Privacy & data protection

Privacy policy & GDPR information

We care about privacy and about using your personal data in a transparent, fair way. On this page we explain what data we collect, why we collect it, how long we keep it, and which rights you have under the EU General Data Protection Regulation (GDPR).

This privacy policy is intended as a clear summary for guests and website visitors. It does not replace tailored legal advice. If you have any questions, you can always contact us using the details below.

1. Who we are and contact details

This website is operated under the brand Dolomites Mountain Guides. For the purposes of the GDPR, the data controller is:

Dolomites Mountain Guides

Operated by: Luca Trubbiani

Website: www.dolomitesmountainguides.com

Registered address and VAT/Tax ID to be specified here.

Email: info@dolomitesmountainguides.com

2. Scope of this privacy policy

This privacy policy applies to:

  • • Visits to our website and use of our online content.
  • • Enquiries sent via contact forms and booking forms on this website.
  • • Subscription to any newsletter or similar updates we may offer.
  • • Direct communication with us by email, phone, messaging apps or social media in relation to our guiding services.

This policy does not apply to websites or services operated by third parties, even if we link to them from our pages.

3. What personal data we collect

3.1 Data you provide directly

  • Contact and enquiry forms: name, email address, telephone number, message, preferred dates, type of activity, number of participants and any other information you choose to share.
  • Booking forms: in addition to the above, we may ask for further details needed to organise the trip (e.g. approximate level/experience, language preferences, logistics).
  • Newsletter / marketing communications (if available): email address and your communication preferences.

3.2 Data collected automatically when you visit the site

When you browse our website, certain technical data are collected automatically, for example:

  • • IP address and approximate location (country/region).
  • • Device and browser type, operating system, language settings.
  • • Pages visited, time and duration of visit, referring page/URL.
  • • Interactions with the website (clicks, forms, error pages).

This information may be collected through server logs, cookies and similar technologies, and via tools such as Google Analytics or equivalent analytics services.

3.3 Special categories of data

We do not intentionally collect sensitive data such as health information, religion or political opinions via the website. For certain trips, it may be useful to know about relevant medical conditions or allergies in order to plan safely. In that case we will ask only for information that is strictly necessary and we will treat it with particular care.

Please avoid sharing unnecessary sensitive details in free-text fields. If something is important for your safety during the activity, we will discuss it with you directly and confidentially.

4. Why we use your data (purposes and legal bases)

We process your personal data only when we have a valid legal basis under Article 6 of the GDPR. In practice, this means:

Purpose
Examples
Legal basis
Handling enquiries & bookings
Replying to your messages, preparing offers, confirming trips and communicating practical information.
Pre-contractual steps & performance of a contract (Art. 6(1)(b) GDPR).
Managing customer relationships
Answering follow-up questions, keeping a record of trips taken for future planning.
Legitimate interest in providing good service (Art. 6(1)(f) GDPR).
Newsletter & marketing (if active)
Sending trip updates, new program announcements or seasonal information.
Consent (Art. 6(1)(a) GDPR). You can withdraw your consent at any time.
Website analytics & improvement
Understanding which pages are most useful, detecting usability issues and improving content.
Consent via cookie/banner where required, or legitimate interest in a secure, well-functioning site (Art. 6(1)(a) / 6(1)(f) GDPR).
Security, anti-spam & abuse prevention
Protecting our forms from automated spam, preventing misuse of the site, keeping logs for security investigations.
Legitimate interest in protecting our services and users (Art. 6(1)(f) GDPR).
Legal obligations
Accounting, tax obligations, responding to lawful requests by authorities.
Compliance with legal obligations (Art. 6(1)(c) GDPR).

5. Cookies, analytics & similar technologies

Our website may use cookies and similar technologies to make the site work, remember your preferences and understand how visitors use our pages. These may include:

  • Necessary cookies: required for basic security and functionality (e.g. load balancing, session cookies).
  • Preference / functional cookies: remembering language or other minor preferences.
  • Analytics cookies: tools such as Google Analytics to measure traffic and usage patterns in an aggregated way.

Where required by law, non-essential cookies (in particular analytics and marketing cookies) will only be used if you give your consent via a cookie banner or similar mechanism. You can also delete or block cookies using your browser settings.

6. How long we keep your data

We keep personal data only for as long as needed for the purposes described above, or to comply with legal obligations. As an indication:

  • Enquiries without booking: typically up to 12–24 months, to follow up and understand recurring questions.
  • Bookings and trips actually carried out: for the duration of the contractual relationship and for the period required by tax and accounting laws (usually several years).
  • Newsletter data: until you unsubscribe or withdraw your consent, or until we clean up inactive lists.
  • Technical logs: usually a few weeks or months, unless we need them longer for security investigations.

7. Who we share data with

We do not sell your data. We may share personal data with:

  • Service providers: such as website hosting, email and newsletter providers, IT support, analytics providers and anti-spam tools.
  • Payment / booking partners: if we use external systems to handle payments or reservations, only to the extent necessary.
  • Public authorities or legal advisors: where required to comply with the law or to defend our rights.

When we use external providers who process personal data on our behalf, we sign appropriate data processing agreements as required by Article 28 GDPR.

8. Transfers outside the EU/EEA

Some of our service providers (for example certain cloud or analytics providers) may be located outside the European Union / European Economic Area. In such cases we take steps to ensure an adequate level of protection, such as:

  • • Using providers in countries with an adequacy decision by the European Commission.
  • • Signing Standard Contractual Clauses (SCCs) approved by the European Commission.
  • • Applying additional safeguards where appropriate (data minimisation, encryption, etc.).

9. Your rights under the GDPR

As a data subject within the scope of the GDPR you have several rights, subject to certain conditions:

  • • Right of access to your data and to receive a copy.
  • • Right to rectification of inaccurate or incomplete data.
  • • Right to erasure (“right to be forgotten”) in certain cases.
  • • Right to restriction of processing in certain cases.
  • • Right to data portability, where applicable.
  • • Right to object to processing based on legitimate interests, including direct marketing.
  • • Where processing is based on consent, the right to withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

To exercise your rights, please contact us at info@dolomitesmountainguides.com .

You also have the right to lodge a complaint with your local data protection authority. In Italy, this is the Garante per la Protezione dei Dati Personali.

10. Children & minors

Our website and services are primarily aimed at adults. We do not knowingly collect personal data from children under 16 for online marketing purposes. Where minors take part in activities, we process their data through and with the consent of their parent or legal guardian as required by applicable law.

11. Changes to this privacy policy

We may update this privacy policy from time to time, for example when we add new services or when laws and guidance change. The latest version is always available on this page and replaces previous versions.

Last updated: [insert date].