top of page

Privacy Policy

Privacy Policy
In compliance with the obligations deriving from national legislation (Legislative Decree no. 196 of 30 June 2003, Personal Data Protection Code) and Community legislation, (European Data Protection Regulation no. 679/2016, GDPR) and subsequent amendments, this site respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.

This privacy policy applies only to the online activities of this site and is valid for visitors/users of the site. It does not apply to information collected through channels other than this website. The purpose of the privacy policy is to provide maximum transparency regarding the information the site collects and how it uses it.

Legal basis for processing
This website processes data on the basis of consent. By using or consulting this site, visitors and users explicitly approve this privacy policy and consent to the processing of their personal data in the manner and for the purposes described below, including the possible disclosure to third parties if this is necessary for the provision of a service.

The provision of data and therefore consent to the collection and processing of data is optional, the user may deny consent, and may revoke consent already provided at any time (via this page). However, denying consent may result in the inability to provide certain services and your experience of browsing the site may be impaired.

As of 25 May 2018 (the date on which the GDPR came into force), this site will process some of the data based on the legitimate interests of the data controller.

Data collected and purposes
Like all websites, this website also makes use of log files in which information collected in an automated manner during user visits is stored. The information collected may be as follows

- internet protocol (IP) address
- browser type and parameters of the device used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit; - visitor's web page of origin (referral) and exit;
- the number of clicks, if any.

The aforementioned information is processed automatically and collected in aggregate form only for the purpose of verifying the proper functioning of the site, and for security reasons (as of 25 May 2018, this information will be processed according to the legitimate interests of the owner).

For security purposes (anti-spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with the laws in force on the subject, to block attempts to damage the site itself or to cause damage to other users, or in any case harmful or criminal activities. Such data is never used for user identification or profiling, but only for the purpose of protecting the site and its users (as of 25 May 2018, such information will be processed according to the legitimate interests of the owner).

Where the site allows comments to be posted, or in the case of specific services requested by the user, the site automatically detects and records certain user identification data, including the user's email address. This data is understood to be voluntarily provided by the user when requesting the service. By entering a comment or other information, the user expressly accepts the privacy policy, and in particular consents to the contents entered being freely disclosed to third parties.

The data received will be used exclusively for the provision of the service requested and only for the time necessary for the provision of the service.

The information that users of the site decide to make public through the services and tools made available to them, is provided by the user knowingly and voluntarily, exempting this site from any liability for any violations of the law. It is up to the user to verify that he/she has the permissions to enter personal data of third parties or content protected by national and international regulations.

The data collected by the site during its operation are used exclusively for the purposes indicated above and stored for the time strictly necessary to carry out the specified activities. In any case, the data collected by the site will never be provided to third parties, for any reason whatsoever, except in the case of a legitimate request by a judicial authority and only in the cases provided for by law.

Data used for security purposes (blocking attempts to damage the site) are stored for 7 days.


Place of processing
The data collected from the site are processed at the headquarters of the Data Controller, CAL PEYU SA (EL Santuari)



As is customary on all websites, this site makes use of cookies, small text files that store information about visitors' preferences, to improve the site's functionality, to simplify navigation by automating procedures (e.g. login, site language) and for site usage analysis.

Session cookies are essential to distinguish between logged in users, and are useful to prevent a requested functionality from being provided to the wrong user, as well as for security purposes to prevent cyber attacks on the site. Session cookies do not contain any personal data and last only for the current session, i.e. until the browser is closed. No consent is required for them.

The functionality cookies used by the site are strictly necessary for the use of the site, in particular they are linked to an express request for functionality by the user (such as login), for which no consent is required.

By using the site the visitor expressly consents to the use of cookies.

Disabling cookies
Disabling cookies Cookies are linked to the browser used and CAN BE DISABLED DIRECTLY FROM THE BROWSER, thus refusing/revoking consent to the use of cookies. Please note that disabling cookies may prevent the correct use of some functions of the site itself.

