Privacy Policy – scentoftravel.com

Privacy Policy of scentoftravel.com

To obtain information about your personal data collected, its purposes and the parties with whom the data is shared, please contact the Data Controller.

Data Controller

For more information about the Data Controller, contact the following email address:
Data Controller’s Email: viaggiare@scentoftravel.com

Types of Data Collected

The Data Controller does not provide a list of types of Personal Data collected.

Complete details about each type of Personal Data collected are provided in the dedicated sections of this privacy policy or through specific informative texts shown before the Data collection.

Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.

Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to communicate them, it may be impossible for this Application to provide the Service. In cases where this Application indicates some Data as optional, Users are free to omit them without consequences on the availability or operation of the Service.

Users who have doubts about which Data is mandatory are encouraged to contact the Data Controller.

Any use of Cookies or other tracking tools by this Application or by the owners of third-party services used by this Application has the purpose of providing the Service requested by the User, as well as other purposes described in this document and in the Cookie Policy.

The User assumes responsibility for Personal Data of third parties obtained, published or shared through this Application.

Methods and Place of Data Processing

Processing Methods

The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of Personal Data.

The processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. Besides the Data Controller, in some cases, Data may be accessible to other subjects involved in the organization of this Application (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of Data Processors may be requested at any time from the Data Controller.

Place

Data is processed at the operational offices of the Data Controller and wherever the parties involved in the processing are located. For further information, please contact the Data Controller.

User’s Personal Data may be transferred to a country other than the User’s residence. For more information on the place of processing, the User may refer to the relevant section of this document.

Retention Period

Unless otherwise specified, Personal Data is processed and retained for the time required by the purpose for which it was collected and may be retained for a longer period due to legal obligations or on the basis of User consent.

Cookie Policy

This Application uses Tracking Tools. To learn more, Users may consult the Cookie Policy.

Additional Information for Users

Legal Basis for Processing

The Data Controller processes Personal Data relating to the User only if one of the following conditions is met:

  • The User has given consent for one or more specific purposes.
  • The processing is necessary for the execution of a contract with the User and/or for pre-contractual measures.
  • The processing is necessary to comply with a legal obligation to which the Data Controller is subject.
  • The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.
  • The processing is necessary for the legitimate interests pursued by the Data Controller or third parties.

It is always possible to ask the Data Controller to clarify the specific legal basis of each processing and in particular whether the processing is based on law, a contract, or consent.

Further Information on Retention Time

Unless otherwise specified, Personal Data is processed and retained for the time required by the purpose for which it was collected and may be retained longer due to legal obligations or consent.

Therefore:

  • Personal Data collected for purposes related to a contract between the Data Controller and the User will be retained until the contract is fully performed.
  • Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until that interest is satisfied. Users may obtain further information about the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

When processing is based on User consent, the Data Controller may retain Personal Data longer until consent is revoked. Furthermore, the Data Controller may be legally obliged to retain Personal Data for a longer period to comply with a legal obligation or order from an authority.

At the end of the retention period, Personal Data will be deleted. Consequently, after that period, rights to access, delete, rectify, or portability will no longer be exercisable.

User Rights under the General Data Protection Regulation (GDPR)

Users may exercise certain rights regarding the Data processed by the Data Controller.

In particular, within legal limits, the User has the right to:

  • Withdraw consent at any time. The User can revoke consent to the processing of their Personal Data previously given.
  • Object to the processing of their Data. The User can object to the processing of their Data when it occurs on a legal basis other than consent.
  • Access their Data. The User has the right to obtain information about Data processed by the Data Controller, on certain aspects of processing, and to receive a copy of the processed Data.
  • Verify and request correction. The User can verify the accuracy of their Data and request its update or correction.
  • Obtain limitation of processing. The User can request limitation of processing of their Data in certain cases.
  • Obtain deletion or removal. The User can request deletion of their Personal Data in certain situations.
  • Receive Data or have it transferred to another controller. The User has the right to receive their Personal Data in a structured, commonly used, and machine-readable format and, if technically feasible, can request transfer to another controller without hindrance.
  • Lodge a complaint with a supervisory authority. The User can lodge a complaint with the competent data protection authority.

How to Exercise Rights

To exercise these rights, the User may send a written request to the Data Controller using the contact details provided in this privacy policy.

Third-party Services and Cookies

This Application uses third-party services that may collect personal data. For detailed information about these services and how they handle personal data, please consult the dedicated sections in this privacy policy.

WooCommerce

This Application uses WooCommerce, an open-source e-commerce platform that allows selling products and services online.

Data collected through WooCommerce:

  • Personal Data such as name, address, email, phone number needed for order management, billing, and shipping.
  • Payment Data, managed through payment gateways integrated into WooCommerce, like PayPal, Stripe, or others, according to their respective privacy policies.
  • Order Information, including purchase preferences and order history.

Purpose of data processing via WooCommerce:

  • Order management, shipping, and billing.
  • Order-related communications, e.g., shipment status updates.
  • Returns management and customer support.
  • Promotional communications, only if the User has given explicit consent.

Processing and retention: Data collected via WooCommerce is processed electronically and retained for the time necessary to fulfill the above purposes, or as required by law.

Data sharing: Personal data provided for purchases is shared only with entities strictly necessary for order and payment management (e.g., couriers, payment gateways) and is not sold to third parties for commercial purposes.

For more details, please refer to the official WooCommerce Privacy Policy.

Changes to This Privacy Policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Application as well as, if technically and legally feasible, sending a communication to Users via one of the contact details held.

Please regularly check this page, referring to the date of the last modification at the bottom.

Contacts

For any requests regarding this privacy policy or to exercise your rights, Users may contact the Data Controller at the email address: viaggiare@scentoftravel.com.

Last updated: June 1, 2025