Skip to content

Sithonian Sunset Luxury Apartments

Menu
Book

Privacy Policy

  1. Introduction The present Privacy Policy describes how our website collects, uses, stores and protects the personal data of its visitors and customers. We are committed to protecting your privacy and processing your data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Greek and European legislation.
  2. What is Personal Data? Personal data is any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one whose identity can be verified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier or one or more factors that approximate the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
  3. Data We Collect In order to make any booking or transaction with our website, it is necessary for you to provide certain personal data, which are collected for security reasons and to complete the provision of the service. We collect the following types of personal data:

Booking/Customer Data:

  • Full Name
  • Address (street, number, city, postal code) – necessary for the issue of the legal proof.
  • Telephone Number – necessary for immediate communication about your appointment.
  • Email Address
  • Booking Details: Date and time of the service, number of people, and any special requests or comments regarding the booking.
  • Sign in/Account Data: When you create an account or sign in to manage your bookings.
  • Payment Data: We do not store credit card information. Payments are processed through secure third-party payment gateways (Banking system).
  • Contact Data: When you contact us via the contact form or by email, we collect your full name and email address.
  • Usage Data: Information about how you use our website (e.g. pages visited, services viewed). These are collected via cookies. For more information, please see our Cookies Policy.
  1. Purposes of Processing and Legal Basis We process your personal data for the following purposes and on the respective legal bases:

For Processing and Managing Bookings:

  • Purpose: Checking availability, confirming the booking, providing the service, managing payments and any cancellations or refunds.
  • Legal Basis: The performance of a contract to which you are a party (completion of the booking).

For Customer Account Management:

  • Purpose: The creation and management of your account, booking history.
  • Legal Basis: Contract performance (when you create an account) and our legitimate interest in providing a personalised experience.

For Communication and Reminders:

  • Purpose: Sending confirmations, reminders for your appointment, or updates on any schedule changes.
  • Legal Basis: Our legitimate interest in the smooth operation of our services and the best possible customer service to you.

For Promotional Activities (Newsletter/Offers):

  • Purpose: Sending informative material, offers or new services.
  • Legal Basis: Your consent, which you can withdraw at any time.

For User Experience Improvement and Analysis:

  • Purpose: Analysis of the use of the website to improve our services.
  • Legal Basis: Our legitimate interest or your consent (for marketing cookies).

For Compliance with Legal Obligations:

  • Purpose: Compliance with tax and accounting obligations, compliance with requests from Public Authorities.
  • Legal Basis: Compliance with legal obligation.
  1. Data Recipients The data you provide on our website is under no circumstances disclosed to third parties for their own commercial purposes. However, in order to complete the booking and provide our services, we may share your data with the following partners:
  • Payment Providers: Banking institutions or online payment platforms (e.g., Stripe, PayPal, Viva Wallet) for processing payments.
  • Accounting/Technical Companies: To meet our accounting and tax obligations.
  • Providers of Web Hosting & Technical Support: For the technical support and operation of the booking system.
  • Data Analysis Service Providers (e.g. Google Analytics): To monitor traffic and improve the website.
  • Calendar Management Platforms (optional): In case synchronisation with external calendars (e.g. Google Calendar) is required for availability reasons.

In all cases, we ensure that our partners adhere to the same strict data protection standards and act as processors on our behalf. In addition, we may disclose your data to public authorities if required by law.

  1. Duration of Data Retention We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected.
  • Booking/Customer Data: They are retained for the period required by tax legislation (e.g. 10 years from the issue of the proof).
  • Sign in/Account Data: They are kept for as long as you maintain an active account on our website.
  • Newsletter Data: They are retained until you withdraw your consent (unsubscribe).
  • Cookies Data: Please refer to the Cookies Policy for the lifespan of cookies.
  1. Your Rights You have the following rights regarding your personal data, in accordance with the GDPR:
  • Right of Access: Request information and access to the personal data we retain about you.
  • Right of Rectification: Request the correction of inaccurate or incomplete information.
  • Right to Deletion (“Right to Erasure”): Request the deletion of your personal data under certain conditions (e.g. when it is no longer necessary or if you withdraw your consent). Note: This right does not apply if the retention of the data is mandatory by law (e.g. tax information).
  • Right of Processing Restriction: Request the restriction of the processing of your data, in specific cases.
  • Right of Data Portability: Receive your data in a structured format and transfer it to another controller.
  • Right of Objection: Object to the processing of your data if it is based on legitimate interest.
  • Right of Withdrawal of Consent: Withdraw your consent at any time (e.g. for the Newsletter), without affecting the lawfulness of the processing based on the consent before its withdrawal.

To exercise any of the above rights, please contact us at the details provided below.

  1. Data Security Your data is collected and retained securely. We take all necessary technical and organizational measures (including the use of SSL encryption protocols) to protect your personal data from loss, misuse, unauthorised access or disclosure. Electronic payments are made in the secure environment of the partner payment institutions.
  2. Right of Complaint If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the competent supervisory authority. In Greece, this is the Authority for the Protection of Personal Data (DPA) (www.dpa.gr).
  3. Contact For any questions or clarifications regarding this Privacy Policy or the processing of your personal data, you can contact us