Privacy Policy



Bifi Hotel – Ge.Co. S.r.l. (di seguito Titolare), C.F./P.IVA 01080540196, registered office in Via Formis, 23 – 26041 Casalmaggiore (CR), i in the person of its legal representative pt, as Data Controller, (hereinafter, “Data Controller”),


in accordance with regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data (hereinafter “GDPR”), your data will be processed in compliance with the aforementioned legislation and in the manner and for the purposes specified below:


The Data Controller, in the course of its activity, processes your personal data (in particular, name, surname, tax code, VAT number, email address, telephone number – later, “personal data” or “data”) collected on the occasion of the conclusion of commercial relationships and/or requests for commercial information.

2 – PURPOSES OF DATA PROCESSING Your personal data are processed for the following purposes distinguished by reference legal basis: 2.1 Execution of the contract – fulfilment of the legal obligation (art.6 lett. b, lett. c). Your personal data are processed for the following purposes:

a) fulfilment of the pre-contractual, contractual and administrative-accounting obligations

b) fulfilment of the obligations established by the law, by a regulation, by community legislation or by an order of the Authority.

2.2 Based on your consent (Article 6 letter a).

Your personal data are processed, for the purpose of sending via sms and/or e-mail information and promotional communications, as well as newsletters from the Data Controller in relation to their own initiatives and/or of their subsidiaries and/or affiliates (Marketing purposes);

2.3 – Legitimate interests (Article 6 letter f – recital 47).

Please note that if you are already our customer, we can send you, always respecting your interests and rights, commercial communications relating to services and products of the Data Controller similar to those you have already used, unless you communicate your disagreement to the contacts indicated in point 7.

3 – RECIPIENTS OR CATEGORIES OF RECIPIENTS The personal data provided may be disclosed to third parties, in order to comply with contracts or related purposes. More precisely, the data may be disclosed to recipients belonging to the following categories:
  • Professionals and consultants in legal, labor and tax matters;
  • Banks;
  • Competent authorities for the fulfilment of legal obligations and/or provisions dictated by public bodies (Revenue Agency etc.);
  • external subjects who manage/support/assist, even occasionally, the Controller in the administration of the information system and telecommunications networks (including e-mail);
Subjects belonging to the aforementioned categories carry out the function of Processor, or work completely independently as separate Controllers. The list of possible Processors is constantly updated and available at the headquarters of the Data Controller.


The processing will be carried out with manual and/or computerized and telematic tools as well as with organization and processing logics strictly related to the aforementioned purposes and in any case in such a way as to guarantee the security, integrity, availability and confidentiality of personal data.

In compliance with the provisions of art. 5 paragraph 1 letter e) of the Reg. EU 2016/679, the personal data collected will be stored in a form that allows identification of data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.


Please note that, taking into account the purposes of the processing specified in point 2.1, the provision of data is mandatory and any failure thereto, partial or incorrect provision may have, as a consequence, the inability to perform the professional service

6 – DATA TRANSFER TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANIZATION The personal data provided are not transferred outside the European Union. 7 – DURATION OF THE PROCESSING

Personal data is kept for the entire duration of the contractual relationship and, in the case of revocation and/or other type of termination of the aforementioned relationship, within the terms established by law for the fulfilment of tax obligations, for example.

For the marketing purposes, the data will be retained until consent is revoked or for the period established by the regulations or by Measures issued by the Control Authority.  


You can, at any time, exercise the rights expressed by articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, and in particular:

access to your personal data

to obtain the rectification, or erasure of the same or the blocking of the processing that concerns yourself;

to object to the processing; to the portability of data;

to withdraw your consent: the withdrawal of consent does not affect the lawfulness of the processing based on the consent granted before the revocation;

to file a complaint with the Italian Data Protection Authority (Garante Privacy)

You can exercise your rights by sending a request to the following Data Controller’s contacts:

  • Via Formis, 23 – 26041 Casalmaggiore (CR)
  • Email
  • Tel. 0375-203371