All policies

Privacy Policy

Effective date: 13 July 2026

This Privacy Policy explains how Rego collects, uses, shares, stores and protects personal information when travelers, Providers and visitors use the Platform.

1. Who is responsible for your information

The primary operator and data controller is [LEGAL ENTITY NAME], located at [REGISTERED OFFICE ADDRESS]. Privacy questions may be sent to privacy@rego.services.

For a Provider's independent service, that Provider may separately control information needed to deliver the booking. Its own privacy notice may also apply.

2. Information we collect

Account and identity information, such as name, email, phone number, date of birth where required, profile photo, nationality or identity documents used for verification.

Booking and service information, such as destination, dates, guests, preferences, communications, special requests, booking history, cancellations and complaints.

Provider information, such as business ownership, registration, licenses, tax information, bank or payout information, addresses, staff contacts, listings and verification documents.

Payment and transaction information, such as payment status, amount, currency, processor reference, refunds and fraud signals. Complete card details are generally handled by the relevant payment processor rather than stored by Rego.

Location information, when permission is granted, including approximate or precise device location for nearby services, navigation, roadside help or map functions.

Device and usage information, including IP address, browser, device identifiers, operating system, pages viewed, clicks, session activity, diagnostic logs and cookie identifiers.

Content and communications, including support messages, calls or chat records where lawfully recorded, reviews, Safarnama posts, images, videos and Provider responses.

Information from third parties, including Providers, payment processors, identity-verification vendors, map services, analytics tools, public sources and people making a booking on your behalf.

3. How we use information

To create accounts, display listings, process booking requests, facilitate payments, send confirmations and enable communication between travelers and Providers.

To verify identities and businesses, prevent fraud, protect accounts, investigate misuse, enforce policies and respond to safety incidents.

To provide customer support, handle cancellations, refunds, disputes and complaints, and maintain transaction records.

To operate and improve search, recommendations, Rego AI, Rego Map, road updates, accessibility, personalization, analytics and Platform performance.

To send essential service communications and, with consent where required, marketing messages, offers, surveys and partner promotions.

To comply with legal obligations, lawful authority requests, tax, accounting, audit, licensing and dispute-resolution requirements.

4. Basis for processing

Depending on the activity and applicable law, Rego processes information because it is necessary to provide a requested service or perform a contract; because the user has given consent; because Rego has a legitimate operational, security or improvement interest; or because processing is required by law.

Where consent is used, it may be withdrawn for future processing through the relevant setting or by contacting Rego. Withdrawal does not invalidate processing completed before withdrawal.

5. How we share information

With Providers and travelers as necessary to request, confirm and fulfill bookings. This may include names, contact details, dates, guest details and special requests.

With payment processors, banks, wallets, payout providers and fraud-prevention services to complete transactions.

With hosting, cloud, communications, customer-support, identity-verification, mapping, analytics, security and marketing vendors acting under contractual or legal obligations.

With professional advisers, insurers, auditors and potential investors or buyers in a legitimate corporate transaction, subject to confidentiality safeguards.

With authorities or other parties where reasonably necessary to comply with law, protect rights and safety, investigate fraud or respond to emergencies.

Rego does not sell personal information for money. Rego will not share personal information for unrelated third-party advertising without the notice or consent required by applicable law.

6. International data transfers

Rego may use Providers and technology vendors located in Pakistan or other countries. Data-protection standards may differ between countries.

Where required, Rego will use appropriate contractual, technical or organizational safeguards and limit transfers to information necessary for the stated purpose.

7. Data retention

Rego keeps information only for as long as reasonably necessary for bookings, support, security, legal, tax, accounting, dispute and legitimate business purposes.

Retention periods vary by record type. Account data is generally retained while the account is active; transaction and compliance records may be retained longer where law or dispute risk requires it; marketing preferences are retained until changed or no longer needed.

Information may be anonymized or aggregated so it can no longer reasonably identify an individual, after which it may be used for analytics and planning.

8. Security

Rego uses reasonable administrative, technical and physical measures designed to protect information, including access controls, authentication, encryption where appropriate, logging, backups and vendor controls.

No internet service is completely secure. Users must protect their credentials and avoid sending sensitive information through unsecured channels.

Where a security incident creates a material risk, Rego will investigate, contain it and provide notices required by applicable law.

9. Your choices and rights

You may request access to, correction of or deletion of personal information, object to or restrict certain uses, withdraw consent, request account closure or ask for a portable copy where these rights apply.

Some information may be retained where needed for legal obligations, fraud prevention, transactions, disputes or the rights of others.

You may disable location access in device settings, unsubscribe from promotional email through the message link, change notification settings and manage cookies through the consent tool or browser.

Rego may request identity verification before completing a privacy request. Send requests to privacy@rego.services.

10. Children

Rego is not intended for independent use by children under 18. A parent or guardian must make bookings and provide required information for a minor.

If Rego learns that a child submitted personal information without appropriate authorization, Rego will take reasonable steps to delete or restrict it.

11. Public content

Reviews, profile information and Safarnama posts selected as public may be visible to other users and search engines. Do not publish identity documents, private addresses, payment details or information about another person without permission.

Deleting content may not immediately remove copies already shared, cached, legally retained or included in transaction records.

12. Cookies and similar technology

Rego uses cookies and similar tools as described in the Cookie Policy. Non-essential analytics or advertising technologies should be used only in accordance with the consent choices required by applicable law.

13. Third-party services

Third-party payment, map, social-login, messaging and booking services may collect information under their own privacy notices. Review those notices before using the relevant feature.

14. Changes and contact

Rego may update this Policy and will show the revised effective date. Material changes will be highlighted where appropriate.

Privacy contact: privacy@rego.services. Postal contact: [REGISTERED OFFICE ADDRESS].