Instructions for disabling cookies can be found on the following web pages:

Mozilla Firefox - Microsoft Internet Explorer - Microsoft Edge - Google Chrome - Opera - Apple Safari

Third-party cookies
This site also acts as an intermediary for third party cookies, which are used to provide additional services and functionality to visitors and to enhance the use of the site itself, such as social buttons or videos. This site has no control over third party cookies, which are entirely managed by the third party. Consequently, information on the use of these cookies and their purposes, as well as on how to disable them, is provided directly by the third parties on the pages indicated below.

In particular, this site uses cookies from the following third parties:

- Google Analytics: an analysis tool of Google which, through the use of cookies (performance cookies), collects anonymous (IP truncated to the last octet) and exclusively aggregated browsing data for the purpose of evaluating your use of the website, compiling reports on website activity and providing other information, including the number of visitors and page views. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate the IP address with any other data held by Google. The data transmitted to Google will be stored on Google servers in the USA.

On the basis of a specific agreement with Google, which is designated as the data controller, the latter undertakes to process the data in accordance with the data controller's requirements (see at the end of this information sheet), which are set out in the software settings. According to these settings, the advertising and data sharing options are deactivated.

Further information on Google Analytics cookies can be found on the page Google Analytics Cookie Usage on Websites.

You can selectively disable the collection of data by Google Analytics by installing the appropriate component provided by Google on your browser (opt out).

For further information on the use of data and its processing by Google, please refer to the information on the appropriate page provided by Google, and to the page on how Google uses data when using partner websites or apps.

Social Network Plugins
This site also incorporates plugins and/or buttons for social networks to enable easy sharing of content on your favourite social networks. These plugins are programmed so that no cookies are set when the page is accessed, in order to safeguard user privacy.

Cookies are only set, if so provided by the social networks, when the user makes actual and voluntary use of the plugin. Please note that if the user navigates while logged into the social network then he has already consented to the use of cookies conveyed through this site at the time of registration with the social network.

The collection and use of information obtained through the plugin is governed by the respective privacy policies of the social networks, to which please refer.

- Facebook 

- Twitter
- LinkedIn 

Transfer of data to non-EU countries
This site may share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) via social plug-ins and the Google Analytics service. The transfer is authorised on the basis of specific decisions of the European Union and the Garante per la tutela dei dati personali, in particular decision 1250/2016, so no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.


Security measures
This site processes user data in a lawful and correct manner, taking appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of data. The processing is carried out by means of computer and/or telematic tools, with organisational methods and logic strictly related to the purposes indicated. In addition to the data controller, in some cases, categories of people involved in the organisation of the site (administrative, sales, marketing, legal, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data.


User Rights
Pursuant to European Regulation 679/2016 (GDPR) and national legislation, the user may, in the manner and within the limits provided for by current legislation, exercise the following rights

  1. request confirmation of the existence of personal data concerning him/her (right of access)

  2. know its origin

  3. receive intelligible communication

  4. obtain information on the logic, methods and purposes of the processing

  5. request the updating, rectification, integration, deletion, transformation into anonymous form, and blocking of data processed in breach of the law, including data no longer necessary for the purposes for which they were collected

  6. in cases of consent-based processing, receive at the sole cost of any support, your data provided to the controller, in a structured, machine-readable form and in a format commonly used by an electronic device

  7. the right to lodge a complaint with the supervisory authority 

  8. as well as, more generally, to exercise all the rights recognised to him by the applicable legal provisions.

Requests should be addressed to the Data Controller via this page.

In the event that data is processed on the basis of legitimate interests, the rights of the data subject are in any case guaranteed (except for the right to portability, which is not provided for by the rules), in particular the right to object to processing, which can be exercised by sending a request to the data controller.

Data controller
The data controller is CAL PEYU SA (El Santuari)  - with registered office in Carretera de Puigcerdà km 70, 08509 Barcelona, Spain. Requests relating to the exercise of rights under Article 7 of the code may be forwarded by e-mail to "".

bottom of page