Last Updated: July 2025
Introduction
Travel Vorno (“we” or “us”) is committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR). This Privacy Policy explains what personal data we collect when you use the Travel Vorno vacation rental website (the “Site” or our “Service”), how we use and protect that data, and your rights in relation to your information. We operate in the European Union (with properties in Spain, Greece, Italy) and Switzerland, and we handle personal data in accordance with the strict requirements of GDPR and equivalent Swiss data protection law. By using our Site or services, you acknowledge that you have read and understood this Policy. If you do not agree with any part of this Policy, please refrain from using our services.
Data Controller and Contact Details
The data controller responsible for your personal data is Travel Vorno, the operator of the www.travelvorno.eu website. Travel Vorno can be contacted at:
- Address: Via Zamenhof 801, Vicenza, Italy
- Email: info@travelvorno.eu
- Telephone: +39 344 665 1741
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, you can reach us using the above contact information. (See the Contact Us section below for more details on data requests.)
Personal Data We Collect and Why
We collect only the personal information that is necessary to provide our vacation rental services and to communicate with you. This includes:
- Identification and Contact Information: We ask for basic contact details such as your name and email address (and possibly a phone number) when you make a booking, create an account, or contact us. We need this information to identify you, process your reservation, send booking confirmations, and communicate with you about your stay or inquiries. For example, if you fill out our booking or contact form, you will provide your name, email, and message so we can respond to your request.
- Booking Details: When you book a rental property with us, we collect details related to the booking – for instance, the property selected, check-in and check-out dates, number of guests (adults and children), and any special requests or preferences you indicate. We use this information to reserve the accommodation for you, ensure it meets your needs, and provide the services you expect (such as preparing the property for the correct number of guests).
- Payment Information: If you make a payment through our Site, this will typically be handled by a secure third-party payment processor (such as Stripe). We do not store your full credit or debit card numbers on our servers. For online payments, you will enter your payment details into our payment provider’s secure form; your card information is processed directly by the payment provider and not retained by us. We only receive limited information about the transaction – for example, a confirmation that payment was completed, the amount, date/time, and an anonymized transaction ID. This allows us to verify that your booking has been paid. In cases where you choose to pay via bank transfer, we will receive the information necessary to reconcile your payment (such as the name of the account holder and reference number) from our bank. All such payment data is used strictly to process your booking payment and for financial record-keeping.
- Account Credentials (if applicable): If you register an account on our Site, we will collect your login credentials (such as username/email and password). Passwords are stored in an encrypted form for security. We use account data to manage your bookings and access – for example, to allow you to log in, view your reservations, or save your preferences. Your account profile may also store information you choose to provide us, such as past reservations or communication preferences. As noted at registration, “Your personal data will be used to support your experience throughout this website, to manage access to your account, and for other purposes described in our privacy policy.”
- Communications: If you contact us via email, contact form, phone, or WhatsApp, we will collect the information you provide in that communication. This may include your name, contact information, and the contents of your message or inquiry. We use this data to respond to your requests or questions and to provide customer support. For example, if you email us to ask about availability or assistance with a booking, we will use your provided details to get back to you with an answer.
- Technical Usage Data: When you visit our Site, some technical information is automatically collected by our webserver and security systems. This can include your IP address, browser type, device type, operating system, referring website, and timestamps of your visits. We do not use this information for profiling or advertising. We collect technical data primarily for security and system administration purposes – for example, to monitor for fraudulent activity, debug errors, protect our Site from attacks, and ensure the website displays correctly on your device. An IP address, for instance, may be logged when you make a booking or login, as part of our records. Under EU law, information like an IP address can be considered personal data since it may identify you in context. We treat technical data confidentially and only analyze it to maintain the integrity and performance of our services.
Importantly, we do not collect any sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health information, or biometric data. We limit our data collection to what is relevant for the purposes stated in this Policy. If you choose not to provide certain personal data (such as declining to give a name or email), we may not be able to offer the related service – for example, we cannot process a booking without a name to put on the reservation or an email to send the confirmation.
Cookies and Tracking Technologies
At this time, our Site does not use any cookies or tracking pixels for analytics or advertising purposes. We do not deploy Google Analytics, Facebook pixels, or similar tracking tools that collect personal data about your browsing behavior. We also do not run targeted marketing campaigns that would require tracking your activity over time. In short, we do not profile you or monitor your online behavior for marketing.
