Privacy Policy of heimatsrl.wixsite.com/heimat, heimat.haus, matteotrevisan.eu, simmaproject.wixsite.com/simma,
noleggioimpiantoau.wixsite.com/
niat,
https://sergiotrevisan.wixsite.com/
consulting and third-party platforms
PRIVACY POLICY
Heimat S.r.l. (hereinafter referred to as the “Data Controller”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy describes how we collect, process, and protect users’ personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”).
1. Data Controller
The Data Controller is:
Heimat S.r.l.
Registered office: Corso Sicilia 61
VAT No.: 13038860014
Email: heimat.torino@gmail.com
Phone: +39 351 8966757
2. Types of Personal Data Collected
We collect the following types of personal data:
-
Identification data: first name, last name, date of birth, identification document.
-
Contact data: email address, phone number.
-
Payment data: information relating to payment methods (e.g. credit card number, PayPal).
-
Booking data: stay dates, preferences, booking details.
-
Communication data: messages exchanged via WhatsApp, email, or other messaging platforms.
-
Usage data: IP address, device type, browser information, pages visited (through the use of cookies).
3. Purposes of Data Processing
Your personal data will be processed for the following purposes:
-
Booking management: processing and managing bookings at our facilities (necessary for the performance of a contract).
-
Marketing communications: sending newsletters, promotional offers, and communications relating to our services, subject to your prior consent.
-
Compliance with legal obligations: fulfilling tax, administrative, and legal obligations (e.g. retention of tax data).
-
Support and assistance services: responding to your requests and providing assistance during your stay.
-
Service analysis and improvement: carrying out statistical analyses and improving users’ stay experience (legitimate interest of the Data Controller).
-
Information requests and follow-up: managing requests relating to our projects and musical services, including artistic activities and workshops (e.g. Il Tempo di Torino – Passeggiate Musicali), courses and school projects, services for DJs and musicians, rental and technical support services, online communication services, as well as applications for job positions or collaborations (necessary to respond to a request from the data subject).
4. Legal Basis for Processing
The processing of your personal data is based on the following legal grounds:
-
Consent: for sending marketing and promotional communications (when expressly given).
-
Performance of a contract: for booking management and all related services.
-
Legal obligation: for compliance with tax, contractual, and legal obligations.
-
Legitimate interest: to analyze and improve our services and to protect against misuse or abuse.
5. Processing Methods and Data Security
Personal data are processed both electronically and in paper form, using organizational and logical measures strictly related to the purposes indicated. Processing is carried out in accordance with the security measures required by the GDPR to prevent unauthorized access, disclosure, alteration, or destruction of data.
6. Recipients of Personal Data
Your data may be shared with the following recipients:
-
Online Travel Agencies (OTAs) such as Airbnb, Booking.com, Expedia, and third-party platforms.
-
Payment service providers (e.g. PayPal, Stripe) for payment management.
-
Technical and support service providers (e.g. hosting providers, marketing agencies).
-
Communication and assistance service providers (e.g. WhatsApp).
-
Other parties where necessary to comply with legal obligations or to perform the contract.
Where data are transferred abroad, we ensure that such transfers take place in compliance with GDPR requirements, through the adoption of Standard Contractual Clauses or other appropriate legal safeguards.
7. Data Retention Period
Your personal data will be retained for the period necessary to achieve the purposes for which they were collected:
-
Booking data: retained until the end of the stay and for compliance with tax obligations (up to 10 years).
-
Marketing data: retained until consent is withdrawn.
-
Payment data: retained for the time necessary to complete the transaction and to comply with legal obligations.
At the end of the retention period, data will be deleted or anonymized.
8. User Rights
Pursuant to the GDPR, you have the right to:
-
Access your data: obtain a copy of the personal data we process.
-
Rectification: request the correction of inaccurate or incomplete data.
-
Erasure: request the deletion of your data where no longer required for legal purposes.
-
Restriction of processing: request limitation of processing in certain cases.
-
Data portability: receive your data in a structured, commonly used, and machine-readable format.
-
Objection to processing: object to the processing of data for direct marketing purposes, including cookies.
To exercise your rights, you may contact the Data Controller using the contact details provided above.
9. Transfer of Data Outside the European Union
Your data may be transferred to service providers located in countries outside the European Union, such as booking platforms (e.g. Airbnb, Booking.com), whose servers may be located in third countries. In such cases, we ensure that appropriate safeguards are adopted to protect your data, including Standard Contractual Clauses or other lawful measures.
10. Cookies and Tracking
This website uses cookies to collect information and improve your browsing experience. Cookies may be used for analytical, marketing, and personalization purposes.
For more details, please refer to our Cookie Policy.
11. Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time. Any changes will be published on this page together with the date of the update. We encourage you to review this section regularly to stay informed of any changes.
12. Complaints
If you believe that your rights have been violated, you may lodge a complaint with the competent Data Protection Authority or take legal action.
Last updated: 19/01/2026
