loader image

Privacy Policy

Privacy Policy

Privacy Policy

This Privacy Policy describes the way we collect, use, store, and protect your personal data when you visit and use our website faoskea.gr. We are committed to protecting your privacy and comply fully with the General Data Protection Regulation (GDPR – Regulation EU 2016/679) and Greek legislation regarding personal data protection.

1. Data Controller

Business Name: Faos Kea

Address: Faos Kea Boutique Hotel, Koundouros Kea

Email: info@faoskea.gr

For any questions regarding the processing of your personal data, you may contact us using the contact details above.

2. Personal Data We Collect

2.1 Data provided by you

We collect personal data that you provide directly to us when you:

  • Make a room reservation through the website form
  • Contact us via email or phone
  • Subscribe to our newsletter
  • Fill out contact forms

This data may include:

  • Full Name
  • Email address
  • Phone number
  • Dates of stay
  • Number of guests
  • Special preferences or requests
2.2 Data collected automatically

When you visit our website, we automatically collect certain information through cookies:

  • IP Address
  • Browser type and version
  • Operating system
  • Pages you visit on our website
  • Date and time of visit
  • Website from which you originated (referrer URL)

3. Purpose of Data Processing

We use your personal data for the following purposes:

Purpose
Processing and management of reservations
Communication regarding your reservation
Issuance of invoices and accounting documentation
Sending newsletters and promotional updates
Improvement of services and the website
Response to inquiries and requests

4. Cookies and Similar Technologies

Our website uses cookies to improve your browsing experience and analyze website usage.

4.1 What are Cookies

Cookies are small text files stored on your device when you visit a website. They are used to make websites work more efficiently and provide information to their owners.

4.2 Types of Cookies We Use

Necessary Cookies (WordPress)

These cookies are essential for the functioning of the website and cannot be deactivated:

  • wordpress_[hash]: This cookie is used to identify logged-in users
  • wordpress_logged_in_[hash]: Indicates when you log in and who you are
  • wp-settings-{time}-[UID]: Stores individual user settings
  • PHPSESSID: Maintains the user session

Functional Cookies

  • cookie_consent: Stores your preference regarding cookies
  • language_preference: Stores your language preference

Analytical Cookies (optional)

With your consent, we use analytical cookies to understand how visitors use our website:

  • Google Analytics
4.3 Cookie Management

You can control and/or delete cookies as you wish. You can delete all cookies already on your computer and set most browsers to prevent them from being placed.

Note: If you choose to deactivate cookies, some website functions may not work correctly.

5. Disclosure of Data to Third Parties

We do not sell, rent, or share your personal data with third parties for commercial purposes under any circumstances.

All collaborating payment and reservation providers are obligated to protect your data and use it only for the purposes we have assigned to them.

5.2 Legal Obligations

We may disclose your personal data if required by law or in response to legal requests by public authorities.

6. Cross-border Data Transfers

Your data is stored only on servers within the European Union. We ensure that:

  • The provider complies with GDPR
  • Appropriate safeguards exist (e.g., Standard Contractual Clauses)
  • The data is protected according to European standards

7. Data Retention Period

We retain your personal data only for as long as is necessary for the purposes described in this policy:

Data Type Retention Time
Reservation details 5 years (accounting obligations)
Invoices and financial data 10 years (tax obligations)
Email communication 3 years from the last communication
Newsletter subscriptions Until unsubscription
Cookies Up to 12 months
Website logs 6 months

After these periods expire, the data is deleted in a secure manner or anonymized.

8. Data Security

We take the security of your personal data seriously and have implemented appropriate technical and organizational measures to protect it:

  • SSL/TLS encryption: Our website uses HTTPS for secure data transmission
  • Secure storage: Data is stored on secure servers with limited access
  • Security updates: WordPress and all plugins are kept updated
  • Limited access: Only authorized personnel have access to personal data
  • Strong passwords: Use of strong passwords and authentication controls
  • Regular backups: Creation of backups to protect against data loss

9. Your Rights under GDPR

According to GDPR, you have the following rights regarding your personal data:

Right of Access (Article 15)

You have the right to receive confirmation as to whether we are processing your personal data and to receive a copy of that data.

Right to Rectification (Article 16)

You can request the correction of inaccurate personal data or the completion of incomplete data.

Right to Erasure – “Right to be Forgotten” (Article 17)

You can request the deletion of your personal data, unless there is a legal reason for its retention (e.g., tax obligations).

Right to Restriction of Processing (Article 18)

You can request the restriction of the processing of your data under certain circumstances.

Right to Data Portability (Article 20)

You can receive your data in a structured, commonly used format and transfer it to another controller.

Right to Object (Article 21)

You can object to the processing of your personal data for reasons related to your particular situation.

Right to Withdraw Consent

Where processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of the processing based on consent before its withdrawal.

How to exercise your rights

To exercise any of the above rights, contact us at info@faoskea.gr.

We will respond to your request within 30 days of receipt. In complex cases, it may be extended by an additional 60 days, for which you will be informed in a timely manner.

Right to Lodge a Complaint

If you believe that the processing of your personal data violates GDPR, you have the right to lodge a complaint with the Hellenic Data Protection Authority, provided you have contacted us first.

10. Minors

Our services are not addressed to individuals under 18 years of age. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe that your child has provided us with personal data, contact us immediately so we can delete this information.

Reservations for minors must be made by a parent or legal guardian.

11. Links to Other Websites

Our website may contain links to other websites not operated by us. If you click on a third-party link, you will be directed to that third party’s website.

We strongly recommend that you review the Privacy Policy of every website you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.

12. Amendments to the Privacy Policy

We may update our Privacy Policy from time to time. We will inform you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date at the top of this page.

We advise you to check this Privacy Policy periodically for any changes. Changes to the Privacy Policy take effect when they are posted on this page.

In case of significant changes, we will inform you via email (if you have provided us with your email address) or with a prominent notice on our website.

13. Contact

For any questions regarding this Privacy Policy, the website practices, or your transactions with the website, contact us at info@faoskea.gr or through the contact page.

We will be happy to answer any question or concern you may have regarding the protection of your personal data.