menu
altlogo
menu
eng
Privacy 2

Privacy

Information on the processing of personal data collected through this website
Last revision: 05/12/2025

1. Introduction and regulatory references
This policy explains the processing of personal data collected through this website, including that acquired through cookies, tracking technologies and — where present — contact forms, reserved areas, digital services and economic transactions that take place electronically.
This privacy policy is intended for anyone who accesses or uses this site. It describes how we collect, use, and protect your personal data, as well as your legal rights.
These provisions do not apply to other sites, pages, or online services accessible through external links that may be present on the site. Please consult the relevant privacy policies for these sites.
This information is provided in compliance with the main national and international regulations regarding the protection of personal data, including:

Regulation (EU) 2016/679 (GDPR)
UK General Data Protection Regulation (UK GDPR) and Data Protection Act (UK)
Swiss Federal Act on Data Protection (nFADP / LPD)
Brazilian Personal Data Protection Law (LGPD)
Other regulations that may apply.

2. Who manages your data and how can you contact us?
Your personal data is processed by:
ALBRO PALACE SRL
Via Nazionale, 10 - 50123 Florence (FI) - ITALY
info@atlanticpalace.it
VAT NUMBER: IT 00429450489

For any information regarding the processing of personal data or to exercise their rights under the law, interested parties can contact the Data Controller.

3. On what legal basis do we process your data?
The processing of personal data collected through this site (including through cookies, similar technologies, contact forms, reserved areas, digital services, and transactions, where applicable) is based on one or more of the following legal bases:

Performance of a pre-contractual service or activity requested by the user via the contact forms provided;
Compliance with legal obligations, regulations or standards;
A further legal basis, the legitimate interest of the Data Controller, can be used for specific purposes (e.g. ensuring IT security, preventing fraud, protecting the Data Controller's rights in court).

Additional legal bases for Brazil (LGPD):
When the processing falls under the jurisdiction of the LGPD, the following specific legal bases provided for by Brazilian law are added:

Credit protection: data may be processed for credit management and protection purposes, such as assessing solvency, preventing financial fraud, or granting financing.
Implementation of public policies: in the cases provided for, the Public Administration may process personal data for the implementation of initiatives envisaged by laws, public programs, or agreements.
Study by research institutions: the data may be used by scientific research or statistical institutions, preferably in anonymous form, for study or analysis purposes.
Failure to accept or revoke consent may reduce or limit some personalized features or services.

4. What data do we collect when you visit the site?
While browsing this site, the following data may be collected, including through cookies and similar technologies such as pixel tags, web beacons, local storage, and equivalent technologies:

Browsing and technical data: Information such as IP address, device identifiers, operating system and browser data, requested URLs, connection times, technical logs, technical preferences, usage data collected through cookies and tracking technologies (pixel tags, web beacons, local storage and similar tools).

Identifying data provided voluntarily: Information entered in digital forms on the site (e.g., name, surname, email, telephone number) and/or provided via email or other contact channels, used to respond to requests, provide services, provide any consultations, and—with prior consent—to send informational and commercial communications.

Data communicated through social media integrations and third-party platforms: Data transmitted through social media features (login, plugins, sharing, etc.) are processed in accordance with the rules of the relevant platforms as well as this policy.

Data relating to purchases, payments and financial transactions: collected only if the site offers paid services and managed according to specific security precautions.

5. How do we process your data, how do we protect it, and how long do we keep it?
The personal data collected through this site are processed primarily using electronic and digital tools according to the principles of lawfulness, fairness, data minimization, integrity, and confidentiality.

Appropriate technical and organizational measures are adopted to prevent unauthorized access, loss, alteration, or unauthorized disclosure of data, including:

Communication encryption (https): Communications between your browser and the site are protected by HTTPS encryption, which prevents the interception or manipulation of data exchanged during navigation;
The data is stored according to the following timeframes:

Cookie preferences and consents: stored for 180 days, as per the Cookie Policy on this site. Browsing and technical data: stored only for the time necessary to ensure the security, integrity and functionality of the site and subsequently anonymized or aggregated.
Data collected for contractual and transactional purposes: retained for as long as required by applicable laws (e.g. tax or accounting regulations).
Data processed for marketing purposes: retained until consent is revoked or deletion is requested.
Data entered via forms or specific requests: retained for the time necessary to respond or fulfill the relevant purpose.

6. Who can receive your data?
The following may access the personal data collected through this site, within the limits of their respective competences and purposes:

Authorized internal subjects by the Data Controller, regularly trained in privacy and security matters;
Suppliers and third parties appointed as Data Processors (for example: technical providers, IT companies, customer support companies, consultants, payment service providers and logistics providers, where applicable);
Business partners, third parties and affiliates, exclusively for promotional/marketing purposes if you have given specific consent or exercised the opt-out where applicable;
Entities that provide plugins, social networks and interaction services with external platforms, who may process personal data according to their own logic as independent data controllers (in this case, also consult the individual information notices of these third parties);
Competent public authorities and supervisory bodies, within the limits imposed by law or to satisfy requests from judicial authorities;
The updated list of external recipients can be made available upon request by writing to the Data Controller.

7. Where can your data be transferred?
Personal data collected through this site may be processed and transferred — for the purposes indicated — to the following countries:

to countries belonging to the European Economic Area (EEA), Switzerland or other countries recognised by the competent authorities as “adequate” to the level of protection provided by law;
Updated list of "reliable" countries:

UE
Switzerland

8. What are your rights regarding the data collected?
The user, in accordance with applicable law, has the right to:

Obtain confirmation as to whether or not personal data concerning you are being processed and, if so, obtain access to such data and related information (right of access).
Request the rectification, updating, or deletion of inaccurate or no longer necessary data (right to rectification and deletion).
Request limitation or object to data processing, including for promotional/profiling purposes, where applicable.
Request data portability in a structured and interoperable format (where technically possible). Revoke your consent to the use of non-technical cookies and the processing of data collected through tracking tools.
Report any irregularities or abuses to the competent supervisory authorities.
To exercise these rights, simply send a request to the Data Controller, who will respond within the timeframes set by applicable local regulations.

9. How are minors' data processed?
The protection of minors is a fundamental priority.

The services and contents of this site are not intended for persons under the age of 18.

We do not knowingly collect personal information from minors without the verifiable consent of a parent or guardian.

If a parent or guardian believes that a minor has provided personal data without authorization, he or she may request its removal, updating, or restriction of processing by writing to the contact details indicated in this policy.

10. How can I report or complain to the authorities?
If you believe that the processing of your personal data through this site does not comply with current legislation, you can lodge a complaint free of charge with the competent supervisory authorities, including:

The Guarantor or the Authority for the protection of personal data of your country of citizenship or residence;
Swiss Authority (FDPIC)
European Data Protection Supervisor
National Data Protection Authority (Brazil): https://www.gov.br/anpd/pt-br

How do we notify you about changes to this policy?
This policy is subject to periodic review to reflect regulatory changes or changes to the services offered through the site. Any significant changes will be communicated on this page.

Last revision: 05/12/2025