Privacy Policy

Information on the processing of personal data pursuant to EU Regulation 2016/679 (GDPR) and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018.

GDPR compliant Last updated: 21 February 2026

Data Controller

  • CristallPont S.R.L.
  • VAT / Tax ID: 05863730650
  • Email: hello@amalfi.day

Legal Basis

  • Consent for contact form and newsletter.
  • Contractual performance for bookings.
  • Legitimate interest for analytics and security.

Third Parties

  • Google Analytics (analytics).
  • Telegram (contact message delivery).
  • Ghost CMS, Vercel.

Your Rights

  • Access, rectification, erasure of data.
  • Portability and restriction of processing.
  • Complaint to the Italian Data Protection Authority.

1. Data Controller

The data controller for personal data is:

CristallPont S.R.L.
VAT / Tax ID: 05863730650
Registered office: Traversa Dragone, 2
Share capital: €10,000.00
Email: hello@amalfi.day
Website: amalfi.day

A Data Protection Officer (DPO) has not been appointed as the conditions under Art. 37 of the GDPR do not apply.

2. Data Collected and Purposes

We collect the following categories of personal data:

  • Contact form: name, email address or WhatsApp number, travel dates, type of service requested, message. Purpose: responding to enquiries and planning services.
  • Newsletter: email address. Purpose: sending updates and offers related to the Amalfi Coast.
  • Browsing data: IP address, browser type, pages visited, date and time of access. Purpose: site security and aggregate statistical analysis (analytics only with prior consent).
  • Contact form metadata: IP address, approximate geolocation, browser language, time zone, user agent. Purpose: anti-spam protection and service improvement.

3. Legal Basis for Processing

Personal data processing is based on the following legal grounds under Art. 6 of the GDPR:

Activity Legal Basis Reference
Contact form Pre-contractual measures / consent Art. 6(1)(b) and Art. 6(1)(a)
Accommodation and tour bookings Performance of a contract Art. 6(1)(b)
Newsletter Consent Art. 6(1)(a)
Google Analytics Consent (cookie banner) Art. 6(1)(a)
Security and hosting Legitimate interest Art. 6(1)(f)

4. Third Parties and Data Transfers

Your data may be shared with the following service providers, acting as data processors:

Service Purpose Country Safeguards
Google Analytics Traffic statistical analysis USA Standard Contractual Clauses (SCC)
Telegram Contact form message delivery Dubai / EU End-to-end encryption
Vercel Website hosting USA / EU SCC, DPA
Ghost CMS Newsletter and blog management EU EU hosting

We do not sell, transfer or disclose your personal data to third parties for marketing purposes. Data is shared only with the providers listed above, to the extent strictly necessary for the provision of services.

5. Data Retention

  • Contact enquiries: retained for a maximum of 24 months from the date of the request, unless required by law.
  • Analytics data: retained for 14 months (Google Analytics 4 setting), then automatically deleted.
  • Newsletter: your email address is retained until you unsubscribe, which you may request at any time.
  • Booking data: retained for the duration of the contract and for the following 10 years for accounting and tax purposes (D.P.R. 600/1973).

6. Your Rights (Art. 15-22 GDPR)

As a data subject, you have the right to:

  • Access (Art. 15) — obtain confirmation of your data and a copy thereof.
  • Rectification (Art. 16) — correct inaccurate or incomplete data.
  • Erasure (Art. 17) — request deletion of your data ("right to be forgotten").
  • Restriction (Art. 18) — restrict processing in certain cases.
  • Portability (Art. 20) — receive your data in a structured, readable format.
  • Objection (Art. 21) — object to processing based on legitimate interest.
  • Withdrawal of consent (Art. 7) — withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise your rights, contact us at hello@amalfi.day. We will respond within 30 days of receiving your request.

7. Right to Lodge a Complaint

You have the right to lodge a complaint with the competent supervisory authority:

Garante per la protezione dei dati personali (Italian Data Protection Authority)
Piazza Venezia, 11 — 00187 Roma, Italy
Website: www.garanteprivacy.it
Email: garante@gpdp.it

8. Cookies

This website uses technical cookies and, with your consent, analytics cookies (Google Analytics). For detailed information about the cookies we use, their purposes and how to manage them, please see our Cookie Policy.

9. Updates to This Policy

This privacy policy may be updated periodically to reflect regulatory or operational changes. Updates will be published on this page with the revision date. We encourage you to check this page regularly.

What we do for you

Your Amalfi, crafted

  • Photo Sessions Editorial portraits at golden hour. Cinematic frames, not tourist snapshots.
  • Curated Experiences Private tours by car, boat, or motorbike. Wine tastings, hidden viewpoints, local stories.
  • Accommodation Our apartments in Atrani, steps from the sea. Book direct or via Airbnb.
Send a request Browse all experiences
Boat tours in Amalfi Coast Amalfi scooter ride Amalfi food experience