Effective date: 05/08/2025

1. Introduction

This Cookie Policy is intended to illustrate which cookies are used by Sicilian Holidays SRL (hereinafter "the Site"), their purposes and how the user can manage them, in full compliance with the General Data Protection Regulation (GDPR) of the European Union (EU Regulation 2016/679), which came into force on 24 May 2016 and applies from 25 May 2018, and the Italian legislation on cookies (the so-called "Cookie Law ").

Complying with your website's privacy policy and cookie policy is a legal requirement. Data protection is a top priority, and failure to comply with these regulations can result in serious financial consequences and reputational damage.

2. Who we are

Sicilian Holidays SRL

• Registered office: ALTOFONTE (PA) VIA VINCENZO BELLINI 27, CAP 90072
• VAT number: 07299600820
• PEC: sicilianholidays.srl@pec.it
• Main activity: Car rental with driver (NCC), car rental without driver, tourist services and management of tourist facilities.

3. What are cookies?

Cookies are small text files that are installed on your device (computer, tablet, smartphone) when you visit a website. These files store information about your browsing experience and can be used for various purposes.

4. Types of cookies used on our Site

To ensure maximum transparency and protect your privacy, the cookies used on our Site are classified as follows:

4.1 Technical Cookies

• Purpose : These cookies are essential for the essential functioning and navigation of our Site . For example, they allow you to access protected areas, save your preferences (such as cookie settings), and maintain your browsing session.
• Nature : They may be "first-party cookies" (installed directly by our Site) or "third-party cookies" (installed by third parties for technical purposes, for example to balance the server load).
• Consent : The installation of technical cookies does not require your explicit prior consent . However, we provide you with complete information on their presence and functionality.

4.2 Profiling Cookies

• Purpose : These cookies are more invasive . They are used to monitor and profile users while browsing, studying their movements, habits, and interests to deliver targeted advertising consistent with their online preferences. They may be used for general marketing activities, profiling, and/or the transfer of data to third parties.
• Nature : These are mainly "third-party cookies", issued by external services such as Google or Facebook, but they can also be "first-party" if the Site directly carries out profiling activities.
• Consent : The installation of profiling cookies requires your explicit and prior consent . Without your consent, these cookies will not be installed on your device.

5. Consent Management in Compliance with Cookie Law and GDPR

When you first access our Site, you will see an immediately visible banner informing you about the use of cookies, particularly profiling cookies, for sending advertising messages. This banner will be linked to this extended policy to provide you with all the details.

• Obtaining Consent : Consent must be expressed by you through a clear and unambiguous action, such as clicking an "Accept cookies" or "Refuse cookies" button. Simply continuing to browse, scrolling the page, or clicking on an element on the Site is no longer sufficient to consider your consent implied.
• Preventive Blocking : Before you give your consent, our system will implement a preventive blocking for all resources that install profiling cookies, preventing their activation.
• Revoking and Modifying Consent : You have the right to modify or revoke your consent at any time. You can manage your preferences directly through the cookie banner settings or through your browser settings. For example, services similar to those described for Ncc.it allow you to revoke consent to personalized news and offers by deactivating the option or sending an email. This process may take up to 72 hours for technical reasons.

6. Third-Party Cookies and Specific Services

Sicilian business Holidays SRL (NCC, self-drive rental, tourist services, management of accommodation facilities), our Site may integrate services and features provided by third parties that use their own cookies.

Here are some examples of third-party services that may be present:

