C.F. E P.I.: 02547910469
Tax Code And VAT number: 02547910469
Registered office: Di Ruota 1 / A street – 55062 - Colle Di Compito - Lucca
1. HOLDER OF THE TREATMENT
The data controller is Roomless s.r.l., C.F. And VAT number: 02547910469, with registered office in Di Ruota street n. 1 / A Cap 55062 - Colle Di Compito (hereinafter also “Roomless” or the “Data Controller”). Roomless is a company that operates in the sector of medium / long-term residential real estate rentals, whose social mission is the simplification and economic optimization of the search process for a rental property which is currently onerous and complex. The Portal (https://roomlessrent.com) makes it possible to put home owners in contact with potential tenants. Through the portal, customers can view the properties / rooms and make reservations. By making the reservation through the website, a direct, legally binding contractual relationship is established with the company, although the lease agreement will be signed at the time of check-in between the owner and the tenant. See Section 10 “Contacts” below for the contact information of the Data Controller.
2. OBJECT OF THE TREATMENT: TYPES OF DATA COLLECTED
Roomless collects three general categories of data, specified below.
2.1 Information that the User provides directly.
2.1.1 Information necessary for using the Platform: when you use the Platform, Roomless requests and collects a series of information that is necessary for the proper execution of the contract and allows the Data Controller to act in accordance with its legal obligations. Without this data, Roomless may not be able to provide the requested services. The personal data requested are as follows:
- Account data: when you register a new Account, Roomless asks you to provide certain data such as your name and surname, email address, telephone number, qualification (if you register as an Owner or Tenant);
- Announcements Data: to use certain features of the Roomless Platform, such as booking or creating an Announcement, you may be required to provide additional data:
- If you act as a “tenant”: gender, languages spoken, brief personal description, personal photo;
- If you act as “Owner”: you will not be asked for further personal data but only information relating to the Announcement (such as address, type and short description of the property, availability and minimum number of months of rent, monthly and / or daily rate and any utilities included in the price, deposit, gender preferences, admission or not of animals, smoking area or not, images).
- Authentication information: to help maintain a safe environment, Roomless may collect identification data (such as a photo of your ID or passport) or other authentication information;
Payment information: once the property has been identified and the “final check” has been carried out, to use certain Roomless functions (such as booking), you may be asked to provide certain payment information (such as your current account details or related data to your credit card and / or paypal and / or stripe);
- Communications: When you communicate with Roomless or use the Platform to communicate with other Members or the Owner / Tenant, Roomless collects information about your communications and any other data you choose to provide.
2.1.2 Optional information: to improve your experience on the Roomless Platform, you can choose to provide further and additional personal data, which will be processed on the basis of the legitimate interest of the Data Controller or on the consent of the interested party, where applicable. In particular: Additional Profile Data: As part of your Roomless Profile, you can choose to provide Roomless with additional information (e.g. country and / or residential address).
2.1.3 Information necessary for the use of the Payment Service: to comply with current legislation and adequately fulfill its contractual duties, when accessing the Payment Service, Roomless needs to collect the following information, without which the User will not be able to use the Service:
- Payment information: when you use the Service, the Data Controller will ask you for some payment data (such as the coordinates of your paypal account or the data relating to your credit or stripe card);
2.1.4 Information collected automatically from the use of the Roomless Platform and the Payment Service: when you use the Platform and the Payment Service, Roomless automatically collects personal data relating to the services used and how to use them. In fact, the computer systems and software procedures used to operate this site acquire, in their normal operation, some personal data which are then implicitly transmitted in the use of Internet communication protocols. These data are used only for statistical information and to check the correct functioning of the Site and the Platform and, therefore, are necessary for the proper execution of the contract entered into with the User, to allow the Data Controller to act in compliance to its legal obligations and on the basis of Roomless's legitimate interest in being able to offer and improve the functions and services of the Platform and the Payment Service. These data are:
- Log data and device information: Roomless automatically collects log data and device information when a User accesses and uses the Platform, even if they have not created an Account or have not logged in through their Account. This information includes, among others: information on how the User has used the Roomless Platform (including any links to third-party applications on which the user has clicked), cookies, pages viewed by the User before or after use of the Roomless Platform.
- Transaction information: Roomless collects information relating to transactions on the Platform, including payment instruments used, date and time, amounts paid, expiration of the payment instrument and user's billing address, email address linked to the PayPal account and / or stripe and further information relating to the transaction. This information is necessary for the proper execution of the contract entered into with the User and to allow the latter to use the Payment Service.
- Third party services: if you connect, connect or access your Roomless Account with a third party service (eg Google, Facebook), this tool can send Roomless information such as, by way of example, registration data, list of friends and profile user on this service, name, surname, email address, profile picture etc. This information varies and is processed directly by these third party services in compliance with their respective privacy policies;
- Other Sources: To the extent permitted by applicable laws and in line with fraud prevention and risk assessment efforts, Roomless may receive additional information about you (including, for example, demographics or information that helps detect fraud and security matters) from third party service providers and / or partners and combine them with information we already have about you.
