The company HOTEL LEON D'ORO SRL with registered office in Padua, Via Niccolò Tommaseo 68 - 35131, and with operational headquarters in Verona, Viale Piave, 5, -37135, as Data Controller of personal data, pursuant to the Regulation EU 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data (hereafter referred to as the "Regulation"), informs you that you are the owner of your data and that these will be handled manually with the support of computerized or telematic means.

Data source:

The data necessary for the performance of the contractual relationship between the Parties, as well as the data otherwise acquired within the scope of this activity, are collected directly at the owner's premises and / or through third parties (eg tour operators, trip, etc.), as well as obtained through online booking sites (eg through portal). Your data can also be acquired through a special form in the contact section on the website or by sending spontaneously to the e-mail addresses of the Owner making reference to the domain

Purpose of the treatment:

a) to fulfill the obligation set out in Article 110 of the Royal Decree 18/06/1931 n. 773 which requires us to register and communicate to the local public security authority the details of the clients housed (consent not required)
b) to comply with current accounting, tax and administrative obligations (consent not required)
c) to perform the function of receiving messages, phone calls and mailings or correspondence to you or your group addressed (consent required)
d) to send the customer further promotional messages, including thematic, rate updates, offers and satisfaction questionnaires (consent required)
e) perform specific services requested by the interested party who need particular types of personal data (so-called "sensitive data" for example concerning a state of health) (consent required)
f) to respond to requests received through the website or via email (consent not required)

Processing methods:

The processing of personal data takes place through the use of IT tools and on paper with techniques and procedures suitable to ensure security and confidentiality.

Communication and dissemination of personal data for the pursuit of primary treatment purposes

1. The data will not be disclosed, but may be disclosed to any other third party when the communication is mandatory by law.
2. They may also be communicated and processed by persons in charge and / or internal and external managers identified by the Data Controller and to whom specific instructions have been given (for example, but not limited to: tax and accounting consultants, legal consultants, IT consultants, etc.)

Obligation and optional nature of the provision of data and consequences in case of failure to provide data

1. The provision of data for what is indicated in the purposes in points 1 and 2 is mandatory: any refusal to give them determines the impossibility of the hotel service. You can also provide us with your consent to the preservation of your details in order to speed up the registration procedures in any subsequent stay at our facility.
2. As indicated in points 3, 4 of the purposes, failure to provide consent will not affect the provision of the hotel service but only the function or service reported in the aforementioned points.
3. For particular services or needs of the interested party (see point 5 of the purposes) requiring the Data Controller to process particular categories of personal data ("sensitive data", for example concerning certain aspects relating to his state of health), Failure to provide consent may affect only the provision of the particular services requested.
4. As indicated in point 6 of the purposes, the provision of data is necessary and the refusal to provide contacts will affect the possibility on the part of the owner to respond to the requests of the interested party.

Retention period

The data collected and processed by the Data Controller to execute the Hotel Services can be kept for the prescription period foreseen by the normative, even fiscal, applicable provisions. With regards to the processing of the data indicated in the section Objective 5, the data will be processed until the end of the stay and subsequently canceled, without prejudice to any legal obligations that require further storage.

Data transfer in non-EU countries

The transfer of data provided by the data subject in countries outside the EU is not foreseen by the data controller.

Rights of the interested party

• The interested party enjoys the following rights:
• Right to access personal data.
• Right to obtain rectification or cancellation of the same or limitation of processing concerning him.
• Right to oppose the treatment.
• Right to data portability.
• Right to revoke consent (without prejudice to the fulfillment of legal obligations, or for the performance of a task carried out in the public interest or connected to the exercise of public authority vested in the holder).
• Right to propose a complaint to the supervisory authority, or the Privacy Guarantor

Automated decision-making process, profiling

There are no treatments that involve automated decision-making processes, including profiling.


To exercise your rights and for any information you can contact the holder at the following address: or by calling n. +39 045 8445140.