top of page

INFORMATION NOTICE ON THE PROCESSING AND PROTECTION OF PERSONAL DATA

Preface

In the conduct of its business activities, ALBERGO RESIDENCE PARADISO SRL pays the utmost attention to the protection and safeguarding of the personal data of all those who operate or interact with it (hereinafter, for brevity, the "Data Subject" and/or "User"), adopting all suitable, adequate, and necessary security procedures and systems to this end.

Firmly believing in the principles of transparency and fairness, this information notice is therefore provided for the purpose of providing all interested parties with a complete description of the methods and purposes of the processing of personal data carried out in the provision of services and/or the marketing of its goods (hereinafter, for brevity and jointly, the "Services"), and in compliance with the provisions of Regulation (EU) No. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, for brevity, the "GDPR").

II. Data Controller and Processor

The data controller is ALBERGO RESIDENCE PARADISO SRL, with registered office at Piazza G. Matteotti 7, 80130 NAPLES, registered with the NAPLES Chamber of Commerce under No. 345096, and VAT No. 03822170639. For the purposes of this privacy policy, the data controller may be contacted at giusepperomano@hotelparadisoterme.it or by telephone at +39 081 907014 (hereinafter, for brevity, also referred to as the "Data Controller").

The processing of only the personal data provided to the Data Controller for the use of the Booking Engine Service (hereinafter for brevity "Web Booking") will be carried out, on behalf of the same Data Controller (in the role therefore of data processor pursuant to art. 28 of the GDPR) by the company Passepartout S.p.A., a company under Sammarinese law primarily engaged in the production and distribution of software and related services, with registered office in the Republic of San Marino in Dogana (Post Code 47891) at Via Consiglio dei Sessanta n. 99, registered in the Company Register under no. 6210 on 6 August 2010, with Economic Operator Code n. SM03473, share capital ~2,800,000 fully paid up, which can be contacted, for the purposes of this policy, at privacy@passepartout.sm or by telephone at 800 414243 (hereinafter, for brevity, also "Passepartout" and/or "Data Controller").

 

Passepartout S.p.A. has designated (i) as its representative in the European Union, pursuant to Article 27 of the GDPR, the company Paci Rappresentante Privacy Srl, registered with the Chamber of Commerce of Romagna, share capital ~10,000.00, with registered office in Rimini, at P.tta Gregorio da Rimini no. 1, who can be contacted, for the purposes of this policy, at the email address passepartout@pacirappresentanteprivacy.eu or by telephone at +39 0541 902128 (hereinafter, for brevity, the "Representative"); as well as (ii) a data protection officer (referred to in Chapter IV, Section 4 of the GDPR) who can be contacted at the email address rpd.privacy@passepartout.sm or by telephone at +39 0541 902128.

 

III. Personal Data

Personal data means any information relating to a natural person, identified or identifiable by reference to elements such as, for example, the name, identity document details, physical, physiological, genetic, economic, cultural, or social identity of that person, as well as by identifying information on their location.

The personal data described above are processed primarily when the Data Subject uses the Services and/or Web Booking.

Providing all other personal data is optional but may be necessary to use the Services and/or Web Booking, such as data for making offers, purchasing, or selling, which are necessary to conclude a contractual transaction.

Personal data is provided directly by the Data Subject and/or automatically acquired via devices when using the Services and/or Web Booking, when data is provided in a web form on our websites, when an account is created and/or updated, or when the Data Subject contacts us in any other way or expressly provides personal data with their consent, all as detailed below.

Type and category of data processed

Of the personal data described above, and for the provision of Web Booking, the Data Controller (and, on its behalf, the Data Processor) collects only the following types of data.

The personal data collected includes:

a) identifying information such as name, surname, date and place of birth, place of residence, tax code, VAT number and registered office, ISS code, telephone number, email address (including certified email), username, password, gender, or other data we are required or authorized to collect and process, pursuant to applicable law, for the purpose of authenticating or identifying the User or verifying the information provided and collected;

b) IP address and browsing data, and any other data relating to the User's interaction with the Services and/or Web Booking, for example, when viewing or searching for content, creating or accessing an account and/or a reserved area. We also collect data relating to the devices and/or computers used by the User to access the Services and/or Web Booking, including browser type, unique device ID, language, operating system, referring web page, pages visited, location and cookie information, computer and connection data (e.g., statistics on page views, incoming and outgoing site traffic, referring URLs).

