Compare Car Classes

Cheapest option in each category

Loading prices...
Home Airport Arrival Ride Menu Quick Answers How It Works
Explore Palermo

Privacy Policy

How PalermoGo collects, uses, and protects your personal data.

1. Introduction and Scope

PalermoGo ("we", "us", "our") operates the car hire booking platform at palermogo.com. This Privacy Policy explains how we collect, use, store, and share your personal data when you visit our website, make a booking enquiry, or contact our support team. It applies to all users accessing our services from anywhere in the world, and specifically covers transactions processed in connection with car hire in Palermo, Sicily, Italy.

We are committed to handling your personal data responsibly and in compliance with the EU General Data Protection Regulation (GDPR) as adopted into Italian law under Legislative Decree 196/2003 (Codice in materia di protezione dei dati personali), as amended by Legislative Decree 101/2018. By using our website you acknowledge the practices described in this policy.

2. Data Controller

The data controller responsible for your personal information is PalermoGo, based in Palermo, Sicily, Italy. If you have any questions about this policy or your data, please contact us at [email protected] or by phone at +39 311 709 9478.

3. Information We Collect

We collect the following categories of personal data:

3.1 Identity and Contact Data. When you submit a booking request or contact our team, we collect your full name, email address, telephone number, and, where required by the rental supplier, your driver licence number and country of issue.

3.2 Booking and Travel Data. We record your pickup and return locations (for example, Falcone-Borsellino Airport - PMO, Palermo Port, or hotel addresses in the historic centre around Quattro Canti), rental dates and times, vehicle preferences (such as automatic transmission or child seat requirements), and any special instructions you provide.

3.3 Payment Information. Payment transactions are processed exclusively by our third-party payment processors. We do not store your full card number, CVV, or bank account details on our servers. We retain only a payment reference token and the card type used (for example, debit card, Visa, or Mastercard) for administrative and fraud-prevention purposes. Our no-deposit, debit-card-friendly booking model means we aim to minimise financial data held on our systems.

3.4 Technical and Browsing Data. We automatically collect your IP address, browser type and version, operating system, referring URL, pages viewed, session duration, and device identifiers. This data is collected via server logs and cookies (see Section 8 on security and our separate Cookie Use policy at /cookie_use).

3.5 Location Data. If you grant location permission in your browser, we may use your approximate geographic location to pre-fill the nearest pickup point (for example, Palermo Airport or city-centre locations). This data is not stored beyond the session unless you save a booking preference.

3.6 Communications Data. If you email or call us, we retain records of that correspondence, including your enquiry content and our replies, for customer support and quality purposes.

4. How We Use Your Data

4.1 Processing Bookings. The primary purpose for collecting your personal data is to process your car hire booking, pass the necessary information to our rental supplier partners, and confirm your reservation. This is carried out on the legal basis of contractual necessity (GDPR Article 6(1)(b)).

4.2 Customer Support. We use your contact details and booking data to respond to queries, handle amendments or cancellations, and resolve complaints. This is necessary for the performance of your booking contract and our legitimate business interests.

4.3 Service Improvement. Aggregated and anonymised browsing data helps us analyse which pages and car hire options are most useful, improve the booking flow, and fix technical issues. This is carried out on the basis of our legitimate interests (GDPR Article 6(1)(f)).

4.4 Marketing Communications. With your explicit consent (GDPR Article 6(1)(a)), we may send you promotional emails about car hire deals in Palermo, seasonal offers, and travel tips for Sicily. You can withdraw this consent at any time by clicking the unsubscribe link in any marketing email or contacting us directly.

4.5 Legal Compliance. We may process and disclose your data where required by applicable Italian or EU law, court order, or regulatory authority request.

4.6 Fraud Prevention and Security. We use technical and booking data to detect and prevent fraudulent activity, protect our users, and maintain the integrity of our reservation system.

5. Data Sharing with Third Parties

We do not sell your personal data. We share it only with the following categories of trusted partners, and only to the extent necessary:

5.1 Rental Supplier Partners. Your name, contact details, driver licence information, and booking specifics are passed to the car hire supplier fulfilling your reservation (for example, at Palermo Airport or city pickup points). Their own privacy policies apply to data held on their systems.

