logo
The Buca di Bacco Restaurant, together with its historic hotel, was one of the pioneers of tourism on the Amalfi Coast, helping to write its legend.
110 Years of History, 1916–2026
A place that doesn’t simply tell its own story, but the most authentic story of Positano.
Phone & Reservations
(+39) 089 875699
Via Rampa Teglia, 4
84017 - Positano (SA)
Reserve your table
Search
Mobile Logo
 

Privacy Policy

Information on the processing of users’ personal data.

Privacy Policy – Information for users/visitors on the processing of personal data

This privacy policy is provided in order to explain the principles governing the use, with regard to confidentiality, of the personal data supplied by users/visitors who make use of our web services.

This page describes how the website operates with regard to the processing of the personal data of users/visitors who browse it. This is an information notice provided pursuant to Regulation (EU) 2016/679 and in compliance with the applicable legislation on the protection of personal data, for those who wish to interact electronically with the services of this website, starting from the address ristorantebucadibacco.it.

This information notice applies only to the website ristorantebucadibacco.it, and not to any other websites that may be accessed by users/visitors through links that may be present on the site.

Through the website, additional tourist services may also be made available for purchase (such as, by way of example, transfer services, excursions, boat trips, etc.), provided by third parties.

In such cases, the personal data provided by the user at the time of purchasing the service will be processed by the Data Controller solely for the purpose of managing the purchase procedure and transmitted to the selected service providers, who act as independent data controllers, exclusively in order to allow the provision of the service itself.

Data Controller and place of processing

The website ristorantebucadibacco.it:

  • is owned by Albergo Ristorante Buca di Bacco 1916 Srl, VAT no. 00183900653, at whose operational headquarters located in Via Rampa Teglia n. 4, Positano (SA), the processing related to the management of any services and requests submitted through the website is carried out by authorised internal staff. As Data Controller, the Company undertakes to ensure compliance with the applicable legislation on the protection of personal data;
  • is entrusted for content maintenance to SINTONIA s.a.s. Web Agency, Grafica e Comunicazione, located in via Nazionale delle Puglie n. 7 – 80013 Casalnuovo di Napoli (NA);
  • is hosted by Hosting Solutions, brand by Genesys Informatica S.r.l., located in Ponte Morosini Francesco n. 41 – 16126 Genova (GE), whose data centre is located within Italian territory, where processing activities related solely to technical services take place.

Other external parties who may have access to the personal data available on the website process such data either as data processors or as independent data controllers, depending on their role and circumstances. The complete and updated list of data processors is available upon request from Hotel Management.

Users/visitors are required to carefully read this privacy policy before submitting any personal information and/or completing any electronic form available on the website. By visiting the website ristorantebucadibacco.it, users/visitors implicitly accept the practices described in this privacy policy.

Purposes and legal basis of processing

The personal data provided by users/visitors following requests and/or the use of services managed through the website are used solely to respond to the request and/or to manage the service and are disclosed to third parties only where this is necessary.

The legal basis for such processing, given the need to respond to a request from the data subject or to manage a service specifically requested by the data subject, is the performance of a contract to which the data subject is a party or the implementation of pre-contractual measures requested by the data subject (Article 6(1)(b) of the Regulation).

Where the user/visitor has also given consent, the data may additionally be used for commercial communication activities relating to offers of further services provided by the Data Controller. In this case, the legal basis for the processing is the consent freely given by the data subject.

In all other cases, browsing data are retained only for the time strictly necessary to manage the processing activities, within the limits set by law.

Types of data processed and purposes of processing

Data derived from browsing

The information systems and software procedures used to operate the website may, during their normal operation, collect certain personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be indirectly identified (IP addresses, domain names of the computers used to connect, operating system and browser used, time-related data, etc.).

Such data may be used only for statistical purposes (and therefore in anonymous form) and to check the correct functioning of the website. They are retained for a limited period and are not disclosed or disseminated.

Data voluntarily provided by users/visitors

Where users/visitors, by accessing the website, voluntarily, explicitly and freely provide their personal data in order to submit requests, access services or subscribe to mailing lists, this will result in the acquisition of personal identification and contact data, which will in any case be processed exclusively to fulfil the request or provide the requested service.