c) data relating to offers, purchases, or sales relating to the Services and/or Web Booking provided during pre-contractual negotiations and their subsequent completion, and any other data provided in connection with such transactions;

d) data relating to the invoicing (and, where applicable, shipping) of the Services and/or Web Booking;

e) financial data, given that some Services and/or Web Booking support payments and transactions with third parties. To this end, it may be necessary to provide certain data to identify and verify the Data Subject's identity and the payment method used, such as first name, last name, credit/debit card number, and card expiration date. Such data, when collected by the Data Controller, will be stored only in encrypted form. In some cases, to allow the User to speed up future similar payment transactions, Passepartout may store only the last four digits of the card number.

f) geolocation data, particularly through the use of mobile devices;

cookies and similar technologies. In providing the Services and/or Web Booking, cookies, unique identifiers, and other similar technologies are used to collect data on the pages and links visited and other similar actions, within advertising content or emails, all within the terms, methods, and conditions set forth in the specific policy available at the following link: https://www.passepartout.net/utility/cookie;

​h) Processing of special categories of personal data (so-called sensitive data)

Special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, are not collected in any way and therefore are not processed. Nor are genetic data, biometric data intended to uniquely identify a natural person, data concerning health, or data concerning a natural person's sex life or sexual orientation, processed.

V. Purpose and Methods of Data Processing

The personal data collected is processed solely and exclusively for the following purposes:

a) to execute contracts relating to the Services and/or Web Booking.

Using the information and data provided, we are able to perform the contractual activities and services provided under the Service contracts and/or Web Booking requested by the Data Subject (including in the name and/or on behalf of third parties) or to execute pre-contractual measures and/or negotiations relating to the Services and/or Web Booking, including administrative and accounting activities, tax compliance management, payments, and invoicing.

The information collected will also be used to contact the User regarding their account or contractual status, resolve issues with their account and/or reserved area, resolve disputes, and perform debt collection activities.

Personal data may also be processed to verify and resolve any malfunctions in the Services and/or Web Booking; to perform data analysis and testing, to conduct research and surveys, and to develop new features and services to provide the User with an ever-improving experience.

b) Provide security and protection for both the personal data received and the security systems adopted.

The data collected is also used to verify the identity and authenticate users, enable them to make and/or receive payments, protect against potential fraud and/or abuse, and respond to requests.

How we share information with third parties

The personal data you provide may be shared with third parties only in the following cases:

Data Subject Consent:

 

You may authorize us to share (or disclose) your data with (and to) other third parties, for example, when you use our community (such as forums or other social media tools) or when you have expressed your desire to be contacted and/or re-contacted for any needs or clarifications regarding the Services.

Processing by external entities:

Personal data may be provided to entities related and/or affiliated with our company, to service providers and/or business partners who process it according to our instructions (e.g., partners who provide customer support, information technology, payment and/or sales management, marketing, data analysis, and research and survey services).

Personal data may also be shared with:

our suppliers who perform payment processing, advertising personalization, prevention, detection, and investigation of potentially unlawful acts and violations of the Services; invoice collection; consulting, training, and event organization;

third-party shipping service providers (e.g., DHL, UPS, GLS, Poste Italiane, etc.) with whom we share delivery addresses, contact information, and tracking numbers;

providers of websites, applications, services, and tools with which we collaborate to provide the Services and/or Web Booking.

Justice, legal, and/or general protection requirements.

We may retain or disclose personal data where necessary to comply with legal requirements, such as when requested by an administrative authority, a supervisory authority, or in the context of legal proceedings or, in any case, in compliance with legal provisions, or in any case to exercise legal rights or defend against complaints and/or legal actions, or to prevent, detect, or investigate illegal activities, fraud, abuse, violations of subjective legal positions, or where there are threats, even potential, to the security of Web Booking or the physical safety of any person.

Data retention period

The retention period for personal data is determined (or determinable) depending on the purpose or legal basis for the processing.

Personal data for the performance of the contract, which concerns, among other things, Web Booking, will be retained for the time necessary to correctly and fully perform the services set forth in the contract (including those strictly related and connected to its termination) and in any case for a period not exceeding 1 year. 10 (ten) years from the termination of Web Booking.

Personal data processed for marketing and commercial purposes will be retained until the Data Subject has expressed their intention to withdraw their consent for this purpose.

This does not apply to cases where the Data Subject has expressly provided consent, even for other reasons, for a longer period (in which case the retention period will correspond to the permitted period) or where the Data Subject's legitimate interests as identified above are met (in which case the retention period will correspond to the period in which such interest is satisfied).

