Privacy & Cookie

Last updated: May 2026

1. Data Controller

The data controller is Lilium Boutique Hotel Roma, Via Venti Settembre 58/A, 00187 Roma (RM) — contact: liliumhotel@gmail.com.

2. Data Collected and Purposes of Processing

Website browsing

During normal browsing, technical data is automatically collected by servers (IP address, browser type, pages visited, timestamps). This data is used solely for security and statistical purposes and is not associated with identified users.

Contact form and email communications

If you contact us via email or the contact form, we process the data you provide (name, email address, telephone, message) for the sole purpose of responding to your enquiry. The legal basis is the legitimate interest of both parties.

Booking system

The site integrates the Hotel in Cloud booking system (CIVIS Hotels Group). Reservation data (dates, personal details, payment information) is processed directly by Hotel in Cloud, which acts as an independent data controller. We recommend reading their privacy policy.

3. Cookie Policy

This site uses cookies and similar technologies. Below is a classification of the cookies used.

Strictly necessary cookies

They are essential for the site to function and cannot be disabled.

• lilium-theme — stores the theme preference (light/dark). Duration: session.
• lilium-cookie-consent — records your cookie preference choice. Duration: 1 year.

Analytical cookies (consent required)

If you accept all cookies, we may use analytics tools to measure traffic and improve the site. No personal profiling is carried out.

Booking system cookies

The Hotel in Cloud booking widget may set its own technical cookies necessary for the reservation process.

How to manage cookies

You can change your preferences at any time by clicking "Cookie preferences" in the footer, or by configuring your browser.

For more information on managing cookies in the main browsers:

• Google Chrome
• Mozilla Firefox
• Apple Safari
• Microsoft Edge

4. Data Sharing

Your data is not sold or transferred to third parties for commercial purposes. We share data only with:

• CIVIS Hotels Group — manager of the booking system and property management software.
• IT service providers — hosting, site maintenance, exclusively as data processors.
• Competent authorities — where required by law.

All suppliers are bound by appropriate data processing agreements.

5. International Transfers

Data is not transferred outside the European Economic Area. Where technically necessary, appropriate safeguards are in place pursuant to Article 46 GDPR.

6. Your Rights

Under the GDPR you have the right to:

• Access — obtain confirmation and a copy of your data;
• Rectification — correct inaccurate or incomplete data;
• Erasure ("right to be forgotten") — request removal of your data;
• Restriction — request suspension of processing;
• Portability — receive your data in a structured, machine-readable format;
• Objection — object to processing based on legitimate interest;
• Withdrawal of consent — at any time, without prejudice to the lawfulness of prior processing.

To exercise your rights, write to liliumhotel@gmail.com.

7. Security

We adopt adequate technical and organisational measures to protect your data from unauthorised access, loss or disclosure.

8. Changes to This Policy

This policy may be updated to reflect regulatory changes or improvements to our services. The date of the last update is shown at the top of the page.