Interested parties

Website users


Processing of personal data

Below are the methods of managing the service, owned by Parco Del Sangro Srl. The policy is made in accordance with Article 13 of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data. This policy is provided only for the Parco Del Sangro website and not for any other websites possibly consulted by the user through links.


Data controller


As a result of consulting this website, data relating to identified or identifiable individuals may be processed.

Data controller: Parco Del Sangro - Piazza Del Mezzogiorno, 3 - 67031 - Castel Di Sangro - email: Company name: Parco Del Sangro Srl with registered office in Piazza Del Mezzogiorno, 3 67031 Castel Di Sangro (Aq).


Type of data processed


Navigation data

The software applications used for the operation of the Parco Del Sangro website acquire some personal data transmitted through secure protocols. This information is not collected to be associated with identified individuals, but could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses, browser identifier (user agent), URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the numerical code indicating the status of the response given by the server (for example, success, error), and other parameters relating to the user's operating system and computer environment. This data is used solely to obtain anonymous statistical information on the use of the website and to check its correct functioning.


Data provided voluntarily by the user

For access to some services provided through the Parco Del Sangro website, the optional and voluntary provision of certain identifying data (email, name, contact information, and information necessary to provide the requested service) may be required.


Purpose and legal basis


Provision of the service

The personal data provided by users who use the services provided by Parco Del Sangro (e.g., by browsing the website, filling out forms for various requests) is used solely for the purpose of carrying out the requested service or performance. The legal basis for the processing is the performance of pre-contractual measures in order to respond to your requests.


Further communications following a stay

After purchasing a stay, Parco Del Sangro may send the user additional communications, including commercial ones, relating to its services. The legal basis for the above processing is the legitimate interest of the data controller (cons. 47 GDPR).


Direct marketing

In the case of specific consent (by registering for the newsletter), Parco Del Sangro may send information on new products, promotions, and special offers by email. Users have the option to disable the service at any time through the appropriate procedure and/or the methods indicated later for the exercise of their rights. The legal basis for the above processing is the data subject's consent. Specific summary information, if necessary, will be reported or displayed on the pages of the website prepared for particular additional services upon request.



Data retention period

The data retention period is necessary for the purposes deriving from the requested services and for an additional period of 36 months. If the requested information is subject to an online transaction, such data may be kept for economic and tax accounting purposes for a period of 10 years. As for the technical data managed by the site, such as cookies, the retention period is defined by the technical characteristics of the cookies themselves. The data retention period is considered renewed for an additional period of 36 months whenever a new consent is given to the data processing and/or at each access to the services offered through one's credentials (e.g. personal login area).


Optional provision of data


Apart from what is specified for navigation data, the user is free to provide Parco Del Sangro with the personal data requested to use the services provided through the site. Failure to provide the data related to the fields marked with an asterisk (mandatory) will make it impossible to use the offered service.


Methods and security of data processing

The processing of personal data takes place through computer tools suitable to guarantee the security and confidentiality of the data itself and in any case in compliance with the adequate security measures required by art. 32 GDPR, through secure communication protocols with SSL encryption algorithms. Your personal data will be processed in accordance with the legislative provisions of the above-mentioned regulations and the confidentiality obligations provided for therein. The Italian Privacy Guarantor's "Guidelines on promotional activities and combating spam - July 4, 2013 (Published in the Official Gazette no. 174 of July 26, 2013), Guidelines on the processing of personal data for online profiling - March 19, 2015, and Guidelines on automated decision-making processes and profiling - WP251, defined on the basis of the provisions of Regulation (EU) 2016/679, are considered "good practices".




For the performance and support of the activity's operation and organization, some data may be made known or communicated to recipients. These subjects are divided into: Third parties, Data Controllers and Sub-Data Controllers, and authorized personnel under the authority of the owner or manager.


Third parties

These are defined as individuals or legal entities, public authorities, services or other bodies that are not the data subject, the data controller, the data processor, or the authorized persons responsible for data processing.

For data processing related to administrative purposes, accounting, legal obligations, customer management, contracts, data may be communicated to:

Companies that manage traditional or computerized postal services.

Companies registering domain names

Any other subjects whose communication of data is necessary to achieve the aforementioned purposes or to comply with a legal obligation;


Data Controllers and Sub-Data Controllers

These are defined as natural or legal persons, public authority, service or other body that processes personal data on behalf of the data controller.

Other possible providers of computer services necessary for the provision of the service, possibly located in the USA with a guarantee of the adequacy agreement "Privacy Shield".


Within our company structure

Your data will be processed solely by personnel expressly authorized by the Owner, with the assurance of adopting adequate instructions, training, confidentiality agreements, and, in particular, by the following categories of employees:

Administrative staff.



Your personal data will not be spread/disseminated in any way.


Rights of data subjects

Data subjects (individuals to whom personal data refers) may exercise their rights provided by the Regulation at any time, through a dedicated personal area. It is possible to access such area by requesting the link through the appropriate procedure at the bottom of this information notice. Another way to exercise the rights provided by the Regulation, if the user has used the newsletter service, is available through the appropriate link at the bottom of the received email. In particular, individuals may legitimately request the rights from art. 15 to art. 23, specifically: 1. Deletion of all data. 2. Rectification/modification. 3. Limitation. 4. Portability. 5. The right to object to automated decision-making (profiling). Any additional requests can be reported in the notes field.

Data subjects, if the conditions are met, also have the right to lodge a complaint with the Garante as the supervisory authority according to the procedures provided. For any further information, and to assert the rights recognized by the European Regulation, you may contact the data controller at the references listed above.

Requests can also be made using the following contacts:

Data controller: Parco Del Sangro - Piazza Del Mezzogiorno, 3 - 67031 - Castel Di Sangro - email:, Legal Name: Parco Del Sangro Srl with registered office in Piazza Del Mezzogiorno, 3 67031 Castel Di Sangro (Aq).



Notice acknowledgement and consent acquisition by the data subject

The undersigned data subject, having acquired the information provided by the data controller pursuant to articles 13-14 and GDPR, confirms having read this information notice regarding the processing of data, for the essential purposes of providing the service, and to allow Parco Del Sangro to properly manage and treat such data.



As proof of explicit and unambiguous consent, we will record the time, date, IP address, and email address. Please note that at any time you may exercise your rights (listed above) through the link at the bottom of received communications, or through contact channels.