PRIVACY NOTICE PURSUANT TO ART. 13 OF EU REGULATION 679/2016
PRIVACY & COOKIE POLICY**
Introduction
For Antico Podere San Luca S.r.l., represented by its legal representative Anna Caterina Bandoli, with registered office in Bologna, Via Monte Albano 14 – VAT No. 04289801203, in its capacity as Data Controller (“Controller”), your privacy and the security of your personal data are particularly important. Therefore, we collect and process your personal data with the utmost care and attention, adopting appropriate technical and organizational measures to ensure full security of the processing.
In compliance with Article 13 of EU Regulation 2016/679 (“Regulation”), we provide you with information regarding the processing of the personal data you provide as a Customer and User (“Data Subject” or “User”) of the website www.anticopoderesanluca.it (“Website”).
Contact details of the Controller: info@anticopoderesanluca.it
Definitions
Personal data
Any information relating to an identified or identifiable natural person (“data subject”).
Processing
Any operation performed on personal data, with or without automated means, including collection, recording, storage, consultation, use, transmission, erasure, etc.
Special categories of personal data
Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for unique identification, health data, or data concerning sex life or sexual orientation.
Data Controller
The natural or legal person that determines the purposes and means of processing.
Data Processor
A natural or legal person that processes personal data on behalf of the Controller.
Types of Data
During the consultation of the Website pages, your personal data may be automatically collected or, in relation to certain requests, you may be asked to provide additional data. The processed data include:
- Name, surname, age, gender
- Identification documents (ID card, passport, driving licence, Tax Code)
- Banking data, credit card information
- Any allergies communicated
- Data acquired directly from the Website, including:
Browsing data
This category includes IP addresses, domain names of users’ computers, URI addresses of requested resources, request time, method used to submit the request, file size obtained, server response code (success, error, etc.), and other information relating to the user’s operating system and environment.
Cookies
Cookies are small text files stored on your device. They allow the Website to remember your actions and preferences (login data, language, display settings). Cookies may be used for authentication, session monitoring, and statistical purposes. Third-party cookies may also be used.
Under Italian law, technical cookies do not require consent. These include:
- Browsing/session cookies
- Functionality cookies (e.g., language preferences)
- Analytics cookies used directly by the website operator in aggregated form
Profiling cookies, used for advertising in line with user preferences, do require consent.
We categorised the cookies used based on their purpose, as shown in the tables below.
COOKIE TABLES
1. Technical Cookies
Used to allow safe browsing and efficient use of the Website. These are essential and cannot be disabled without impairing Website functionality.
Navigation or session cookies
| Cookie | Domain | Category | Purpose |
| __Secure-ENID | google.com | Technical / functional | Session and functionality management |
| SEARCH_SAMESITE | google.com | Technical / security | Security and session control |
| _iub_cs-775731 | iubenda.com | Technical | Cookie consent management |
| _iub_cs-s1767062 | iubenda.com | Technical | Cookie consent management |
| _iub_previous_preference_id | iubenda.com / anticopoderesanluca.it | Technical | Storing cookie preferences |
2. Functionality Cookies
| Cookie | Domain | Category | Purpose |
| HSID | google.com | Functional / security | Security and authentication |
| SSID | google.com | Preferences / functionality | User preferences |
| __Secure-1PSID / __Secure-1PSIDCC / __Secure-1PSIDTS | google.com | Functional / security | Authentication and security |
3. Analytics Cookies
| Cookie | Domain | Category | Purpose |
| _ga | anticopoderesanluca.it | Analytics | Statistical analysis of visits |
| _ga_E8D119CRK9 | anticopoderesanluca.it | Analytics | Advanced statistical analysis |
| rs_ga | iubenda.com | Analytics | Plugin traffic analysis |
| rs_ga_GKDBJ33BLE | iubenda.com | Analytics | Traffic analysis |
| _rdt_em / _rdt_uuid | iubenda.com | Analytics | Analytical tracking |
| _uetsid / _uetvid | iubenda.com | Analytics | Statistics / monitoring |
| AMP_6d8e3fe5f3 | iubenda.com | Analytics | AMP tracking |
| AMP_MKTG_6d8e3fe5f3 | iubenda.com | Analytics | AMP marketing statistics |
4. Profiling Cookies
| Cookie | Domain | Category | Purpose |
| APISID | google.com | Profiling / marketing | Personalized advertising |
| SID | google.com | Profiling / security | Authentication + profiling |
| SAPISID | google.com | Marketing / profiling | Ads and profiling |
| NID | google.com | Marketing | Personalized advertising |
| __Secure-3PSID / __Secure-3PSIDCC / __Secure-3PSIDTS / __Secure-3PAPISID | google.com | Profiling / security | Advanced Google profiling |
| _fbp | iubenda.com | Profiling / marketing | Facebook Pixel |
| _gcl_au | iubenda.com | Profiling / marketing | Google Ads / conversion tracking |
| UULE | google.com | Profiling | Geolocation / personalized results |
Purposes of Processing
The Controller processes your personal data for the following purposes:
- Website browsing (Art. 6(1)(b) GDPR)
- Compliance with legal obligations (Art. 6(1)(c) GDPR)
- Registration of your data, check-in, and provision of guesthouse services (Art. 6(1)(b) GDPR)
- Responding to your requests (Art. 6(1)(b) GDPR)
- Defence of rights in legal or extrajudicial proceedings (Art. 6(1)(f) GDPR)
Providing data is optional, but failure to provide it may prevent browsing or handling of requests.
Disclosure of Personal Data to Third Parties
Your personal data are processed by personnel authorized by the Controller.
They may also be disclosed to third parties used to provide services, such as:
- Financial operators
- Internet providers
- IT service companies
- Couriers
These subjects are appointed Data Processors under Article 28 GDPR.
Your data will not be disclosed for promotional purposes nor disseminated.
Data may be transmitted to law enforcement or judicial and administrative authorities to comply with legal obligations, prevent threats to public safety, or protect rights.
There is no automated decision-making.
You may request an updated list of Data Processors from the Controller.
Transfer of Data outside the EU
Your personal data are not transferred to non-EU countries.
Data Retention Period
Your data will be stored for a limited period depending on processing purposes:
- Service-related data: retained as required by law and to provide the service.
- Request-related data: retained until your request is fulfilled.
After these periods, your data will be deleted or irreversibly anonymized.
Your Rights
You may exercise the following rights under the GDPR:
- Withdrawal of consent (Art. 7)
- Access and rectification (Arts. 15–16)
- Erasure (“right to be forgotten”) (Art. 17)
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Objection (Art. 21)
- Complaint to a Supervisory Authority (Art. 77)
- Judicial remedy (Art. 79)
You may exercise these rights by writing to: info@anticopoderesanluca.it
Security Measures
We implement technological and organizational security measures to protect your personal data and regularly test and evaluate their effectiveness.
Changes to this Privacy Notice
The evolution of our services may lead to changes in this Notice. Updates will be published on the Website, indicating the date of the latest revision.
Bologna, 28 November 2025