Privacy Policy

This notice is provided pursuant to Regulation (EU) 2016/679 (“GDPR”) and applicable Italian data protection law.

1. Data Controller

The Data Controller is:

BACCO TOURS S.R.L.S.

Via Milano 9, 00058 Santa Marinella (RM), Italy

VAT No.: 17558151001

Email: info.baccotours@gmail.com

Website: www.baccotours.com

For any requests regarding the processing of personal data, you may contact the Data Controller using the details above.

2. Types of Data Collected

The website may collect the following categories of personal data:

Data voluntarily provided by the user

  • First and last name
  • Email address
  • Phone number
  • Information related to tour and excursion bookings
  • Data contained in contact form requests
  • Any additional information voluntarily provided by the user

Automatically collected data

During browsing, the following may be collected:

  • IP address
  • Date and time of access
  • Browser used
  • Operating system
  • Pages visited
  • Time spent on the website
  • Technical information about the device used

3. Purpose of Processing

Personal data is processed for the following purposes:

a) Handling contact requests

To respond to information requests, quotations, and support inquiries.

Legal basis: performance of pre-contractual measures (Art. 6(1)(b) GDPR).

b) Booking management

To organize and manage requested tours, excursions, and travel services.

Legal basis: performance of a contract (Art. 6(1)(b) GDPR).

c) Legal and tax compliance

To comply with applicable laws, regulations, and legal obligations.

Legal basis: legal obligation (Art. 6(1)(c) GDPR).

d) Website security

To ensure platform security and prevent fraudulent use.

Legal basis: legitimate interest of the Controller (Art. 6(1)(f) GDPR).

e) Marketing (where authorized)

Sending newsletters, promotional offers, and commercial communications.

Legal basis: consent of the data subject (Art. 6(1)(a) GDPR).

Consent may be withdrawn at any time.

4. Processing Methods

Data is processed using electronic and telematic tools, with appropriate technical and organisational measures to ensure security, integrity, and confidentiality.

5. Data Retention

Personal data is retained only for as long as necessary for the purposes for which it was collected and in any case:

  • Contact requests: up to 24 months
  • Booking data: up to 10 years for tax and administrative obligations
  • Marketing data: until consent is withdrawn and in any case no longer than 24 months
  • Technical and security logs: as required for technical and security needs

6. Data Disclosure

Data may be shared with:

  • Authorized employees and collaborators
  • IT service and hosting providers
  • Payment platforms
  • Tour guides, transport providers, and service suppliers involved in delivering requested services
  • Tax, legal, and administrative consultants
  • Public authorities where required by law

Data will not be publicly disclosed.

7. Data Transfers Outside the EU

If some service providers are located outside the European Economic Area, data transfers will be carried out in compliance with Articles 44 et seq. of the GDPR, using appropriate contractual safeguards.

8. Cookies

The website uses technical cookies necessary for proper platform operation.

Subject to user consent, the following cookies may also be used:

  • Analytical cookies
  • Statistical cookies
  • Profiling cookies
  • Marketing cookies

For more information, please refer to the website’s Cookie Policy.

9. Data Subject Rights

Users may exercise the rights provided under Articles 15–22 of the GDPR at any time:

  • Access to personal data
  • Rectification of inaccurate data
  • Erasure of data
  • Restriction of processing
  • Objection to processing
  • Data portability
  • Withdrawal of consent
  • Complaint to the Italian Data Protection Authority

Requests may be sent to the Data Controller’s email address.

10. Minors

The website is not intended for individuals under 16 years of age. Personal data of minors is not knowingly collected without parental or guardian consent.

11. Changes to This Policy

The Data Controller reserves the right to modify this Privacy Policy at any time. Changes will be published on this page with an updated revision date.

 

Last updated: 01.06.2026