Privacy Policy


This policy describes the procedures followed by HOTEL NINFA Srl (hereinafter « HotelNinfa » or the « Data Controller« ) in relation to the processing of personal data collected through the website (hereinafter the « Website« ).

Unless otherwise specified, this policy also applies as information – pursuant to art. 13 of the Legislative Decree n. 196/2003 (hereinafter the « Code« ) and art. 13 of the Regulation (EU) n. 2016/679 (hereinafter the « GDPR« ) – rendered to those who interact with the Site (hereinafter the « User« ).

Information on the processing of detailed personal data are reported, where necessary, on the related pages to the individual services offered through the Site. Such information is aimed at defining limits and modalities of the processing of personal data of each service, based on which the user can freely express the your consent, if necessary, and possibly authorize the collection of data and their subsequent treatment.

Data controller. Responsible for the treatment.

The data controller is HOTEL NINFA Srl, with registered office in Viale Gandhi 9 – 10051 Avigliana (TO), tel. +39 011 9761611, e-mail The updated list of any data controllers is available at the headquarters of the owner.

Responsible for data protection.

The person in charge of data protection, designated by the Data Controller, can be contacted by:

  • ordinary mail, to the address Viale Gandhi 9 – 10051 Avigliana (TO), c.a. of the Head of Protection of the Data;
  • telephone, +39 011 9761611.
  • e-mail, to the address

Types of data processed.

Through the Website, it will be possible to collect and process:

  • navigation data;
  • personal data voluntarily provided by the user in form present on the Site.


Cookies are small text files that visited sites send to the user’s terminal, where they are stored, and then be transmitted back to the same sites on the next visit.

The Website uses technical cookies, both own and third-party. These cookies, being of a technical nature, do not require the prior consent of the User to be installed and used.

In particular, the cookies used on the Site are traceable to the following sub-categories:

  • browsing or session cookies, which guarantee the normal navigation and use of the Websites. Not being stored on the user’s computer, they disappear when the browser is closed;
  • analytical cookies, with which statistical information on the number of users and visits to the Web sites is collected and analyzed;
  • social widgets and plugins : some widgets and plugins made available by social networks can use their own cookies to facilitate interaction with the reference site

Below are the third-party cookies installed on the Site. For each of them there is a link to the related information on the processing of personal data and on how to do so deactivation of cookies used. With regards to third-party cookies, the Owner has only the obligation to insert in the present policy the link to the website of the third part. Instead, the obligation is borne by that subject of the information and the indication of the modalities for the possible consent and / or deactivation of cookies.

Cookie name





1 year

Google advertising cookie used for user tracking and ad targeting purposes.

Google AdWords


1 month

Google advertising cookie used for user tracking and ad targeting purposes.

Google Analytics


2 years

Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

Google Analytics


1 day

Used by Google Analytics to throttle request rate

Google Analytics


1 day

Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

Google Analytics



Used to send data to Google Analytics about the visitor’s device and behavior. Tracks the visitor across devices and marketing channels.

Google Analytics



This cookie is used to distinguish between humans and bots.



1 day

These cookies are used to collect information about how visitors use our Site.



6 month

Registers a unique ID that identifies a returning user’s device. The ID is used for targeted ads.


Cookies can be disabled by the user by changing the browser settings based on the instructions made available by the relevant suppliers to the links listed below.

Provision of data and consequences in case of failure to provide.

Personal data collected through the Site will be processed to handle requests for information or information documents forwarded by the User. The processing of personal data for the aforementioned purposes does not require the consent of the User as the treatment is necessary to fulfill specific requests of the interested party pursuant to art. 24, c. 1, let. b) of the Code and of the art. 6, c. 1, let. b) of the GDPR.

Provision of data and consequences in case of failure to provide.

The provision of personal data for the aforementioned purposes is optional and their non-conferment as a sole consequence, it will be impossible for the Owner to manage and process requests concerned.

Method of treatment.

Personal data will be processed electronically, including through insertion and organization in databases, in compliance with the provisions of the Code and the GDPR in security measures.

Recipients or categories of recipients.

Personal data may be made accessible, brought to the attention of or communicated to the following subjects, which will be appointed by, as the case may be, those responsible or persons in charge:

  • Group companies to which the Holder (controlling, controlled, affiliated), employees and / or collaborators belong to any title of the owner and / or company of the group to which the Holder belongs;
  • public or private subjects, natural or juridical persons, of which the Data Controller makes use for the carrying out the activities instrumental to the achievement of the aforementioned purpose or to which the Holder is required to communicate personal data, pursuant to legal or contractual obligations.

In any case, personal data will not be disclosed.

Retention period.

Personal data will be kept for 2 years from their registration.

Access rights, cancellation, limitation and portability.

The interested parties are granted the rights referred to in articles 7 of the Code and from 15 to 20 of the GDPR. By title example, each interested party can:

  1. obtain confirmation of the processing of personal data concerning him or her;
  2. if processing is in progress, obtain access to personal data and information regarding the treatment and request a copy of personal data;
  3. obtain the correction of inaccurate personal data and the integration of incomplete personal data;
  4. obtain, if one of the conditions foreseen by the art. 17 of the GDPR, the cancellation of personal data concerning him;
  5. obtain, in the cases provided for by art. 18 of the GDPR, the limitation of the treatment;
  6. receive personal data concerning him in a structured format, in common and legible from automatic device and request their transmission to another holder, if technically doable.

Opposition right.

Each interested party has the right to object at any time to the processing of his personal data made for the pursuit of a legitimate interest of the owner. In the event of opposition, your data personal data will no longer be processed, provided that there are no legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or the assessment, exercise or defense of a right in court.

Right to propose a claim to the Guarantor.

Furthermore, each interested party may lodge a complaint with the Guarantor for the Protection of Personal Data in the event that he believes that his rights under the Code and the GDPR have been violated, according to the procedures indicated on the website of the Guarantor accessible at :


This Privacy Policy will be subject to updates. The owner invites, therefore, the Users wishing to know how to process personal data collected through the Web sites a visit this page periodically.