top of page
Ino Villa Spetses Island

  Spetses Island 

PRIVACY POLICY AND GDPR COMPLIANCE

Ino Villas Spetses Island

 

1.1 This Privacy Policy (the “Policy”) sets out how we Ino Villas (“Ino Villas” “our” or “we”) headquartered at Analipsi, Spetses 18050 process the personal data of our customers and website visitors (“Users”).

1.2 If you have any questions about this Policy, please contact us at info@inovillas.com

What is the purpose of this privacy policy?

This privacy policy is to tell you what personal data we collect from you and why and what we will do with this data. It also tells you about some of the key rights which you have under data protection laws.

​Since 25 May 2018, the principal data protection legislation in the EU has been Regulation (EU) 2016/679 (the General Data Protection Regulation or GDPR). The GDPR repealed Directive 95/46/EC (Data Protection Directive) and has led to increased (though not total) harmonisation of data protection law across the EU Member States.

Since 29 August 2019, the main data protection legislation in Greece has been Law 4624/2019, which has implemented Regulation (EU) 2016/679 (GDPR) and incorporated Directive (EU) 2016/680. Law 4624/2019 repealed Law 2472/1997, which incorporated Directive 95/46/EC.

 

What is my personal data and what do you mean by process?

1.1. Personal data means any information relating to you which allows us to identify you, such as your name, contact details, booking reference number, payment details and information about your access to our website.

1.2. We may collect personal data from you when you do a reservation with us (either directly or indirectly through our trusted third-party partners), use our website and other websites accessible through our website, or when you contact us.

What personal data will we collect from you and why?

We collect personal data from and about you whenever you use our services, or if you are in touch with us in any way, whether this is directly or indirectly. You may, for example, make your booking or booking enquiry through a travel agent or you may provide personal information to a third party involved in your travel plans such as a local service supplier in Greece. 

Examples of personal data which we might collect include (but are not limited to):

  • names of all persons travelling

  • contact details (such as telephone number, postal and e-mail addresses) of the person making the booking

  • Your group composition; the ages of people in your group, their dates of birth, gender, nationality and passport information

  • dietary information

  • CCTV footage used to keep our villas secure.

  • notes about our interactions with you

  • copies of documents such as passport or driver’s licence

  • Your feedback on our service, including from third parties.

For an enquiry, the personal data we will need to process is likely to include the name and contact details of the person making the enquiry.

For a booking or booking enquiry, we will process your personal data on the basis that this is necessary for the performance of your contract with us or to enable us to take steps at your request prior to your entering into a contract with us. We may also need to do so to comply with a legal obligation to which we are subject or in order to protect your vital interests (for example, in an emergency situation).

Children's privacy

Protecting the privacy of children is especially important for us. For that reason, we do not intend to collect or maintain information at our Website from those we know are under 16 years of age, and no part of our Website is structured to attract anyone under 16. 

Also, in cases we need to collect and process personal data of children under 18 years old, we only do that after obtaining explicit consent from their parents or legal guardians.

 

Who may we provide your personal data to?

Where you make a booking, appropriate personal data will be passed on to the relevant suppliers of your chosen arrangements (such as villa owners, caretakers, experience providers, cooks, car hire companies, restaurants and lidos) together with any other third party (such as banks and/or credit card companies) who need this information so that we can arrange for your holiday to be provided. The information may also be provided to government / public authorities such as customs or immigration if required by them, or as required by law. Certain information may also be passed on to security or credit checking companies.

We only provide third parties with the personal data they require in order to deliver their services. Other than in relation to government / public authorities (over whom we have no control), we will take appropriate steps which are intended to ensure that anyone to whom we pass your personal data for any reason agrees to keep it secure, only uses it for the purposes of providing their services and does not collect any personal data from you in the course performing their services.

 

How do we protect your personal data?

We take appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data, which is appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures.

Can you withdraw your consent to our processing your personal data?

Yes, you can withdraw your consent to receiving marketing material or other communications from us, either generally or in any particular way, at any time by emailing us at info@inovillas.com or you can telephone us.

Where do We collect and maintain the Information?

Your Information may be collected, used, processed, disclosed and transferred to any country where we have commercial activity, facilities or in which we engage service providers. Even though we will assess, monitor and pursue GDPR compliance for the service provider, By using our Services or Online Systems, you consent to the transfer of Information to countries outside of your country of residence, which may have different data protection rules than in your country.

 

How can you find out what information we are holding about you?

You are entitled to ask us (by letter or e-mail) what personal data of yours is being held or processed, for what purpose and to whom it may be or has been disclosed. No fee will be charged for responding to this request unless it is obviously unfounded or excessive or we have previously provided the same information. 

 

What should you do if the personal data we are holding is inaccurate, out of date or incomplete?

If you believe this is the case, please tell us by e-mail as soon as possible. We will rectify the problem within 1 month or within 3 months if the rectification request is complex.

 

How long can we retain and process your personal data?

We will keep Your Personal Information for two (2) years from the last point of contact. You can request to have Your data deleted earlier, which We will comply subject to the applicable law. It is our policy to only store Your Personal Information for as long as is reasonably necessary for Us to comply with Our legal obligations and for Our legitimate business interests. However, We may retain data for longer than a two (2) year period where We have a legal or contractual obligation to do so, or We form the view that there is otherwise a continued basis to do so, for example where Your Personal Information identifies special requests, extraordinary feedback, form historical or reporting Information about past business activity or We are subject to a legal obligation which applies for a longer period. Such Information will not be used for any other purposes and any wise their processing will comply with this Notice.

 

Can you ask us to delete your personal data?

Yes, upon request, and as required by law, you have the right to obtain from us confirmation as to whether or not your Personal Data are being processed, and, where that is the case, access to your Personal Data. You have also the right to request from us rectification of inaccurate Personal Data as well as to supplement incomplete Personal Data or the erasure of inaccurate information, except where the rights of other persons would be violated, legal provisions prohibit it and in any case pursuant to the relevant provisions of GDPR. 

Does your website use cookies?

We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs.

A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Artificial Intelligence or any other related activities

Scraping, scanning, copying, or using any content of this site for any type of purpose or to enrich artificial intelligence of any nature is strictly prohibited.

Can this privacy policy be changed?

Yes, from time to time we may need to make changes to this privacy policy. These may be required as a result of changes in data protection laws or in the guidance issued by regulators. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

See also our Terms and Conditions.

bottom of page