Informativa sulla Privacy

We collect the following types of information:

1.1 Account Information

• Name, email address, phone number
• Password (encrypted and hashed)
• Profile photo and bio (optional)
• Government ID for verification (hosts only)

1.2 Booking Information

• Check-in/check-out dates and times
• Number of guests and their details
• Special requests and preferences
• Communication with hosts
• Booking type selection (Standard or Non-Refundable)

1.3 Payment Information

• Billing address and name
• Payment method type (credit card, debit card)
• Last 4 digits of card number (for reference)
• Transaction history and receipts
• Nota: We do not store complete credit card numbers. Payment processing is handled by secure PCI-DSS compliant partners.

1.4 Technical Information

• IP address and device information
• Browser type and operating system
• Cookies and similar tracking technologies
• Pages visited, time spent, and click behavior
• Referral source (how you found our site)

1.5 Location Information

• Approximate location from IP address
• Precise location (if you enable location services)
• Search location preferences

We use your information for the following purposes:

2.1 Service Delivery

• Process and manage your bookings
• Facilitate communication between guests and hosts
• Process payments and issue refunds
• Send booking confirmations and receipts
• Provide customer support

2.2 Platform Improvement

• Analyze usage patterns and trends
• Improve search and recommendation algorithms
• Develop new features and services
• Conduct research and analytics

2.3 Security and Fraud Prevention

• Verify user identity and prevent fraud
• Monitor suspicious activity
• Enforce our Terms of Service
• Comply with legal obligations

2.4 Marketing (with your consent)

• Send promotional emails about special offers
• Display personalized recommendations
• Send newsletters and updates
• You can opt-out of marketing communications at any time

Legal Basis (GDPR):

• Contract Performance: Processing necessary to fulfill booking services
• Consent: Marketing communications, cookies, location services
• Legitimate Interest: Fraud prevention, analytics, service improvement
• Legal Obligation: Tax reporting, law enforcement requests

We share your information in the following circumstances:

3.1 With Hosts and Guests

• When you book, we share your name, contact info, and booking details with the host
• Hosts can see your profile information and reviews
• Guests and hosts can message each other through our platform

3.2 Service Providers

• Payment Processing: Secure payment partners process transactions
• Email Services: Email delivery for notifications and communications
• SMS Services: Two-factor authentication and booking alerts
• Analytics: Google Analytics for usage statistics (anonymized)
• Hosting: Cloud infrastructure providers

All service providers are bound by strict confidentiality agreements and cannot use your data for their own purposes.

3.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Court orders, subpoenas, or legal processes
• Law enforcement or government requests
• Investigations of fraud or illegal activity
• Protection of our rights, property, or safety

3.4 Business Transfers

If we merge with, are acquired by, or sell assets to another company, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

3.5 What We DO NOT Do

• ❌ We never sell your personal information to third parties
• ❌ We never share your data for advertising purposes without consent
• ❌ We never publicly disclose your contact information

We implement industry-standard security measures:

• Encryption: All data transmitted is encrypted using SSL/TLS (HTTPS)
• Secure Storage: Passwords are hashed using bcrypt algorithm
• Payment Security: PCI-DSS compliant payment processing
• Access Controls: Restricted access to personal data on a need-to-know basis
• Monitoring: 24/7 system monitoring for suspicious activity
• Regular Audits: Periodic security assessments and updates
• Firewalls: Network firewalls and intrusion detection systems

Your Responsibility:

• Use a strong, unique password
• Never share your password with anyone
• Log out of shared devices
• Report suspicious activity immediately

We retain your information for the following periods:

• Account Data: As long as your account is active, plus 3 years after closure
• Booking Records: 7 years for tax and legal compliance
• Payment Transactions: 7 years as required by financial regulations
• Marketing Consents: Until you withdraw consent or 2 years of inactivity
• Support Tickets: 3 years after resolution
• Analytics Data: 26 months (anonymized)

After retention periods expire, we securely delete or anonymize your data. Some information may be retained longer if required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution).

Under GDPR and applicable data protection laws, you have the following rights:

Utilizziamo cookie e tecnologie simili per:

Essential Cookies (Required)

• Maintain your login session
• Remember language and currency preferences
• Secure your account and prevent fraud
• Enable core platform functionality

Analytics Cookies (Optional)

• Google Analytics: Track page views and user behavior (anonymized)
• Understand which features are most popular
• Measure marketing campaign effectiveness

Marketing Cookies (Optional)

• Show personalized recommendations
• Display relevant ads on social media
• Retarget visitors who viewed listings

Managing Cookies:

• Accept or reject non-essential cookies via our cookie banner
• Configure browser settings to block third-party cookies
• Use browser extensions like Privacy Badger or uBlock Origin

Note: Blocking essential cookies may impact platform functionality.

Our servers are located in Europe. If you access our platform from outside the European Economic Area (EEA), your data may be transferred to and processed in Europe.

We ensure adequate protection for international transfers through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Service providers certified under adequacy frameworks
• GDPR-compliant data processing agreements

Our platform is not intended for children under 18 years old.

We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@caprieasy.net so we can delete it.

To make a booking, you must be at least 18 years old or have a parent/guardian complete the booking on your behalf.

Our platform may contain links to external websites (e.g., social media, payment processors, tourist attractions). We are not responsible for the privacy practices of these third-party sites.

We recommend reading the privacy policies of any external sites you visit. Third-party services have their own data collection and usage policies.

We may update this Privacy Policy from time to time to reflect:

• Changes in applicable laws or regulations
• New features or services we offer
• Improvements to our data practices

How We Notify You:

• Email notification for significant changes
• Platform banner or notification
• Updated "Last Modified" date at the top of this page

Continued use of our platform after changes constitutes acceptance of the updated Privacy Policy. If you disagree with changes, please stop using our services and contact us to close your account.