Privacy policy

Pursuant to Article 13 of the EU Regulation 2016/679

Personal information we collect
We collect the following personal information:
Your name and surname, email address, telephone number and home address;
Credit card details (card type and number, name on the card, expiry date and CVC code);
Information about your stay, including dates of arrival and departure, any special requests and service preferences (room preferences, services and other);
Information you give us regarding preferences of marketing or promotional offers;

Collection of data at the hotel
Additional personal information is collected during the registration/check-in process at our hotel, including information required by local authority laws.

Event profiles
If you are planning to organise an event with us, we will register the details of the event or meeting, the date, the number of guests and, in the case of company events, information about the organization (name, annual budget, number of yearly sponsored events). We also collect information about individual guests who are part of groups or events. If you visit us as part of a group, we may request your personal information from the group. We may also send you commercial information, with prior consent, following your stay with a group, or participation in an event. If you visit us for the purpose of an event, we may share your personal information with the organisers of events. We may also share information about your event with third party service providers who may send you commercial information about services for events.

When you use our website, we automatically collect information, some of which could include personal data. For example: language selection, IP address, location, device selection, the operating system of the device, log-in data, access time, URL required, status report, user agents (such as data on the version of the browser), chronology, results (visit or booking), user booking code, type of information viewed, We could also collect data automatically through cookies. For further information on how we use cookies, click here.

Data could also be used to ascertain responsibility in the case of hypothetical computer crime against this website.

1) Reasons for processing personal data, legal basis and lawfulness of data processing
The processing of personal data is intended for the following purposes:
a) managing customer relationships (managing reservations, issuing invoices and quotes), and complying with contractual obligations;
b) fulfilling regulatory obligations, in particular those concerning taxes and accounting; managing complaints;

1a) Regarding service:
- sending (with prior written consent) promotional offers for our services and updates on tariffs and on offers applied, as well as greetings sent by post, fax or email;
- implementing (with prior written consent) hotel services such as external communication of data relating to your stay in order to permit the receipt of objects, messages and telephone calls intended for you.
- processing, with prior written consent, sensitive data which you voluntarily transmit in order to offer a higher level of hospitality at our hotel.
We may use your email address to send you, with prior written consent, our newsletter, or to send our best wishes for festivities.

The reason indicated in point 2a) is based on the application of a contract. The use of your data could be necessary in order to implement the contract you have with us. For example, if you use our services to make an online booking, we will use your data to fulfil our obligation to complete and manage your reservation, in virtue of the contract stipulated with us.

The purposes of points 2b) and c) are based on legitimate interests. We use your information for our legitimate interests, using your information for administrative and legal purposes or to identify fraud. When we use personal data for our legitimate interests, we always balance your rights and interests with regard to the protection of your personal data with our rights and our interests.

The purpose indicated in point 2c) is also based on, where possible, our obligation to respect existing regulations.

With regard to the purposes indicated in point 2a), based on existing regulations, we will ask for your consent before processing your personal information, which you can withdraw at any time, contacting us at the addresses given at the end of this information sheet.

This website is run by the data controller, in the person of the owner and pro tempere legal representative of the company CEFALÙ RESORT LLC Scialabba Domenico, Contrada Vallone Di Falco, 90015 Cefalù, e-mail: . The data controller guarantees the security, privacy and protection of personal information in his possession, in all the stages of the processing of that data.

The data collected are used in accordance with the existing regulations regarding privacy (GDPR 679/2016)

The processing of data connected to web services on this website takes place at the data controller’s offices and data are only handled by authorised data processing personnel and the appointed provider of the internet services and of the hosting/housing of this website. In addition, this data processing is carried out exclusively by the technical personnel of the personal data processing office, or by prospectively appointed individuals for occasional maintenance operations under the strict control of the data controller.

The purpose in point 2) concerns reservations at our hotel, and here the provision of data is obligatory. Failure to do so may lead to the impossibility of fulfilling requests.
The provision of data for the purpose of point 2a) is optional and does not impede the supply of the service requested (hotel stay)

The person concerned may refuse to give the data controller his/her internet details. To do this, he or she must disable them following the instructions provided by the browser in use. Disabling of cookies may cause problems with the correct working of the website.

