Privacy Policy

The protection of natural persons with regard to the processing of data of a personal nature is a
fundamental right and through this page the B&B “Le DUE G”, hereinaHer referred to as “B&B”,
describes how the personal data of Users who consult the website at the electronic address
hJps:// are processed, in accordance with EU Regulation No. 2016/679.
For the purposes of this regulation it is understood as:

    Any information concerning an identified or identifiable natural person (“data subject”). An
    identifiable natural person is any natural person who can be identified, directly or indirectly, with
    particular reference to an identifier such as a name, an identification number, location data, an
    online identifier, or to one or more characteristic elements of his or her physical, physiological,
    genetic, mental, economic, cultural or social identity (Art. 4 No. 1 EU Reg. No. 2016/679).
    Any operation or set of operations, whether or not by automated means, applied to personal data
    or sets of personal data, such as collection, recording, organization, structuring, storage,
    adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or
    otherwise making available, comparison or interconnection, restriction, consultation, use,
    disclosure by transmission, dissemination or any other form of making available, comparison or
    interconnection, restriction, deletion or destruction (Art. 4 no. 2 EU Reg. No. 2016/679).
    The natural or legal person, public authority, service or other body which alone or jointly with
    others determines the purposes and means of the processing of personal data (Art. 4 No. 7 EU
    Reg. No. 2016/679).
    The owner of the processing of personal data is the B&B “Le DUE G”, with registered office in
    Varese, via Francesco Daverio, n. 67 – 21020, which can be contacted as follows:
  • e-mail:
    The natural or legal person, public authority, service or other body that processes personal data on
    behalf of the controller (art. 4 no. 8 EU Reg. no. 2016/679).
    The Personal Data Controller (Art. 4 No. 8 EU Reg. No. 2016/679) is Dr. Raffaella Gaggi, who can be
    contacted as follows:
    􀀀 e-mail:
    Any form of automated processing of personal data consisting of the use of such personal data to
    evaluate certain personal aspects relating to a natural person, in particular to analyze or predict
    aspects relating to the personal preferences, interests, reliability, behavior, location or movements
    of that natural person (Art. 4 No. 4 EU Reg. No. 2016/679).
    Personal data is processed in such a way that personal data can no longer be aJributed to a
    specific data subject, without the use of additional information, which must be stored separately
    and subject to technical and organizational measures to ensure that such personal data is not
    aJributed to an identified or identifiable natural person (Art. 4 No. 5; 25 EU Reg. No. 2016/679).
    Any freely given, specific, informed and unambiguous manifestation of the data subject’s wishes,
    whereby the data subject indicates his or her consent, by way of a statement or unambiguous
    affirmative action, that personal data relating to him or her be processed (Recital 40; Art. 4 No. 11
    EU Reg. No. 2016/679).
  • Navigation data
    The computer systems and soHware procedures used to operate this site acquire, in the course of
    their normal operation, some personal data whose transmission is implicit in the use of Internet
    communication protocols.
    This category of data includes IP addresses or domain names of the computers and terminals used
    by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the resources
    requested, the time of the request, the method used in submimng the request to the server, the
    size of the file obtained in response, the numerical code indicating the status of the response given
    by the server (successful, error, etc.) and other parameters relating to the user’s operating system
    and computer environment.
    These data, necessary for the use of web services, are also processed for the purpose of:
  • obtain statistical information on the use of the services (most visited pages, number of
    visitors by time slot or daily, geographical areas of origin, etc.);
  • check the proper functioning of the services offered.
    Browsing data do not persist for more than seven days (except for any need to ascertain crimes by
    the judicial authorities).
  • Data communicated by the interested party
    The optional, explicit and voluntary sending of messages to the contact addresses of the website
    hJps://, private messages sent by users to profiles on social media, involve the
    acquisition of the sender’s contact data, necessary to respond, as well as all personal data included
    in the communications.
    In the case of free and consensual sending of messages containing “special categories of personal
    data”, concerning health, the acquisition of the same and the consequent processing will take
    place with the explicit consent of the person concerned, in compliance with the principles of
    accountability (accountability), confidentiality, lawfulness, fairness and transparency (Art. 5 EU
    Reg. No. 2016/679).
    B&B Le DUE G is not responsible in any way for the voluntary transfer of health data and is exempt
    from any liability.
  • Cookies and other tracking systems
    The accommodation website at the electronic address hJps:// makes use of cookies
    for user profiling and also, session cookies (non-persistent) are used strictly limited to what is
    necessary for the safe and efficient navigation of the sites. The storage of session cookies in the
    terminals or browsers is under the user’s control, whereas on the servers, at the end of HTTP
    sessions, information relating to the cookies remains recorded in the service logs, with a storage
    period, in any case, of no more than seven days, in the same way as other browsing data.
    We take great care in implementing and maintaining the security of our services and your data. We
    have put in place appropriate physical and technological safeguards to help prevent unauthorised
    access, to maintain data security and to make proper use of the information we collect. These
    protections vary depending on the sensitivity of the information we collect and store.
    We use careful procedures and specific technical controls to ensure the security of our information
    systems, such as:
  • secure network topology, which includes intrusion prevention systems;
  • encrypted communication;
  • authentication and access control;
  • external and internal verification tests.
    Despite all measures taken to safeguard your information we cannot guarantee, in the state of
    technology, that unauthorised access or misuse of services by third parties can be excluded.
    Personal data will be processed and stored for the time strictly necessary to achieve the purpose
    for which it was collected.
    The processing of personal data related to the online services of this website takes place at the
    headquarters of the B&B Le DUE G and are handled only by the technical staff in charge of
    processing, or by any persons in charge of maintenance operations, who take care of the
    technological part of the site (art. 28 EU Reg. n. 2016/679).
    The data subject gives his or her consent by means of a free, specific, informed and unambiguous
    statement or positive action that personal data concerning him or her may be processed. The data
    subject has the right to withdraw his or her consent at any time. Withdrawal of consent shall not
    affect the lawfulness of the processing based on consent before the withdrawal. Before giving
    consent, the data subject shall be informed of this. Consent may be expressed by the data subject,
    in accordance with applicable law, by means of specific browser and computer program
    configurations or devices that are easy and clear to use (Articles 4, nos. 7 and 11; 7 EU Reg. No.
    Data subjects have the right to obtain from B&B Le DUE G, in the cases provided for, access to their
    personal data and the rectification or cancellation thereof or the restriction of processing
    concerning them or to object to processing.
    The appropriate application shall be submiJed to the Data Controller at the following address:
  • e-mail:
    In order to exercise their rights and for any question or request relating to the processing of their
    personal data by the B&B, the interested party may contact the Data Controller at the following
  • e-mail:
    The data subject has the right to lodge a complaint with the Privacy Guarantor (art. 77 EU Reg. no.
    2016/679) or to take legal action (art. 79 EU Reg. no. 2016/679), if he/she considers that the
    processing of his/her personal data violates this Regulation.


No active promotions found

Subscribe to our newsletter


Leave your details below and receive a discount coupon in your inbox