Privacy Policy of Villa Traiano
Effective Date: May 4, 2025
1. Introduction
Villa Traiano Management S.r.l. (“Villa Traiano”, “we”, “our”, or “us”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy describes how we collect, use, share, and safeguard your information when you interact with our services, including visiting our website www.villatraiano.com, booking accommodations or events, and contacting us in any form.
This Privacy Policy complies with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), the Italian Personal Data Protection Code (Legislative Decree 196/2003, as amended), and relevant international standards.
2. Data Controller
The data controller for the purposes of this Privacy Policy is:
Villa Traiano Management S.r.l.
Operational Manager of the property Villa Traiano
Via dei Rettori, 9 – 82100 Benevento (BN), Italy
VAT Number: IT01700850629
General Inquiries: [email protected]
Privacy Inquiries: [email protected]
Phone: +39 0824 326241
Owned by:
Trajan Investment Group OOD
Legal Form: Limited Liability Company (OOD)
Registered Address: 45A Ivan Susanin Street, Vitosha Region, 1618 Sofia, Republic of Bulgaria
EIK (Company ID): 203506318
Registered in the Bulgarian Commercial Register
Email: [email protected]
3. Data Protection Officer (DPO)
Villa Traiano has appointed a Data Protection Officer to oversee compliance with data protection laws.
DPO Contact: [email protected]
4. Categories of Personal Data Collected
We collect and process the following categories of personal data:
• Identification Data: full name, date of birth, nationality, passport or ID number
• Contact Data: email address, phone number, home or billing address
• Booking Data: arrival/departure dates, room or event preferences, special requests
• Financial Data: masked credit card information, billing details
• Website Data: IP address, browser type, location data, referral source
• Communication Data: messages or inquiries submitted through forms or via email
• Marketing Preferences: consents for newsletters, promotional messages
• Health or Preference Data: dietary requirements, accessibility needs, or medical conditions when voluntarily disclosed
5. Methods of Data Collection
Your personal data may be collected through:
• Our website forms and booking engines
• Email and telephone communications
• In-person interactions at our hotel or event venues
• Third-party booking platforms and travel agencies
• Cookies and similar tracking technologies
6. Purpose and Legal Basis for Processing
We process your personal data for the following purposes:
• To fulfill contractual obligations: managing reservations, event bookings, check-ins/outs
• To comply with legal obligations: reporting to local authorities, tax and accounting requirements
• To protect legitimate interests: fraud prevention, service improvements, internal administration
• To perform marketing activities: sending promotional communications, with your prior consent
• To handle special categories of data: only with explicit consent and where necessary to fulfill your request
7. Data Sharing and Third Parties
Your data may be shared with the following categories of recipients:
• External service providers (IT, payment, marketing, security, CRM systems)
• Local and governmental authorities (only as required by law)
• Affiliated companies (including Trajan Investment Group OOD)
• Travel agencies and partners (for booking and concierge services)
All third parties are contractually bound to protect your data and comply with GDPR.
8. International Transfers
Where necessary, your data may be transferred outside the European Economic Area (EEA). We ensure such transfers are protected by:
• European Commission adequacy decisions
• Standard contractual clauses
• Binding corporate rules or other appropriate safeguards
9. Retention Period
We retain your personal data only as long as necessary for the purposes outlined in this policy, which includes:
• The duration of our relationship with you
• Time required by applicable laws (e.g., tax or accounting)
• Legal limitation periods for potential claims
After these periods, data will be deleted or anonymized.
10. Data Security Measures
We adopt appropriate organizational and technical security measures, such as:
• Encryption of sensitive data
• Firewall and antivirus protection
• Staff training and access control
• Secure servers and backup systems
Despite our best efforts, no system can guarantee absolute security.
11. Your Rights Under GDPR
You have the following rights:
• Right to Access your personal data
• Right to Rectify inaccurate or incomplete data
• Right to Erasure (‘right to be forgotten’)
• Right to Restrict Processing in certain circumstances
• Right to Object to processing based on legitimate interests
• Right to Data Portability
• Right to Withdraw Consent at any time without affecting prior processing
• Right to Lodge a Complaint with the Garante per la Protezione dei Dati Personali (www.garanteprivacy.it)
To exercise your rights, contact: [email protected] or [email protected]
12. Children’s Privacy
We do not knowingly collect or process personal data from children under 16 years of age without verified parental consent.
13. Cookies and Tracking Technologies
Our website uses cookies and similar tools to:
• Enable essential site functionality
• Measure site usage and performance
• Customize content and user experience
• Deliver targeted advertisements
You may adjust your preferences or withdraw consent at any time via our Cookie Policy.
14. Third-Party Links
Our website may contain links to third-party websites or services. We are not responsible for their content or privacy practices. Please review their privacy policies before providing personal data.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The most recent version will always be available on our website with the effective date clearly indicated.
We encourage you to review this policy regularly.
Last updated: May 4, 2025