top of page
_DSC7765.jpg

Privacy & Cookies

We care your safety on flight and also on the Internet.

Discover how we defend your provacy while you navigate on our website.

Last updated: 08 April 2026

This Privacy & Cookie Policy explains how Elystar SRL collects, uses, stores and protects personal data when users visit and interact with the websites https://www.helipratello.com/ and https://www.helipratello.it/, including contact forms, service request forms, email communications and related online services.


These websites promote helicopter passenger transport, luxury transfers, panoramic flights, wine tours and related premium travel services in Tuscany, across Italy and toward selected destinations, including islands and tourist locations.

1. Data Controller

 

Elystar SRL
Via Filippo Palizzi 3
06134 Perugia (PG)
Italy
VAT No. 03431830540
Email: helipratello@gmail.com

Elystar SRL acts as the Data Controller for the processing of personal data described in this Policy.
For any privacy-related request, users may contact the Data Controller at the email address indicated above.

2. Personal data collected

Depending on how the user interacts with the websites, Elystar SRL may collect the following categories of personal data:

  • Identification data, such as first name and last name, where entered in contact forms visible on the websites.

  • Contact data, such as email address, telephone number and any other information voluntarily submitted by the user.

  • Request data, such as subject, message content, preferred service, destination, travel needs, booking interest or other details provided through forms or direct email.

  • Technical and usage data, such as IP address, browser type, device information, language settings, timestamps, pages visited and interaction data, to the extent collected through technical logs, analytics tools or platform infrastructure.

  • Cookie and tracking data, where cookies or similar technologies are used on the websites.

The websites visibly include contact forms and public contact details, which means users may actively provide personal data when requesting information or service assistance.

3. Purposes of processing

Personal data may be processed for the following purposes:

  1. To respond to information requests submitted through contact forms, email or other communication channels made available on the websites.

  2. To handle pre-contractual requests, service enquiries, availability checks, quotations and customer assistance related to helicopter transport and related experiences offered through the websites.

  3. To manage bookings, operational follow-up and service organization where a user proceeds with a reservation or requests a custom itinerary.

  4. To comply with legal, regulatory, accounting, tax, safety and administrative obligations applicable to the business.

  5. To protect the Controller’s rights, prevent misuse, fraud or abuse and maintain website security.

  6. To collect aggregate or analytical information on website performance and user interaction, where legally permitted or where prior consent has been obtained if required.

  7. To send marketing or promotional communications only where the user has given valid consent, where such consent is required under applicable law.

4. Legal bases

The processing of personal data is based on one or more of the following legal grounds under the GDPR:

  • Performance of pre-contractual measures or a contract, where processing is necessary to respond to a user’s request or to manage a service booking.

  • Compliance with legal obligations, where processing is required by applicable laws or regulations.

  • Legitimate interests of the Controller, such as website security, fraud prevention, service improvement and protection of legal rights, provided that such interests do not override the rights and freedoms of the user.

  • Consent, where required, including for non-essential cookies, tracking technologies, and marketing communications.

Under Italian cookie guidance, consent is required before storing or accessing non-technical cookies and other tracking tools, except where they are strictly necessary to provide a service expressly requested by the user.

5. How data is collected

Personal data may be collected:

  • Directly from the user through contact forms on the websites.

  • Through emails sent to helipratello@gmail.com, which is publicly displayed on both websites.

  • Through phone or other contact channels where subsequently provided by the user.

  • Automatically through the websites’ technical operation, hosting environment, platform tools, cookies, consent tools and analytics services, if implemented.

6. Nature of provision

Providing personal data for general browsing is optional, although some technical data is processed automatically for the websites to function properly.
Providing personal data through contact forms or email is voluntary, but failure to provide the data marked as required may prevent Elystar SRL from replying to the request or providing the requested assistance.

7. Recipients and processors

Personal data may be processed by authorized internal personnel and by external service providers acting as processors or independent controllers, depending on their role. These may include:

  • Website hosting and infrastructure providers.

  • Website platform providers and technical maintenance providers.

  • CRM, email, booking or customer support providers.

  • Analytics, consent management or cookie management providers, where implemented.

  • Professional advisors, insurers, administrative consultants or public authorities where required by law.

