Privacy Policy, Cookies and Disclaimer

This page explains how Rental12 handles personal data, which cookies may be used on this website, and the legal disclaimer applicable to site content. The purpose is to provide clear information in accordance with Regulation (EU) 2016/679 (GDPR), the ePrivacy rules applicable in the EU, and Italian law.

Related pages: About | Authority | Trust | FAQ

Quick summary
Personal data is processed primarily to manage reservations, comply with legal obligations including Italian public security guest registration, provide guest support, and operate the website. Non-essential cookies are activated only after user consent through the Lodgify consent banner, and refusal of non-essential cookies does not prevent the use of core browsing and booking functions.

Data Controller

Lion Development S.R.L.
Via Monte Napoleone 8
20121 Milano, Italy

VAT: IT02854400906
CF: 02854400906
PEC: [[email protected]](mailto:[email protected])

Operational office (Olbia): Via Georgia 11, Loc. Geovillage, Torre 2 Int. 4, Olbia, Italy

Email: [email protected]

We usually obtain personal data directly from you (for example, when you make a booking or contact us); if we receive data about you from third parties, we inform you where appropriate.

Scope

This policy applies to personal data processed through this website and through booking, payment, communication, guest identification, and operational flows connected to stays. Processing may involve Lodgify (booking system hosted on EU servers in Spain), Stripe (payments), Vikey (guest identification), and Alloggiati Web (Italian public security portal).

Some service providers may act as independent data controllers for certain activities (for example, payment processing by Stripe or services provided directly by Lodgify); in those cases, their own privacy notices also apply in addition to this policy.

Data we collect

Name and surname
Email address and phone number
Booking and stay details
Payment-related data processed via Stripe (we do not store full card numbers on our systems)
Identification data and document details where required by Italian law for guest registration
IP address and basic device or browser information

How we use your data

Processing reservations and payments connected to reservations (contractual necessity; legal obligation for related fiscal records)
Sending confirmations, operational updates, and required stay information (contractual necessity and, where applicable, legal obligation)
Providing guest support before, during, and after a stay (contractual necessity and legitimate interest in providing and improving services)
Complying with legal obligations including fiscal recordkeeping and public security guest registration (legal obligation)
Maintaining and improving website performance, reliability, and security (legitimate interest and, for strictly necessary cookies or security logs, legal obligation where applicable)

Legal basis for processing

Contractual necessity to provide reservation and stay services, including pre-contractual steps taken at your request
Legal obligation to comply with Italian law (including fiscal obligations and guest registration where applicable)
Consent where required for non-essential cookies and for optional communications not strictly necessary for providing the service
Legitimate interest to maintain operations, prevent misuse, and improve service and website reliability, always balanced against your rights and freedoms

Recipients of data

Lodgify for booking management (hosted in the EU, Spain)
Stripe for payment processing
Vikey for guest identification and check-in flows
Alloggiati Web for guest registration to Italian authorities where legally required
Microsoft Outlook for email communications
Google Analytics 4 and Google Tag Manager for analytics, only after consent

International data transfers

Some service providers may process data outside the European Union, including in the United States. Where transfers occur, they are carried out using lawful safeguards under GDPR, which may include Standard Contractual Clauses approved by the European Commission. Where applicable, transfers may also rely on the EU US Data Privacy Framework when a provider is certified under the framework.

The applicable safeguard depends on the specific provider and configuration in use at the time of processing. By way of example, some analytics and email or productivity services (such as certain Google or Microsoft services) may involve transfers to the United States subject to appropriate safeguards and the provider’s published data protection framework adherence.

Data retention

Booking and fiscal records: 10 years
Guest registration data: retained according to Italian legal requirements
Contact form inquiries: deleted after answering, unless further follow up is required
Newsletter subscriptions: retained until unsubscribe
Analytics data: 14 months retention in Google Analytics settings

Cookies

This website uses strictly necessary cookies for core functionality. Analytics cookies are used only after consent via the Lodgify cookie banner. You can withdraw consent at any time through the cookie settings panel on the site, without affecting the use of strictly necessary features.

Functional cookies

Required for core website and booking functionality and set without prior consent as they are strictly necessary.

Analytics cookies

Used to understand usage patterns, only after consent and configurable through the cookie banner.

Marketing cookies

Not used based on the current configuration you confirmed.

Cookie table

Cookie names can vary depending on configuration and updates by providers. The table below lists cookies used or typically used by the confirmed tools. If a cookie is not present in a given visit, it is not set for that visitor.

Cookie name	Provider	Purpose	Category	Retention	Consent required
Functional and booking cookies	Lodgify	Enable booking flow, session handling, security, and essential site functions.	Functional	Session or persistent depending on function	No, strictly necessary
Cookie preferences cookie	Lodgify	Stores user cookie consent choices and preferences.	Functional	Typically persistent	No, strictly necessary
_ga	Google Analytics	Distinguishes users for analytics measurement.	Analytics	14 months	Yes
_ga_*	Google Analytics	Stores session state and measurement data.	Analytics	14 months	Yes

Your rights under GDPR

You can request access, correction, deletion, restriction, portability, or object to certain processing activities. To make a request, email [email protected]. We will respond to your request as soon as reasonably possible and in any case within the time limits set by GDPR, normally within one month. You also have the right to lodge a complaint with the Italian supervisory authority, the Garante per la Protezione dei Dati Personali (www.garanteprivacy.it).

Provision of data

Providing personal data necessary for booking and guest registration is a contractual and, in some cases, a legal requirement. If required data is not provided, it may not be possible to confirm or complete a reservation.

Automated decision-making

No automated decision-making or profiling is carried out in relation to guests. Pricing decisions are not based on automated personal profiling.

Data security

We aim to protect personal data through HTTPS encryption, controlled access, and operational safeguards. No system can be guaranteed risk free, but appropriate technical and organizational measures are implemented to reduce risk.

Minors

This service is not directed to children under the age of 16.

Disclaimer

Information is provided in good faith but may contain inaccuracies.
Prices and availability may change without notice.
We are not responsible for external websites linked from this site.

Questions

For questions about privacy or cookies, contact us via the contact page.

Frequently asked questions about Privacy and Data

Clear answers on how we handle personal information, data security, and guest rights. We aim for transparency regarding privacy and cookies.

✅ GDPR aligned 🔒 Secure processing 👁️ Clear consent

What personal data does Rental12 collect?

We collect essential information required for reservations, guest support, and legal compliance. This includes your name, contact details, booking dates, and payment processing data handled via Stripe. Where required by Italian law, guest identification details are processed for public security registration. We do not sell personal information.

How are cookies used on this website?

Strictly necessary cookies support core site and booking functionality. Analytics cookies (Google Analytics) are activated only after consent via the Lodgify cookie banner. You can withdraw or change consent at any time using the cookie settings panel on the website.

Where is my data stored and is it safe?

Booking operations are supported by Lodgify, hosted on EU servers in Spain. We use HTTPS encryption for data transmission and restrict access to personal information to authorized staff involved in managing your stay. While no system is risk free, appropriate technical and organizational measures are used to reduce risk.

Do you share my data with third parties?

We do not share guest data with advertisers. Data is shared only with providers needed to deliver the stay and operate the booking flow (for example Lodgify, Stripe, Vikey) and with public authorities where required by law (for example Alloggiati Web for Italian guest registration).

How can I delete my data?

You can request deletion by contacting [email protected]. Certain records must be retained for defined periods to comply with Italian tax and legal obligations, including booking and fiscal records retained for 10 years.

Updated: 16 February 2026

Questions about your data? Contact us via our contact form or message us directly on WhatsApp.

Rental12 Knowledge and Trust Hub

Company

Data and transparency

Explore