Privacy Policy


UPDATED TO 28/02/2023

  1. Premise

For ELAN HOTELS GROUP S.r.l. Your privacy and the security of your personal data are particularly important, which is why we collect and treat them with the utmost care and attention, while at the same time adopting specific technical and structural measures to guarantee complete security of the treatment.

In compliance with the art. 13 of EU Regulation 2016/679 (hereinafter also only “Regulation”), we hereby provide you with information regarding the processing of personal data provided by you as a User (hereinafter also only “Interested” or “User”) of the site (hereinafter also referred to as the “Site”).

  1. Definitions

  • Personal data: means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more characteristic elements of his physical identity , physiological, genetic, psychic, economic, cultural or social.
  • Treatment: means any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, diffusion or any other form of making available, comparison or interconnection, limitation, cancellation or destruction.
  • Special categories of personal data: means data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as processing genetic data, biometric data intended to uniquely identify a natural person, data relating to health or to the person’s sex life or sexual orientation.
  • Data controller: means the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data.
  • Data processor: means the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller.

  • Processing purposes

ELAN HOTELS GROUP S.r.l. collects personal data such as personal data such as name and surname, email, address, navigation data whose transmission is implicit in the use of Internet communication protocols (IP addresses, URI addresses, other parameters relating to the operating system and computer environment of the User).

In particular, such personal data is processed for the following purposes:

Purpose Legal basis
A Navigation on the Site The treatments put in place for these purposes are necessary for the fulfillment of contractual obligations, and do not require a specific consent from the interested party.
B Fulfillment of obligations established by laws, regulations, European legislation, or by provisions issued by the Authorities The treatments put in place for these purposes are necessary for the fulfillment of legal obligations and to make the requested service / good usable, and do not require a specific consent from the interested party.
c Sending commercial communications relating to promotions and/or other offers, in the interest of the Data Controller or of other companies connected to the Data Controller. The treatments put in place for these purposes are carried out with the specific consent provided by the user, with the exception of commercial communications relating to products and/or services similar to those already purchased and/or subscribed to by the user for which the treatment is based on a legitimate interest of the Data Controller.
D Carry out profiling activities, i.e. analysis and processing of customer information, your preferences, habits, consumption choices. The treatments put in place for these purposes are carried out with the specific consent provided by the user, with the exception of an activity of analysis of elementary information relating to your consumption preferences.

  1. Communication of personal data to third parties

Your personal data is processed by ELAN HOTELS GROUP S.r.l personnel specifically authorized pursuant to art. 4 paragraph 10 of the EU Regulation which processes data following precise indications from the Data Controller.

Your personal data will also be transmitted to third parties we use to provide our services; these subjects have been adequately selected by us and offer a suitable guarantee of compliance with the rules on the processing of personal data. These subjects have been appointed as data controllers pursuant to art. 28 of the EU Regulation, and are required to carry out their activities according to the specific instructions given by Ega Emiliana Grandi Alberghi S.r.l and under its control.

These third parties may belong to the following categories: financial operators; internet providers; companies specializing in IT services; couriers; companies that carry out marketing activities; companies specialized in market research and data processing. A specific and updated list of these subjects is available at the headquarters of the Data Controller, and can be consulted at the request of the interested party.

The data may be transmitted to third parties in the event of mergers, acquisitions, transfer of a company or business unit and other extraordinary operations, as well as to anyone who is a legitimate recipient of communications required by law or regulation. For the pursuit of the processing purposes indicated above, your personal data may be communicated to other companies of the Group of which ELAN HOTELS GROUP S.r.l is a part, which will process the data on the basis of the applicable privacy law and which are established within the Union European. It is understood that your personal data will not be disclosed to third parties so that they can use them for their own promotional purposes and will not be disclosed in any way.

Your data may also be transmitted to the police forces and to the judicial and administrative authorities, in accordance with the law, for the investigation and prosecution of crimes, the prevention and protection against threats to public security, as well as to allow ELAN HOTELS GROUP S.r.l to exercise or protect its own right or that of third parties before the competent authorities, as well as for other reasons related to the protection of the rights and freedoms of others.

The personal data you provide may be disclosed to third parties, including those appointed as Managers.

FastBooking uses the credit cards provided at the time of booking in compliance with the PCI DSS security protocol (Data Security Standard of the Payment Card Industry). All information sent to this site, if in an SSL session, is encrypted and protected against disclosure to third parties.

  1. Transfer of personal data outside the EU

As a rule, personal data is not transferred to third countries outside the EU or to international organizations; some of the third parties referred to in paragraph 4 above, however, may be based in non-EU countries.

In such cases, if these third parties do not offer an adequate level of data protection, as established by specific decisions of the European Commission, the transfer of your personal data will be performed only with your consent or after conclusion between ELAN HOTELS GROUP S.r.l. and said subjects of specific agreements, containing safeguard clauses and appropriate guarantees for the protection of your personal data, the so-called “standard contractual clauses”, also approved by the European Commission, or if the transfer is necessary for the conclusion and execution of a contract between you and ELAN HOTELS GROUP S.r.l. or for the management of your requests.

  1. Data retention period (Data Retention)

We inform you that your data will be kept for a limited period of time, which varies according to the type of processing activity and the specific purposes of the same, as exemplified below:

  • data collected in the context of the use of services offered by ELAN HOTELS GROUP S.r.l.: these data are kept until the termination of the service or the cancellation of the subscription to the service by the User;

  • data connected to user requests to the Customer Service of ELAN HOTELS GROUP S.r.l.: the data useful to assist you will be kept until your request has been satisfied;

  • data provided for commercial communications activities, opinion polls and market research: up to the request by the user to interrupt the activity and in any case no later than 2 years from the last interaction of any kind by the interested party with ELAN HOTELS GROUP S.r.l.;
  • data provided for the performance of profiling activities: the data relating to this type of activity will be kept for no longer than 12 months.

At the end of these periods, your data will be definitively deleted or irreversibly anonymized by ELAN HOTELS GROUP S.r.l.

The data of the interested party will not be disclosed. The interested party has the right to request a complete and updated list of the subjects appointed as data processors by contacting the contact indicated below

  1. Your rights

We inform you that you have the right to exercise the following rights in relation to the personal data covered by this information, as provided for and guaranteed by the Regulation:

  • Right of access and rectification (Articles 15 and 16 of the Regulation): you have the right to access your personal data and to request that they be corrected, modified or integrated. If you wish, we will provide you with a copy of the data we hold about you.
  • Right to data deletion (Article 17 of the Regulation): in the cases provided for by current legislation, you can request the deletion of your personal data. Once your request has been received and analysed, we will take care of discontinuing the processing and deleting your personal data, where found to be legitimate.
  • Right to limitation of treatment (Article 18 of the Regulation): you have the right to request the limitation of the processing of your personal data in the event of unlawful processing or dispute of the accuracy of personal data by the interested party.
  • Right to data portability (Article 20 of the Regulation): you have the right to request that the Data Controller obtain your personal data in order to transmit them to another Data Controller, in the cases provided for by the aforementioned article.
  • Right to object (Article 21 of the Regulation): you have the right to object at any time to the processing of your personal data carried out on the basis of our legitimate interest, explaining the reasons that justify your request; before welcoming you, ELAN HOTELS GROUP S.r.l. will have to evaluate the reasons for your request.
  • Right to lodge a complaint (Article 77 of the Regulation): you have the right to lodge a complaint with the competent Guarantor Authority for the protection of Personal Data if it believes that a violation of your rights has occurred, or is in progress, with reference to the processing of your personal data.

You can exercise your rights at any time with reference to the specific processing of your personal data by ELAN HOTELS GROUP S.r.l., by writing to the email address: [email protected].

Further information about the rights of the interested party can be obtained by asking the Owner for a complete extract of the articles referred to above.

  1. Security measures

We are committed to protecting your personal data with specific technological and organizational security measures, aimed at preventing your personal data from being used illegitimately or fraudulently.

We proceed to regularly test, verify and evaluate the effectiveness of the security measures, in order to guarantee continuous improvement in the security of the treatments.

  1. Changes to this information

The constant evolution of our services may lead to changes in the characteristics of the processing of your personal data described up to now. This privacy statement may undergo changes and additions over time, as necessary due to new regulatory interventions regarding the protection of personal data, or the evolution/modification of our services.

We therefore invite you to periodically check the contents of our information: where possible, we will try to inform you promptly about the changes made and their consequences

The updated version of the privacy policy, in any case, will be published on the page with an indication of the date of its last update.



Cookies are short fragments of text (letters and/or numbers) that allow the web server to memorize information on the client (the browser) to be reused during the same visit to the site (session cookies) or later, even after days (persistent cookies). Cookies are stored, based on user preferences, by the single browser on the specific device used (computer, tablet, smartphone). Similar technologies can be used to collect information on user behavior and use of services.

In the following of this document we will refer to cookies and all similar technologies by simply using the term “cookie”.

Types of cookies
Based on the characteristics and use of cookies, we can distinguish different categories:

  • Strictly necessary cookies. These are cookies that are essential for the correct functioning of our site and are used to manage login and access to reserved functions of the site, in general to speed up, improve or personalize the level of service to users. The duration of cookies is either strictly limited to the work session (when the browser is closed they are deleted), or of longer duration, aimed at recognizing the visitor’s computer. Their deactivation can compromise the use of the services accessible by login, while the public part of the site remains normally usable.
  • Analysis and performance cookies. These are cookies used to collect and analyze traffic and use of the site anonymously. These cookies, even without identifying the user, allow, for example, to detect if the same user returns to connect at different times. They also allow you to monitor the system and improve its performance and usability. Disabling these cookies can be done without any loss of functionality.
  • Profiling cookies. These are permanent cookies used to identify (anonymously or not) the user’s preferences and improve their browsing experience, in order to send advertising messages in line with the preferences expressed by the user while surfing the net.

Third party cookies

By visiting a website, cookies can be received both from the site visited (“owner”) and from sites managed by other organizations (“third parties”). An example is the presence of “social plugins” (e.g. Facebook, Twitter, Google+) aimed at sharing content on social networks. The presence of these plugins involves the transmission of cookies to and from all sites managed by third parties. The management of information collected by “third parties” is governed by the relative information to which reference is made.

Cookie management
The user can decide whether or not to accept cookies using the settings on his browser.

Opt out of cookies

The total or partial disabling of technical cookies can compromise the use of the site’s functions reserved for registered users. On the contrary, the usability of public content is also possible by completely disabling cookies.

Disabling “third-party” cookies does not affect navigability in any way. The setting can be defined specifically for different websites and web applications. Furthermore, the best browsers allow you to define different settings for “proprietary” cookies and for those of “third parties”.

For example, with Google Chrome, click the wrench in the upper right corner and select “Settings”. At this point select ‘Show advanced settings’ (“Under the hood”) and change the privacy settings.


Internet Explorer:


FASTBOOKING does not send profiled emails, however it does use profiling cookies. For details of the profiling cookies used and their interaction with social tools, consult the Cookie Policy.

  • Google Analytics

The site uses Google Analytics. It is a web analytics service provided by Google Inc. (“Google”) which uses cookies that are stored on the user’s computer to allow statistical analysis in aggregate form in order to use the website visited.

The site manager has activated the IP address anonymization function and signed the amendment on data processing in accordance with the European regulation dictated by directive 95/46 / EC.

  • Advertising cookies (remarketing, segmentation and targeting) of Google, Facebook and Linkedin

These cookies are intended to provide the user with advertising spaces that can be installed by third parties. Some are used to recognize individual advertising messages and know which ones have been viewed and when, then allowing banners and/or advertisements relating to certain products to appear on visits to other affiliated sites based on the user’s browsing history . Users are assigned a technical identifier but in no case are personal identification data such as the user’s name or address collected.

Other advertising cookies are used to hypothesize a browsing “profile” of the user, in order to be able to propose advertising messages in line with his behavior and interests on the network. This “profile” is anonymous and the information collected through these cookies does not allow the identity of the user to be traced.

In particular, we note the use of “Google Analytics”, “Linkedin Ads” and “Facebook Ads”, including the c.d. “advertising function”.

It is a web analysis service provided by Google, Linkedin and Facebook which use analytical cookies that are installed on the user’s computer to perform statistical analyzes in aggregate form on the use of the website visited, as well as to allow visitors to be profiled. of the Sites (which are identified by “tracking cookies”) on the basis of the information contained in their “cookies for advertising”, which concern three categories: age group, gender, marketing segments.

Nella pagina web you can find more information about the Google service.

On the web page you can find more information about the Facebook service.

On the webpage you can find more information about the Linkedin service.

Google’s Privacy Policy , instead, it governs the processing of personal data of users who use Google products and services.

To consult the privacy policy of Google Inc., independent owner of the processing of data relating to the Google Analytics service, see the following link:

Finally, the list of cookies used by Google Analytics can be found at the following address:

At the following link the browser add-on for deactivating Google Analytics is also made available by Google.

To consult the LinkedIn privacy policy, see the following link:

Finally, the list of cookies used by Linkedin can be found at the following address: where it is also possible to manage them.

  1. Data controller

The processing of your personal data is carried out by ELAN HOTELS GROUP S.r.l., with registered office in via G. di Vittorio, 4 – Assago (MI), as Data Controller pursuant to and for the purposes of the EU Regulation.

For any question or request related to the processing of your personal data, you can contact the following

  1. Group DPO

The contact details of the Group DPO are: [email protected]