• Google Analytics : We use Google Analytics to analyze traffic and user behavior on our site. If the Google Analytics code has been anonymized ( IP anonymization ) and the Google AdWords and advertising features are disabled, your explicit consent is not required. However, if the data collected by Google Analytics allows a user to be identified, explicit prior consent will be required. We ensure that there is no unidentifiable IP address or user ID that could link specific data to a specific natural or legal person when consent is not required.
• Social Media Login/Registration Services (e.g., Facebook Connect, Google Account) : If the Site offers the option to log in or register using social network credentials such as Facebook or Google (e.g., "Facebook Connect" or "Log in with Google" as on Ncc.it), your profile data (name, surname, email address, profile photo) provided to these platforms may also be visible to us. We will process this data in accordance with our Privacy Policy. If you do not wish this processing, you should not use these features. You can prevent further processing of your data stored on these platforms by removing the app from your social media account settings.
• Google Maps Integration : The Site may use Google Maps APIs (as in Ncc.it) to display interactive maps and facilitate route planning or the location of facilities. GPS location data, if permitted by the user, is used anonymously to make it impossible to personally identify you.
• Payment Services (e.g., PayPal, Braintree , Wirecard ) : If the Site enables online payments, the data required to process transactions (e.g., credit card details) will be transmitted to payment service providers. These providers are PCI DSS (Payment Card Industry Data Security Standard) certified to ensure data security. Only the last four digits of your credit card may be stored for identification and documentation purposes.

7. Where to find this Cookie Policy

This Cookie Policy, along with our Privacy Policy, is easily accessible via a dedicated link in the footer of our website . Additionally, the cookie information banner displayed when you first access our website contains a direct link to this policy.

8. Differences with the Privacy Policy

It is essential to understand the distinction between this Cookie Policy and our Privacy Policy:

• The Privacy Policy focuses on how the personal data you voluntarily provide on the Site (e.g., through contact forms, registrations, purchases) is processed, including the purposes, the identity of the data controller, the recipients of the data, and the retention period.
• The Cookie Policy , on the other hand, addresses browsing behavioral data , which is often collected automatically through the installation of cookies. It specifies the providers of profiling cookies, their purposes, and provides links to their respective privacy policies.

9. Your Rights

As a "data subject" to the processing of your personal data (including that collected via cookies), you have the following rights under the GDPR:

• Right of Access : You can request complete information at any time on the scope, origin and recipient of the data stored about you, as well as the purpose of the storage.
• Right to Rectification : You have the right to request the correction of inaccurate personal data.
• Right to Data Portability : If applicable, you can request that your personal data be provided to you in a structured, commonly used and machine-readable format, to transfer it to another data controller.
• Right to Object : You have the right to object to the processing of your personal data on grounds relating to your particular situation.
• Right to Erasure (Right to Be Forgotten) : You can request that your personal data be partially or completely erased without undue delay, unless there are legal grounds for continuing to process it.
• Right to Restriction of Processing : You have the right to obtain restriction of the processing of your personal data.
• Right to lodge a complaint : You can lodge a complaint with the competent supervisory authority (the Italian Data Protection Authority).

To exercise any of these rights, you can contact Sicilian Holidays SRL using the contact details indicated in this Cookie Policy.

10. Data Security and Retention Period

Sicilian Holidays SRL implements appropriate technical and organizational measures to ensure data security, specifically to protect your personal data and prevent it from being disclosed to third parties, accidentally or intentionally altered, lost, or destroyed. These measures are regularly reviewed and updated. Your personal data is generally transmitted using encrypted means.

Personal data will not be retained for longer than strictly necessary for the purposes for which it was collected. In many cases, the legitimate purposes of video surveillance or data collection via profiling cookies, such as asset protection or vandalism detection, allow for data deletion after a few days, preferably through automated mechanisms. Longer retention periods (especially those exceeding 72 hours) require a specific analysis and justification of their necessity and legitimacy.

11. Policy Updates

We reserve the right to modify this Cookie Policy at any time. We will promptly inform you of any significant changes and, if necessary, give you the opportunity to renew or modify your consent.

12. Professional Consulting

Given the technical complexity of complying with the Cookie Law and, more generally, the GDPR (including the need to prevent profiling cookies), it is highly recommended to rely on IT/legal experts or consultants. Specialized companies, such as Doctor Web Agency, offer GDPR consulting services that include cookie analysis and preventative blocking, cookie policy and banner generation, SSL/HTTPS security implementation, and other legally required compliance. Professional services such as IUBENDA and COOKIEBOT are specifically designed to generate and manage cookie policies in a compliant manner.