Privacy statement

Version: September 2017



QUOVAI S.r.l. is legally obliged to use your personal information in accordance with Italian data protection laws namely: Article 13 of the legislative decree no. 196/03, “Codice in materia di protezione dei dati personali”. In light of this, QUOVAI S.r.l. is committed to: - protecting your privacy when you avail of our online service via any of our registered domain names and   -  never using or sharing your personal information in ways unrelated to our mission. Our service is not intended for use by children under the age of 18.


“TuscanyAway”, “HotelAbetone”, “HotelCimone” relate to a service developed by the private limited company QUOVAI S.r.l., which was incorporated under the laws of Italy with registration number LI-203313 and VAT number 01871320493. The accommodation establishments (registered with the Quovai programme) provide the resources for online bookings by Internet users.


We do NOT collect personal information about you when you browse our website. For users who make a reservation, we collect the following information: name, surname, e-mail address and mobile phone number, credit card details or bank account co-ordinates when they complete the form as part of the booking procedure.

For users availing of a promotion, we collect the following information: name, surname and e-mail address. The purpose of collecting these data are to send offers, discounts and promotional material related to the accommodation establishments that adhere to Quovai's services.  

QUOVAI S.r.l. shares the personal data of those users requesting assistance from Quovai Customer care with the staff working in customer care. In such a way, Quovai ensures a better service and is able to respond to the issues raised by the user either before or after booking.

The credit card details (name, card number and expiry date) are collected by Auric Systems ( AuricVault (as part of Auric Systems) provides a safe and secure off-site PCI compliant storage service for credit card account numbers. The accommodation establishments only have access to the collected data relevant to their customers. In some cases, the data may transit through the payment gateway Stripe ( and be stored in encrypted form on behalf of Quovai until either check-in or no-show. This could happen if an accommodation establishment opts for pre-authorisation in order to verify the validity of the credit card. The data of the credit card (number, expiry date and CVV) do not transit the Quovai servers, but are transmitted directly by the user (guest), via a secure channel, to the payment gateway and secure storage systems used.


We do NOT share, trade or sell your personal information to any company or third parties not directly associated with its proper use within our business activity. In the event that QUOVAI S.r.l. or substantially all of its assets were acquired, personal information would be one of the transferred assets. We may disclose personal information if required to do so by law, Court order or for the purposes of prevention of fraud or other crime or if we believe that such action is necessary to protect  QUOVAI S.r.l.


For further information, please see our Cookie Policy.


We will hold your personal information on our systems for as long as is necessary for the activity in question. Based on our business needs (current and future value of the information; costs, risks and liabilities associated with retention; the ease/difficulty of guaranteeing the information's accuracy), we have decided to conduct regular audits and to check through records to make sure that we are not holding onto personal data for too long or deleting it prematurely.


To prevent unauthorised access to your personal information and maintain data accuracy, we guarantee you that the appropriate physical and electronic measures have been taken to safeguard and secure the information that we collect online. Please note though that no transmission over the Internet can ever be guaranteed.

The Quovai sites uses Secure Socket Layer (SSL) technology, which ensures that any communications between your computer and Quovai cannot be intercepted and is unreadable by anyone else.  By convention, URLs that imply an SSL connection start with https: instead of http. Furthermore in most common browsers, a padlock icon is show on the left beside the URL to show you that you have established a full SSL encrypted connection. If your browser does not support SSL technology, then you should update to the latest version.

We will NEVER ask you to confirm any bank account or credit card details via e-mail. If you receive an e-mail from Quovai to this effect, please ignore it and do NOT respond. You should report this issue to us (see point 8).

Links to other websites: Our website may contain links to other websites of interest. Nevertheless you should note that we do not have any control over those websites. Therefore, once you have used these links to leave our website, we are not responsible for the protection and privacy of any information that you provide whilst visiting such sites. These sites are not governed by our privacy statement. You should exercise caution and read carefully their privacy statement.


If you have a query relating to the processing of your personal information, you can send an e-mail to our mailbox (

If you are unable to make a query in writing, please ring us at +39-02-87198048.

If you should wish to verify/modify/delete the personal information we hold concerning you, we will need to verify your identity before making such corrections/deletions. We are committed to responding to your query within 14 working days.

We reserve the right to amend or modify this Privacy Statement at any time and in response to changes in applicable data protection and privacy legislation. The most up-to-date version of this Privacy Statement is always visible on our websites.