IT
  • Facebook
  • Instagram

Privacy

Privacy Policy

  • This notice explains how personal data is processed through the Bagni Nautici website and its related online services, including bookings made through forms available on the website and through booking widgets integrated into or linked from the website.
  • This notice applies to processing carried out through this website and its related online services and does not automatically extend to other third-party websites or platforms that may be reached through external links, except as expressly stated for integrated services.

Data controller

  • The data controller is CENTRO SPORT NAUTICI DI ALPIGIANI BENEDETTA E ROSCELLI ROSANNA S.A.S., Tax Code 00484930102, VAT No. 00169250990, with registered office at Via Aurelia snc, 16033, Cavi di Lavagna.
  • For privacy-related requests, contact us at info@bagninautici.it or by phone at +39 0185 390340.

Categories of data processed

  • Identification and contact data voluntarily provided by the user, such as name, email address, phone number, and message content.
  • Booking-related data, such as date, time, number of guests, preferences, and notes entered through website forms.
  • Technical browsing data, such as IP address, user agent, device identifiers, security logs, and information needed for the proper operation of integrated services.
  • Card-guarantee data for restaurant bookings, limited to technical references and masked card details made available by the payment provider, without storing full card details on our systems.

Purposes and legal basis

  • Managing requests sent through contact forms or other website channels: pre-contractual measures or action requested by the data subject.
  • Managing restaurant bookings and related operational communications: pre-contractual measures, performance of the requested service, and legitimate organizational interest.
  • Managing beach bookings made through the Spiagge.it widget available on or linked from the website: performance of the requested service.
  • Fraud prevention, technical security, authentication, and protection of the website and forms: the controller's legitimate interest in service security.
  • Sending by email commercial communications about services similar to those already requested or booked with the venue, within the limits allowed by applicable law: the controller's legitimate interest, without prejudice to the data subject's right to object.
  • Administrative, accounting, tax obligations, or the handling of disputes: legal obligations and the controller's legitimate interest.

Restaurant bookings with card guarantee

  • When the card-guarantee feature is enabled, the website uses Stripe to collect and manage a credit or debit card as a booking guarantee.
  • Full card details do not transit through or get stored on the website systems; the website stores only the technical references needed to manage the booking and, where available, masked details such as card brand, last four digits, and expiry.
  • The card guarantee is collected to manage the booking, prevent abuse of the service, and handle possible no-shows or late cancellations within the limits described in the conditions communicated by the restaurant.

Beach bookings through Spiagge.it

  • For some online beach bookings, the website links to or integrates services provided by Spiagge.it.
  • In these cases, data entered into the widget or booking portal may also be processed by the external provider according to its privacy role and notice.
  • Users should also review the privacy information displayed within the widget booking flow.

Third-party services

  • Stripe: used for secure card-guarantee handling, fraud prevention, authentication, and payment-related functions. Privacy notice: stripe.com/privacy.
  • Google reCAPTCHA: used to protect website forms against spam and abuse. Use of the service is subject to Google's Privacy Policy and Terms of Service.
  • Spiagge.it / Spiagge S.r.l.: used or linked for online beach bookings through the related widget or booking portal. The standard Spiagge.it model identifies Spiagge S.r.l., VAT/Tax Code 0453664040, with registered office at Via Marecchiese 48, 47923 Rimini, as the platform provider. Users should also review the privacy information displayed within the relevant booking flow.

How data is processed

  • Data is processed using IT and telematic tools.
  • The controller adopts reasonable organizational and technical security measures appropriate to the nature of the data and the services involved.

Data retention

  • Data sent through contact forms is retained for the time needed to handle the request and for any subsequent organizational or protective needs.
  • Booking-related data is retained for the time needed to manage the service, any post-booking assistance, dispute handling, and applicable administrative and tax obligations.
  • Technical references associated with the card guarantee are retained for the time strictly necessary to manage the booking and any no-show, late cancellation, dispute, or related obligation.
  • Data used for commercial communications about similar services may be processed until the data subject objects or until such processing is no longer relevant in light of the existing relationship.

Disclosure of data

  • Data may be processed by authorized staff or by service providers supporting the operation of the website and related services, only to the extent strictly necessary for the purposes described above and in accordance with their privacy roles.
  • For beach bookings made through Spiagge.it widgets or services, the data provided by the user may be shared with Spiagge S.r.l. as the booking platform provider and related technical service provider, according to the applicable privacy roles and notices for the service used.

Data subject rights

  • Where provided by applicable law, the data subject may request access, rectification, updating, erasure, restriction of processing, objection, or data portability.
  • The data subject may lodge a complaint with the competent supervisory authority, including the Italian Data Protection Authority.
  • The data subject may also object at any time to receiving commercial communications relating to similar services.
  • To exercise these rights, write to info@bagninautici.it.

Updates

  • This privacy notice may be updated over time to reflect legal, technical, or organizational changes affecting the service.