Privacy Policy

At Danilo Capri Concierge ("we," "us," or "our"), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website danilocapri.com and use our concierge services.

Please read this Privacy Policy carefully. By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our services.

1. Information We Collect

1.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

• Make a booking or reservation request
• Contact us for information about our services
• Subscribe to our newsletter or marketing communications
• Create an account on our website
• Participate in surveys or provide feedback

This information may include: full name, email address, phone number, billing address, payment information, passport details (when required for bookings), travel dates, special requests, and preferences.

1.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device, including information about your web browser, IP address, time zone. Additionally, we collect information about individual web pages or services you view, what websites or search terms referred you to our site.

2. How We Use Your Information

We use the information we collect for various purposes, including to:

• Process and fulfill your bookings and service requests
• Communicate with you about your reservations, including confirmations and updates
• Provide customer support and respond to your inquiries
• Send you marketing communications about our services (with your consent)
• Improve and personalize your experience on our website
• Analyze usage patterns and trends to enhance our services
• Detect, prevent, and address technical issues and fraudulent activities
• Comply with legal obligations and enforce our terms and conditions
• Process payments and prevent fraudulent transactions

3. Legal Basis for Processing (GDPR)

If you are a resident of the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the specific context:

• Contract Performance: Processing is necessary to perform our contract with you (e.g., providing booked services)
• Legitimate Interests: We have a legitimate interest in operating our business and improving our services
• Consent: You have given us explicit consent for specific processing activities (e.g., marketing communications)
• Legal Compliance: Processing is necessary to comply with legal obligations

4. Information Sharing and Disclosure

We may share your personal information in the following circumstances:

4.1 Service Providers

We share your information with third-party service providers who perform services on our behalf, including payment processing, accommodation providers, transportation services, tour operators, restaurants, and other vendors necessary to fulfill your bookings.

4.2 Business Partners

We may share information with our trusted business partners who assist us in delivering our concierge services, including villa owners, boat rental companies, and local service providers in Capri.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies), or to protect our rights, property, or safety, or that of others.

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction.

5. Data Security

We implement appropriate technical and organizational security measures designed to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Payment information is processed through secure, PCI-DSS compliant payment processors, and we do not store complete credit card information on our servers.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When your information is no longer needed, we will securely delete or anonymize it. Booking and transaction records may be retained for accounting, tax, and legal compliance purposes for up to 10 years.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Right to Access: Request a copy of the personal information we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal information (subject to legal obligations)
• Right to Restriction: Request limitation of processing of your information
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing of your personal information for certain purposes
• Right to Withdraw Consent: Withdraw your consent for processing activities at any time

To exercise any of these rights, please contact us using the information provided in Section 12 below. We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We ensure that such transfers comply with applicable data protection laws and that appropriate safeguards are in place to protect your information.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information from our systems.

10. Third-Party Links and Services

Our website may contain links to third-party websites, services, or applications that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

11. Marketing Communications

With your consent, we may send you promotional emails about our services, special offers, and updates. You can opt out of receiving marketing communications at any time by clicking the "unsubscribe" link in our emails or by contacting us directly. Please note that even if you opt out of marketing communications, we may still send you non-promotional messages related to your bookings and account.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated Privacy Policy on our website and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.