Politique de confidentialité

This Privacy statement, prepared in accordance with art. 13 of Regulation (EU) no. 679/2016 (hereinafter the "GDPR"), describes the purposes and methods of processing your Personal data. Where necessary, further specific information may be provided for certain purposes and methods of processing. The e-mail received and the data contained therein are retained for a time consistent with the provision of the service requested.

Data Controller
Registered Office: GVL s.r.l. - Via Balicco, 61 - 23900 Lecco (LC) Italy - C.F. / P.IVA 03548340136 - Tel. +39 340 2408199 - Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.

Personal data collected

Personal data collected for the following purposes and using the following services:
– To contact the user
– Mailing lists or newsletters
– Personal Data: last name, email and first name
– Google Analytics
– Personal Data: Cookies and Data used

In particular, your Personal Data are collected for:
1. Preparing and sending orders/quotes/requests/interventions/deliveries/billing and all of the aforementioned business operations
2. Information on future business activities and the introduction of new products, services and offers 3. promotional campaigns and advertising on the market
4. to combat fraudulent conduct;
5. to comply with the law.

Data retention period.
The duration of processing the data provided is proportionate to the purposes of processing.
In particular, the Data will be retained for the duration of the contract, for the time necessary to complete the order (e.g. for the entire period relating to the organisation, management, reporting and invoicing of the job ordered), and for a further period:

  • established by current legislation, by the secondary or regulatory legislation that requires data retention (e.g. 10 years for accounting and fiscal records).
  • necessary to protect or assert a right of the Data Controller.

Data collected for ancillary activities and statistics (e.g. marketing activities) will be kept for a period of 24 months. Should it be necessary to extend the processing beyond the related time limit, will provide notice thereof and, where necessary, request consent.

Rights of the data subject.
Pursuant to current legislation, you have the right to:
1. request and obtain access to your Personal Data;
2. request and obtain rectification or erasure of your Personal Data;
3. request and obtain restriction of processing your personal data;
4. object to the processing;
5. request and obtain the portability (in a structured, commonly used and machine-readable format of your personal data as well as transmit it to another Data Controller;
6. revoke any consent given, except in cases where processing is necessary to fulfil a legal obligation;
7. lodge a complaint with a supervisory authority.

Requests should be addressed to the Data Controller, with an identity document attached to the request.

Definitions and legal references
– Personal Data (or Data)
Personal data is any information which, directly or indirectly, even in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.

– Usage Data
Information automatically collected through (also by third-party applications integrated into, including: IP addresses or domain names of the computers used by the User connecting with, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numeric status code issued by the server in response to the request (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page) and details of the path followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User’s computer environment.

– User
The individual using who, unless otherwise specified, is also the Data Subject.

– Data Subject
The natural person to whom the Personal data refers.

– Data Processor (or Processor)
The natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller, as specified in this privacy policy.

– Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data and the instruments adopted. The Data Controller, unless otherwise specified, is the owner of

– (or this Application)
The hardware or software tool through which Users’ Personal Data is collected and processed.

– Service
The Service provided by, as defined in the relevant terms (if present) on this site/application.

– European Union (or EU)
Unless otherwise specified, any reference to the European Union in this document shall be considered to apply to all current member states of the European Union and the European Economic Area.

– Cookie
A small portion of data stored in the User’s device.

– Legal references
This privacy policy is drawn up on the basis of multiple legal systems, including Articles 13 and 14 of Regulation (EU) 2016/679.

Unless otherwise specified, this pivacy policy applies only to


Villa Lario Resort Mandello
Via Statale, 125
23826 Mandello del Lario (LC) - Italy
Email : Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
Réservation/Information: +39 03411918026
Mariage et Événements: +39 3402408199
Commercial: +39 3402408199
P.IVA 03548340136



Villa Lario Resort © 2021 | Privacy | Cookie