The only cookies that may be in use are those that are strictly necessary for the basic functioning of the website. For example, if you log into an account, a temporary “session” cookie might be set to keep you logged in securely (this cookie contains a random session ID and no personal information). Such essential cookies are used solely to provide the service you requested (e.g. keeping you logged in or remembering items in a booking form) and not for advertising or analytics. We do not require any opt-in consent for these, as they are used only for core functionality and not shared with any third parties.
If in the future we decide to use any non-essential cookies or tracking tools, we will update this Privacy Policy and (if required by law) seek your consent through a clear cookie notice. For now, you can enjoy our website knowing that we do not track your activity beyond the necessary operation of the service.
Legal Bases for Processing Personal Data
We process your personal data only when we have a valid legal basis under GDPR to do so. Depending on the specific context, one or more of the following legal bases may apply:
- Performance of a Contract: When you make a booking or otherwise enter into an agreement with us, we must process your personal data to fulfill our contractual obligations to you. This includes using your contact and booking details to confirm your reservation, provide the accommodations and services you requested, and communicate with you about check-in/out or any changes. For example, processing your name, dates, and payment is necessary to complete the rental contract and allow you to stay at the property you booked.
- Legal Obligation: We may be required to process and retain certain personal data to comply with our legal obligations. This includes obligations under EU or member state laws (and Swiss law when applicable). For instance, we might need to keep records of transactions for tax and accounting purposes, or to provide invoices/receipts that include your name and booking details as required by financial regulations. Additionally, in some jurisdictions, hospitality providers must collect identification information of guests for local government (tourism or police) registers – if such laws apply to your booking, we will process the necessary data as required by law. Any data processing that is mandated by law will be done strictly for that purpose.
- Legitimate Interests: We may process your data as necessary for our legitimate business interests – provided those interests are not overridden by your data protection rights. We carefully consider and balance any potential impact on you (both positive and negative) and your rights before relying on legitimate interests. Examples of our legitimate interests include: improving and ensuring the security of our website and services, preventing fraud, protecting our property and legal rights, and providing a quality customer experience. For example, if we keep your email after your stay in order to send you a one-time feedback request or offer you a loyalty discount for a future stay, we would do so under legitimate interest to improve our services, and you will always have the right to opt out of such follow-up communication. Similarly, using your IP address to detect and block malicious attempts to hack our Site is in our legitimate interest of keeping our service secure. We will not use legitimate interest as a basis for processing your data where our interests are outweighed by the impact on your privacy. Notably, we do not use your data for any direct marketing at this time – and we will not do so without your consent (see next point).
- Consent: In specific situations, we will seek your consent before processing your personal data. Currently, our policy is not to engage in activities that require consent (such as sending promotional emails or using non-essential cookies), so this basis is not actively used other than for the initial act of you providing us data voluntarily. However, if you voluntarily subscribe to a future newsletter, opt in to receive promotional offers, or agree to a new use of your data, we will process your data based on your consent. You have the right to withdraw your consent at any time, and if you do so we will cease the processing that was based on consent. Withdrawing consent will not affect the lawfulness of any processing we have already done while your consent was in effect. If we ever introduce new features that rely on consent (for example, a mailing list or new cookies), we will present you with a clear choice to opt in or out.
Typically, the primary legal bases we rely on are contractual necessity (to provide our services to you) and legal obligations (to comply with the law). For any processing based on legitimate interests or consent, we ensure transparency and will respect your rights and preferences as described in this Policy.
How We Store and Protect Your Data
We take appropriate measures to ensure that your personal data is securely stored and handled. We understand the importance of safeguarding your information and have implemented various technical and organizational security measures to protect it from unauthorized access, alteration, disclosure, or destruction.
- Data Storage Locations: Your personal data is stored on secure servers operated by our web hosting provider. Whenever possible, we use servers located within the European Union/European Economic Area for data storage. In cases where we may need to use cloud services or processors outside the EEA, we will ensure that GDPR-compliant safeguards are in place (see “Data Sharing & Transfers” below for more on international data transfers). We do not maintain paper records of your personal data; all information is handled electronically.
- Encryption and Security Protocols: Our website is secured with industry-standard encryption. For example, the Site is protected by HTTPS, which means that any information you submit (such as filling in a form or making a payment) is encrypted in transit using SSL/TLS. This helps prevent eavesdropping by unauthorized third parties while data moves between your web browser and our servers. Sensitive transactions (like payment processing) are handled by third-party processors over secure, encrypted connections. Within our systems, we employ up-to-date security software and best practices to guard against malware, viruses, and unauthorized system access.