2.2 Data of minors. The site and the Platform are not aimed at children under the age of 16 and Roomless does not knowingly collect personal information directly from children under the age of 16. At the request of the Users, the Data Controller will promptly delete all personal data involuntarily collected and relating to subjects under the age of 16.
3. PURPOSE AND USE OF DATA
The purposes of the processing carried out by Roomless must be understood, in general, as: a) collection, storage and processing for the purposes of establishing and managing the contractual relationship connected to the provision of the requested service; b) use of the User's personal data (e.g. email address) to make communications relating to the performance of the contractual relationship; c) processing of personal data provided and those obtained from browsing the site in order to provide a service consistent with the request; d) collection, storage and processing of data for internal statistics and / or market research purposes; e) functional purposes for carrying out the activity, such as offering personalized content and / or communicating commercial information on future initiatives, new products or services; f) sending advertising or promotional material and for carrying out promotional initiatives in general. Specifically, Roomless may use, store and process personal information to: 3.1.1 provide the requested Services, improve and develop the Platform; 3.1.2 create and maintain a safe environment; 3.1.3 provide, personalize and enhance advertising and marketing.
3.1.1 Provide the requested Services, improve and develop the Platform: Roomless uses the personal information collected to provide the requested Services, as well as to improve and develop the Platform and, specifically: to allow you to access and use the Platform; allow you to communicate with other Members; manage, protect, improve and optimize the Platform and the User experience (for example, by conducting analysis and research activities); provide assistance to customers; send service or support messages (such as, for example, updates, security alerts and notifications relating to the Account); manage, protect, improve and optimize the Roomless Platform and the User experience, as well as personalize your experience (for example, organizing search results, showing you advertisements based on your searches); if you are a Tenant, if you provide your contact details, Roomless may process this information to send the User requests for references; for the detection and prevention of fraud and / or for any other purpose authorized by the User. Roomless processes the personal information provided for these purposes on the basis of the legitimate interest in improving the Platform and the User experience, as well as to ensure the proper execution of the contract with the User and comply with applicable laws.
3.1.2 create and maintain a safe environment: Roomless may use the personal information collected to create and maintain a reliable and safe environment such as, by way of example, to detect and prevent fraud, abuse and other harmful activities; verify or authenticate the information you have provided (eg check the address of your accommodation or compare your identification photo with another one you have provided); carry out checks by comparing with other sources of information, to the extent permitted by applicable law and with your consent, when required; fulfill their legal obligations; resolve any disputes with Users and / or assert their rights against third parties; ensure the application of the Terms and Conditions of the Service and company policies. Roomless processes personal information on the basis of the legitimate interest in protecting the Platform, to ensure the proper execution of the contract with the User and to comply with applicable laws.
3.1.3 Provide, personalize and enhance advertising and marketing: Roomless may use personal information to provide, personalize, evaluate and improve advertising and marketing, for example: send you promotional messages, marketing information, advertising and other information that they may be of interest to you based on your preferences (including information about Roomless or partner campaigns and services) and social media advertising through social media platforms (such as Facebook or Google); evaluate and improve our advertising on the basis of your characteristics and preferences (based on the information you provide, your interactions with the Roomless Platform, information obtained from third parties and your search history) to send you promotional, marketing messages, advertising and other information that we think may interest you. Roomless will process your personal information for the purposes listed in this Section, by virtue of the legitimate interest in undertaking marketing activities to offer you products or services that may be of interest to you or with your consent, where applicable.
3.1.4 data collected in case of access to the Payment Service: Roomless may use the personal information of the Payment Service, for example, to: allow the User to access and use the Service; detect and prevent fraud and other harmful activities; carry out investigations and checks, including making comparisons with other sources of information; fulfill legal obligations; ensure the application of the Terms and Conditions of the Service and payment policies; with your consent, send you promotional messages, marketing information, advertising and other information that may be of interest to you based on your preferences. Roomless processes the information provided on the basis of the legitimate interest in improving the Payment Services and the experience of its Users, as well as to ensure the proper execution of the contract with the User and to comply with applicable laws. It is important to remember that you have the option of choosing the promotional messages you choose to receive. In particular:
- In some cases, you can limit the information you provide to Roomless (e.g., information optionally made such as country and / or residential address);
- You can limit the commercial and marketing communications that Roomless sends you:
- To opt out of marketing emails, click on the link at the bottom of any promotional email;
- To revoke the permissions you may have provided for sending promotional text messages, click on the link at the bottom of the text.
