In accordance with Article 13 of the GDPR (EU Regulation 2016/679), in line with the principle of transparency, the following information is provided to make the data subjects aware of how we collect, use, share, store, and transfer the data of users and/or visitors of the website, collected through the same Site.

Data Controller

Blucamp Srl
Via Tuttiventi 18 – 57021 Campiglia Marittima

Types of Data Collected

Among the Personal Data collected by this Application, independently or through third parties, there are:

  • Tracking Tool
  • Usage Data
  • Responses to questions
  • Scrolling position
  • Touch events
  • Country
  • Operating systems
  • First name
  • Last name
  • Phone number
  • Email
  • Unique device identifiers for advertising
  • Data communicated during service usage
  • User-generated content
  • Message or email content
  • Profile picture
  • Message date
  • Time message was sent
  • Message sender

Details about each type of Personal Data collected are provided in the dedicated sections of this privacy policy or through specific informational texts displayed prior to the Data collection.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Application.

Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to communicate them, this Application may be unable to provide the Service. In cases where this Application indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation.

Users who have doubts about which Data are mandatory are encouraged to contact the Owner.

The possible use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application is intended to provide the Service requested by the User, in addition to any other purposes described in this document and in the Cookie Policy.

Users are responsible for any third-party Personal Data obtained, published or shared through this Application.

Methods and Place of Processing the Collected Data

Processing methods


he Data Controller adopts appropriate security measures aimed at preventing unauthorized access, disclosure, alteration, or destruction of Personal Data. Processing is carried out using computer and/or telematic tools, with organizational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organization of this Application (administrative, commercial, marketing, legal, system administration personnel) or external subjects (such as third-party technical service providers, hosting providers, IT companies, communication agencies) may have access to the Data, also appointed, if necessary, as Data Processors by the Data Controller.

The updated list of Data Processors can always be requested from the Data Controller.


The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. The User’s Personal Data may be transferred to a country other than the one in which the User is located. For further information on the location of the processing, the User can refer to the section concerning the details of the processing of Personal Data. For further information, please contact the Data Controller.

Retention period

Unless otherwise specified in this document, Personal Data is processed and stored for the time necessary to achieve the purposes for which it was collected and may be stored for a longer period due to any legal obligations or based on the User’s consent.


  • The Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the execution of such contract is completed.
  • The Personal Data collected for purposes related to the legitimate interests of the Data Controller will be retained until such interests are satisfied. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
  • When processing is based on the User’s consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Additionally, the Data Controller may be obliged to retain the Personal Data for a longer period to comply with a legal obligation or upon order of an authority.

At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of this period, the right to access, delete, rectify, and the right to data portability cannot be exercised anymore.

The legal basis for data processing

The Data Controller processes Personal Data relating to the User if one of the following conditions exists:

  • The User has given consent for one or more specific purposes.
  • The processing is necessary for the performance of a contract with the User and/or for the execution of pre-contractual measures.
  • The processing is necessary to comply with a legal obligation to which the Data Controller is subject.
  • The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.
  • The processing is necessary for the pursuit of the legitimate interests of the Data Controller or third parties.

However, it is always possible to ask the Data Controller to clarify the specific legal basis for each processing, and in particular to specify whether the processing is based on the law, provided for by a contract, or necessary to conclude a contract.

Purpose of Processing Collected Data

User data is collected to enable the Data Controller to provide the Service, fulfill legal obligations, respond to user inquiries or orders, protect their own rights and interests (or those of users or third parties), identify any malicious or fraudulent activities, as well as for the following purposes: Statistical analysis, Contacting the User, Interaction with social networks and external platforms, User database management, Display of content from external platforms, and Advertising. For further detailed information on the purposes of processing and the specific Personal Data relevant to each purpose, users can refer to the respective sections of this document.


Details of Personal Data Processing

Personal data is collected for the following purposes and using the following services:

  • Contacting the User
  • Management of contacts and message sending
  • Management of payments through the booking engine
  • Management of newsletter subscriptions

    WhatsApp Business Chat Widget: The WhatsApp Business Chat widget is a service for interacting with the WhatsApp live chat platform, provided by Meta Platforms, Inc. or Meta Platforms Ireland Limited, depending on how the Data Controller manages data processing.

    • Personal Data processed: surname; message or email content; user content; message date; data communicated during service use; profile picture; message sender; name; phone number; message sending time; responses to questions. Processing Location: United States – Privacy Policy; Ireland – Privacy Policy.


  1. SPAM Protection: This type of service analyzes the traffic of this Application, potentially containing users’ Personal Data, in order to filter it from traffic parts, messages, and content recognized as SPAM.
    • Google reCAPTCHA (Google Ireland Limited) is a SPAM protection service provided by Google Ireland Limited. The use of the reCAPTCHA system is subject to Google’s privacy policy and terms of use.
    • Personal Data processed: clicks; usage data; keypress events; motion sensor events; touch events; mouse movements; scroll position; responses to questions; Tracking Tool. Processing Location: Ireland – Privacy Policy.
  1. Advertising: Some of the services below may use Tracking Tools to identify the User or use the behavioral retargeting technique, i.e., displaying personalized advertising based on the User’s interests and behavior, or measuring ad performance. For more information, please check the privacy policies of the respective services.
  • Meta Ads Conversion Tracking (Meta Platforms Ireland Limited): Meta Ads Conversion Tracking is a statistics service provided by Meta Platforms Ireland Limited that connects data from the Meta ad network with actions performed within this Application. The Meta pixel monitors conversions that can be attributed to Facebook, Instagram, and Audience Network ads.
    • Personal Data processed: usage data; Tracking Tools. Processing Location: Ireland – Privacy Policy – Opt out.
  • Google Ads Conversion Tracking (Google Ireland Limited): Google Ads Conversion Tracking is a statistics service provided by Google Ireland Limited that connects data from the Google Ads network with actions performed within this Application.
    • Personal Data processed: usage data; Tracking Tools. Processing Location: Ireland – Privacy Policy.
  1. Platform and Hosting Services: These services aim to host and operate key components of this Application, enabling the delivery of this Application from a single platform.
    • (Aut O’Mattic A8C Ireland Ltd.): is a platform provided by Aut O’Mattic A8C Ireland Ltd. that allows the Data Controller to develop, operate, and host this Application.
    • Personal Data processed: surname; email; name; phone number; Tracking Tool. Processing Location: Ireland – Privacy Policy.



Displaying content from external platforms

Information on how to opt out of interest-based advertising. In addition to any opt-out feature provided by any of the services listed in this document, Users can learn more about how to opt out of interest-based advertising in the dedicated section of the Cookie Policy.

Cookie Policy

This Application uses Tracking Tools. For more information, Users can consult the Cookie Policy.

User Rights

Users can exercise certain rights regarding their Data processed by the Data Controller. In particular, the User has the right to:

  • Withdraw consent at any time. The User can withdraw consent to the processing of their Personal Data previously expressed.
  • Object to the processing of their Data. The User can object to the processing of their Data when it occurs on a legal basis other than consent. Further details on the right to object are provided in the section below.
  • Access their Data. The User has the right to obtain information about the Data processed by the Controller, certain aspects of the processing, and receive a copy of the processed Data.
  • Verify and request rectification. The User can verify the accuracy of their Data and request its update or correction.
  • Obtain the restriction of processing. When certain conditions apply, the User can request the restriction of the processing of their Data. In this case, the Controller will not process the Data for any purpose other than its storage.
  • Obtain the erasure or removal of their Personal Data. When certain conditions apply, the User can request the erasure of their Data by the Controller.
  • Receive their Data or have it transferred to another controller. The User has the right to receive their Data in a structured, commonly used, and machine-readable format and, where technically feasible, to have it transmitted to another controller without hindrance. This provision is applicable when the Data is processed by automated means and the processing is based on User consent, a contract to which the User is a party, or contractual measures related to it.
  • Lodge a complaint. The User can lodge a complaint with the competent data protection authority or take legal action.


Details about the right to object

When Personal Data is processed in the public interest, in the exercise of official authority vested in the Controller, or for the purposes of the legitimate interests pursued by the Controller, Users have the right to object to such processing on grounds relating to their particular situation.

Users are informed that if their Data is processed for direct marketing purposes, they can object to that processing without providing any justification. To find out if the Controller processes Data for direct marketing purposes, Users can refer to the respective sections of this document.

To exercise User rights, Users may make requests to the contact details of the Controller provided in this document. Requests are free of charge and processed by the Controller as soon as possible, in any case within one month.


Changes to This Privacy Policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Application as well as, if technically and legally feasible, by sending a notice to Users through one of the contact details held. Therefore, please check this page frequently, referring to the last modification date indicated below.

Last modification: May 11, 2024