Back to Home

Privacy Policy

This Website collects some Personal Data from its Users.

Privacy Policy pursuant to art. 13 and 14 of the GDPR

(EU Reg. 679/2016 on the Treatment of Personal Data)

Pursuant to the law and in relation to Personal Data of which Valfim s.r.l., its collaborators and employees will come into possession, we advise you about the following information.

The "Data Controller" is Valfim s.r.l., represented by its legal representative pro-tempore, hereinafter also more briefly identified with the term "Company", VAT no. 01600490484, based in Sesto Fiorentino (FI), Via dei Colatori n. 3, tel. +390584 787131, fax +390584 787157, e-mail, which will use your data.

The "Data Processor" is any natural, legal person, Public Administration and any Entity that, where necessary and within the limits pertinent to the purposes of the Processing, uses Personal Data on behalf of the Owner.

Type of data collected. All the data necessary for: the correct carrying out of the tourist-receptive and catering activity, spa, promotional activity, advertising, evaluation of the service and relating to human resources.
Use of Data. The Data will be processed in accordance with the principles in accordance with art. 5 of the GDPR, including: lawfulness, correctness, transparency, limitation, confidentiality, etc.
Purpose of the Processing. The Treatment is finalized solely for the purposes indicated in the preceding paragraph 1.
Legal basis of the Treatment. The acquisition of the data takes place in relation to the contract between the owner and the interested party or eventually through consent.
Refusal to provide Data. Any refusal by the Interested party to provide Data necessary for the performance of the activity may make it impossible to provide the services, carry out the activities and / or manage the reports indicated in Chapter 1 above.
Data source. The personal data in which Valfim srl is in possession is collected in compliance with the provisions of Article 13 of the GDPR directly with the interested party or pursuant to art. 14 of the GDPR.
Data processing methods. The Treatment in the respect of the art. 5, paragraph 1, lett. "F" of the GDPR is carried out by means of the operations or set of operations summarized as follows: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The operations can be carried out with or without the aid of electronic or digital or automated means.
Data communication. Personal Data, for the purposes of the current contract, may be communicated for the purposes referred to in point 1 to internal and external Collaborators, Data Processors, subjects operating in the sector, subjects aimed at assessing the quality of the services provided and managing loyalty programs.
Dissemination of Data. Your Data will not be disseminated in any way, except for the cases indicated in the preceding paragraph.
Data transfer abroad. Personal data may be transferred to countries of the European Union and to countries outside the European Union for the purposes of the processing reported in point 3. Any transfer of data to a country outside the European Union will occur in compliance with articles 45 and following of EU Reg. n° 679/2016. In the absence of a decision on the adequacy of the protection level, the transfer can take place only in the cases provided by art. 49 of the mentioned Regulation.
Data retention. The Data is kept for the period necessary for the performance of the activity and in any case for a period not exceeding ten years.
Rights of the interested party. The law gives the interested party the exercise of specific rights, including:
obtain from the Data Controller access to your Personal Data and information in an intelligible manner;
have knowledge of the origin of the Data, the purposes and methods of the Processing;
rectify and cancel (right to oblivion) ​​the Data;
limit the Treatment or have the possibility to oppose it
request data portability;
withdraw consent to the Processing without prejudice to the lawfulness of the Treatment based on the previous consent;
lodge a complaint pursuant to art. 77 GDPR to the Guarantor for the Protection of Personal Data.
Changes to this privacy policy. The Owner reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and possibly within this Website and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
System logs and maintenance. For operation and maintenance purposes, this Website and any third-party services may collect files that record interaction with this Website (System logs) use other Personal Data (such as the IP Address) for this purpose.
Information not contained in this policy. More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
Cookie Policy. Questo sito web fa utilizzo di Cookie. Per saperne di più e per prendere visione dell'informativa dettagliata, l'utente può consultare la cookie policy.
Non-continuous geolocation (this Website). This Website may collect, use, and share User location Data in order to provide location-based services. Most browsers and devices provide tools to opt out from this feature by default. If explicit authorization has been provided, the User’s location data may be tracked by this Website. The geographic location of the User is determined in a manner that isn't continuous, either at the specific request of the User or when the User doesn't point out its current location in the appropriate field and allows the application to detect the position automatically. Personal Data collected: geographic position.
Specific use of personal data. In the following you will find specific notes on how specified sections of this website function:
Contact Request section
The Contact Request section on this website offers the opportunity to make enquires about rooms, availability, offers, participation in events and courses. If you decide to send us your personal data, these data shall be processed exclusively for the purposes referred to above by persons specifically authorised so to do and in accordance with the routine in-house management procedures.
Enquiry/Online booking area
The Enquiry/Online booking area on this website offers the opportunity to obtain information on offers and availability of stays and holidays and to book or purchase holidays/stays or other services from us (e.g. wellness). If you decide to send us your personal data, these data shall be processed exclusively for the purposes referred to above by persons specifically authorised so to do and in accordance with the routine in-house management procedures.
Section Newsletter
If the visitor to our website would like to receive our newsletter, he must enter his personal data in the appropriate form in the Register for Newsletter section. The data collected serve for the despatch of the newsletter within the meaning of the declaration in the footnote to the form.
Under-age visitors (16 years)
The St. Mauritius Hotel website, which is regulated by the foregoing data protection provisions, is not intended for the use of minors. We are aware of the necessity for protecting data, which concern minors, in particular in the online environment. Therefore we do not collect and store, except inadvertently, any data from under-age visitors.
Involvement of third part services and contents
Google Analytics, Google-IP-Locator, Google Maps, Google Maps Distance Api, Google reCHAPTA - Provided by: Google Inc.

