Cookie and Privacy Policy

G.D.P.R. (General Data Protection Regulation)


Taken as a working model from 25 May 2018

The management of personal data, acquired by “STAYP Housing & Booking Services” by Boris La Corte (hereinafter only STAYP), is an expression of the respect we bear towards people and their values.

STAYP has never shared – and never will – the data of its partners, of any kind, with private subjects for commercial purposes or with countries outside the EU. In no way, our data management can allow us, even less to third parties, the profiling of our interlocutor.

We do not manage data of minors except for purposes of Public Security and only following the communication of the data of the Parents or Accompanyers.

We do not hold guest data for our future commercial activities. No consent is requested in this regard.

We process the data:

– of the owners of the properties we manage (legal contractual basis)

– Guests of the same Facilities (contractual legal basis and law obligation for Police Portal)

– of our Collaborators (legal basis contractual obligation)

What data have we acquired or could we acquire?

Personal data, email address, iban Personal data
Income data Personal data
Credit card data Personal data
The personal data, of any Person who comes into contact with us, are acquired for the sole purpose of being able to fulfill our contractual obligations or legal obligations. These data are never acquired from third-party sources but directly from the Data Controllers. A reservation, a consultation, a tourist assistance service, a working relationship, require the data of our interlocutor.
The personal data are acquired – in the case of tourist hospitality only – also to be communicated to the Police Authorities (Residence Portal) by responding to a specific legal obligation (TULPS) that obliges the managers of the accommodation facilities to declare their Guests within 24 hours from their entry into the Structure. The data acquired for communication to the Portal will be destroyed at the time of the communication.
The e-mail address is used only for business communications that are strictly consistent with the professional collaboration relationship and not for Stayp’s commercial development communications.
The short-term leases between the Owners and Guests – acquired by us and signed by proxy – are kept – on behalf of the Owner – in our paper archives, duly locked up, only for the reference quarter. At the end of this period the contracts are delivered, for the definitive custody, to the Owner who signs the receipt as per the contractual agreement. We do not keep a copy of anything.
The IBAN code is acquired for the sole purpose of being able to make the payment – by bank transfer – of the sums that we have to pay to our Partners.
The income data emerge from our invoices to our Partners and are communicated to our accountant for the sole purpose of being able to fulfill the legal obligation of the taxation of our income.
The personal and income details of the property owners in our management are also communicated to the Italian Tax Authorities as the Law 96/2017 imposes on us the obligation to communicate the contracts stipulated through us as well as the qualification of “Tax Substitutes” in the in case the payments of tourist stays take place in our hands.
The personal and income details of the property owners in our management are also communicated to the Tax Office of the Municipality of Palermo and to the Court of Auditors (form 21) for the final reporting of the management of public money as “Accounting Agent” in fact”.
The personal and income details of our Partner Partners are also communicated to the Italian Tax Authorities when we assume the status of “Tax Substitutes”
The credit card details can be acquired as a guarantee for a reservation at one of the facilities in our management. To this end, we specify that this is not a privileged modality in our work and that, in all cases, the acquisition takes place only if the Guest has provided the data to the Booking Portals (so-called OTA). The data is not mandatory for the purpose of carrying out the service and its failure to communicate does not affect the provision of tourist accommodation.

The personal data are kept – with the methods indicated in the following paragraph 6 – until the professional collaboration relationship exists. These data can also be kept exclusively for accounting, statistics, archives in case of disputes.
The data of iban are kept exclusively until the end of our obligations.
Data useful for the purposes of T.U.L.P.S. exclusively until the communication in the Registered Portal.
Contracts between Guests and Owners: up to the quarterly delivery to the Owner Contractor.
The income data up to the fulfillment of all fiscal and tax obligations.
Within 24 hours from the check-out date, our Booking Management automatically deletes all the acquired data that can – in some way – trace the identity of our Guests. Only general information is kept (number of nights, origin of bookings, amounts, number of Guests accepted) useful for statistical processing and evaluation of our company profitability.

There are two ways of preserving the data we have acquired: the information technology and the paper. Most of the data is stored in our reservations management or in our web storage spaces (reserved for us, exclusive and paid) shared on the Aruba Spa servers. Access to our hardware machines and to any software information system it is a reserved password containing letters, numbers, uppercase and numeric characters.
The data of IBAN, the owners of our facilities, are included in the personal address of the site of Unicredit spa which is accessed only with our own identifier and a personalized password.
The paper form (contracts) takes place in the dossiers deposited at our registered office, kept in cabinets meeting the requirements of the Regulations.
The data controller is: Dr Boris La Corte Via Pietro Moscatello, 25 90143 PALERMO. It is envisaged that the Data Controller will use the Distributors, expressly appointed and trained on the role.


To exercise all the rights recognized by the Norm, send a pec to

The interruption of data processing could result in the interruption of the service or the contractual obligations of Stayp.

Cookie Policy
Definition of “cookies”.

Cookies are short fragments of text (letters and / or numbers) sent from the Site and stored by your browser on the specific device you use (computer, tablet, smartphone) and contain information to be reused during the same visit to the site or later , even after days. Cookies are stored, according to user preferences.

