Privacy Policy

OspitaTech Solutions is committed to protecting the privacy of individuals. This Privacy Policy explains how we collect, use, disclose, and protect personal data in connection with the use of our online platform and services, including Hotel Property Management Systems (PMS), Online Booking Engines, Channel Management, Reservation System Integration, Guest Relationship Management (CRM), Revenue Management Tools, and Mobile Check-in Solutions.

Data Controller

The data controller responsible for the processing of your personal data is:

OspitaTech Solutions
48 Via del Giglio, Piano 3, Interno 7, Florence, Tuscany, 50123, Italy.

Collection of Personal Data

We collect personal data in various ways when you use our site and services:

1. Information You Provide Directly: This includes data you provide when you register for an account, use our services, fill out forms, communicate with us, or participate in surveys. This may include contact details (such as name, email address, phone number), billing information, login credentials, and information related to your use of our specific software solutions.

2. Information Collected Automatically: When you visit our site or use our services, we may automatically collect certain information through cookies, web beacons, and similar technologies. This includes technical data such as IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our site. We also collect usage data about how you use our site and services.

3. Information from Third Parties: We may receive personal data about you from third parties, such as business partners, service providers, and analytics providers, in compliance with applicable laws.

Use of Personal Data

We use your personal data for various purposes, based on legal grounds as required by applicable data protection laws, including GDPR. These purposes include:

• Providing and Managing Services: To deliver the services you request, manage your account, process transactions, and provide customer support. This processing is necessary for the performance of a contract with you.

• Improving and Developing Services: To understand how our services are used, analyze trends, develop new features, and enhance user experience. This is based on our legitimate interests in improving our offerings.

• Communication: To send you service-related communications, updates, security alerts, and administrative messages. If permitted by your preferences, we may also send promotional materials about our services. This is based on contractual necessity, legal obligations, or our legitimate interests.

• Security and Fraud Prevention: To detect and prevent fraud, unauthorized access, and other malicious activity, and to ensure the security of our systems. This is necessary for compliance with legal obligations and our legitimate interests in protecting our business and users.

• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests. This is necessary for compliance with legal obligations.

We may also process your data based on your consent, which you can withdraw at any time.

Lawful Bases for Processing

We process personal data based on the following legal grounds:

• Performance of a Contract: Where processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

• Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.

• Legitimate Interests: Where processing is necessary for the purposes of our legitimate interests, provided your fundamental rights and freedoms do not override those interests. These include our interests in operating, improving, and protecting our business and services.

• Consent: Where you have given consent to the processing for specific purposes.

Sharing and Disclosure of Personal Data

We do not sell your personal data. We may share or disclose your personal data with third parties only in the following circumstances:

• Service Providers: We engage trusted third-party service providers to perform functions and provide services to us, such as hosting, data analysis, payment processing, customer service, marketing, and IT services. These providers are contractually bound to process data only according to our instructions and applicable data protection laws.

• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction.

• Legal Requirements: We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

• Protection of Rights and Safety: We may disclose data when we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our terms of service, or as evidence in litigation.

International Data Transfers

Your personal data may be transferred to, stored, and processed in countries outside of the European Economic Area (EEA). When we transfer your personal data to countries outside the EEA, we ensure that appropriate safeguards are in place to provide a similar level of protection, such as relying on Standard Contractual Clauses approved by the European Commission or ensuring the recipient is certified under an approved certification mechanism like the EU-US Privacy Shield Framework (if applicable and valid).

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Data Security

We have implemented appropriate technical and organizational security measures designed to protect your personal data from accidental loss, unauthorized access, use, alteration, and disclosure. However, no internet transmission or electronic storage method is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

Your Data Protection Rights

Under the GDPR, you have certain rights regarding your personal data:

• Right to Access: You have the right to request a copy of the personal data we hold about you.

• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

• Right to Erasure ("Right to Be Forgotten"): You have the right to request the deletion of your personal data under certain circumstances.

• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.

• Right to Object to Processing: You have the right to object to our processing of your personal data under certain conditions, particularly where processing is based on legitimate interests or for direct marketing purposes.

• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

• Right to Withdraw Consent: Where our processing is based on your consent, you have the right to withdraw your consent at any time.

• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you believe that our processing of your personal data infringes the GDPR.

To exercise any of these rights, please contact us using the contact details provided below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Cookies and Tracking Technologies

Our site uses cookies and similar tracking technologies to enhance your experience, analyze site usage, and support our services. Cookies are small text files placed on your device. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, declining cookies may affect your ability to use certain features of our site and services.

Third-Party Links

Our site or services may contain links to third-party websites or services. This Privacy Policy applies only to our site and services. We are not responsible for the privacy practices or the content of third-party sites. We encourage you to read the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. When we make changes, we will revise the "last updated" date indicated at the beginning of the policy (Note: *This reference to date is internal to the policy description and not a header like "Effective Date"*). We encourage you to review this policy periodically to stay informed about how we are protecting your information.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us by writing to: