GDPR Terms & Conditions & Privacy Policy

At Omamori Rome (“we”, “us”, “our”), protecting your personal data is our priority. This Privacy Policy explains how we collect, process, and protect your personal information in accordance with EU Regulation 2016/679 (General Data Protection Regulation – GDPR).

1. Purpose of Data Processing

We collect and process personal data for the following purposes:

1. Reservation and stay management – organizing your booking, check-in, check-out, and providing customer support.

2. Legal and fiscal compliance – including mandatory guest registration with local authorities (Questura) and reporting of the tourist tax to the Municipality of Rome.

3. Marketing and promotional communications – only if you have explicitly consented.

2. Types of Personal Data Collected

We may collect the following personal information:

• Full name, date and place of birth

• Identification documents (ID card, passport)

• Contact information (email, phone number)

• Booking information (dates, number of guests, special requests)

• Payment information, when necessary for reservation purposes

3. Legal Basis for Processing

We process your personal data based on:

• Contractual necessity – to manage your reservation and stay.

• Legal obligation – to comply with Italian laws regarding guest registration and taxes.

• Consent – for marketing communications, when provided.

4. How Your Data Is Processed

• Data are processed electronically and on paper in a secure, lawful, and transparent manner.

• We implement appropriate technical and organizational measures to prevent unauthorized access, loss, or misuse of data.

• Access to personal data is limited to authorized staff or service providers bound by confidentiality obligations.

5. Data Retention

Your personal data will be stored for:

• The period required by law for administrative and fiscal purposes.

• The duration of your contractual relationship with us (reservation and stay).

• Marketing purposes, only until consent is withdrawn.

After these periods, data will be deleted or anonymized.

6. Sharing Your Data

Your personal data may be shared only with:

• Public authorities – for legal compliance (e.g., Questura, Municipality, Revenue Agency).

• Service providers – strictly involved in managing your stay (e.g., booking platforms, cleaning staff).

Your data will never be sold or disclosed to unauthorized third parties.

7. Your Rights

Under GDPR, you have the right to:

• Access your personal data.

• Rectify any inaccuracies.

• Request erasure of your data (“right to be forgotten”).

• Restrict processing of your data.

• Object to marketing communications.

• Data portability – receive your data in a structured, machine-readable format.

To exercise your rights, contact us at:
📧 omamorirome@gmail.com

8. Consent Withdrawal

If you have given consent for marketing communications, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.

9. Data Transfers Outside the EU

Currently, we do not transfer personal data outside the European Economic Area (EEA).
If this becomes necessary in the future, we will ensure adequate safeguards are in place in compliance with GDPR.

10. Security of Your Data

We implement technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or loss.
This includes secure storage, access control, and encrypted communications when applicable.

11. Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in regulations, services, or operational procedures.
The latest version is always available on our website, with the date of last update clearly indicated.