It is important to remember that, even if you deactivate marketing communications, we may still need to contact you for important information on your Account transactions (for example, even if you deactivate e-mails, we may still send you activity confirmations or fraud alerts. ).
3.2 Processing methods
The processing is carried out through computer systems and automated tools (eg using electronic procedures and media) and / or manually (eg on paper) and the data is only handled by personnel in charge of processing. In addition to the Data Controller, in some cases, categories of Managers and / or authorized subjects involved in the company organization may have access to the data; moreover, the Data Controller may make use of external subjects who may be appointed as external managers.
4. SHARING AND COMMUNICATION
4.1 Advertising and social media.
Where permitted by current legislation, Roomless may use some personal information about you, such as your e-mail address, to create the hash and share it with social media platforms, such as Facebook or Google, to generate leads, drive traffic to its website or otherwise promote its products and services or the Platform. These processing activities are based on Roomless's legitimate interest in undertaking marketing activities in order to offer you products or services that may be of interest to you. Roomless does not control or supervise the social media platforms from which your personal data may be shared and / or disclosed. Therefore, any questions relating to how your personal data are processed by these third parties should be addressed to them. Where the User has given consent, Roomless may share the data provided by the same (eg. When the User authorizes a third-party app or website to access their Roomless profile). We remind you that at any time you can request Roomless to stop processing your data for marketing purposes by sending an email to email@example.com.
4.2 Sharing among Members.
To facilitate reservations or interactions between Members, as well as for the timely execution of the contract and the requested service, it may be necessary to share certain information, including personal information, with other Members. In particular: - When, as a Tenant, the User sends a booking request or confirmation, some data is shared with the Owner, for example: name and surname, email address and telephone number and other information that the Tenant agrees to share. ; - When, as the Owner, the User has a confirmed booking, some data will be shared with the Tenant to manage the booking, including, for example: name and surname, telephone number and address of the Accommodation; Roomless does not share the User's billing and payment information with other Members.
4.3 Profiles, announcements and other public information.
The Platform allows you to post information, including personal data, which is visible to the general public. For example: If you are an Owner, the Listing pages are publicly visible and include information such as the approximate location (neighborhood and city) of the Listing, description, calendar availability, your public profile photo and any additional information that you have chosen to share. In particular, the information relating to the announcement shared by you may be published on the Platform and / or on social pages and / or Facebook groups and / or applications owned by Roomless and / or companies connected to it. The data publicly shared by the User on the Platform can be indexed by third party search engines. Roomless does not control and, therefore, is not responsible for the practices of third-party search engines.
4.4 Additional services offered by the Owners.
The Owners may need to use third-party services to assist them in the management of the Accommodation or to provide additional services requested by the User (e.g. cleaning or access services, coordination, etc.). It is important to remember that the Owners are responsible for the external service providers who use and ensure that the latter treat the information of the Tenants in a secure manner and in compliance with applicable laws, including data privacy and data protection laws.
4.5 Compliance with the law, response to requests from public authorities, prevention and protection of our rights.
Roomless may communicate your data, including personal data, to Courts, Public Authorities, Government Authorities, Tax Authorities or authorized third parties, in the event and to the extent that it is required or authorized to do so by law or if such communication is reasonably necessary. for:
a) fulfill legal obligations;
b) comply with a valid legal request or to respond to claims made against Roomless;
c) follow up on a valid legal request relating to a criminal investigation or an alleged or alleged illegal activity or any other activity likely to expose Roomless, yourself or any other user to legal liability;
d) manage and enforce our Terms of Service, Payment Terms and company policies;
e) protect the rights, property and / or safety of Roomless, its employees, its Members and / or the general public. The information may be necessary for Roomless to comply with its legal obligations, to protect its own or others' primary interests or for the purposes of Roomless’s or third party’s legitimate interest in keeping the Platform safe, preventing damage or crime, enforcing or defend rights, etc. Where deemed appropriate, Roomless may inform Members of such requests, unless:
a) providing such information is prohibited by the applicable legal procedure, based on an order received from a court or under the law;
b) providing such information is prohibited by the applicable legal procedure, based on an order received from a court or under the law; In cases where Roomless complies with legal requests for the communication of data without giving notice to the User for the reasons mentioned above, the same will try to inform the User concerned by the request as soon as it determines in good faith that this is no longer prohibited and / or counterproductive.
4.6 Service Providers.
Roomless uses third-party suppliers to provide services relating to the Platform and Payment Services (for example, to: verify your identity or your identity documents; verify information by comparing it with public databases; for fraud prevention and risk assessment ; provide technical assistance, maintenance and product development services; allow the provision of Roomless Services through third party platforms and software; provide customer support, advertising or payment services; process, manage or estimate compensation claims or other similar requests nature). The providers of these services may be located within or outside the European Economic Area (“EEA”). Specifically, the Data Controller uses servers located in the following countries for the services provided by the site and the Platform:
These suppliers have access to your personal data limited to the execution of these operations on behalf of Roomless and are contractually bound to protect and use such data solely on the basis of the instructions received. Roomless will have to communicate your data, including personal data, to ensure the proper execution of the contract entered into with the User.