Furthermore, with the introduction of HTML5, different forms of local storage and similar technologies are available, such as, for example, web beacons and transparent GIFs, which can be used to gather information on user behavior and choices and on the use of services.

In this document, to simplify, we will use the term “cookies” to refer to cookies and all similar technologies.

Technical and statistical cookies aggregated
Activity strictly linked to the operation: this application uses cookies to save the session of the User and to perform other activities strictly necessary for the operation of the same, for example in relation to the distribution of traffic.

Activities for saving preferences, optimization and statistics: this application uses cookies to save browsing preferences and optimize the browsing experience of the user. These cookies include, for example, those for setting the language or currency or for the management of statistics by the owner of the site.

Other types of cookies or third-party tools that could make use of them

Some of the services listed below collect statistics in aggregate form and may not require the consent of the User or could be managed directly by the Owner – depending on what is described – without the help of third parties.

If among the tools indicated below there were services managed by third parties, these could – in addition to what is specified and also without the knowledge of the owner – perform tracking activities of the User. For detailed information, it is advisable to consult the privacy policy of the services listed.

Third-party cookies

By visiting a website you may receive cookies from both the visited site (“owners”) and from sites managed by other organizations (“third parties”). The management of information collected by “third parties” is governed by the relevant information to which reference is made. To ensure greater transparency and convenience, the table below shows the types and web addresses of the various information and methods for managing third-party cookies that may be installed while viewing this site.

Type Cookie Duration Purpose Data processing of third-party cookies Link privacy / cookie policy of third parties
Analytics Permanent Statistical analysis and reporting Google Inc.
Permanent Widgets Social Network Google Inc.
Permanent Widgets Social Network Facebook, Inc.
Widgets Permanent Social Network Twitter Inc.

Social Buttons

The site uses particular “buttons” (called “social buttons / widgets”) that depict icons of social networks (example, Facebook, Twitter etc.) and other websites. These buttons allow users who are browsing on the sites to interact with a “click” directly with the social networks and other websites depicted therein. In this case, the social network and other websites acquire data relating to the user’s visit, while the owner will not share any navigation information or user data acquired through their site with social networks and other accessible websites thanks to social buttons / widgets.

Duration of cookies

Some cookies (session cookies) remain active only until the browser is closed. Other cookies “survive” when the browser is closed and are also available in subsequent visits by the user.
These cookies are called persistent and their duration is set by the server when they are created. In some cases a deadline is set, in other cases the duration is unlimited. Except for those cookies whose information is stored exclusively for technical purposes, does not use persistent cookies.
However, browsing the pages of websites, you can interact with sites operated by third parties that can create or modify persistent cookies and profiling.

Cookie management

The user can decide whether or not to accept cookies using the settings of his browser.
Attention: the total or partial disabling of technical cookies can compromise the use of the site features reserved for registered users. On the contrary, the usability of public content is also possible by completely disabling cookies.
The disabling of “third-party” cookies does not affect the navigability in any way.
The setting can be defined specifically for different websites and web applications. In addition, the best browsers allow you to define different settings for cookies “owners” and those of “third parties”.
Through the options menu of the browser in use you can manage and define whether or not to accept the different types of cookies and proceed with their removal.
Internet Explorer
Google Chrome
Apple Safari
Mozilla Fireforx
Flash Player

We also remember that by completely disabling cookies in the browser, the user may not be able to use all the interactive features.

Communication and dissemination of data

The data collected, using cookies, can only be processed by the controller.

The data collected using your own cookies will not be disclosed and will not be disclosed to third parties. The data collected using third-party cookies may be transferred outside the European Union, particularly in the United States of America.

Rights of the interested party

At any time you can exercise your rights towards the data controller, in accordance with article 15-22 of EU Regulation 679/2016 (GDPR), and in particular the rights of access, rectification, integration and, in the cases allowed the portability of the data provided, in addition to obtaining the cancellation, limitation or opposition to the processing of the Data for legitimate reasons. As well as the right of complaint to the Guarantor Authority pursuant to art. 77 of EU Regulation 679/2016 (GDPR), also by contacting the Data Controller or the DPO, if appointed, in the manner indicated below:
by sending an email to for the appointed DPO;
In order to guarantee the protection of the personal data of the interested party, we may need to request further specific information, which will confirm the identity of the applicant and thus guarantee the right of access to the information (or exercise any of the other rights) only to persons entitled to receive such communications. This is another security measure suitable for the protection of personal data.
The request for access to personal information (or to exercise one of the above rights) is free. However, if the request is clearly unfounded or excessive we may charge a reasonable service fee taking into account the administrative costs incurred in providing the information or refusing to comply with the request in such circumstances.

Owner and manager of the treatment

The data controller is: Dr Boris La Corte Via Pietro Moscatello, 25 90143 PALERMO. It is envisaged that the Data Controller will use the Distributors, expressly appointed and trained on the role.

Update of the information will keep this information constantly updated and will be responsible for publishing updated information on this website.