- Access Control: Personal data collected is only accessible to authorized personnel who need to process it for the purposes described in this Policy. For example, our reservations team and property managers may access booking details to arrange your stay, and our administrative staff may access transaction records for accounting. All staff and any contractors are subject to confidentiality obligations. We limit access rights following the principle of least privilege – meaning each person or service only gets the minimum access necessary for their role.
- Organizational Measures: We ensure our team is trained on data protection principles and committed to safeguarding privacy. We have internal policies in place to prevent data breaches, such as rules on using strong passwords, secure handling of user information, and processes to follow in the event of a security incident. If we physically print or write down any personal information (for example, a guest check-in sheet with names), we treat those documents securely and shred or securely archive them after use.
- No Guarantee: While we strive to protect your data with a high level of care, please understand that no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of information. However, we continuously review and update our security practices to mitigate new threats and vulnerabilities as they become known.
- Data Breach Procedures: In the unlikely event of a data breach that compromises your personal data, we will promptly notify you and the relevant data protection authorities as required by law. We have a process in place to investigate any suspected breach, contain it, and prevent future incidents. Our goal is to be transparent and proactive should any security issue affecting personal data occur.
By using our services, you acknowledge that you understand the inherent risks of providing personal information and that we have implemented measures to protect your data to the best of our ability. If you have any questions about the security of your data, feel free to contact us.
Data Sharing and Third-Party Processors
We treat your personal data with care and do not sell or rent your information to third parties for marketing or any other purposes. However, in order to run our vacation rental business and provide services to you, we do share personal data with certain trusted third parties under strict conditions. The scenarios in which we share data are as follows:
- Payment Processing: As noted, if you pay for a booking online, your payment details are handled by our third-party payment processor, e.g., Stripe, Inc. When processing payments, we must share some information with Stripe such as your name, email, billing address (if required for the card transaction), and the payment amount, so that the transaction can be authorized and completed. Stripe processes your payment information securely in accordance with their own privacy policy. We do not receive or store your full card number or security code; this sensitive data goes directly to Stripe. We only retain the minimal payment confirmation data as described in the “Payment Information” section above. Stripe is a PCI-DSS compliant provider, which means they adhere to high security standards for handling payment data. We have a data processing agreement in place with Stripe to ensure your personal data is protected. If you’d like more information, you can refer to Stripe’s Privacy Policy (available on their website). If you choose to pay via bank transfer, your bank and our bank will process the payment information. We will see the information included with the transfer (such as the name of the sender, account number/IBAN, and any reference message). We use this solely to confirm your payment and will treat it with confidentiality.
- Property Owners/Managers and Service Providers: Travel Vorno operates rental properties across multiple locations. In some cases, the property you book may be owned by or managed in partnership with a local host or property owner distinct from Travel Vorno’s central management. We will share the minimum necessary personal details with the property owner/manager or on-site staff so that they can prepare for and facilitate your stay. This typically includes your name, dates of booking, and number of guests (and possibly your contact phone/email if needed for coordination or emergencies). For example, the local property manager needs to know who is checking in on a given day and how to reach you in case of arrival logistics. These partners are contractually bound to use your information only for providing the rental service and must handle it in compliance with privacy laws. We do not share any data beyond what is needed for your stay. Additionally, we may share relevant details with service providers involved in your stay, such as a cleaning company or concierge service, strictly for the purpose of them delivering the service (e.g., preparing the property before your arrival). All such parties are under confidentiality agreements or obligations.
- Website and IT Service Providers: We utilize reputable third-party companies for certain business operations, which may incidentally process your data on our behalf. Examples include our website hosting provider (which stores the website and thus any data in it on their servers), email service (which we use to send booking confirmations or to receive your inquiries), and any cloud-based tools we use for managing reservations or customer support. When we use these services, we remain the data controller and the third-party acts as a data processor for us, following our instructions. We only choose providers that can meet high data protection standards. We ensure through contracts (Data Processing Agreements) that they only use your data for our specified purposes and protect it with appropriate security measures. These providers are not allowed to use your information for their own purposes or to further disclose it.
- Legal Requirements and Protection: We may disclose personal data to third parties if required by law or strictly necessary to protect our rights, property, or safety. For example, if we are under a legal obligation to report or provide data to government authorities, law enforcement, or regulators (such as providing guest information to comply with local registration laws, or responding to a lawful request in a legal process), we will do so. We may also share information to enforce our Terms of Service or rental agreements, or to establish or defend legal claims. This kind of disclosure will only happen in accordance with applicable laws – we will carefully review any request to ensure it is valid and only the minimum data required will be shared.