The personal data provided by users/visitors may be disclosed only where this is implicitly necessary in order to fulfil such requests, as in the case of purchasing services managed by third parties.

Cookie-related data

Cookies are small text strings that websites visited by users/visitors place on their computers in order to improve navigation and, where applicable, monitor usage.

The website ristorantebucadibacco.it uses two different types of cookies: session cookies, which allow safe and efficient navigation of the website, identify the country from which the user/visitor is connecting, keep the user/visitor logged in during the session, allow registration and access to the user account, and enable completion of requests.

These cookies are not stored permanently on the user’s computer and are deleted when the session is closed.

The website may also use persistent cookies to personalise navigation based on the device used (computer, tablet or smartphone), cookies to analyse access, and cookies to allow content to be shared via social networks or email.

These cookies are stored permanently on users’ computers and have variable durations.

Upon first access, users/visitors may choose whether to accept or reject the installation of available cookies and/or view the Cookie Policy, which contains full details and the methods for granting or denying consent.

Links to third-party websites

The Data Controller reserves the right to use and/or make available third-party services on its website. In relation to such services, which may be purchased through the website, the user may be redirected to third-party websites or their personal data may be transmitted to such parties in order to provide the requested service.

Such parties process personal data as independent data controllers, on the basis of their respective privacy policies, which users are encouraged to review before completing the purchase.

The Data Controller is not responsible for the processing carried out by such third parties.

Optional nature of data provision

Except as specified for browsing data, users/visitors are free to decide whether or not to provide their personal data. Failure to provide such data may only result in the inability to obtain the requested service or, in the case of purchasing online services, the inability to complete the relevant contract.

Processing methods

Each processing activity is carried out using automated tools (e.g. electronic procedures and media) and/or manually (e.g. on paper), for the time strictly necessary to achieve the purposes for which the data were collected and, in any case, in compliance with applicable legal provisions.

Specific security measures are implemented in order to prevent data loss, unlawful or incorrect use, and unauthorised access.

Data subject rights

The data subject has the right, at any time and within the limits and conditions set by law, to obtain confirmation as to whether or not personal data concerning them are being processed and, where that is the case, to obtain access to such data and the following information:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular, recipients in third countries or international organisations;
  • the envisaged period for which the personal data will be stored or, if not possible, the criteria used to determine that period;
  • all available information as to the source of the data, where the data are not collected from the data subject;
  • the existence of any automated decision-making process, including profiling.

The data subject also has the right to obtain from the Data Controller, without undue delay:

  • rectification of inaccurate personal data;
  • completion of incomplete personal data, including by means of a supplementary statement;
  • erasure of personal data (within the limits and cases provided by applicable law);
  • restriction of processing;
  • the right to lodge a complaint with a supervisory authority.

In such cases, the Data Controller shall also communicate any rectification, completion, erasure or restriction of processing to each of the recipients to whom the personal data have been disclosed, within the limits and in the manner provided by applicable law.

The data subject also has the right to receive from the Data Controller the personal data concerning them in a structured, commonly used and machine-readable format, and has the right to transmit those data to another controller without hindrance.

Requests relating to the exercise of these rights should be sent directly to the Data Controller at the following email address: dpo.bucadibacco@figurati.it

This document, published at ristorantebucadibacco.it, constitutes the Privacy Policy of this website and may be updated periodically. The use of the information collected is subject to the policy in force at the time of use.

The Buca di Bacco Restaurant, together with its historic hotel, was one of the pioneers of tourism on the Amalfi Coast, helping to write its legend. Here you will find simple, authentic cuisine that brings out the genuine flavours and liveliness of our land. The dining room, with its bright veranda overlooking the beach, offers a unique setting: the sea merging with the picturesque pyramid of houses in Positano.

We kindly ask our customers not to confuse Buca di Bacco 1916 with the restaurant located at beach level, which is below our establishment and belongs to another management. This clarification is important in order to avoid misunderstandings regarding reservations, services and reviews.

© 2025 Albergo Ristorante Buca Di Bacco 1916 S.R.L. | P. Iva: IT00183900653