top of page

PRIVACY POLICY

This privacy notice is provided pursuant to Regulation (EU) 2016/679 (GDPR) and Italian data protection legislation to Users who access and use the website www.sologalapagos.it.

It describes how Personal Data is collected, processed, stored, and protected, as well as the User’s rights.

1. Data Controller

Company Name: Evelina Pagotto

Registered Office: Via Merulana 170 - 00185 Rome, Italy

Tax Code: PGTVLN85B56I712G

VAT Number: 15399041001

Privacy Contact Email: info@sologalapagos.it

The Data Controller can be contacted for any clarification regarding this privacy notice and to exercise the rights under the GDPR.

2. Types of Data Collected

The website collects, either independently or through third parties, the following categories of Personal Data:

  • First and last name

  • Email address

  • Phone number

  • Geolocation data

  • Device information and usage data

  • Cookies and other tracking tools (tags, pixels, scripts)

  • Profile picture and message timestamps (in case of using WhatsApp Business)

These data may be provided directly by the User or collected automatically during the use of the website.

3. Contact Forms

The website www.sologalapagos.it includes four contact forms:

  • Newsletter subscription form on the homepage (Brevo)

  • Group travel request form

  • Customized travel request form

  • Travel agency contact form

All data collected through the forms on the website — including the newsletter form, the group travel form, the custom travel form, and the travel agency form — will be processed with the utmost confidentiality and in full compliance with applicable data protection regulations (EU Regulation 2016/679 - GDPR).

The provided data will be used exclusively to respond to submitted requests, provide the requested information, and — with prior consent — send communications about our services and travel offers.

They will not be shared with third parties and will be stored only for the time necessary to fulfill the above purposes.

Data collected through the website’s forms may also be processed using Brevo (formerly Sendinblue), an email marketing and automation service provided by Sendinblue SAS, based at 106 boulevard Haussmann, 75008 Paris, France, acting as Data Processor pursuant to Article 28 of the GDPR.

Brevo enables:

  • Newsletter subscription management

  • Sending automated promotional and informational communications

  • Sending content requested by the User (e.g., e-books, offers, informational materials)

Brevo fully complies with European data protection regulations (GDPR) and adopts appropriate security measures to protect the processed data.

For further details, you can consult Brevo’s Privacy Policy at:
https://www.brevo.com/en/legal/privacypolicy/

Data processed through Brevo will not be shared with third parties and will be retained only for the time necessary to fulfill the purposes for which they were collected.

4. Processing Methods and Location

Processing Methods
Processing is carried out using IT and/or telematic tools, with adequate technical and organizational security measures to prevent unauthorized access, disclosure, alteration, or destruction of data.

Processing may be carried out by authorized personnel of the Data Controller or by external parties appointed as Data Processors, such as:

  • Communication agencies

  • Technology and hosting providers

  • Web platform managers

Location
Data are processed at the Data Controller’s premises and at any other location where the parties involved in the processing are located.

Any transfers to non-EU countries comply with the GDPR, using appropriate legal instruments (adequacy decisions, standard contractual clauses, etc.).

5. Legal Basis for Processing

Data processing is based on the following legal bases (Art. 6 GDPR):

  • The User’s explicit consent

  • Performance of pre-contractual or contractual measures

  • Compliance with legal obligations

  • Legitimate interests of the Data Controller (e.g., IT security, fraud prevention)

6. Purpose of Processing

Personal data are processed for the following purposes:

  • Responding to inquiries sent via contact forms

  • Providing information about services and trips

  • Managing communication via chat or WhatsApp

  • Fulfilling legal and tax obligations

  • Protecting the Data Controller’s rights

  • Preventing fraud or unlawful activities

  • Enabling the display of external content (e.g., maps, social media)

  • Collecting anonymous traffic and usage statistics

7. Live Chat Interaction

The site may include instant messaging tools. During interaction, Users may voluntarily provide their data.

WhatsApp Business Chat (Meta Platforms Ireland Ltd.)
Tool allowing users to communicate directly with the Data Controller.
Data processed: name, surname, phone number, profile picture, message timestamps.
Data location: Ireland – Privacy Policy

8. Content from External Platforms

Instagram (Meta Platforms Ireland Ltd.)
Allows images and content to be displayed directly on the website.
Data processed: tracking tools, usage data.
Data location: Ireland – Instagram Privacy Policy

Google Maps (Google Ireland Ltd.)
Allows interactive geographic maps to be displayed.
Data processed: usage and location data.
Data location: Ireland – Google Privacy Policy

9. Platform and Hosting Services

Wix.com Ltd.
Platform on which the website www.sologalapagos.it is built and hosted.
Data processed: contact data, cookies, tracking tools, browsing data.
Data location: Israel – Wix Privacy Policy

10. Data Retention

Personal Data are retained for a period proportionate to the purposes for which they were collected:

  • Up to 12 months for inquiries submitted via contact forms

  • Up to 10 years for legal and tax obligations

  • Until consent withdrawal for promotional purposes

  • Longer in case of litigation or specific legal obligations

11. User Rights

Users may, at any time:

  • Request access to their data

  • Request correction or deletion of their data

  • Object to processing

  • Request restriction or data portability

  • Withdraw consent

  • Lodge a complaint with the Data Protection Authority (www.garanteprivacy.it)

12. Exercising Rights

To exercise their rights, Users may contact the Data Controller at the addresses provided in this notice.

Requests will be handled without delay, within a maximum of 30 days.

13. Cookies and Tracking Tools

The website uses technical, analytical, and profiling cookies to improve the User’s experience, personalize content, and collect usage statistics.

Upon first access, Users can manage their preferences via the cookie banner.

For more details on the types of cookies and how to manage consent, please refer to the Cookie Policy.

14. Processing of Minors’ Data

The services of www.sologalapagos.it are reserved for adults only (minimum age: 18 years).

The Data Controller does not knowingly collect personal data from individuals under 18 years of age.

If accidental collection of minor data is identified, such data will be deleted immediately.

Parents or guardians may contact the Data Controller to request their removal.

15. Legal Defense and System Logs

Personal Data may be used by the Data Controller for legal defense or in the preparatory stages of legal proceedings.

The website and associated services may collect system logs and diagnostic files (e.g., IP address, timestamps, system errors).

16. Intellectual Property of Content

All content on the site — texts, photographs, videos, graphic layout, and other materials — is protected by copyright and intellectual property rights.

Any reproduction, copying, modification, distribution, or publication without written authorization from the Data Controller is strictly prohibited.

In particular, the photographs published on the site may not be used in any context (web, social media, print) without explicit consent.

17. Changes to This Privacy Policy

The Data Controller reserves the right to modify this Privacy Policy at any time.

Changes will be published on this page. If processing is based on consent, updated consent will be requested from the User, where necessary.

18. Definitions and Regulatory References

Personal Data: Any information relating to an identified or identifiable natural person.

Data Subject: The User to whom the data refer.

Data Controller: The entity that determines the purposes and means of processing.

Data Processor: The entity that processes data on behalf of the Data Controller.

Cookies / Tracking Tools: Technologies used to monitor User behavior.

GDPR: Regulation (EU) 2016/679.

Last updated on 19/06/2026

bottom of page