Data to be processed will not be diffused, sold or exchanged with third parties, without consent from the person concerned. The area of communication of data is limited exclusively to the competent parties for the fulfilment of contractual operations and the observance of legal requirements. They can, therefore, be communicated to third parties belonging to the following categories: individuals providing services for the management of information systems; offices or companies in the field of support and consultation; Administration, Public bodies and competent Authorities, for the fulfilment of legal requirements and/or instructions from public authorities; Group companies and/or of the business network or private bodies directly involved in the performance of the services or entitled to know the data by law. In any case, only necessary data pertinent to the relevant procedure will be communicated to the above bodies.

With exception to what has been specified regarding surfing the website, the user is free to provide personal data contained in the forms available on the website or to request the newsletter, informative material, commercial offers or other messages. Not providing data could result in the impossibility of fulfilling the request.

CEFALÙ RESORT LLC has put into place specific measures to impede non-authorised access to data, as well as their inappropriate use. We use specific systems and procedures to safeguard the personal data that you provide us with. We have also implemented security measures and technical and physical restrictions in order to impede access and use of personal data on our server. Only authorised personnel can access personal data during the performance of their work.

We will retain your personal information for the time necessary to provide the services required, in compliance with existing laws, for the purpose of handling possible disputes with any third parties and, in any case, for as long as necessary to fulfil the purposes for which we collected them, including detection of fraud or other illegal activities. All retained personal information is subject to what is stipulated in this information sheet on privacy. In the case of questions about specific periods of retention of data, contact us using the contacts addresses below.

The data controller does not transfer personal data to third countries or to international organisations.

With reference to Article 23 of D.Lgs. 196/2003 and Article 6 of the GDPR 679/16, the person concerned may withdraw consent at any time.

We want you to have control of how we use your personal data. You can do this in the following ways:
You can request a copy of your personal data in our possession;
You can inform us of any change in your personal data or you can request that we correct any of your information in our possession;
In specific situations you can ask to cancel, block or limit the processing of your personal data in our possession, or oppose the way in which we are using your information in our possession; and in specific situations, you can also ask us to send your information in our possession to third parties.
Where we use your personal information with your consent, you can ask us to withdraw that consent at any time in accordance with the required procedure. In addition, when we process your personal data on the basis of legitimate interests or public interest, you have the right to object to the use of your personal information at any time, as prescribed by law.
We rely on you to ensure that your personal information is complete, accurate and up to date. Promptly notify us of any changes or inaccuracies in your personal information by contacting:
We will deal with your request in accordance with applicable law. The person concerned exercises his/her rights as described above with reference to GDPR 679/2016 ex art. 15 "right to access". art. 16 "right of rectification", art. 17 "right to erasure", art. 18 "right to limitation of data processing", art. 20 "right to portability", art. 21 "right to object to the automated decision making process of GDPR 679/2016, by writing to the data controller at the following address: Cefalù Resort LLC, c.da Vallone di Falco, - 90015 Cefalù, e-mail:

The data controller does not carry out processing that consists of automated decision making

Cookie Policy

This Cookie Policy is an integral part of the above Privacy Notice.

The user can express his / her consent to the use of cookies by continuing to browse the Sites, ie by performing a scrolling action, by clicking on one of the internal links of the pages of the Sites, or by clicking on the "x" button or otherwise closing of the short notice banner visible at every first access to the Sites, as required by the provision of the Guarantor for the protection of personal data (No. 229 of 8 May 2014).

Cookies consist of portions of code (computer files or partial data) sent from a server to the user's Internet browser, from said browser automatically stored on the user's computer and automatically sent back to the server at each occurrence or subsequent access to the site. Usually a cookie contains the name of the website from which the cookie comes from, the life of the cookie (ie how long it will remain on the user's device) and a value, which is usually a unique number generated randomly. At each subsequent visit the cookies are sent back to the website that originated them (first-party cookies) or to another site that recognizes them (third-party cookies). Cookies are useful because they allow a website to recognize the user's device and have different purposes such as, for example, to efficiently navigate pages, remember favorite sites and, in general, improve the browsing experience. They also help to ensure that the advertising content displayed online is more targeted to a user and his interests.

If you decide to disable cookies, this may affect and / or limit your browsing experience within the Sites, for example you may not be able to visit certain sections of a Site or may not receive information personalized when visiting the Sites.

The operating modes as well as the options for restricting or blocking cookies can be adjusted by changing the settings of your internet browser. The majority of Internet browsers are initially set to accept cookies automatically, but the user can change these settings to block cookies or to be alerted whenever cookies are sent to his device. There are several ways to manage cookies, for this purpose refer to the help screen of your browser to check how to adjust or change the settings of the same. The user is enabled, in fact, to change the default configuration and disable cookies (ie block them permanently), setting the highest level of protection.

