Privacy Policy

(pursuant to Articles 13 and 14 of Regulation EU 2016/679 – GDPR)

This Notice describes the methods of processing personal data of users who visit the website Ristorante La Rocca (hereinafter referred to as the “Site”).

1. Data Controller

The Data Controller is:

Ristorante La Rocca
an exclusive of International Gruppo Sica di Sica Fortuna & C. Snc
VAT and CF: IT01409290531
Headquarters: Piazza della Repubblica, 92 - 58017 Pitigliano (GR)
Contact email: info@laroccapitigliano.it

2. Types of data processed

The Site may process the following categories of personal data:

  • Navigation data (IP address, browser type, device, operating system)

  • Data voluntarily provided by the user via contact or booking forms (name, email, phone number, messages)

  • Statistical data collected in aggregate or anonymized form

3. Purposes of processing

Personal data are processed for the following purposes:

  • To respond to contact or booking requests

  • To manage communications with users

  • To improve the functionality and browsing experience of the Site

  • To analyze the traffic of the Site and its performance

4. Legal basis for processing

The processing of personal data is based on the following legal grounds:

  • User Consent (art. 6, par. 1, lett. a GDPR), for statistical purposes and non-essential cookies

  • Execution of pre-contractual measures requested by the user, for managing contacts and bookings

  • Legitimate interest of the Data Controller, to ensure the correct technical functioning of the Site

5. Methods of processing

The processing of data occurs using IT and telematic tools, in compliance with the principles of lawfulness, fairness, transparency, and minimization of data, as well as the security measures provided by current legislation.

6. Data retention

Personal data are retained for the time strictly necessary to achieve the purposes for which they were collected and, in any case, in compliance with legal obligations.

7. Data communication and transfer

Personal data will not be disseminated. They may be communicated to external parties who provide technical and operational services (e.g. hosting, analysis services), appointed where necessary as Data Processors.

Some data may be transferred to non-EU countries (e.g. the United States). Such transfers occur in compliance with the Standard Contractual Clauses approved by the European Commission or other guarantee instruments provided by the GDPR.

8. Rights of the data subject

The user can exercise their rights provided for in Articles 15–22 of the GDPR, including:

  • Access to personal data

  • Rectification or deletion

  • Limitation or objection to processing

  • Data portability

  • Withdrawal of previously granted consent

Requests can be sent to: info@laroccapitigliano.it

9. Changes to this notice

The Data Controller reserves the right to modify this Notice. Any changes will be published on this page.

Last updated: January 2026