Privacy Policy

Last updated: 15 / 12 / 2025

This Privacy Policy describes how this website (hereinafter the "www.redcarpetmilano.com") dedicated to short-term rental services operates with regard to the processing of personal data of users who browse or use it, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Italian and EU data protection laws.

1. Data Controller

The Data Controller is:

Name / Company name: Red Carpet Srls
Address: Via Volturno 10, 20089 Rozzano, Milano
Email: info@redcarpetmilano.com

2. Types of Data Collected

The Website may collect and process the following categories of personal data:

Personal data (first name, last name)
Contact details (email address, phone number)
Booking data (stay dates, number of guests, preferences)
Payment data (processed through external payment providers, if applicable)
Browsing data (IP address, browser type, access logs)

3. Purpose of Data Processing

Personal data are processed for the following purposes:

Handling information requests
Managing bookings and stays
Fulfilling contractual and pre-contractual obligations
Complying with legal obligations (tax, administrative, public security)
Sending operational and informational communications related to the stay
Improving the Website’s functionality and security

4. Legal Basis for Processing

The processing of personal data is based on:

Performance of a contract or pre-contractual measures
Compliance with legal obligations
Consent of the data subject (where required)
Legitimate interest of the Data Controller

5. Processing Methods

Personal data are processed using electronic and/or paper-based tools, in compliance with the principles of lawfulness, fairness, transparency, and data minimization, and with appropriate security measures in place.

6. Data Retention

Personal data will be retained for the time strictly necessary to achieve the purposes for which they were collected and in any case in accordance with the retention periods required by applicable law.

7. Data Sharing and Disclosure

Personal data may be shared with:

IT and technical service providers
Payment service providers
Tax and legal consultants
Public authorities, where required by law

Personal data will not be disclosed.

8. Transfer of Data Outside the EU

If personal data are transferred to countries outside the European Union, such transfers will take place in compliance with the safeguards provided for by the GDPR.

9. Data Subject Rights

Users may exercise their rights under Articles 15–22 of the GDPR at any time, including:

Access to their personal data
Rectification or erasure of data
Restriction of or objection to processing
Data portability
Withdrawal of consent (without affecting the lawfulness of processing carried out prior to withdrawal)

Requests may be sent to the contact details provided in Section 1.

10. Cookies

The Website may use technical cookies and, subject to consent where required, profiling or third-party cookies. For more information, please refer to the dedicated Cookie Policy.

11. Changes to This Privacy Policy

The Data Controller reserves the right to amend this Privacy Policy at any time. Any changes will be published on this page.