Privacy statement


Updated February 2018


We, as QUOVAI S.r.l., respect your privacy in line with Regulation (EU) 2016/679 (GDPR). Our aim is to protect and safeguard your personal data when you use our online services. If you do not agree with this Privacy Statement, we would kindly ask you to abandon this website. Please note that our service is not intended for use by children (those under the age of 18).


QUOVAI S.r.l., is a society registered in Livorno (registration number: LI-203313) with VAT code 01871320493. Its company's headquarters are based in Via della Vignuccia, 3 in Suvereto (Livorno), Italy. The accommodation establishments (registered with the Quovai programme) provide the resources for online bookings by Internet users.


We do NOT collect personal information about you when you browse our website anonymously. For users who make a reservation, we collect the following information: name, surname, e-mail address and mobile phone number, credit card details when they complete the form as part of the booking procedure.  For users availing of a promotion or who request to be on our mailing list, we collect the following information: name, surname and e-mail address. The purpose of collecting these data are to send offers, discounts and promotional material related to the accommodation establishments that adhere to Quovai's services.

QUOVAI S.r.l. shares the personal data of those users requesting assistance from Quovai Customer care with the staff working in customer care. In such a way, Quovai ensures a better service and is able to respond to the issues raised by the user either before or after booking. The credit card details (name, card number and expiry date) are collected by Auric Systems ( AuricVault (as part of Auric Systems) provides a safe and secure off-site PCI compliant storage service for credit card account numbers. The accommodation establishments only have access to the collected data relevant to their customers. In some cases, the data may transit through the payment gateway Stripe ( and be stored in encrypted form on behalf of Quovai until either check-in or no-show. This could happen if an accommodation establishment opts for pre-authorisation in order to verify the validity of the credit card. The data of the credit card (number, expiry date and CVV) do not transit the Quovai servers, but are transmitted directly by the user (guest), via a secure channel, to the payment gateway and secure storage systems used.


We do NOT share, trade or sell your personal information to any company or third parties not directly associated with its proper use within the activity. In the event that QUOVAI S.r.l. or substantially all of its assets were acquired, personal information would be one of the transferred assets. We may disclose personal information if required to do so by law, Court order or for the purposes of prevention of fraud or other crime or if we believe that such action is necessary to protect QUOVAI S.r.l.


For further information, please see our Cookie Policy.


We will hold your personal information on our systems for as long as is necessary for the activity in question. We retain the tokenised credit card data for the accommodation establishments for 5 days after your check-out. The Public Security data and ISTAT data (in compliance with Regulation (EU) 692/2011) are pseudonymised 5 days after your check-out. Based on our business needs (current and future value of the information; costs, risks and liabilities associated with retention; the ease/difficulty of guaranteeing the information's accuracy), we have decided to conduct regular audits and to check through records to make sure that we are not holding onto personal data for too long or deleting it prematurely.

To prevent unauthorised access to your personal information and maintain data accuracy, we guarantee you that the appropriate physical and electronic measures have been taken to safeguard and secure the information we collect online. Please note though that no transmission over the Internet can ever be guaranteed.

The Quovai sites uses Secure Socket Layer (SSL) technology, which ensures that any communications between your computer and Quovai cannot be intercepted and is unreadable by anyone else.  By convention, URLs that imply an SSL connection start with https: instead of http. Furthermore in most common browsers, a padlock icon is show on the left beside the URL to show you that you have established a full SSL encrypted connection. If your browser does not support SSL technology, then you should update to the latest version.

We will NEVER ask you to confirm any bank account or credit card details via e-mail. If you receive an e-mail from Quovai to this effect, please ignore it and do NOT respond. You should report this issue to us (see point 8). Links to other websites: Our website may contain links to other websites of interest. Nevertheless you should note that we do not have any control over those websites. Therefore, once you have used these links to leave our website, we are not responsible for the protection and privacy of any information that you provide whilst visiting such sites. These sites are not governed by our privacy statement. You should exercise caution and carefully read their privacy statements.


If you have a query relating to the processing of your personal information, you can send an e-mail to our mailbox ( If you are unable to make a query in writing, please ring us at +39-02-87198048.

We reserve the right to amend or modify this Privacy Statement at any time and in response to changes in applicable data protection and privacy legislation. The most up-to-date version of this Privacy Statement is always visible on our website.