1. Introduction
The protection of personal data is very important to us. This Privacy Policy explains how the Mineralienhotel KG des Klement Markus & Co. (hereinafter “Mineralienhotel” or “we”) collects, processes, and protects personal data in connection with inquiries, bookings, and participation in events hosted in our event space.
Our processing of personal data complies with the EU General Data Protection Regulation (GDPR) and applicable Italian data protection law.

2. Data Controller
Mineralienhotel KG des Klement Markus & Co.
Schlossergasse 33
39040 Natz-Schabs (BZ) – Italy
VAT No. IT01716990211
PEC: mineralienhotel@pec.rolmail.net

3. Categories of Data Collected
We may collect and process the following types of data in connection with event services:
Identification data: name, surname, title, company (if applicable).
Contact data: email address, telephone number, postal address.
Event-related information: type of event (e.g. wedding, conference), date, number of participants, special requests.
Billing information: company details, tax numbers, payment details.
Special categories of data: only if voluntarily provided (e.g. food intolerances, accessibility needs).

4. Purpose and Legal Basis of Processing
We process personal data for the following purposes:
Event planning and execution – to respond to inquiries, prepare offers, manage bookings, and carry out events. (Legal basis: Art. 6(1)(b) GDPR – performance of a contract).
Billing and accounting – to issue invoices and comply with tax obligations. (Legal basis: Art. 6(1)(c) GDPR – legal obligation).
Communication – to send information related to your event. (Legal basis: Art. 6(1)(b) GDPR).
Marketing (optional) – to send offers and information about our hotel and event services, only with explicit consent. (Legal basis: Art. 6(1)(a) GDPR – consent).

5. Data Recipients
Personal data may be shared with:
Internal staff involved in event organization.
Service providers (e.g. catering partners, technical providers) if necessary for your event.
Tax advisors or authorities, when legally required.
All third parties are bound by confidentiality and data protection obligations.

6. Data Retention
Event-related data: retained for the duration of the contractual relationship and for the statutory retention period (usually 10 years under Italian tax law).
Marketing data: retained until consent is withdrawn.
Special categories of data: deleted immediately after the event.

7. Rights of Data Subjects
You have the right to:
Access your personal data (Art. 15 GDPR).
Rectify inaccurate data (Art. 16 GDPR).
Request deletion (“right to be forgotten”) (Art. 17 GDPR).
Restrict processing (Art. 18 GDPR).
Data portability (Art. 20 GDPR).
Object to processing, especially for marketing purposes (Art. 21 GDPR).
Withdraw consent at any time (Art. 7(3) GDPR).
To exercise your rights, please contact us at:
📧 mineralienhotel@pec.rolmail.net

8. Data Security
We implement appropriate technical and organizational measures to protect personal data from loss, misuse, unauthorized access, or disclosure.

9. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements or our services. The latest version will always be available on our website.