Who We are

This website is owned by Arrigo Group Limited, a Company registered under the laws of Malta, bearing company registration number C7285, having its registered address at 248, Tower Road, Sliema, the Data Controller. Arrigo Group Limited is licensed by the Malta Tourism Authority. This privacy notice applies to the website and also to official presence on any social media (e.g. Facebook, LinkedIn). Where we refer to the “Website”, we also refer to data collection via these third-party platforms. You can contact us via email at

You may visit our website without revealing any personal information to us. However, when visiting our website, we may record your Internet Protocol address (the ‘IP Address’).


We may use third-party service providers to serve ads and/or collect certain anonymous information when you visit our Web site, such a Google Analytics. You may learn more about cookies at .


What Kind of Data We Collect

We will only collect the data necessary to process your booking, such as:

  1. Contact details (name, surname, address, the hotel where you are staying during your visit);
  2. Information about Ethnicity, Religion, Medical Conditions (such as medical history or dietary restrictions), if in connection with the provision of our services; such information falls under “special categories” of personal data: we will use it solely to ensure that your needs are met with regards to your booking and for no other purposes whatsoever;
  3. Should one of our customers be a child (under the age of 16), we will require authorisation from a parent or legal guardian;
  4. Your travel documents (travel Visas if required);
  5. Your payment information to process online payments, if applicable; all payments are processed by a third-party payment gateway (the “Processor”). Payment section is protected by a Secure Socket Layer encryption (“SSL”);
  6. Any other category of personal data as required from time to time.

We also collect personal data sent to us by third parties, such as tour operators and travel websites, with whom we have agreements in place.

Your personal data will be shared with third parties with whom the Company has agreements in place, for the sole purpose of processing your booking. In the event that we will need to transfer it outside the European Union (EU), we will make sure that appropriate safeguards are in place to ensure an adequate level of protection of your personal data.

Why We Collect Your Data

The required information is necessary to ensure your booking is processed in the most efficient way. Therefore, failure to provide the Company with the requested information might render the Company unable to satisfy your requests.

We will use your data to inform you of our promotions only where you have given your consent to do so. You can opt-out of these emails/communications at any time.

Protection of Minors

We advise all visitors of our Website under the age of 16 not to disclose or provide any personal information to us; should this happen, we will delete the personal data of the child from our systems.

Your Rights

You have the right to:

  • Have access to your data, including confirmation from the controller as to whether your personal data is being processed and to receive further information about that processing;
  • Have your personal data amended when you think it is inaccurate;
  • Request the erasure of data processed about you, on the basis of certain grounds, such as where the data is no longer necessary for the purposes for which it was collected or where consent for processing that requires consent has been withdrawn;
  • Request the data controller to restrict its processing activities on your data, based on certain grounds, such as where the accuracy of the data is contested;
  • Receive the personal data provided by you in a structured, commonly used and machine-readable format or to request that such data is transferred in such format to another data controller;
  • Withdraw your consent to processing that is based on your consent, such as direct marketing;
  • Object to processing that is carried out for the legitimate interests of the controller, by reference to your specific situation. You may, at all times, object to direct marketing;
  • File a complaint with us, by using the contact details above and/or with the competent data protection supervisory authority. In Malta, this is the Office of the Information and Data Protection Commissioner,; if you are a European resident, you can contact your local data protection regulator. A list of all the regulators can be found here. This is a third-party website, over which we have no control.

Should you wish to exercise any of your rights, you may do so by contacting us at

It is important to note that, in certain circumstances, you may not be able to exercise your rights as stipulated above or you may be able to exercise such rights but only in a limited manner, as dictated by law, such as where such right requests may prejudice the rights and freedoms of third parties.

Retention Period

We use your personal data to ensure we provide the best possible customer service to you. Once the relationship with you has ended, we will immediately delete your personal data from our systems, unless we are required to keep that data for the time needed to comply with any legal obligations we may have.

Legal Information

This Privacy Notice has been written based on provisions of the Regulation (EU) 2016/679 (General Data Protection Regulation).

Changes to the Privacy Notice

We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data. We welcome any queries, comments or requests you may have regarding this Privacy Notice.

Version 1.0 of the 20th December 2018.