- Business Transfers: In the unlikely event that Travel Vorno undergoes a major business transaction, such as a merger, acquisition, corporate reorganization, or sale of assets, user information (which may include personal data) might be transferred to the successor or new owner as part of that transaction. If such a transfer happens, we will ensure that your data remains protected by this Privacy Policy (the receiving party will be bound to the same terms or will seek your consent if they plan any material changes in use).
No Third-Party Marketing: We reiterate that we do not share your personal data with third parties for their own marketing or advertising purposes. You will not receive communications from other companies or organizations as a result of the data you have entrusted to us (unless you separately gave your information to them, of course). Your information is used only to serve you in the context of Travel Vorno’s services and is not monetized. This commitment aligns with our respect for your privacy and with GDPR principles.
International Data Transfers: Our service is offered to users in the EU and Switzerland, and we aim to store and process data within the EU/EEA whenever feasible. However, some of our third-party service providers (such as certain cloud or payment services) may be based in or have servers located in countries outside the European Economic Area or Switzerland. For example, if we use an email service whose servers are in the United States, or if Stripe stores payment-related data on servers outside the EU, that constitutes an international data transfer. In such cases, we will ensure that adequate safeguards are in place to protect your personal data in line with GDPR requirements. Typically, this means we will rely on European Commission-approved Standard Contractual Clauses (SCCs) or that the provider is in a country deemed to have an adequate level of data protection by the EU. These mechanisms contractually require the recipient of the data to protect it to EU privacy standards. We also consider other measures as needed (encryption, pseudonymization) for extra security. Our goal is to ensure that your data receives the same level of protection globally as it would inside the EU. If you have questions about international transfer safeguards, please contact us.
Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, accounting, or reporting requirements. The exact duration we keep information varies depending on the type of data and the reasons we collected it:
- Booking and Transaction Data: Information related to your bookings (e.g. your name, contact details, booking dates, properties, and payment records) will be retained as long as needed to administer your reservation and provide after-service support. After your stay is completed, we may keep this data for a certain period required by law or business needs. For instance, we are generally required by law to retain financial and transaction records for a number of years (commonly 5–10 years, depending on local regulations) for tax, audit, and compliance purposes. We also retain booking records to handle any disputes, inquiries, or insurance claims that might arise after the rental. Once such retention periods expire, or if the data is no longer needed, we will delete or anonymize the data in our systems.
- Account Information: If you have an account with Travel Vorno, we will keep your personal profile information for as long as your account is active. You can delete your account or request us to delete it at any time, in which case we will remove or anonymize the personal data associated with your account (except for information we are required to keep for legal reasons, as noted above). If your account remains inactive for an extended period (we may define this as 2 years or more without a login or booking, for example), we may reach out to confirm if you want to maintain the account. If we do not hear from you, we might delete the account and associated data as a security measure (we would attempt to notify you beforehand via your registered email). Our aim is not to keep personal data indefinitely unless there’s a valid reason.
- Communications: If you contact us via email or contact form, we may retain those communications and our responses for a period of time to effectively manage customer relations. Typically, we keep routine correspondence for a year or two in case you reach out again or as needed to reference past communications when assisting you. For WhatsApp or phone inquiries, we might log the inquiry in our system with a summary. We will dispose of communications that are no longer needed. Where possible, we may also anonymize email archives (removing personal identifiers) and keep the anonymous content for training or reference.
- Technical Logs: Server logs and security logs (which may include IP addresses and device information) are typically kept for a short duration, often a few weeks or months, unless they are actively used for investigation of security incidents. We retain logs long enough to monitor site performance and security, but not longer than necessary. In case of security incidents, relevant log excerpts may be kept until the issue is resolved and any legal reporting obligations are met.
After we no longer need personal data and after any legal retention period has passed, we will ensure it is securely deleted or anonymized so that it is no longer associated with you. For example, data deletion may involve removing records from our databases and instructing any third-party processors to delete the data from their systems as well. Anonymization could involve stripping out personal identifiers from a dataset so that it can no longer be linked to you (we might do this for statistical analysis or business reporting that doesn’t require personally identifying information).
Please note that even if you request deletion of your data, we may retain a minimal amount of information if necessary to: (a) comply with legal obligations (for instance, keeping a record that you opted out of certain communications, or retaining a record of a transaction as required by tax law), (b) resolve disputes or enforce our agreements (e.g., keeping correspondence related to a dispute until it is fully resolved), or (c) demonstrate our compliance with privacy laws (such as proof of consent if applicable, or records of past data requests). In all cases, any retained data will continue to be protected under the terms of this Privacy Policy.
Your Rights Under GDPR
As a user of our Site and services, and as a “data subject” under European data protection law, you have specific rights regarding your personal data. We respect and uphold these rights. You may exercise the following rights at any time by contacting us (see Contact Us section):
- Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to obtain a copy of the personal data we hold about you. We will provide you with a copy of your data in a commonly used electronic format, unless you request otherwise. This allows you to see what information we have about you and to verify that we are processing it in accordance with the law.
- Right to Rectification: You have the right to have inaccurate personal data corrected or completed if it is incomplete. If you discover that any of the information we hold about you is incorrect (for example, an outdated email or a misspelled name), please let us know. We will promptly update our records. Many basic details can also be corrected by you directly if you have an account (e.g. you can update your profile information), but we’re happy to make the changes for you as needed.
- Right to Erasure: Also known as the “right to be forgotten,” this right allows you to request that we delete your personal data when there is no legitimate reason for us to keep it. You can request erasure of your data, for instance, if you withdraw your consent (in cases where consent was the basis for processing), if you object to processing and we have no overriding legitimate grounds to continue, or if the data is no longer needed for the purposes it was collected. We will honor valid deletion requests and will also instruct any third-party processors holding your data to delete it, provided no lawful exemption to deletion applies. Please note that the right to erasure is not absolute – sometimes we may have to retain certain information (as outlined in Data Retention above) for legal compliance or other permitted reasons. If that’s the case, we will inform you.
- Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances. This means we would store your data but temporarily stop any other processing activities. You might exercise this right if you contest the accuracy of the data we hold (for the period it takes us to verify and correct it), or if you have objected to processing (pending our assessment of whether our legitimate grounds override yours), or if processing is unlawful and you prefer restriction instead of deletion. When processing is restricted, we will clearly mark the data and ensure it is only processed for valid reasons (such as with your consent or for legal claims). We will also inform you before lifting any restriction.
- Right to Data Portability: For any personal data that you have provided to us and which we process by automated means based on your consent or on a contract, you have the right to obtain that data in a structured, commonly used, machine-readable format and to transmit it to another data controller. In practice, this right mostly applies to information you actively provided (e.g., account information or booking details you entered) and that we process electronically. If you request it, we will provide you or a third-party you designate with your data in a CSV, JSON, or similar format that is easy to import into another system. If technically feasible, you can also ask us to transfer the data directly to another service provider, where applicable.
- Right to Object: You have the right to object to our processing of your personal data when that processing is based on legitimate interests or public interest, and you have grounds relating to your particular situation. You also have an unconditional right to object to your data being processed for direct marketing purposes (however, as noted, we currently do not process your data for direct marketing without consent). If you lodge an objection, we will stop processing the personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is for the establishment, exercise, or defense of legal claims. In the context of direct marketing, if we ever were to send you marketing messages, you could opt out at any time and we would cease such use of your data immediately.
- Right to Withdraw Consent: Where we rely on your consent to process personal data (in cases where consent is the legal basis), you have the right to withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. For example, if you had subscribed to a future newsletter and then change your mind, you could unsubscribe (withdraw consent) and we would stop sending it. As of now, we do not process any data based solely on your consent (since we have no newsletters or non-essential cookies at present), but if that changes, you will always have the ability to opt out easily.
- Right not to be subject to Automated Decisions: You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significant effects on you. In simple terms, this means that purely machine-made decisions about you that have major impacts are not allowed unless necessary for a contract, authorized by law, or based on your explicit consent, and even then you have the right to have a human review the decision. We want to reassure you that Travel Vorno does not make any automated decisions or profiling about you in our data processing. There is no algorithm determining whether you can book or what price you pay – all decisions involving your data (such as accepting a booking) involve human logic and standard conditions applied equally. Thus, this right is more about informing you that such automated decision-making does not occur in our systems. If that ever changes, we will update you and ensure you can exercise your rights in that context.
- Right to Be Informed: Though not always listed as a separate “right” in the context of requests, GDPR emphasizes your right to clear and transparent information about how we use your data (which is exactly what this Privacy Policy aims to provide). If anything in this Policy is unclear, you have the right to ask us for further information. We strive to be transparent and will happily answer your questions about our data practices.
