Privacy Policy Villa Lario Resort​

This page describes how the site is managed with reference to the processing of the personal data of users who consult it, as well as the methods and purposes of processing such data. This is an information notice pursuant to Articles 13, 14 EU Regulation 2016/679 to those who interact with web services accessible electronically from the address

The information is provided only for the site in question and not for other websites that may be consulted through our links, for which GVL Srl is in no way responsible.

GVL Srl as Data Controller of your personal data (pursuant to and for the purposes of EU Reg. 2016/679 – GDPR) informs you that the aforementioned legislation provides for the protection of data subjects regarding the processing of personal data and that processing will be based on principles of correctness, lawfulness, transparency and protection of your privacy and your rights. Your personal data will be processed in accordance with the legislative provisions of the aforementioned legislation and the confidentiality obligations envisaged.

The data controller is GVL Srl, (with headquarters in Via Balicco, 61 – 23900 Lecco (LC) Italy – C.F. / P.IVA 03548340136). To exercise the rights listed above, you must send a written request by e-mail to:

GVL Srl reserves the right to make changes to this privacy policy at any time by giving notice to users on this page. Therefore, please consult this page often, referring to the date of the last modification indicated at the bottom. In case of non-acceptance of the changes made to this privacy policy, you are required to cease using this site and you can ask GVL Srl to remove your personal data.

A. Navigation data provided automatically
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These are personal data collected automatically by the site (or by third-party applications that it uses), including: IP addresses or domain names of the computers used by the user who connects to the site, addresses in notation URI (Uniform Resource Identifier), the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the site, with particular reference the sequence of the pages consulted, the parameters relating to the operating system and the user’s IT environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted after 26 months. The data could also be used to ascertain responsibility in the event of hypothetical computer crimes against the site.

B. Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site, as well as the compilation of the forms for sending specific requests entail the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message or in the form.

The e-mail contacts used for sending the periodic newsletter come from voluntary subscriptions by the recipient. The newsletter includes the sending of information, communications including commercial or promotional. In the event that the communications are not of interest to the recipient, it is possible to avoid further sending relating to the specific channel by clicking the appropriate unsubscribe link contained in each message of that channel, or to avoid further contact by writing to the contact details at the bottom by exercising the your right to unsubscribe from the newsletter.

The Sending Blue platform is used to manage registered contacts, related personal data and send newsletters. You can access the information: Privacy Policy Sending Blue »

C. Cookies
The extended information on the use of Cookies (Cookie Policy) was drawn up on the basis of the principle of transparency and all the elements required by article 13 of the Regulation and is divided into individual sections, each of which deals with a specific topic in a way to make reading faster, easier and easier to understand. You can consult the complete information on cookies by visiting the page:
Cookie Policy »

Apart from what is specified for navigation data, you are free to provide personal data contained in the application forms, registration forms for mailing lists or otherwise indicated in contacts to request the sending of informative, technical or commercial material or other communications. Failure to provide them may make it impossible to obtain what is requested.

The data are mainly processed with electronic and IT tools and stored both on IT media and on paper media and on any other type of suitable support, in compliance with the procedures set out in Articles. 6, 32 of the GDPR and by adopting the appropriate security measures to prevent the loss of data, illicit or incorrect use and unauthorized access.

We inform you that, in order to provide a complete service, our portal may contain links to other websites, not managed by us. We are not responsible for errors, contents, cookies, publications of illegal moral content, advertisements, banners or files that do not comply with current regulations and compliance with the Privacy legislation by sites not managed by us to which reference is made. To improve the service offered, you can report malfunctions, abuses or suggestions to the e-mail address:

Your data will be processed only by personnel expressly authorized by the Data Controller.

Data processing will be carried out for:
• Give the possibility to access the public and / or reserved sections of the site;
• Implement the activation and maintenance of any services subscribed online;
• Carry out the obligations required by laws or regulations;
• The protection of the Data Controller in court;
• Send informative material;
• Allow constant monitoring of the effectiveness of the proposed service.

The personal data relating to the processing in question may also be communicated to subjects who are granted the right to access your personal data by law or secondary and/or community regulations. Furthermore, some data may be communicated and disseminated to the internet operators of which GVL Srl uses for the management of its domains and to the administrative staff. The dissemination of the collected data is not foreseen.

We point out that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR, the retention period of your personal data is set at 26 months.

You have the right to obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form.

You also have the right to obtain the indication:
• Of the origin of personal data;
• Of the purposes and methods of the processing;
• The logic applied in the event of processing carried out with the aid of electronic tools;
• The identity of the owner, manager and the representative appointed under Article 5, paragraph 2;
• On the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents.

You also have the right to obtain:
• The cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed;
• The attestation that the operations referred to in the previous points have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right;

• You therefore have the right to obtain from the owner the cancellation (right to be forgotten), limitation, updating, rectification, integration, portability, opposition to the processing of personal data concerning you, as well as in general you can exercise all rights provided for by articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

You have the right to object, in whole or in part:
• For legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of the collection;
• To the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.

The Owner reserves the right to modify or simply update the content of the Privacy policy, in part or completely, also due to changes in the applicable legislation. The Data Controller will inform you of these changes by means of a notice published on the Site. The Data Controller therefore invites you to visit this section regularly to become aware of the most recent and updated version in order to be always updated on the data collected and on the use made of it.

July 7, 2022

Villa Lario Resort

Via Statale 125, 23826
Mandello del Lario (LC) – Italy
Start with Google Maps

Luxury Stay

Stay updated
on all news

Click here and subscribe to the newsletter

Tel. +39 0341 1918026

Info & Sales Department
+39 340 2408199

Weddings and Events
+39 340 2408199

Villa Lario Resort

Via Statale 125
23826 Mandello del Lario (LC) – Italy
Start with Google Maps

Luxury Stay

Stay updated
on all news

Click here and subscribe to the newsletter

Info & Sales Department
+39 340 2408199

Weddings and Events
+39 340 2408199