4.7 Business transfers.
5. OTHER INFORMATION
5.1 Analysis of your communications.
Roomless may examine, scan or analyze your communications on the Platform for the purposes of fraud prevention, risk assessment, compliance with current legislation, investigation, analysis, product development and customer assistance. In some cases, Roomless may also scan, review or analyze messages to debug, improve and expand the offer of the Services. Automated methods will be used when reasonably possible; however, the Data Controller may also have to manually check some communications (for example, for customer support or to evaluate and improve the functionality of these automated tools). Roomless will not sell analyzes of such communications to third parties. These activities are carried out on the basis of Roomless’s legitimate interest in ensuring full compliance with applicable laws and the Terms and Conditions of the Service, preventing fraud, promoting security, improving and ensuring the adequate performance of the Roomless Services.
5.2 Connection with Third Party Accounts.
The User can connect their Roomless account with another of their accounts on a third party social network site (eg. Facebook). When you create that link: - some of the information you provide to us by connecting your accounts may be published on your Account profile; some of the information you provide to us by connecting your accounts may be published on your Account profile;
5.3 Third Party Partners and Integrations
The Roomless Platform may contain links to third party websites or services (so-called “Third party partners”) and in particular:
6. YOUR RIGHTS
In compliance with current legislation, you can exercise any right described in this section (and, more generally, all the rights provided for by the Regulation) against the Data Controller. We remind you that Roomless may ask you to verify your identity before taking further action based on your possible request.
6.1 Data Management.
As a User, you have the right to access your personal data and to update some of them, directly from your personal Account settings.
6.2. Right of access.
As a User you have the right to obtain confirmation that data processing concerning you is in progress or not and, if so, you have the right to request copies of personal data that you have provided to Roomless and / or that it processes, in a structured, commonly used and electronically readable format.
6.3 Right of rectification and right of cancellation.
As a User, you have the right to ask Roomless to rectify and / or update and / or delete inaccurate or incomplete personal data concerning you (and which you cannot personally modify from your Account).
6.4. Right to limit the processing.
Where the processing of your personal data is based on consent, you can revoke this consent at any time by changing the settings of your Account or by sending a communication to Roomless (at the addresses indicated in the “Contacts” section) in which you specify which consent you want to revoke. We remind you that the withdrawal of consent does not affect the legitimacy of any processing activity based on it before its withdrawal.
6.5. Right to portability.
As a User, you have the right to obtain copies of personal data you have provided to Roomless, in a structured, commonly used and electronically readable format, and request to transmit such information to another service provider and / or other data controller (where technically achievable).
6.6. Data retention and deletion.
In general, Roomless keeps your personal data for the time strictly necessary for the execution of the contract stipulated with the User and to fulfill its legal obligations. We remind you that if you decide to request the deletion of your personal data: Roomless may retain some of your personal data for the time strictly necessary to satisfy its legitimate interests, such as fraud prevention and detection or for security purposes; Roomless may retain some of your personal data to the extent necessary to fulfill its legal obligations (for example, for tax obligations, legal reports and investigations). Roomless may retain some of your personal data to the extent necessary to fulfill its legal obligations (for example, for tax obligations, legal reports and investigations). Since Roomless protects the Platform from risks relating to the loss, theft, theft and / or accidental deletion of data, residual copies of your personal data may be kept, for a limited and strictly necessary period of time.
6.7. Right to object.
As a User, you have the right to object to the processing of personal data for specific purposes (e.g. profiling, marketing), where such processing is based on a legitimate interest of Roomless. In case of opposition to such processing, Roomless will refrain from further processing personal data for these purposes, unless it is able to demonstrate the existence of compelling legitimate reasons to proceed with the processing that prevail over the User's interest or if such processing it is necessary for the assessment, exercise or defense of a right in court. Where your personal data are processed for direct marketing purposes, you can ask Roomless to stop processing such data for this purpose at any time by sending an email to firstname.lastname@example.org.
7. TRANSFER OF PERSONAL DATA
Roomless constantly implements and updates security measures of an administrative, technical and physical nature aimed at helping to protect User data from unauthorized access, destruction or alteration or theft. Some of the security measures that the Data Controller uses to protect your information are: firewall, encrypted connection between browser and server (HTTPS), database access controls, encryption of sensitive data (password), secure Access tokens (JWT ). If you have reason to fear that your Account access credentials have been lost, stolen, stolen and / or otherwise compromised (or in the case of unauthorized use or suspected use of your Account), you can contact Roomless as described in Section 10 Contacts.
phone: 0039 3884708400