- Right to Lodge a Complaint: In addition to the rights above, if you believe that we have not complied with data protection laws in the way we have handled your personal data, you have the right to file a complaint with a Data Protection Authority. You may do this in the EU Member State or country where you reside, where you work, or where the alleged infringement occurred. For example, if you are in Italy, our lead supervisory authority is the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali). If you are in another EU country, you can contact your national authority. In Switzerland, you can reach out to the Swiss Federal Data Protection and Information Commissioner (FDPIC). We would, however, appreciate the chance to address your concerns directly before you approach a regulator – so please feel free to contact us about any issue, and we will do our best to resolve it to your satisfaction.
We will not charge you any fee for the exercise of your rights, except in exceptional cases where a request is manifestly unfounded or excessive (in which case we may charge a reasonable fee or refuse the request as allowed by law). We will respond to any legitimate request as soon as possible and at the latest within one month of receipt. If your request is particularly complex or if you have made multiple requests, we may extend this period by up to two further months, but we will inform you and explain why if that happens. To protect your privacy, we may need to verify your identity before fulfilling certain requests (for instance, access or deletion requests) – this is to ensure we don’t disclose or delete data to the wrong person.
We are committed to upholding your rights. If you have any questions or need assistance regarding your rights, just let us know.
Children’s Privacy
Protecting the privacy of minors is especially important. Our website and services are not directed to children, and we do not knowingly collect personal data from individuals under the age of 16 without appropriate consent. In general, our vacation rental services are intended for adults (18+), as booking a rental typically involves entering a contractual agreement and payment, which requires legal adult capacity. We expect that any bookings for family vacations that include children are made by adults (such as parents or legal guardians) and that any personal data about children (for example, names or ages of child guests, if provided for accommodation purposes) is given with parental consent and only as necessary for the booking.
If you are under 16 years old, please do not register an account or provide any personal information on our Site without the involvement of a parent or guardian. We do not intentionally collect or solicit personal data from children under 16. Should we discover that we have inadvertently collected personal information from a child under 16 without verifiable parental consent, we will promptly delete such information from our records.
Parents or guardians who believe that we might have any information from or about a child under the age of 16 may contact us immediately. We will take appropriate steps to investigate and address the issue, including deleting the data in question if applicable. We also encourage parents and guardians to supervise their children’s online activities and educate them about safe and responsible handling of their personal data on the internet.
For teens aged 16 or 17: While they may be old enough to consent to certain data processing under GDPR in some jurisdictions, we still require that any use of our services (such as booking a rental) be done by an adult or with adult approval, due to the contractual nature of rentals. If you are 16 or 17, you should only use our Site under the supervision of a parent or guardian.
In summary, Travel Vorno’s policy is to not knowingly collect data from minors and to ensure that our services remain appropriate for a general audience. We do not offer child-targeted content, and we urge all users under 18 to use our services only with parental guidance.
Changes to This Privacy Policy
We may update or revise this Privacy Policy from time to time to reflect changes in our practices, to keep up with legal requirements, or for other operational reasons. If we make material changes to how we handle your personal data, we will notify you by appropriate means – for example, by posting a prominent notice on our website or, if the changes are significant, by emailing you (if we have your email on file). Please check this page periodically to stay informed of any updates. The “Last Updated” date at the top of this Policy will always indicate when the latest changes were made.
Your continued use of our Site or services after any modifications to the Privacy Policy have been posted will signify your acceptance of those changes, to the extent permitted by law. If you do not agree with any update, you should discontinue using our services and may request that we remove your personal data as described above. We will not make changes that retroactively reduce your privacy rights without obtaining your consent or as required by law.
Contact Us
We welcome any questions, concerns, or requests regarding this Privacy Policy or the way we handle personal data. If you would like to exercise your data rights or if you need further information, please do not hesitate to contact us:
- Email: info@travelvorno.eu
- Address: Via Zamenhof 801, Vicenza, Italy
- Phone: +39 344 665 1741
When contacting us about your personal data, please provide enough information for us to verify your identity (if you are making a rights request) and to understand the scope of your request. For example, if you are requesting a data access, it would help to mention the email or account you used with us and the context (e.g., “booking made in June 2025 for Rome property”). This is to ensure we locate all relevant data and handle it appropriately. We may ask for additional verification if needed, but we will make this process as smooth as possible.
We will respond to your inquiries as promptly as we can, and no later than within the timeframes set by law (usually within one month for rights requests, as noted above).
Thank you for trusting Travel Vorno with your travel plans and personal information. We value your privacy and are committed to safeguarding it. If you have any questions or feedback about this Privacy Policy, please contact us – we are here to help and to ensure you have a safe and enjoyable experience with us.