×

Privacy Policy

Last update: 11 dicembre 2025

 

1. Data Controller (Controller)

The Data Controller responsible for the processing of personal data is:

Federica Conte – Effe Con Te

Beausoleil, France

Website: effeconte.com

Email: effe@effeconte.com

2. Types of Data Collected

2.1 Data not Directly Acquired via Forms

The website does not directly acquire the following categories of data through contact forms or direct input fields:

  • First and Last Name

  • Email Address

  • Telephone Number

  • Information provided via contact forms

  • Data related to consultation or service requests

Such data will only be provided by the user voluntarily and knowingly when requesting information via the contact email address (effeconte@gmail.com) or through the YouTube channel. The data thus provided will be processed in compliance with this Privacy Policy.

2.2 Navigation Data (Automatically Collected)

  • IP address

  • Browser type and device used

  • Pages visited and duration of visit

  • Referral source

  • Operating system

  • Anonymous statistical data on site usage

Navigation data is collected and managed exclusively through Google Analytics; no other platforms or data collection software are utilized.

2.3 Cookies and Similar Technologies

For detailed information about the cookies used, please refer to our Cookie Policy.

3. Processing Purposes and Legal Basis

Personal data collected is processed for the following purposes, each with a corresponding legal basis pursuant to GDPR:

Purpose Category Legal Basis (GDPR Article) Specific Activities
Performance of a Contract Art. 6(1)(b) Responding to requests and providing requested services (consulting, Airbnb bookings, guides).
Legitimate Interest Art. 6(1)(f) Improving service quality, anonymous statistical analysis of site usage, IT security, and fraud prevention.
Legal Obligation Art. 6(1)(c) Tax and accounting obligations, retention of documentation for regulatory requirements.
Consent Art. 6(1)(a) Sending promotional communications and newsletters.

4. Processing Methods

Personal data is processed using IT and telematic tools, following logic strictly related to the stated purposes and by adopting appropriate security measures to ensure:

  • Data confidentiality

  • Data integrity and availability

  • Protection against unauthorized access

  • Prevention of loss, destruction, or damage

5. Data Retention

Personal data will be retained for the time necessary to achieve the purposes for which they were collected:

  • Data related to consulting services: for the duration of the contractual relationship and subsequently for 10 years, in accordance with tax and accounting obligations.

  • Data for information requests: up to 24 months after the request is processed.

  • Data for newsletters and marketing: until consent is withdrawn (opt-out).

  • Navigation data: retained for a period ranging from 7 days to 26 months, depending on the specific type of data and tool used.

6. Communication and Disclosure of Data

Personal data may be disclosed to the following categories of recipients:

6.1 Necessary Recipients (Data Processors)

  • IT and hosting service providers

  • Professional advisors (e.g., accountants, lawyers)

  • Email marketing service providers

  • Booking platforms (for Airbnb services)

  • Payment service providers

6.2 Competent Authorities

  • Judicial authorities and law enforcement, upon formal request.

  • Tax and administrative authorities, for compliance with legal obligations.

Data will not be disclosed to unauthorized third parties or transferred outside the EU without adequate data protection safeguards.

7. Data Transfer Outside the EU

Some service providers may be located outside the European Union (EU). In such cases, we ensure that the transfer complies with the GDPR requirements by adopting one of the following appropriate safeguards:

  • Adequacy decisions issued by the European Commission.

  • Standard Contractual Clauses (SCCs) approved by the European Commission.

  • Other appropriate safeguards provided by the GDPR (Art. 46).

8. Rights of the Data Subject

In accordance with the General Data Protection Regulation (EU Regulation 2016/679 – GDPR), the data subject has the right to exercise the following rights:

  • 8.1 Right of Access (Art. 15): Obtain confirmation as to whether or not their data are being processed and receive a copy thereof.

  • 8.2 Right to Rectification (Art. 16): Obtain the rectification of inaccurate or incomplete personal data.

  • 8.3 Right to Erasure (Art. 17) – “Right to be Forgotten”: Obtain the erasure of data when legal grounds apply.

  • 8.4 Right to Restriction of Processing (Art. 18): Obtain the restriction of processing in certain specified circumstances.

  • 8.5 Right to Data Portability (Art. 20): Receive the personal data in a structured, commonly used, and machine-readable format for transmission to another controller.

  • 8.6 Right to Object (Art. 21): Object to processing for legitimate reasons, including processing for direct marketing purposes.

  • 8.7 Right to Withdraw Consent (Art. 7): Withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

  • 8.8 Right to Lodge a Complaint (Art. 77): Lodge a complaint with the competent Supervisory Authority (CNIL).

How to exercise your rights:

To exercise these rights, the data subject may contact the Data Controller via:

  • Email: effe@effeconte.com

  • Written communication addressed to the Data Controller.

The Data Controller will provide a response within 30 days of receipt of the request.

9. Marketing and Newsletter

Promotional communications and newsletters are only sent upon receipt of the data subject’s explicit consent. It is possible to:

  • Withdraw consent at any time.

  • Use the unsubscribe link included in every email communication.

  • Contact the Data Controller (effe@effeconte.com) to request the deletion of the data.

10. Data Security

We adopt adequate technical and organizational measures to ensure an appropriate level of security, including:

  • Encryption of data in transit (e.g., SSL/TLS).

  • Password protection and strict access control measures.

  • Regular data backups.

  • Measures against unauthorized access.

  • Staff training and awareness programs on data protection.

11. External Links and Data Management (Airbnb Bookings)

The website provides links that redirect users to the Airbnb platform for booking purposes (including consultations, reservations, and guides). The Data Controller (Effeconte) does not acquire, process, or store any personal data related to bookings made through these links.

All data processing related to the reservation, payment, and guest management processes is exclusively managed by the Airbnb platform, which acts as the independent Data Controller for those specific activities.

No bookings or payments are processed outside of the Airbnb platform via these links, and Effeconte does not collect any data at this stage. Users should refer to the Airbnb Privacy Policy for information on how that platform processes their personal data.

12. Changes to the Privacy Policy

This Privacy Policy may be modified over time. Changes will be published on this page, with the indication of the last update date. We recommend checking this page regularly to stay informed of any amendments.

13. Supervisory Authority (CNIL)

As a company established in France, our main supervisory authority is the Commission Nationale de l’Informatique et des Libertés (CNIL).

CNIL Contact Details:

  • Address: 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France

  • Website: www.cnil.fr

  • Phone: +33 (0)1 53 73 22 22

You have the right to lodge a complaint with this authority if you believe that the processing of your personal data does not comply with the GDPR.