Privacy Policy

Privacy Policy

This privacy policy describes how the website www.exclusiveflorencetours.com is managed with reference to the processing of personal data of users who consult it, in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR) and Legislative Decree 196/2003 as amended by Legislative Decree 101/2018.

1. Data Controller

The Data Controller is Lucia Montuschi Buti, with registered office at Via Pellicceria 10, 50123 Florence (FI), Italy.

Email: info@exclusiveconnection.it

Certified Email (PEC): montuschilucia@pec.it

2. Types of Data Processed

a) Browsing data

The IT systems and software procedures that operate this website acquire, during their normal use, certain personal data whose transmission is implicit in the use of Internet communication protocols (e.g., IP address, browser type, access time). These data are used solely for anonymous statistical purposes and to ensure the proper functioning of the website.

  • Legal basis: legitimate interest of the controller (Art. 6(1)(f) GDPR).
  • Data retention period: maximum 7 days, unless required for investigation of cybercrimes.

b) Data voluntarily provided by users

Sending emails voluntarily or filling out contact forms involves the acquisition of the user’s personal data (e.g., name, email address), necessary to respond to their requests.

  • Legal basis: performance of pre-contractual measures (Art. 6(1)(b) GDPR) or consent (Art. 6(1)(a)).
  • Data retention period: 12 months from receipt, unless otherwise required by the data subject or by law.

c) Cookies and tracking tools

This website may use technical cookies and, with prior consent, profiling cookies and third-party tools (e.g., Google Analytics, Facebook). Please refer to the Cookie Policy for further details.

3. Purposes of Processing

  • To provide the services requested by users
  • To respond to email or form inquiries
  • To send newsletters and marketing communications (subject to consent)
  • To perform anonymous statistical analysis on website usage
  • To prevent and detect misuse or cybercrimes

4. Processing Methods

Personal data are processed with automated and paper-based tools, lawfully, fairly, and transparently, with adequate security measures to prevent unauthorized access, data loss, or unlawful use.

5. Data Communication and Transfers

Data will not be disclosed. They may be shared with third parties (IT providers, consultants) only for technical operation of the website or legal obligations. Data are not transferred outside the European Economic Area. Where necessary, transfers will be protected through Standard Contractual Clauses approved by the European Commission.

6. Data Subjects’ Rights

Users may, at any time:

  • access their personal data (Art. 15 GDPR),
  • request rectification (Art. 16),
  • request erasure (Art. 17),
  • request restriction of processing (Art. 18),
  • object to processing (Art. 21),
  • request data portability (Art. 20),
  • withdraw consent (without affecting lawfulness of processing based on consent before withdrawal).

Requests may be submitted to:

Email: info@exclusiveconnection.it

Certified Email (PEC): montuschilucia@pec.it

Users also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

7. Updates

This policy may be subject to updates. Any changes will be published on this page with the updated revision date.

Last update: November 2025