What does it refer to?

The protection of privacy is a major concern for Cala Rossa Bay Resort.

This data protection policy concerns the processing of all personal data carried out by the Cala Rossa Bay Resort company.

In accordance with the General Data Protection Regulation (GDPR), this policy aims to clarify when, why and how personal data is collected and processed by the Cala Rossa Bay Resort Company.

To help you better understand this policy, below we have set out a few definitions:

Personal data: Any personal information that can be used to identify a natural person either directly or indirectly.

Terminal: refers to any electronic device used to process data (tablets, mobile phones, computers, in-store terminals etc.)

Partners: refers to any company used by Cala Rossa Bay Resort to offers its customers a range of products and services, tailored to meet their needs and/or to optimise and/or promote said product offer.

Online customer account: refers to a special customer area, accessed via a user name and password, where the user can perform certain tasks including tracking an order or amending his account details.

Plugin: small programme that can be added to a browser to extend its functionality and, in particular, to allow the user to manage the cookies stored on the browser more easily.


How might this policy change?

This policy is subject to change from time to time. You can check our website to review the latest, updated version.

This policy was last updated on the 17th October 2018.


What personal data is collected and how is it collected?

We may collect and process the following personal data:


Personal data that you provide:

This is information that you supply voluntarily when you submit information via:

This includes, for example, information provided in the course of:

  • Making on-line purchases
  • Communicating with our contact centre
  • Subscribing to the Cala Rossa Bay Resort newsletter
  • Visiting our website

Personal data that we collect may include your name, postal address, e-mail address, telephone number, information about any queries addressed to us and may also include records of any correspondence as well as responses to any surveys.


Personal data that we can collect automatically:

  • Information about your visits to, or transactions on, our website, including: data about traffic, location etc.
  • Technical information, including anonymous data collected by the host server for statistical purposes, for example, the type and version of browser used, the time zone setting, the types and versions of browser plug-ins used, the operating system (example: Windows 10).

We may receive some personal data from sources outside our company, including other entities belonging to the Cala Rossa Bay Resort or third part companies.


Why do we use your personal data?

We process personal data for the purpose of:

    • Facilitating information exchange following a request submitted via our website (for example, we will contact the website user to confirm an in-store appointment request or a consultation at home);


    • Managing relations with our customers, particularly when processing their orders and responding to certain requests (e.g. sending a quote, forming part of an estimate, using a windows configurator, activating guarantees, conducting customer satisfaction surveys about Cala Rossa Bay Resort);


    • Regularly sending news and information about our products/services, brands or initiatives that may be of interest. You can withdraw your consent at any time by contacting us.Contact us


  • Or for any other reason specified at the time of data collection.


In what circumstances are we allowed to use your personal data?

When you have freely and explicitly provided your CONSENT for specified, explicit and legitimate purposes. You can withdraw your consent at any time by contacting us. Contact us

When use of data is necessary for the company’s legitimate business interests, provided that this does not infringe upon your fundamental rights, freedoms and interests (for example, protection of privacy and reputation).

You will find below 2 examples of legitimate company interests:

  • The detection, prevention and reduction of fraud or other illegal activities;
  • Securing the IT network to protect your personal data against loss, alteration, theft or unauthorised access.

When we have a legal obligation,  including:

  • To help a public authority or body as part of an inquiry;
  • To verify the accuracy of the personal data in our possession.


When the processing of your personal data is required in order to FULFILL A CONTRACT.

Who can receive or access your personaldata?

Subsidiaries of the Cala Rossa Bay Resort Group

We may share all or part of your personal data with other companies within the Cala Rossa Bay Resort Group, in particular for internal administrative purposes or to inform you about products and/or services that may interest you.


Our suppliers and service providers

We may disclose all or part of your personal data to external service providers, sub-contractors or other bodies so they can provide us with services or provide you with these services directly, on our behalf. These third parties may include delivery companies, advertising agencies, administrative services, card payment processing services (Monetico), agencies conducting customer satisfaction surveys or other third parties who help support our activities and the running of our website.

When we need to use external service providers, we only reveal the personal data necessary for their work and we draw up a contract setting out the importance of ensuring safety and confidentiality of said personal data and preventing them from using this information for any purpose that does not comply with these specific directives.


Other circumstances in which we may have to share your personal data

We may forward your personal data:

In the event of the transfer of all or part of our company and our shareholders to a third party or as part of the restructuring or reorganization of the company;

If we are under a duty to disclose or share your personal data:

  • In order to comply with any legal obligation, summons or judicial request, identify or report a criminal offence or enforce or apply the terms of a contract;
  • Or to protect the rights, property or safety of Cala Rossa Bay Resort customers and website users.

However, in the various cases outlined, we will always take the appropriate steps to ensure the protection of your personal data.


Where do we store your personal data?

Your personal data is either stored in our database or the databases of EU-based providers. We ensure that providers comply with the latest safety and confidentiality regulations to help guarantee the protection of your right to privacy, as set out in this policy.

In this instance, we will ensure that the appropriate safeguards are in place to maintain the safety and confidentiality of information and help guarantee the protection of your right to privacy, as set out in this policy. These measures will include contractual obligations on the part of the provider regarding your personal data as well as ensuring that all providers adhere to an international framework aimed at guaranteeing adequate protection of data.


How long do we keep your personal data?

We only keep your personal data for as long as needed to achieve the purpose for which it was collected and to meet our various regulatory and legal obligations.

  • 10 years after the placement of an order or issuing of an invoice
  • For the entire duration of the guarantee period for products with a guarantee in excess of 10 years
  • 3 years after providing a quotation
  • 3 years after requesting a meeting with a Cala Rossa Bay Resort sales representative
  • Any data collected from purchases made by a debit/credit card will be deleted at the end of the transaction


What are your rights ?

Subject to any applicable laws and regulations, you can:

  • access your personal data;
  • correct, amend and update your personal data;
  • delete your personal data or restrict the processing of said data;
  • withdraw your consent, where appropriate;
  • object to the use of your personal data to automatically make decisions on your behalf;
  • ask us to send you your personal data in a structured format or forward this data to another controller of your choosing if this is technically possible (data portability);
  • lodge a complaint with the competent supervisory authority and take legal action.


How do we ensure the safety and confidentiality of your data?

We aim to keep your data safe at all stages of the processing operation. Upon receipt of your data, we put in place the appropriate organizational and technical measures as well as various checks to prevent, as far as possible, the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data.


How do cookies work?

Like many other websites, our site uses cookies (including Google Analytics cookies) to help provide an overall idea of the volume and preferences of internet users who visit our website.

“Cookies” are small bits of information sent to your computer and stored on your hard drive which allow our website to recognise you when you visit.

You can block cookies by adjusting the settings on your internet browser.

You can configure your web browser in two ways :

  • You can configure your browser to accept/block cookies automatically or on a case by case basis, depending on the cookie issuer
  • You can configure your browser to accept/block any cookie consent pop-ups on an ad hoc basis, before any potential cookies are stored on your computer.

To access your browser settings, you need to go to your browser’s help menu to find out how to change your cookie settings.

Here are a few links to frequently used search engines:

Internet Explorer™ :

Safari™ :

Chrome™ :

Firefox™ :

Opera :


Contact us

If you would like to contact us, please write to the following address:



To exercise your rights or request information about personal data, please email us at: