• Check-in
  • modify/cancel reservation
Contact Us
Follow us on:
book Close


This page provides details of the privacy policy adopted by Castel Monastero S.r.l. on its websites with reference to the processing of the personal data of users who access its websites.
The following information notice is provided pursuant to Article 13 of European Regulation 679/2016 for persons who interact with the web services of Castel Monastero S.r.l., which are accessible online.
This information is also based on Recommendation no. 2/2001, which the European data protection authorities, assembled in the Data Protection Working Party that was established under Article 29 of Directive 95/46/EC, adopted on 17/05/2001 in order to identify the minimum requirements that needed to be implemented to protect the online collection of personal data, as well as the minimum measures that must be implemented in relation to persons who access web pages in order to guarantee the fairness and lawfulness of such processing.

Data controller
Accessing this website may give rise to the processing of data related to identified and identifiable persons. The "Data Controller" for the processing of these personal data is Castel Monastero S.r.l. with registered office in Castelnuovo Berardenga (SI) Località Monastero D’Ombrone 19 – 53019.

Data Protection Officer
The Data Protection Officer is Ecoconsult S.r.l. with registered office in Milan, Via Goldoni, 1, which can be contacted at the following email address dpo@ecoconsult.it

Location of Personal Data Processing - Profiling
The website of Castel Monastero S.r.l. may be visited without having to provide any personal data.  Personal data provided via internet to Castel Monastero S.r.l. are processed at its website manager in Santa Margherita di Pula, Strada Statale no. 195 km 39,600 and at its administration office in Castelnuovo Berardenga (SI) Località Monastero D’Ombrone 19 - 53019

The personal data is processed only by technical staff specifically tasked with data processing and, occasionally, by persons assigned to carry out any maintenance operations. Visitors who use the booking request form and the e-newsletter registration form, must provide personal data (name, surname, address, email address, telephone number, etc.) and give authorisation for them to be processed. Personal data acquired through the internet services offered by Castel Monastero S.r.l. is held in Castelnuovo Berardenga (SI) Località Monastero D’Ombrone 19 – 53019 and at the premises of external companies that are essential to the performance of the services concerned (e.g. software houses, server farms and web agencies). The data is processed only by technical staff tasked with data processing or by persons assigned to carry out occasional maintenance work. Furthermore, the company will not perform data processing using automated decision-making processes without requesting express consent for such processing.

Categories of data processed
Navigation data

During their normal course of operation, the computer systems and software procedures used to operate this website collect some personal data, the transmission of which is implicit in the use of internet communication protocols. These data are not collected in order to be associated with identified data subjects; however, due to their nature, they could, through processing and in combination with data held by third parties, enable users to be identified. This category of data includes the IP addresses or domain names of computers used by users to access the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time the request was made, the method used to submit the request to the server, the size of the files obtained in response, the numeric code indicating the status of the response given by the server and other parameters related to the user’s operating system and computing environment. These data are used for the sole purposes of extracting anonymous statistical information on the use of this website and for checking that it is working correctly. In addition, the data may be used to ascertain any liability in the event of hypothetical cybercrimes against the website: unless these circumstances apply, the personal data are stored for no more than thirty days.