5.2 Payment Processors. Payment data is handled by PCI-DSS-compliant third-party processors. They receive the information needed to authorise your transaction under their own data agreements.

5.3 Insurance Providers. Where your booking includes optional or mandatory insurance cover, relevant booking and identity data may be shared with the insurance underwriter to validate and activate your policy.

5.4 Booking Integrators and Technology Providers. We use trusted software platforms for reservation management, email delivery, and website analytics. These providers act as data processors under written agreements and are prohibited from using your data for their own purposes.

5.5 Legal and Regulatory Authorities. We may disclose data to Italian law enforcement, the Garante per la Protezione dei Dati Personali (the Italian data protection authority), or other competent bodies when legally required.

All third parties with whom we share data are required to maintain appropriate technical and organisational security measures.

6. Data Retention

We retain your personal data only for as long as necessary for the purposes described in this policy:

Booking records (name, contact, vehicle and trip details): retained for 7 years from the date of the completed rental in accordance with Italian civil and tax law obligations.

Payment references (transaction tokens, not full card details): retained for 5 years for financial audit and fraud-prevention purposes.

Customer support communications: retained for 2 years from the date of the last interaction.

Marketing consent records: retained until consent is withdrawn, then archived for 2 years as evidence of consent history.

Technical and browsing logs: retained for a maximum of 12 months in anonymised or aggregated form.

After the applicable retention period, data is securely deleted or anonymised so that it can no longer be linked to you.

7. Your Rights Under GDPR and Italian Law

As a data subject, you have the following rights. To exercise any of them, please contact us at [email protected]. We will respond within 30 days.

7.1 Right of Access. You may request a copy of the personal data we hold about you and information about how it is being used.

7.2 Right to Rectification. You may ask us to correct inaccurate or incomplete data - for example, a misspelled name on a booking or an outdated email address.

7.3 Right to Erasure ("Right to be Forgotten"). You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, you withdraw consent, or you object to processing and there is no overriding legitimate ground. Note that we may need to retain certain data to comply with legal obligations.

7.4 Right to Data Portability. Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, commonly used, machine-readable format.

7.5 Right to Restriction. You may ask us to restrict processing of your data in certain circumstances, for example while a dispute about accuracy is being resolved.

7.6 Right to Object. You may object at any time to processing carried out on the basis of our legitimate interests, including profiling. You also have an unconditional right to object to direct marketing.

7.7 Right to Withdraw Consent. Where we rely on your consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

7.8 Right to Lodge a Complaint. If you believe we have not handled your data lawfully, you may lodge a complaint with the Garante per la Protezione dei Dati Personali (www.garanteprivacy.it), the Italian supervisory authority.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration, or disclosure. Measures include:

HTTPS encryption for all data transmitted between your browser and our servers; access controls limiting data access to authorised personnel only; regular security assessments of our platforms and third-party integrations; secure deletion procedures for data that has reached the end of its retention period.

While we take these precautions seriously, no internet transmission is entirely secure. We encourage you to use strong passwords and contact us immediately at [email protected] if you suspect any unauthorised use of your account or booking details.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the website, remember your preferences, and analyse usage. For full details on the types of cookies used and how to manage them, please read our Cookie Use policy. You can adjust your cookie preferences at any time through your browser settings or our consent tool.

10. International Data Transfers

Our primary operations are based in Palermo, Italy, within the European Economic Area (EEA). Where we transfer data to service providers outside the EEA, we ensure adequate safeguards are in place - such as European Commission Standard Contractual Clauses (SCCs) - in compliance with GDPR Chapter V.

11. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last revised" date at the bottom of this page and, where appropriate, notify you by email or a prominent notice on the website. We encourage you to review this policy periodically. Continued use of our service after an update constitutes acceptance of the revised terms.

12. Contact Us About Privacy

For any questions, requests, or concerns relating to this Privacy Policy or the way we handle your personal data, please reach out to us:

[email protected]

+39 311 709 9478

Palermo, Sicily, Italy

Last revised: June 2025