YouTube-Contenuti - Provided by: Google Inc.

Social Network Facebook & Messenger - Provided by: Facebook Inc.

Social Wall Juicer - Provided by: LLC

Social Network Instagram - Provided by: Facebook Inc.

Vimeo - Provided by: Vimeo Inc.

Hotjar - Provided by: Hotjar Ltd.

Whatsapp - Provided by: WhatsApp Inc.

Qualitando - Provided by: Qualitando srl.

Travel Appeal – Provided by: The Data Appeal Company Spa.

Additional external content can be loaded via widgets and iframes. 


Links to third party Internet sites
We advise you that the website, contains links to other websites, which are not managed within the meaning of the foregoing data protection directives.
Definitions and legal references

Personal Data. Any information that directly, indirectly, or in connection with other information - including a personal identification number - allows for the identification or identifiability of a natural person.

Usage Data. Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.

User. The individual using this Website who, unless otherwise specified, coincides with the Data Subject.

Data Subject. The natural person to whom the Personal Data refers.

Data Processor. The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller. The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.

This Website. The means by which the Personal Data of the User is collected and processed.

Service. The service provided by this Website as described in the relative terms (if available) and on this site/application.

European Union (or EU). Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookies. Small sets of data stored in the User's device.

Legal information. This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation). This privacy policy relates solely to this Website, if not stated otherwise within this document.


Last Review 15/02/2020

Cookies Policy
What are Cookies?
Cookies are small strings of text saved in the user's computer, everytime a webpage is visited.

Cookies are not detrimental for the devices. In the generated Cookies personal identification Data are not stored, but these information are used just in order to allow users a better navigation in this Website. For instance Cookies reveal to be useful in identifying and solving mistakes. Further information about Cookies are available on the following Websites: ; .

Cookies may perform different functions, as a more efficient navigation.

The Data Controller reserves the right to use Cookies, with user's consent when needed, to personalize the different functions and provide to the user a better navigation on the present Website. The Data Controller even reserves the right to use comparable systems to collect information about the Website's users, as browser and operation system used, for security or statistical purposes.

Different types of Cookies

Session and persistent Cookies
"Cookies are classified in "session Cookies" and "persistent Cookies". Session Cookies are provisionally saved in the computer memory only during a user's browsing session and  automatically deleted from the user's computer when the browser get closed. Conversely, persistent Cookies are stored on the computer’s hard drive of the visiting user until they expire.
Session Cookies are used in order to speed the analysis of internet traffic and facilitate user access to the services offered by the Website.
Session Cookies are mainly used in the process of authentication, authorization and navigation services which are accessed via registration.
Most of the browsers are set to accept Cookies by default. If you don't mean to accept Cookies it's possible to set your personal computer to refuse them or be warned when Cookies are stored.
If you refuse the use of Cookies some features of the Website may not work properly and some services may result not available. The use of the so called session Cookies is restricted to the transmission of session’s identifiers necessary to enable a safe and efficient Website. Those Data have technical nature, temporary validity and they are not collected in order to identify users but, because of their operation and in combination with other Data held by third parties (such as the Internet connection provider), they may allow the identification. First part Cookies are only associated with the domain that created them.
Third-part Cookies
Third-party Cookies are created by a different domain respect the one you are visiting, such as, for example, Google Analytics. The software used creates a Cookie for statistical purposes. These Data are then stored in Google Inc.
Technical and profiling Cookies
​Technical Cookies are used in order to provide a required service (see art. 122, comma 1, Italian Data’s Protection Code - Codice in materia di protezione dei Dati Personali). These kind of Cookies are not used for further purposes and they are normally installed by Data Controller or webmaster, e.g. languages tracking Cookies.
 Analytics Cookies are supposed to be technical Cookies whenever they are used for anonymous purposes.
Profiling Cookies are intended to create users profiles and they are used to send to the user tailored advertising messages. In this case users have to be informed about and give the consent.
The present Website uses the following Cookies:

Technical Cookies and Cookies serving aggregated statistical purposes

Activity strictly necessary to let the service working
This Application uses Cookies to save the User's session and to carry out other activities that are strictly necessary for the operation of the same, for example regarding the distribution of traffic.
Activity regarding the saving of preferences, optimization, and statistics.
Users preferences storage, optimization and statistic
This Application uses Cookies to save browsing preferences and to optimize the User's browsing experience. Among these Cookies are, for example, those to set the language and the currency or for the management of first party statistics directly employed by the Website’s Owner.
Other types of Cookies or third-party tools that might use them
Here following are listed some of the services that collect or can collect statistics in aggregated form and may not request the consent of the User or may be managed directly by the Owner - depending on their description - without aid of third parties.
In addition, third-party services (eg . Facebook, Twitter, Google, etc.) , may track activities aimed to create users’ profiles in order, for example, to send advertising messages in line with the preferences shown by the Web browsing’s context.

