Regalo takes active steps and measures to protect your privacy. This Privacy Notice describes what information we may collect from our friends and guests, club members, private residence owners, renters and prospective residence owners and club members (referred to as “Guests, Members and Owners from here on), as well as visitors to the Regalo website, as well as the way in which Regalo stores and uses this information to best serve your requirements. We assure you, we will always protect your information as though it were our own.

When you see the term “Regalo”, “We” and / or “our”, this refers to Regalo Ltd, subsidiaries and affiliates of Regalo, and all of the legal entities that manage and / or operate Regalo hotels, resorts and / or residences.

When we say “you” or “your”, we are referring to anyone whose personal information we process. Personal information means any information that could be used to identify you, and the way we treat that information is explained in this Privacy Notice.


What type of information do we collect from you?

We are fully committed to safeguarding the privacy of the personal information you entrust us with. The personal information we collect from you will typically include the following:


How your personal information is collected

For the most part, information is only gathered when you choose to provide it to us, and when you interact directly with us. Examples of when you might divulge information to us includes:


How we use your information

We are only allowed to collect information if we have a legal basis to do that. Here are come guidelines which set out how and why your personal information:

If we are using aggregated information to identify trends and general customer expectations, we will anonymise your information – this means removing any details that makes it possible to identify you.

This Privacy Notice talks a lot of our legal obligations. Most of our compliance obligations are designed to prevent fraud and money laundering. There is particular emphasis on the following laws and regulations:

If you do not provide the information we need to comply with these laws, we could be breaking the law if we continue to provide some of our services to you. We will always explain when this is the case when we are collecting information from you.


Who we share your information with and why

We will only share your information when it is needed and to your benefit and / or if we are obligated to do that. We only work with and engage with organisations who can show us they respect your privacy as much as we do. If we haven’t already, we will ask them to tell us how they secure your data and how far access to your personal data is restricted. We won’t let any of our service providers use your personal data for their own purposes and they can only use the information for the specific reason it is given to them.


The Regalo group operates via and as part of a global network of data centres, hotels, serviced apartments, reservation centres and offices; it may be necessary to share or transfer information you have submitted (in connection to your booking for example) outside of the country in which it was originally submitted and / or collected. Any information you provide either at the point of reservation or during the course of your stay, or at anytime before, between and / or after these events, may be transferred between us, in order that we may carry out and / or facilitate the services you have requested from us or to answer any queries or communications between you and us. The storage of data in line with our legal obligations may also require us to transfer data across the Regalo group. Where the service you have requested is provided by one of our partners, we will limit the transfer of your information only to that which is necessary for the third party to carry out the services required of them.


In the instance that information originating in the EU and / or subject to EU laws and regulations is required to be transferred to a country outside of the EU, we will ensure that the recipients of such information / data are subject to and adhere to at least the same standards and obligations as those set out under GDPR regulations. We will do this by contractually binding our partners to provide at least the same degree of protection over your data and information as we do. Some of the assurances we secure are internationally recognised certification schemes.


Even in the case that we received information requests from law enforcement agencies or regulators, we will verify the source of such requests and their right to such information before we comply with their requests.


How we keep your information secure

Regalo operates on a “need to know” basis which means that only those who need to access your information will be able to access your data. Access restrictions also apply to contractors and other third parties who have a business need to know. Everyone who has access to your information have agreed to a duty of confidentiality.

Some of the steps we have taken to protect your personal data are:

If we have to transfer, store, or process your personal information anywhere outside the UK and the European Economic Area, and the country in question does not offer the same level of protection for your personal data, we will take the following steps to safeguard your information:


For how long do we keep your personal data?

We do not keep your information any longer than we are allowed to keep it. Usually that will mean keeping it beyond the time period over which we are providing a service to you; this is because we often have to hold on to personal data for at least seven years for legal, regulatory and accounting purposes. 


Your rights and choices in relation to your personal information

You have the right to know what information of yours is used, by whom, and how it is used. You also have some control over it. For example, you have the right to:

You can also ask us to delete your personal information if:

Sometimes we will not be able to, for legal reasons, delete your personal data but you can still ask us to stop processing your data if:

You can expect us to respond to a request from you to exercise your rights within one month of receiving it. If your request is complicated it might take a little longer. All reasonable requests are free of charge to you. You may be charged however, where you request is complex, resource heavy, unreasonable, excessive and / or repetitive.

If you do ask for access to your personal data, we will want to make sure we’re not giving your information to someone who doesn’t have any right to it. As a security measure to ensure we do not unwittingly disclose your information to anyone who has no right to receive it, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

If you would like to exercise any of your rights please contact:


Complaints and Contact Details

If you have any complaints about the way we use your personal information you can contact us at In the unlikely event that we are not able to resolve your complaint, you can get in touch with the Information Commissioner’s Office (ICO) if you are in the UK, or the data protection authority in your country,

If you have any questions about of this Privacy Policy, let us know by sending an email to Alternatively, you can go with the more traditional option of writing to: Othonos Amalias 46, Patra, Greece, 26221


Children’s Privacy

None of our services are for children under the age of thirteen so we would never knowing collect any information about or from children via our websites or any other method.


This cookie notice is for visitors to our website.


What are cookies?

For almost any modern website to work properly, it needs to collect certain basic information on its users. To do this, a site will create files known as cookies – which are small text files – on its users’ device, for example, your computer or mobile phone. These cookies are designed to allow the website to recognise its users on subsequent visits, or to authorise other designated websites to recognise these users for a particular purpose.

The website logs the user’s IP address which is automatically recognised by the web server. This is used to record the number of visitors to our site and to help monitor the performance of individual web pages.

These cookies collect information about how visitors use a website, for instance, which pages visitors go to most often and if they get error messages from web pages. These cookies do not collect information that identifies a visitor; all information collected by these cookies is anonymous. We only use such information to improve our services and our website. Examples of performance cookies used on the website are listed below.


Analytics cookies

We use Google Analytics to monitor the performance of the website. Google Analytics sets cookies to help us accurately record the number of visitors to the website and volumes of usage. This helps us to identify where visitors to the site may be encountering problems and also gives us an indication of the types of content visitors find particularly useful.

For more information about Google Analytics visit the Google Analytics website.


Removing and disabling cookies

If you do not wish to accept cookies on to your machine you can disable them by adjusting the settings on your browser. However, this will affect the functionality of the websites you visit.




 We would like you to contact us regarding issues in relation to your personal data and privacy protection. Please feel free to get in touch with us regarding any of the following:

You may contact us on any subject in relation to this document by: