Privacy Policy

This Privacy Policy (the “Policy”) describes how Parthenope Adventures (“the Company,” “we,” “us,” or “our”) collects, uses, and protects the personal data of individuals (“you,” “user,” or “data subject”) who access and use our website at https://www.parthenopeadventures.com (the “Site”) and related services. This Policy is designed to comply with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Italian privacy laws, including Legislative Decree no. 196/2003 as amended (“Italian Data Protection Code”).

1. Data Controller

The data controller of your personal data is:

Parthenope Adventures s.r.l.

Email: info@parthenopeadventures.com

2. Types of Personal Data Collected

We collect various types of personal data when you interact with our Site or use our services, including but not limited to:

Contact Information: Name, email address, phone number, and any other information provided through our contact or booking forms.

Booking & Payment Data: Information necessary to process reservations and payments, such as billing address and payment method details (though we typically rely on third-party payment processors and do not store full payment card details).

Communication Data: Records of your communications with us (e.g., emails, WhatsApp messages, or phone calls).

Usage Data: Information about how you navigate our Site, including IP address, browser type, device identifiers, and pages visited, which may be collected via cookies or similar technologies.

3. Legal Basis for Processing

We process your personal data only when we have a lawful basis under the GDPR, such as:

Contract Performance (Art. 6(1)(b) GDPR): To provide the services you request, including booking tours and processing payments.

Legal Obligations (Art. 6(1)(c) GDPR): To comply with applicable laws, regulations, or court orders.

Legitimate Interests (Art. 6(1)(f) GDPR): For the effective operation and security of our Site and services, as well as to improve our offerings, provided such interests are not overridden by your fundamental rights and freedoms.

Consent (Art. 6(1)(a) GDPR): Where required, for specific data processing activities (e.g., sending newsletters or marketing communications). You may withdraw your consent at any time.

4. Purposes of Data Processing

Your personal data may be processed for the following purposes:

Booking & Service Delivery: To manage reservations, provide tours, and handle customer support.

Communication: To respond to inquiries, provide updates about your booking, and send information related to our services.

Marketing (With Consent): To send promotional offers, newsletters, or other marketing communications. You can opt out at any time.

Security & Fraud Prevention: To protect our Site and users from fraudulent or malicious activity, including security monitoring and identity verification.

Analytics & Improvements: To analyze usage trends, improve our Site’s content, and enhance the overall user experience.

5. Data Retention

We retain personal data only for as long as is necessary for the purposes outlined in this Policy or to comply with legal obligations. Specific retention periods may vary based on factors such as legal, tax, and accounting requirements, as well as the duration of our contractual relationship.

6. Data Sharing & Transfers

We do not sell your personal data to third parties. However, we may share your data in the following circumstances:

Service Providers: With third-party vendors who assist in providing our services, such as payment processors, IT providers, or analytics tools. These vendors act as data processors and are bound by contractual obligations to protect your personal data.

Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

Business Transactions: In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred as part of that transaction.

If your personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, in accordance with the GDPR (e.g., standard contractual clauses).

7. Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience on our Site, analyze Site usage, and assist with our marketing efforts. By using the Site, you consent to our use of cookies as described in our [Cookie Policy] (if available). You may adjust your browser settings to refuse cookies, but certain Site features may not function properly without them.

8. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure. These measures include:

Secure servers with industry-standard encryption

Restricted access to personal data on a need-to-know basis

Regular security assessments and staff training

However, please note that no transmission of data over the internet can be guaranteed to be completely secure.

9. Your Rights Under the GDPR

Under the GDPR, you have the following rights regarding your personal data:

Right of Access: Request confirmation as to whether we are processing your personal data and obtain a copy.

Right to Rectification: Request correction of inaccurate or incomplete personal data.

Right to Erasure (“Right to be Forgotten”): Request deletion of personal data under certain circumstances.

Right to Restriction: Request restriction of processing if you contest the accuracy of the data or object to its processing.

Right to Data Portability: Receive a copy of the personal data you have provided to us in a structured, commonly used, and machine-readable format.

Right to Object: Object, on grounds relating to your particular situation, to the processing of your personal data when based on our legitimate interests or for direct marketing purposes.

Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.

To exercise your rights, please contact us at info@parthenopeadventures.com. We will respond to your request in accordance with GDPR and applicable Italian law. If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali).

10. Third-Party Links

Our Site may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices or content of such external sites. We recommend reviewing the privacy policies of any third-party sites you visit.

11. Children’s Privacy

Our Site and Services are not directed to children under the age of 16, and we do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us, and we will take steps to delete such information.

12. Changes to This Policy

We reserve the right to update or modify this Policy at any time. In the event of material changes, we will provide notice by email or by posting a prominent notice on our Site prior to the change becoming effective. Your continued use of our Site or Services after any modification to this Policy constitutes your acceptance of such changes.

By accessing or using our Site and Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.