information that identifies or makes an individual identifiable, directly or indirectly, and can provide details about their characteristics, habits, lifestyle, personal relationships, health status, economic situation, etc. Personal data are divided into:

  • • common data: those that allow direct identification, such as personal details (e.g., name and surname, images, etc.);
  • • special categories of data: Art. 9 EU Reg. 2016/679, personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data concerning health or a person’s sex life or sexual orientation;
  • • judicial data: Art. 10 EU Reg. 2016/679, all data that may reveal the existence of certain judicial measures subject to registration in the criminal record (e.g., final criminal convictions, conditional release, prohibition or obligation to reside, alternative measures to detention) or the status of accused or suspect.
  • • browsing data: the computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (successful, error, etc.) and other parameters related to the user’s operating system and IT environment.


These data are used solely to obtain anonymous statistical information on the use of the site and to check its proper functioning and are deleted immediately after processing. Data collected anonymously or in an aggregated form that no longer allows the identification of a specific natural person, even in combination with other information, are not considered personal data.


Which personal data do we process?

Data voluntarily provided by the user – Personal data are provided directly by the user (hereinafter also referred to as the 'data subject'):

  • • browsing data;
  • • personal data voluntarily, explicitly, and freely sent through the contact details indicated on the site or by filling in specific forms for information and/or contact requests by the data subject (name, surname, email, telephone, as well as any other personal data voluntarily included in the message by the applicant).


Optional nature of data provision

The provision of the above data is optional but necessary to provide the requested services. Any refusal to provide such data will make it impossible to fulfil the purposes referred to in the previous section.


Purpose and legal basis of processing

How do we use your personal data? The acquired information is used to:

  • • provide and improve our services;
  • • offer you a personalized experience on the websites;
  • • contact you regarding your requests;
  • • detect, prevent, mitigate, and investigate fraudulent or illegal activities.


Personal data provided voluntarily by the data subject will be processed by the Controller in compliance with the GDPR provisions for administrative purposes related to managing requests for information and/or services and for fulfilling the resulting legal and contractual obligations. Therefore, processing is necessary for fulfilling obligations towards users, complying with legal, regulatory, or EU requirements, and exercising legal rights in court.


Disclosure and dissemination of data

The personal data collected by the Controller will not be "disseminated", meaning made known to unspecified subjects in any way, including by making them available or accessible. Specific consent will be requested for dissemination. However, the data subject’s personal data may be "communicated", meaning made known to one or more specific entities, as follows:

  • • collaborators authorized to process personal data;
  • • third parties to whom the Controller entrusts professional and IT services for the management and maintenance of the website www.re-birth.it, appointed as Data Processors;
  • • public authorities that may access your data by virtue of legal or regulatory provisions, within the limits established by such rules.


The updated list of Data Processors is available at the headquarters of REBIRTH HOSPITALITY S.R.L. and can be obtained by submitting a specific request via email to rebirthhospitality@legalmail.it


Processing methods and storage

Processing will be carried out electronically, automatically, and manually, using methods and tools designed to ensure maximum security and confidentiality, by authorized personnel in compliance with Art. 5 of EU Regulation 2016/679. Data will be stored at the Controller’s offices or those of third parties identified from time to time to provide the requested services, for the period strictly necessary for the above purposes and in any case not exceeding the time prescribed by law. In accordance with current legislation, specific security measures are observed to prevent data loss, unlawful or incorrect use, and unauthorized access. Personal data will be stored for a period not exceeding the purposes for which they were collected and subsequently processed, unless anonymized.


Duration of processing

The personal data of the data subject will be retained for the time periods specified below, as indicated in paragraph 2 of Art. 13(2) of Regulation 2016/679. The personal data provided will be stored (in electronic archives) as long as reasonably necessary to deliver the requested services and performances and will subsequently be deleted, unless further storage is required to allow the Controller to defend its rights.


Exercise of the data subject’s rights

Pursuant to Arts. 15–22 of Regulation (EU) 2016/679, we inform you about the obligations that the Controller has towards you.

  • • you have the right to request from the Controller access to personal data, rectification or erasure of such data, supplementation of data, or restriction of processing concerning you, or to object to their processing, where applicable;
  • • you have the right to lodge a complaint with the Supervisory Authority (the Data Protection Authority) if you believe that your data have been unlawfully processed, available at www.garanteprivacy.it;
  • • the Controller ensures that any rectification, erasure, or restriction of processing carried out upon request of the data subject – unless impossible or requiring disproportionate effort – will be communicated by the Controller to each recipient to whom personal data have been transmitted. The Controller will inform the data subject of such recipients upon request;
  • • you may also withdraw your consent at any time for the purposes indicated above;
  • • the exercise of rights is not subject to any formal constraint, and you will receive a written response within the timeframe provided by law (unless you specifically request an oral response). To exercise these rights, you may contact the Controller of your personal data at any time.


You also have the right to request the erasure, anonymization, or blocking of data processed unlawfully, as well as to object, for legitimate reasons, to their processing. For any request for information and/or clarification, questions, or complaints regarding the processing of personal data, and to exercise your rights as provided by Arts. 15 and following of the Regulation, you may contact the Controller at the contact details indicated above.


How we protect your personal data

We process your personal data with regard to the protection of the rights and fundamental freedoms of natural persons, regularly verifying and evaluating the effectiveness of the technical measures adopted to ensure processing security (pursuant to Art. 32 of the Regulation).

Last revision 16/10/2025