Privacy Policy

1. Data Controller

The data controller for personal data is:
Hello Verona
Via Campagnol di Tombetta 65
37134 Verona (VR), Italy
Email: booking@helloverona.net
Phone: +39 393 627 8663

2. Data Collected

We collect the following categories of personal data:

• Contact data: first name, last name, email address, phone number
• Booking data: check-in/check-out dates, number of guests, special requests
• Navigation data: IP address, browser type, pages visited (via cookies)

3. Purposes of Processing

Personal data is processed for the following purposes:

• Managing booking requests and communications (legal basis: contract performance)
• Fulfilling legal obligations, including the Guest Register (legal basis: legal obligation)
• Anonymous statistical analysis of website traffic (legal basis: legitimate interest)
• Sending promotional communications with prior explicit consent (legal basis: consent)

4. Data Retention

Booking data is retained for 10 years to fulfill tax and accounting obligations. Contact data for commercial communications is retained until consent is withdrawn. Navigation logs are retained for a maximum of 12 months.

5. Third Parties

Data may be shared with:

• Smoobu GmbH (booking management) – Smoobu Privacy Policy
• Google LLC (Google Analytics, navigation statistics) – Google Privacy Policy
• Public Security Authorities (legal obligation for the Guest Register)

Data is not sold to third parties or shared for external marketing purposes.

6. Your Rights (GDPR Arts. 15–22)

You have the right to:

• Access: obtain confirmation and a copy of data being processed
• Rectification: correct inaccurate or incomplete data
• Erasure: request deletion ("right to be forgotten")
• Restriction: limit processing in certain cases
• Portability: receive data in a structured format
• Objection: object to processing for direct marketing
• Withdrawal of consent: withdraw consent at any time

To exercise your rights, write to: booking@helloverona.net
You also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

7. International Transfers

Some service providers (e.g. Google) may transfer data outside the European Economic Area. Such transfers occur in compliance with GDPR safeguards (adequacy decisions, standard contractual clauses).

8. Cookies

For information about cookies used, see our Cookie Policy.

9. Changes

This policy may be updated. The most recent version is always available on this page. We will notify you of any significant changes by email.