How We Handle Your Information
Direct Bookings Italy is committed to protecting your privacy. This policy explains how we collect and use personal data when you search for accommodation across Italian properties and use our quote request service.
What Information We Collect
When you search for Italian properties on our site, we collect:
- Search queries (regions, dates, property types)
- Email address when you sign up for our newsletter
- Contact information (name, email, phone) when you request a quote
- Usage data via Google Analytics
- Device information (browser, IP address, operating system)
We do not store passwords or payment information. We do not operate user accounts or login systems. Property owners contact you directly based on information you voluntarily provide.
How We Use Your Data
We use your information to:
- Process and track quote requests
- Send newsletter emails (only if you opt in)
- Improve our search and matching service via analytics
- Prevent fraud and protect our systems
Your search history and quote requests are used to connect you with Italian property owners. Owners in our network contact you directly based on the information you share.
Data Sharing
We only share your information with:
- Property owners on our platform (when you request a quote)
- Google Analytics for usage statistics
- Service providers essential to operating our quote matching system
We never sell your data to third parties. Your email is never shared unless you submit a quote request for a specific property.
Data Security
We employ standard security measures including SSL encryption to protect data transmission. Quote requests are stored securely and accessible only to relevant property owners and our team.
Your Rights
You may request access to or deletion of your personal data at any time. To exercise these rights, email our team with your request. We will respond within 30 days.
You can opt out of newsletter emails using the unsubscribe link in each message. Opting out of analytics is available through your browser settings.
Data Retention
Newsletter signup data is retained until you unsubscribe. Quote request data is retained for one year to enable follow-up contact from property owners, then securely deleted. Search analytics are retained for twelve months.
CIN Verification & Property Data
We verify Italian accommodation registration numbers (Codice Identificativo Nazionale) where available. This helps ensure properties are legitimate. We do not store verification documents but use them to validate property listings.
International Transfers
Google Analytics may process data internationally. We use standard contractual clauses to protect data when transferred outside the European Economic Area.
Contact Us
For privacy questions, data access requests, or to withdraw consent, contact us through the website contact form or email support@directbookingsitaly.com
Data Controller
The data controller for personal data processed via DirectBookingsItaly.com is Raise Ready Ltd, a company registered in England & Wales (Company No. 17119015). For data-protection queries, write to info@directbookingsitaly.com.
Legal Bases for Processing (GDPR Art. 6)
- Contract (Art. 6(1)(b)): processing quote requests you submit, sending host contact details to you, and facilitating direct bookings.
- Legitimate interest (Art. 6(1)(f)): contacting accommodation providers already listed on public business directories (comune-level tourism registers, booking platforms, their own websites) to introduce them to a zero-commission direct-booking channel relevant to their profession. We keep these communications strictly B2B and directly relevant to each recipient's professional activity. Our Legitimate Interest Assessment is available on request at the address above.
- Consent (Art. 6(1)(a)): newsletter signup, non-essential cookies, WhatsApp opt-in.
- Legal obligation (Art. 6(1)(c)): tax/accounting record retention and response to lawful authority requests (including Italian ISTAT tourism reporting where applicable).
Processors We Rely On
We use the following processors, each under a signed Data Processing Agreement (DPA) and, where data leaves the EEA, EU Standard Contractual Clauses:
- Supabase (database + authentication) \u2014 EU region
- Brevo (transactional email + newsletter) \u2014 EU (France)
- Vercel (hosting) \u2014 global edge network with EEA datacentres
- Stripe (payments for advisory services only) \u2014 Ireland / US
- Twilio (SMS / WhatsApp delivery, opt-in only) \u2014 Ireland / US
- Google Analytics (aggregate usage) \u2014 anonymised IPs, EEA region
Notice to Italian Accommodation Providers
If you received a "booking request" email from us and did not expect it, here is why: DirectBookingsItaly.com is a zero-commission direct-booking introduction service. Your property's name, address, and public contact email were collected from publicly accessible tourism directories and booking-platform listings. We emailed you because a real traveller asked for accommodation in your area and your property matches their criteria. We rely on legitimate interest (GDPR Art. 6(1)(f)) to make this introduction once. If you'd prefer not to receive further requests, click "Unsubscribe" in the email footer or reply with the word "STOP" and we will suppress your address within 24 hours. You can also contact us directly at info@directbookingsitaly.com for any data-protection concerns or to exercise your rights under GDPR (access, rectification, erasure, objection).
Retention
Quote request data (guest side): 12 months from submission, then deleted or anonymised. Host contact attempts (outreach logs): 24 months for dispute resolution and bounce suppression, then anonymised. Email delivery logs: 18 months. Booking records kept for contract/dispute-resolution purposes per Italian civil law defaults.
Your Rights under GDPR
You have the right to (a) access the data we hold about you, (b) rectify inaccurate data, (c) request erasure ("right to be forgotten") where lawful grounds apply, (d) restrict or object to processing based on legitimate interest, (e) port your data in a machine-readable format, and (f) lodge a complaint with your local supervisory authority (in Italy: Garante per la Protezione dei Dati Personali; in the UK: ICO). To exercise any right, email info@directbookingsitaly.com; we will respond within 30 days.
Self-service erasure
You can also request immediate erasure of your data using the form below. We will email a confirmation link to that address; click the link within 48 hours to permanently delete your data. A suppression record is kept so no further contact is sent (this tombstone is required under GDPR Art. 21 and is the only data retained after erasure).
This policy was last updated April 2026. We may update it periodically. Changes will be posted here with an updated date.