Below is the path to follow to manage cookies from the following browsers:

If you use different devices to view and access the Sites (for example, computers, smartphones, tablets, etc.), you must ensure that each browser on each device is adjusted to reflect your cookie preferences . To delete cookies from the Internet browser of your smartphone / tablet, it is necessary to refer to the user manual of the device.

Sites use different types of cookies each of which has a specific function. The site uses cookies to make navigation easier and to better adapt both the pages uploaded and its products to the interests and needs of users. Cookies can also be used to speed up future user experiences and activities on the site. In addition, cookies are used to compile anonymous aggregate statistics that allow us to understand how users use the site and to improve the structure and content of the sites themselves.

Here is an explanatory list.

Technical cookies

"Technical" cookies are essential for the correct operation of the site and allow users to browse the site and take advantage of its features (for example, they allow the storage of previous actions or allow saving the user's session and / or to carry out other activities that are strictly necessary for the functioning of the site).

This category also includes "analytical" cookies that help to understand how users interact with the site by providing information on the last page visited, the number of sections and pages visited, the time spent on the site and each event has emerged during navigation, such as a message of rrore, and help to understand every difficulty that the user encounters in using the site. This information may be associated with user details such as IP address, domain or browser; however, they are analyzed together with information from other users so as not to identify a particular user with respect to the other. These cookies are collected and aggregated anonymously and allow the site manager to improve the usability of the site.

Finally, "functionality" cookies allow the site to remember the user's choices (for example the user name) to provide the user with a more personalized and optimized navigation. Functional cookies are not essential to the functioning of the Sites, but they improve the quality and the browsing experience. If you do not accept these cookies, the performance and functionality of the site may be lower and access to the contents of the site may be limited.

Profiling cookies

"Targeting" or "profiling" cookies are used to present contents that are more suited to the user and his interests. They can be used to display targeted advertisements, to publish customized advertising ads based on user interests, or to limit the number of times the user views an advertisement. In addition, they help measure the effectiveness of advertising campaigns on the site; the site manager may use these cookies to remember the sites that the user has visited and share this information with third parties, including agencies and advertisers who may use their cookies to gather information about the activities that users make on the site.

"Sharing" (or social network) cookies are necessary to allow the user to interact with the Sites through their social account and serve, for example, to express an appreciation and to share it with the related social contacts .

The site uses or may use, also in combination with each other, cookies:

  • of "session" that are stored on the user's computer for mere technical-functional requirements, for the transmission of session identifiers necessary to allow the safe and efficient exploration of the site; they are deleted at the end of the "session" (hence the name) with the closing of the browser;
  • "persistent" that remain stored on your computer's hard drive until their expiration or cancellation by users. Through persistent cookies users who access the sites (or any other users who use the same computer) are automatically recognized at each visit. Third-party cookies

When a user uses the site, it is possible that some cookies are stored that are not controlled by the site operator. This happens, for example, if the user visits a page containing content from a third-party website. As a result, you will receive cookies from these third-party services. On third-party cookies the site manager has no control over the information provided by the cookie and does not have access to such data. This information is totally controlled by the third party companies as described in the respective privacy policy.

The table below shows the third-party cookies on the site. The latter fall under the direct and exclusive responsibility of the third party operator and are divided into the following macro-categories:

  • Analytical: are cookies used to collect and analyze statistical information on accesses / visits to the website. In some cases, associated with other information such as credentials entered for access to restricted areas (your e-mail address and password), can be used to profile the user (personal habits, visited sites, downloaded content, types of interactions made, etc.).
  • Widgets: This category includes all the graphical components of a user interface of a program, whose purpose is to facilitate the user in the interaction with the program itself (by way of example, they are widgets cookies of Facebook, Google+, Twitter, Linkedin, Instagram, etc. ..).
  • Advertising: This category includes cookies used to provide advertising services within a site.

If you do not wish to receive third-party cookies on your device, you can, through the links below, access the information and consent forms of these third parties and exclude the receipt.

These cookies are not controlled directly by the site, therefore, to revoke the consent you need to refer to the websites of third parties or refer to the site to obtain information on how to be able to delete or manage cookies based on the browser used and to manage preferences on third-party profiling cookies.

Primary usage
Privacy policy
Google Services
Analitici / Advertising / Widgets
Analitici / Widgets
Analitici / Widgets
Analitici / Widgets
Analitici / Widgets
Analitici / Widgets