Elegant facade of Hotel Experimental Roma, showcasing its refined architecture in the heart of Roma.

Privacy Policy

Scroll

Update: March 2026

This privacy policy (hereinafter the “Privacy Policy”) reflects the commitment of Experimental Group, a simplified joint-stock company (Société par Actions Simplifiée) with a share capital of €20,100,900, registered with the Paris Trade and Companies Register under number 524 095 064 R.C.S. Paris, VAT number FR48824023063, whose registered office is located at 14-16, Boulevard Poissonnière, 75009 Paris, France (hereinafter the “Company”).

This Privacy Policy informs you about the processing of personal data collected and your rights when using our website: https://www.experimentalroma.com/ (hereinafter the “Site”), published by Webflow, in San Francisco, USA.

The Site allows you to:

  • Choose the language of use ;
  • Book a stay;
  • Subscribe to our newsletter;
  • Discover our vouchers and gift offers;
  • Join our teams;
  • Contact us;
  • Follow us on social media.

2. Processing of Your Personal Data

2.1 Description of the Processing of Your Personal Data

In accordance with applicable laws and regulations, the Company, acting as data controller, collects certain personal data when you visit the Site.

When booking a stay at our establishment, we may collect the following personal data: arrival and departure dates, number of guests, location, and any optional extras (including lifestyle-related preferences such as alcoholic or non-alcoholic beverages).

For the payment of your stay, we collect your contact details and banking information, in compliance with applicable security standards.

If you wish to contact us, you may provide your first name, last name, telephone number, and email address via the form available under the “Contact Us” section.

If you wish to receive our latest news, you may subscribe to our newsletter by providing your email address. This will allow you to receive news and offers, with the possibility to unsubscribe at any time.

To join our teams, you may submit an unsolicited application by clicking on “Careers”. This enables us to collect personal data such as your first name, last name, email address, CV, and cover letter, which will be used to manage your application.

When accessing the Site, the Company also collects the following personal data:

  • Connection logs;
  • Connection data;
  • IP address.

2.1.1 Purposes, Legal Bases, and Data Retention Periods

PurposeLegal BasisData Retention Period
Management of your reservations, including modifications, cancellations, payment, or prepaymentPerformance of the contract concluded with you when booking your stayFive years from the end of your stay or the last contact
Management of requests to exercise rights of access, portability, erasure, restriction, rectification, and objectionNecessary to respond to rights requests and based on your consentUp to one year from the date of the request
Management of objections to commercial prospectingNecessary to respond to the exercise of the right to objectUp to three years from the exercise of the right
Recruitment managementBased on your consentThree years from the end of the contractual relationship
Customer relationship managementPerformance of contractual relations between you and the CompanyFive years from the conclusion of the contract
Management of job applicationsPre-contractual measures and your consentImmediate deletion if unsuccessful; up to two years from last contact if retention is authorized
Newsletter subscription managementBased on your consentUntil withdrawal of consent or three years from last contact

2.2 Recipients / Transfers of Personal Data

Access to your personal data is restricted to authorized personnel only, including the communication, HR, and sales departments, as well as IT and technical service providers supporting the Company’s activities.

As part of a reservation made on the Site, information relating to your stay and payment may be shared with teams responsible for reservations, billing, customer follow-up, and post-stay services to ensure proper handling of your request.

Personal data may also be disclosed to third parties:

  • Where required by law or legal proceedings;
  • In response to requests from public or judicial authorities;
  • Where disclosure is necessary to ensure the safety of individuals or protect the public.

Your personal data is transmitted to Webflow, which hosts the Site in USA.

Your personal data is also transmitted to Namastay, our online payment service provider.

Your personal data is therefore transferred outside the European Economic Area.

The Company undertakes to ensure a level of protection equivalent to that guaranteed by the GDPR and has entered into Standard Contractual Clauses (June 2021 version) with entities located outside the EEA, along with additional safeguards as required by the CJEU judgment of 16 July 2020 (“Schrems II”).

Social media sharing buttons may allow access to third-party platforms. Data collected through these buttons is governed by the privacy policies of the relevant platforms.

2.3 Security of Your Personal Data

The Company implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Pseudonymization and encryption of personal data;
  • Measures to ensure confidentiality, integrity, availability, and resilience of processing systems;
  • Measures to restore availability and access to personal data;
  • Regular testing and evaluation of security measures.

2.4 Retention of Personal Data

Personal data is retained only for as long as necessary to fulfill the purposes for which it is processed, comply with legal obligations, exercise rights, or for statistical or historical purposes.

Once retention periods expire, personal data is deleted or anonymized.

2.5 Your Rights Regarding Your Personal Data

You have the following rights:

  • Right of access and rectification
  • Right to erasure
  • Right to object
  • Right to restriction of processing
  • Right not to be subject to a decision based solely on automated processing
  • Right to data portability
  • Right to define post-mortem directives
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

Vous pouvez déposer une plainte auprès du Garante per la protezione dei dati personali (Autorité italienne de protection des données) :
Piazza Venezia 11, 00187 Rome, Tel: +39 06 69677 1.

You are encouraged to contact the Company’s Data Protection Officer first.

Contact Details

You may exercise your rights or ask any questions by contacting the Data Protection Officer:

  • Email: gdpr@expegroup.com
  • Postal address: 14-16, Boulevard Poissonnière, 75009 Paris, France

Proof of identity may be requested where necessary and will be deleted once your request is processed.

2.6 Links to Third-Party Websites

The Site may contain links to third-party websites governed by independent privacy policies. Users are encouraged to review those policies.

2.7 Language

This Privacy Policy is drafted in French. In the event of translation, the French version shall prevail in case of dispute.

2.8 Cookies

Cookie-related provisions are detailed in the cookie policy available on the Site.

2.9 Amendments to the Privacy Policy

The Company reserves the right to amend this Privacy Policy at any time and recommends consulting it regularly. Users will be informed of any material changes.

Sign up to our Newsletter

Thank you for subscribing to our newsletters! Get ready to embark on a journey with us and save in your address book to ensure the newsletter avoids your junk mail.
Oops! Something went wrong while submitting the form.

@experimental

Experimental Roma logo
White text spelling 'EXPERIMENTAL' with an asterisk on a transparent background.
AboutCareersPress & mediasContact the group
DISCOVER OUR DESTINATIONS
information
Terms and conditionsTerms of usePrivacy policyCookie Management PolicyLegal NOTICE
FOLLOW US
BOOKCONTACT US