privacy policy

Information on the Processing of Personal Data

(pursuant to art. 13 of EU Regulation 2016/679)

this information describes the management methods of the website homeortigia.com (hereinafter "site") with reference to the processing of personal data of users who consult it and interact with the web services accessible electronically.

1. Data Controller

The data controller is:
Carlo Di Silvestro
Via Dione, 71 - 96100 Siracusa (SR)
C.F.: DSLCRL71S16C351G
Privacy contact email: homeortigia@gmail.com

2. Types of Data Processed and Purposes of Processing

your personal data will be processed according to the principles of lawfulness, fairness, and transparency for the following purposes:

A) Navigation data (automated processing)

the computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.

  • Data processed: IP addresses, domain names of computers used by users, URI/URL (uniform resource identifier/locator) addresses, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment.
  • Purpose: these data are used for the sole purpose of obtaining anonymous statistical information on the use of the site, to ensure its correct functioning and to ascertain responsibility in case of hypothetical computer crimes against the site.
  • Legal Basis: the processing is based on the legitimate interest of the controller (art. 6, par. 1, lett. f, GDPR) to ensure the security and operation of the site.
  • Retention Time: these data are deleted immediately after processing, except for any need to ascertain crimes.

B) Data provided voluntarily by the user (contact form)

the site hosts a contact form (e.g., "request availability" on the index.html page) through which the user voluntarily provides personal data.

  • Data processed: identification and contact data (name, surname, email address) and any other personal data that the user voluntarily includes in the body of the message (e.g., period of stay, number of guests).
  • Purpose: the exclusive purpose is to respond to requests for information, availability, or quotes sent by the user.
  • Legal Basis: the processing is necessary for the execution of pre-contractual measures taken at the request of the interested party (art. 6, par. 1, lett. b, GDPR).
  • Retention Time: the data are kept for the time strictly necessary to respond to the request and, in the event of subsequent stipulation of a tourist rental contract, for the time imposed by civil and fiscal obligations (generally 10 years). in the absence of a contract, the data will be deleted within 24 months of the last communication.

C) Processing via Cookies

the site uses tracking tools. for details on the cookies used, their purposes, and the related legal bases, please refer entirely to the dedicated Cookie Policy.

3. Nature of Data Provision

with the exception of navigation data (necessary for the use of the site), the provision of personal data via the contact form is optional. however, failure to provide the data marked as mandatory (e.g., name, email) will make it objectively impossible for the controller to process the contact request.

4. Processing Methods

the processing is carried out by means of the operations indicated in art. 4, no. 2) GDPR and precisely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation, and destruction of data. the data are processed both on paper and electronically and/or automatically. the controller adopts appropriate technical and organizational security measures to prevent data loss, illicit or incorrect use, and unauthorized access.

5. Data Recipients

your personal data will not be disseminated. they may be communicated, for the purposes referred to in point 2, to:

  • internal staff authorized by the controller to process data (collaborators);
  • third parties (e.g., technical service providers, hosting providers, IT companies) appointed, if necessary, as data processors pursuant to art. 28 GDPR.

the updated list of data processors is available on request from the controller. the data will not be communicated to other third parties, unless the communication is required by legal obligations or is strictly necessary for the fulfillment of the user's requests.

6. Data Transfer outside the EU

the management and storage of personal data take place on servers located within the european union. however, the use of third-party services (such as google tag manager and related services, e.g., google analytics) may involve the transfer of some navigation data to servers located outside the european economic area (EEA), particularly in the united states. this transfer is legitimized by the adoption of adequacy decisions by the european commission (e.g., EU-U.S. data privacy framework) and/or by the signing of standard contractual clauses (SCC) approved by the european commission, which guarantee an adequate level of data protection. for more details, please refer to the cookie policy.

7. Rights of the Data Subject

as a data subject, you may exercise, at any time, the rights provided for in articles 15 (access), 16 (rectification), 17 (cancellation - "right to be forgotten"), 18 (limitation of processing), 20 (data portability), and 21 (opposition) of the GDPR. in particular, you have the right to obtain confirmation of the existence or not of personal data concerning you, the indication of the origin of the data, the purposes and methods of processing, the updating, rectification, integration of data, the cancellation, transformation into anonymous form or blocking of data processed in violation of the law. for processing based on consent, you have the right to withdraw consent at any time, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.

8. How to Exercise Rights and Right to Lodge a Complaint

you may exercise your rights at any time by sending a communication to the controller's email address: homeortigia@gmail.com.

we also remind you that you have the right to lodge a complaint with the competent supervisory authority (for italy, the garante per la protezione dei dati personali) pursuant to art. 77 GDPR.

9. Updates

this privacy policy is subject to updates. users are invited to consult this page regularly.

last updated: november 2, 2025

Cookie and Privacy Notice

We use necessary technical cookies and, with your consent, third-party cookies (Google Tag Manager) for statistical analysis. Denial does not affect navigation. By clicking "Reject" or [X], you continue with only technical cookies.
Data controller: Carlo Di Silvestro. Consult the Privacy Policy and the Cookie Policy .