Personal data will not be disclosed beyond what is necessary for the purposes stated in this Policy.

8. International data transfers

Where personal data is transferred outside the European Economic Area, such transfers will take place only in accordance with applicable data protection law and through appropriate safeguards, such as adequacy decisions, standard contractual clauses or other lawful transfer mechanisms.

9. Data retention

Personal data is retained only for as long as necessary for the purposes for which it was collected and, afterwards, for the period required by law or for the protection of the Controller’s rights.

As a general rule:

  • Contact requests are retained for the time necessary to manage and close the enquiry and for a reasonable follow-up period.

  • Pre-contractual and contractual data may be retained for the duration of the relationship and for the applicable statutory limitation periods.

  • Accounting and administrative data may be retained for the period required by tax and bookkeeping laws.

  • Cookie-related consent records should be retained as necessary to demonstrate compliance with applicable cookie rules.

10. User rights

Users may exercise the rights granted by the GDPR, subject to applicable limitations, including:

  • The right to access personal data.

  • The right to rectification of inaccurate or incomplete data.

  • The right to erasure of personal data.

  • The right to restriction of processing.

  • The right to data portability, where applicable.

  • The right to object to processing based on legitimate interests.

  • The right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.

  • The right to lodge a complaint with the competent supervisory authority, including the Italian Data Protection Authority where applicable.

Requests may be sent to: helipratello@gmail.com

11. Security measures

Elystar SRL implements appropriate technical and organizational measures designed to protect personal data against unauthorized access, accidental loss, destruction, alteration or unlawful disclosure.
However, no internet transmission or storage system can be guaranteed as completely secure, and users should avoid sending unnecessary sensitive information through general website forms unless expressly requested through appropriate channels.

12. Cookies and similar technologies

The websites may use cookies and similar technologies for different purposes, including technical operation, remembering preferences, measuring traffic and, where applicable, enabling third-party content or marketing features.

Cookies may include:

  • Strictly necessary cookies, required for the website to function properly, ensure security, enable navigation or provide services expressly requested by the user.

  • Preference or functionality cookies, used to remember settings or improve usability.

  • Analytics cookies, used to measure traffic and performance; depending on how they are configured, these may require prior consent.

  • Marketing or profiling cookies, used to track users across websites or build profiles for advertising or similar purposes; these require prior consent.

Italian guidance requires that non-essential cookies and similar tracking tools are not set by default before the user has given valid consent. Cookie walls are generally not valid, and scrolling alone does not constitute valid consent as a standard mechanism.

13. Cookie banner and consent management

Where non-essential cookies are used, the websites must display a cookie banner that allows users to:

  • Accept all cookies.

  • Reject non-essential cookies.

  • Access granular preferences for each category of non-essential cookies.

  • Access the extended cookie information notice.

Non-essential cookie categories must be off by default until consent is given.
Users must be able to change or withdraw their cookie preferences at any time through an always-accessible link or equivalent mechanism on the website.

14. Browser controls

Users can also manage cookies through browser settings, including blocking or deleting stored cookies.
Please note that disabling strictly necessary cookies may affect the proper functioning of some website features.

Typical browser support pages include those of Chrome, Firefox, Safari, Edge and other major browsers.

15. Third-party services

The websites may include third-party components, embedded content, social links, analytics tools, hosting infrastructure or external communication services.
When third-party services place cookies or process personal data independently, their own privacy documentation may also apply.
Users are encouraged to review the privacy and cookie information provided by those third parties where relevant.

16. Minors

The websites and services are not directed to children under 18 and are intended for users seeking premium helicopter transport and related services.
If Elystar SRL becomes aware that personal data of a minor has been collected without appropriate legal basis, it will take appropriate action in accordance with applicable law.

17. Changes to this Policy

This Privacy & Cookie Policy may be updated from time to time to reflect legal, technical or operational changes.
The updated version will be published on the websites with a revised “Last updated” date.

18. Contact

For any request regarding privacy, personal data or cookie preferences, users may contact:

Elystar SRL
Via Filippo Palizzi 3
06134 Perugia (PG)
Italy
VAT No. 03431830540
Email: helipratello@gmail.com

bottom of page