 

This also applies to cases where longer (or shorter) data retention is required to meet legal requirements, such as to comply with a request from an administrative, supervisory, or control authority, or to exercise and/or protect (in and/or out of court) their rights, or to defend against complaints and/or legal actions.

Once the retention period has expired, personal data will be securely deleted.

Data Subject Rights

All data subjects to whom the personal data processed relate, in accordance with the terms and methods set forth in the GDPR, may exercise the rights described below.

a) Right to access, rectify, and erase data, limit and object to the use of data, and right to withdraw consent.

Without prejudice to the provisions above regarding retention, the data subject may at any time obtain access to their personal data, as well as obtain its updating, modification, restriction of processing, or request its deletion.

If you choose to delete your data, please note that while most retained information will be deleted within 60 (sixty) days, it may take up to 180 (one hundred and eighty) days to delete all data entered into our systems due to the size or complexity of the systems and procedures used.

Where data processing is based on consent, the Data Subject may withdraw such consent at any time. You may therefore always object to the sending of newsletters and the processing of your data for all or some marketing or commercial purposes.

You may also object to data processing even when it is based on our legitimate interests.

If you are asked to withdraw consent, limit the use of your data, or delete personal data previously provided, we may no longer be able to provide the Services.

In any case, requests for data deletion are subject to applicable legal and document retention obligations imposed by law or regulations.

Right to data portability

The data subject has the right to receive the personal data concerning him or her, provided to a data controller, in a structured, commonly used, and machine-readable format and has the right to transmit those data to another data controller.

Right to lodge a complaint

The data subject will always have the right to lodge a complaint with the competent supervisory authority if he or she identifies problems regarding the use of his or her personal data.

Automated decision-making

Automated technologies are used for decision-making or profiling. In any case, no automated decisions will be made concerning the data subject that could have significant consequences for him or her, except where such a decision is necessary for the performance of a contract or because the user has expressly given his or her consent.

 

The data subject may request to exercise the rights described above by sending a request to the following email address: giusepperomano@hotelparadisoterme.it

XI. Security Measures

We ensure the implementation and maintenance of appropriate technical and organizational measures to ensure a level of security adequate to any potential risk. We also constantly perform a series of technical, administrative, and physical checks to keep the Data Subject's personal data confidential and secure.

Completeness and Amendments

This privacy policy is issued to completely and entirely replace any other existing regulations regarding the protection of the User's personal data processed for the same purposes as those contained herein.

Cookies Policy

Paradiso Room

rooms

pools

PARADISO RESORT ISCHIA
Hot Stone Massage

WELLNESS

ReSTauRANT

Paradiso Terme Resort Restaurant
IL PARCO

il parco

gallery

Hotel Paradiso Terme Resort & SPA ____ ISCHIA
Paradiso Resort Map

RESORT MAP

more

THANKS

Follow us

  • Facebook
  • Instagram
Instagram

Thanks for sharing

Lido Poseidon Spiaggia di Citara raggiungibile con la Navetta Gratuita dell'Hotel. Ingress

BAY OF CITARA

REACHABLE
WITH OUR
COURTESY SHUTTLE

Ischia Il castello aragonese visto da Cartaromana

ISCHIA ponte 

REACHABLE
WITH OUR
COURTESY SHUTTLE

VISIT THE PLACES OF
MY GENIAL FRIEND

Paradiso ed il Mare della Baia di Sorgeto

BAY OF SORGETO

hot springs in the sea

REACHABLE WITH

OWN MEANS

Ischia Sant'Angelo

SANT'ANGELO

& maronti bay
At 3 KM
REACHABLE WITH

OWN MEANS

BAIA DI CITARA

RAGGIUNGIBILE CON

SERVIZIO
NAVETTA

DI CORTESIA

BAIA DI CITARA

RAGGIUNGIBILE CON

SERVIZIO
NAVETTA

DI CORTESIA

BAIA DI SORGETO

RAGGIUNGIBILE CON

MEZZI PROPRI

We thank our customers for their positive reviews. We thank the staff for the excellent service.

Romano Family

Hotel Paradiso Terme Ischia HolidayCheck 08 07 2025

VIA SAN GIUSEPPE, 10
IT 80075 FORIO ISCHIA | +39 081 907 014 | info@hotelparadisoterme.it

How to reach the hotel

Geo Coordinates: LAT. 40.7199339 - LONG. 13.8719458  

CUSR: 15063031ALB0046 

  • Whatsapp

Copyright ALBERGO RESIDENCE PARADISO SRL  P.IVA IT 03822170639

HOTEL 4 STELLE ISCHIA

bottom of page