Privacy Policy

Last updated: 2026

Milleo respects your privacy and handles your information with care. This policy explains what data we collect, why we collect it, how it is used, and the rights you have under GDPR. If you have any questions, write to us at hello@milleo.pt.

Who We Are

Milleo is a short-term rental hospitality brand operating in Porto, Portugal. For privacy matters, Milleo acts as the data controller for information collected on this website and through direct communication channels.

What Data We Collect

We only collect data that helps us provide our service or respond to your questions.
a) Data you provide directly: Name, Email address, phone number (optional), booking details (dates, number of guests), property information (for owners contacting us), any message you send through our contact form or email.

b) Booking-related data - when you book a stay directly with Milleo: Guest names, payment information (handled securely by our payment provider; we do not store card numbers), stay details (duration, number of guests, preferences).

c) Technical data. Collected automatically through cookies and analytics: IP address, device type and browser, pages visited and time spent on the site, basic location (city-level, not precise location).

We do not use intrusive tracking or advertising cookies.

Why We Collect This Data

We use your data only for legitimate purposes:

Service-related

Managing your booking
Communicating before, during, and after your stay
Providing arrival instructions and support
Sending owner-related information when requested
Ensuring safety, compliance, and smooth operations

Legal & administrative

Invoices, guest records, and required AL compliance
Recording consent for GDPR obligations
Responding to legal or regulatory requests

Website & improvement

Understanding how visitors use our site
Improving content, usability, and performance

We do not sell, rent, or share your data with third parties for marketing.

Who Has Access to Your Data

We only share information when necessary:

a) Service Providers

Cleaning teams (guest names only when needed)
Maintenance partners (limited to what they need)
Payment processor (for secure transactions)
Booking engine / PMS system for scheduling and communication
Email or form providers used to respond to inquiries
Each partner is GDPR-compliant and bound by confidentiality.

b) Legal obligations
If required by Portuguese authorities (e.g., SEF / AIMA guest records), we provide legally required guest information.

How Long We Keep Your Data

We retain data only as long as necessary:

Booking records: 10 years (legal requirement for invoicing and accounting)
Contact form messages: up to 24 months
Analytics data: up to 12 months
Owner inquiries: 12–24 months, or longer if a collaboration begins

When data is no longer needed, we delete it securely.

Your Rights (GDPR)

You have the right to:

Access your data
Correct your data
Request deletion (“right to be forgotten”)
Request a copy in a portable format
Object to certain processing
Withdraw consent at any time
File a complaint with your local data protection authority

To exercise any right, contact: hello@milleo.pt.

Cookies

We use only essential and analytical cookies, such as:

Session cookies (required for pages to function)
Analytics cookies (anonymous usage statistics)

We do not use:

Advertising cookies
Retargeting cookies
Third-party marketing trackers

You can manage cookie preferences in your browser at any time.

Data Security

We protect your data through:

Encrypted connections (SSL)
Secure payment processing
Access controls for sensitive data
GDPR-compliant systems and storage

While no system is 100% secure, we follow industry-standard practices to keep your data safe.

Updates to This Policy

If we update this Privacy Policy, we will adjust the “Last updated” date and post changes here.
You are encouraged to review it occasionally.