top of page

Privacy Policy

This Privacy Policy explains how personal data are collected and processed through the website of Casa Capolino (the “Site”) and through related communications and services, in accordance with Regulation (EU) 2016/679 (“GDPR”) and other applicable data protection laws.

1. Data Controller

The Data Controller is:

Irene Paolinelli, acting as a natural person and operating under the brand name “Casa Capolino”
Address: Place Fernand Cocq 3, 1050 Ixelles, Belgium
Email: casacapolino@gmail.com

For any request concerning this Privacy Policy or the exercise of your rights, you can contact the Data Controller at the email address above.

The Site is intended for adult users. If you are under 18, you should not submit personal data via this Site without the involvement of a parent or legal guardian.

2. Categories of personal data processed

Depending on how you interact with the Site, the Data Controller may process the following categories of personal data:

  • Identification and contact data: first name, last name, email address, and telephone number (where provided).

  • Content of communications: any information you voluntarily include in the message fields of the contact form or in emails sent to the addresses indicated on the Site.

  • Newsletter data: first name, last name, and email address provided through the newsletter form; at present no newsletter or marketing campaigns are actively sent, but the form enables future use based on consent.

  • Technical browsing data: IP address, date and time of access, pages visited, device and browser information, and basic system logs generated by the Site’s infrastructure (Wix), which are limited to what is necessary for security and functioning of the Site.

The Site does not collect booking dates, number of guests, billing data, or payment data, and there is no native booking engine or payment flow on the Site.

3. Purposes and legal bases of processing

Personal data are processed for the following purposes and on the following legal bases:

a) Handling contact requests
Purpose: to respond to contact requests, information requests, or other communications sent via the contact form or email.
Legal basis: performance of pre‑contractual measures at the request of the data subject under Article 6(1)(b) GDPR.

b) Managing potential hospitality relationships
Purpose: to provide information about Casa Capolino, availability, services, or the surrounding area, and to handle preliminary contacts that may lead to a booking through external platforms (for example, Airbnb or similar services).
Legal basis: performance of pre‑contractual measures under Article 6(1)(b) GDPR.

c) Newsletter list (if and when activated)
Purpose: to manage the list of addresses collected via the newsletter form and, if the service is activated in the future, to send updates or communications about Casa Capolino.
Legal basis: consent under Article 6(1)(a) GDPR.

At the present time, no regular newsletter or marketing campaign is sent. Any future use for such purposes will be based on the consent expressed through the specific checkbox in the form, which must not be pre‑ticked and can be withdrawn at any time.

d) Technical operation, security, and maintenance of the Site
Purpose: to ensure basic operation, security, and stability of the Site and the underlying infrastructure, as provided by the Wix platform, including the detection of anomalies and the prevention of misuse or cyber attacks.
Legal basis: legitimate interest of the Data Controller in maintaining the security and correct functioning of the Site under Article 6(1)(f) GDPR.

No external analytics tools (such as Google Analytics), advertising pixels (such as Meta Pixel), or third‑party tracking cookies are installed or used on the Site.

 

4. Nature of provision of data

Providing contact data through the contact form or by email is necessary to receive a response or to obtain the requested information. If you do not provide such data, the Data Controller may not be able to respond to your request.

Providing data for the newsletter form is entirely optional and, at present, has no impact on the ability to browse the Site or to contact Casa Capolino.

 

5. Methods of processing

 

Personal data are processed mainly by electronic means, applying appropriate technical and organizational measures to ensure their security, confidentiality, and integrity, in accordance with Articles 24, 25 and 32 GDPR.

Data are processed only by the Data Controller and by any persons duly authorized and instructed, as well as by external service providers that support the operation of the Site and that act, where required, as data processors under Article 28 GDPR.

 

6. Recipients of personal data

 

Within the limits of the purposes indicated above, personal data may be communicated to:

  • Wix.com Ltd., as provider of the website platform, hosting, and related infrastructure services. Wix processes personal data as a service provider according to its privacy policy and applicable data processing terms.

  • Providers of IT, email, or maintenance services that assist the Data Controller in managing communications and the Site, appointed as processors where required.

  • Public authorities or supervisory bodies where disclosure is necessary to comply with legal obligations or for the establishment, exercise, or defence of legal claims.

No payment service providers or booking engines process personal data through this Site, as all bookings and payments are currently managed externally (for example, via third‑party platforms whose privacy policies apply independently).

 

7. International data transfers

 

The Site is built and hosted on the Wix platform. Personal data processed through the Site may therefore be stored and processed on servers located outside the European Economic Area, including in Israel and other countries in which Wix or its service providers operate.

According to information provided by Wix, transfers are carried out in compliance with Chapter V GDPR, in particular based on:

  • the adequacy decision of the European Commission concerning Israel; and

  • Standard Contractual Clauses and other safeguards for transfers to countries without an adequacy decision.

For more information on Wix’s data transfers and safeguards, users can consult Wix’s privacy documentation and may contact the Data Controller for further details.

 

8. Data retention

 

Personal data are kept for no longer than necessary to achieve the purposes for which they were collected, without prejudice to any longer retention required by law or necessary to protect the rights of the Data Controller.

In particular:

  • Contact and information requests: data are generally retained for up to 12 months from the last relevant interaction, unless a longer period is necessary for handling specific requests or potential disputes.

  • Newsletter data (if and when the service is activated): data are retained until consent is withdrawn and, in any case, no longer than 24 months from the last interaction, unless a different retention period is required by law.

  • Technical logs and security data: technical logs generated by the Site and by Wix are retained for the time necessary to ensure security and correct functioning, and generally for no longer than 6 months, unless events or investigations require longer retention.

Once the relevant retention periods have expired, data are deleted, anonymised, or irreversibly de-identified where technically possible.

 

9. Rights of data subjects

 

Users may exercise, within the limits and under the conditions provided by Articles 15–22 GDPR, the following rights with respect to their personal data:

  • right of access;

  • right to rectification;

  • right to erasure;

  • right to restriction of processing;

  • right to data portability (where applicable);

  • right to object to processing based on legitimate interest;

  • right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Requests may be sent to the Data Controller at: casacapolino@gmail.com. The Controller will respond without undue delay and, in any event, within one month, except where the GDPR allows for an extension.

Users also have the right to lodge a complaint with a competent Data Protection Authority in the EU, in particular in the Member State of their habitual residence, place of work, or place of the alleged infringement.

 

10. Changes to this Privacy Policy

The Data Controller may update this Privacy Policy to reflect changes to the Site or to applicable law. The updated version will be published on this page with the relevant revision date.

bottom of page