Interaction with external social networks and platforms
These services allow the interaction with social networks or other external platforms directly from the pages of this Application.
The interaction and information acquired by this Application are always subject to the User’s privacy settings for every social network.
In case a service that enables interaction with social networks is installed it may still collect traffic Data for the pages where the service is installed, even if the Users do not use it.
Facebook Like button and social widgets (Facebook, Inc.)
The Facebook Like button and social widgets are services that allow interaction with the Facebook social network provided by Facebook, Inc.
Personal Data collected: Cookie and Usage Data.
Place of processing : USA – Privacy Policy 
Google+ +1 button and social widgets (Google Inc.)
The Google+ +1 button and social widgets are services that allow interaction with the Google+ social network provided by Google Inc.
Personal Data collected: Cookie and Usage Data.
​Place of processing : USA – Privacy Policy​
Twitter Tweet button and social widgets (Twitter, Inc.)
The Twitter Tweet button and social widgets are services that allow interaction with the Twitter social network provided by Twitter, Inc.
Personal Data collected: Cookie and Usage Data.
Place of processing : USA – Privacy Policy
​Pinterest “Pin it” button and social widgets (Pinterest) 
​The Pinterest “Pin it” button and social widgets are services allowing interaction with the Pinterest platform provided by Pinterest Inc.
Personal Data collected: Cookie and Usage data.
​Place of processing : USA – Privacy Policy 
Instagram widget (Instagram, Inc.)
Is an image visualization service provided by Instagram, Inc. that allows this site to incorporate content of this kind on its pages.
Personal Data collected: Cookie and Usage data.
​Place of processing : USA – Privacy Policy​
​The services that are listed in this section enable the Owner to monitor and analyze visits and web traffic and can be used to keep track of User’s behavior.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses these Data collected to track and analyze the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the collected Data to contextualize and customize the ads of its own advertising network.
Personal Data collected: Cookie and Usage Data.
For further information: Privacy Policy
For disabling: Opt Out ​
Displaying content from external platforms
Services that enable the display of content hosted on external platforms from the pages of this Website and to interact with them.
In case a service of this kind is installed, it is possible that, even if users do not use the service, it collects traffic data relating to the pages in which it is installed​​
Google Fonts (Google Inc.)
It is a service of integration of font styles run by Google Inc. that allows this Website to integrate such content within its pages.
Data collected: Cookie and usage data.
​For further information: Privacy Policy 
TripAdvisor widget (TripAdvisor LLC)
Is a content visualization service provided by TripAdvisor LLC that allows this site to incorporate content from that external platform on its pages
Personal Data collected: cookie and usage data.
For further information: Privacy Policy 
Google Maps widget (Google Inc.)
Is a maps visualization service provided by Google Inc. that allows this Application to incorporate content of this kind on its pages.
Personal Data collected: cookie and usage data.
​For further information: Privacy Policy
How can I disable Cookies?
Most browsers automatically accept Cookies, but you may choose not to accept them. If you do not want your computer to receive and store Cookies, you can modify the security settings of your browser (Internet Explorer, Google Chrome, Mozilla Firefox , Safari etc ...). There are several ways to manage Cookies and other tracking technologies. By changing your browser settings, you can accept or reject Cookies or choose to receive a notice before accepting a Cookie from the Website. You can delete all Cookies installed in your browser's Cookies folder. Each browser has different procedures for managing settings.

To get specific instructions please click on the following links:

Microsoft Internet Explorer 
You can manage Cookies setting just going in "Instruments" – "Internet settings" and then by choosing "Privacy". Or you can manage the Cookies setting by clicking this link: 
Google Chrome
You can manage Cookies setting just going in "Settings" – "Internet settings" – "Advances setting" and modify Privacy setting. Or you can manage the Cookies setting by clicking this link: 
Mozilla Firefox
You can manage Cookies setting just going in "Options" – "Privacy". Or you can manage the Cookies setting by clicking this link: 
Apple Safari
You can set Cookies by choosing "Preferences" in the browser menu and then "Security" or by clicking this link 
If you don't use one of the mentioned browsers, you can choose "Cookies" in the browser guide, in order to discover how to set the functions. 
How disable Flash Cookies
Please click on the following link: 
Cookie Google Analytics
In order to disable Google Analytics Cookies and inhibit Google Analytics to collect navigation Data, please download browser add :
Please have a look to our Privacy Policy to be informed pursuant to Article 13 of Italian Data’s Protection Code (Codice in materia di protezione dei Dati Personali).

Ristorante Sciabola
Contact us
Via XX Settembre, 28 - Forte dei Marmi (LU)
+39 0584 787131
Opening hours
Open every day from 19:30 to 22:30
VAT number 01600490484
Privacy Policy
Work with us
Open with Google Maps