Covid-19 Measures

Privacy Policy

General

Our Company www.hoteltransfers.gr ("we" or "us") is committed to protecting the information that you share online, using our Website. We treat the personal data you give to us with care and transparency, acting according to the European Regulation 2016/679 (GDPR) on the protection of the personal data and on the free movement of such data and the Greek Legislation.

We encourage you to read this Privacy Policy carefully when using our website or services or transacting business with us. By reading this Privacy Policy, the user is hereby informed on how we collect, process and protect personal data furnished through our website at www.hoteltransfers.gr Please read this privacy policy carefully before you start using our website.

By accessing, browsing and using our website, you confirm that you accept this Privacy Policy. If you do not want your data to be used as set out in this Privacy Policy, you should not use our website. Your use of our Sites, including any orders you place, is governed by our Terms and Conditions  and our Cookie Policy . Please take the time to read these, as they include important terms which apply to you.

Who are we?

Below you will find the updated Privacy Policy for www.hoteltransfers.gr, which applies to any information provided or collected through our website. Our company is based in 255 Rodos – Lindos Avenue, Rhodesi, P.C. 85100. We are authorized by the Greek National Tourism Organization (EOT) with a registry Number ΜΗ.Τ.Ε: 1476E 0000008300.

If you have any questions about how we treat your personal data, please contact  us via email to info@hoteltransfers.gr

This Policy (together with our Terms & Conditions and any other documents referred to in such terms and conditions) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us, and applies to all of your personal data irrespective of the medium or method by which we obtained/received your personal data.

Please read this Policy carefully. Entering into this website and start using our website in accordance with the terms of this policy indicates that the user (either "user" or "you") has reviewed this policy and has agreed to be bound by it as well as our Terms of Use.

Our website may, from time to time, contain links to other websites which are outside of our control and are not covered by this Policy. We do not own, operate or control the websites of those third parties and as a result we do not accept any responsibility or liability for other sites’ privacy policies. If you access other websites using the links provided, we encourage you to check their policies before submitting any personal information.

Definitions

In this Policy, the term “personal data” means data relating to a living person who is or can be identified either from the data, or from the data in conjunction with other information, that is in, or is likely to come into, our possession, and includes personal data as described in data protection legislation (as defined below).

The term "Supplier" is the third party transport providers, with which our company has a contract.

The term "Data processing" means Any operation or set of operations which is performed on personal data, such as collecting, recording, organizing, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, dissemination or otherwise making the data available, aligning or combining data, or blocking, erasing or destroying data. Not limited to automatic means.

The term "Data Retention" means The policies and processes used within our Company for determining the time period for archiving and storing of personal data.

What kind of personal data we collect and how we use it?

We fully respect your privacy and we try to be transparent in our policies such as to what information we will collect and how we will use your information. Also, we only collect and use individual user details where we are legally entitled to do so or/and  when we have a legitimate right to do so and/or when we operate a contract or when we have a pre-contractual relationship with you.

When you visit our website, we may collect:

  1. Information such as your computer’s IP address, browser type and version and anonymous information collected from cookies when you are browsing our website for statistical purposes. We collect this information to help us understand how to improve our services and our website and its content. We have a legitimate business interest for this processing: to ensure that our website is operating effectively and to provide you with great services and user experience; (For more information visit our "Cookie Policy")
  2. We may collect information such as your name, surname, email address, country and telephone, your travel details (arrival/departure time and flight number, accommodation name and credit card details (name surname of the card holder, credit card number, ccv, expiry date) in case you proceed to a booking using our online booking platform in order for us to arrange your transfer with the Supplier of the service (fulfillment of a contract/legitimate interest)
  3. Data provided by users for changing or cancelling their bookings: booking reference and booking email. (fulfillment of a contract/legitimate interest)
  4. We may collect information such as company name, email address, website, address, contact name and phone in order to register a travel agent in our services (fulfillment of a contract/legitimate interest)

Reasons for data collection ( legal basis)

- To fulfill our contractual obligations (booking, cancellations, payments etc)

- We have a legitimate business interest to collect this information: to continue to improve the services we provide to you, for statistical purposes, for better user experience and to answer to your questions and requests.

When we use the legitimate interest as the legal ground for our data processing, we always secure this by performing a balancing assessment, that verifies and balances our interest to process the data versus the individual’s right to privacy. 

If you submit any personal information about other people to us or to our service providers (e.g. business colleagues), you represent that you have the authority to do so and to permit us to use their personal information in accordance with this privacy policy.

How we collect personal data

We may collect personal information from a variety of sources, including:

  • Directly from you or someone acting on your behalf: We may collect personal information you or someone acting on your behalf shares with us such as your name and your contact details.
  • Through our services: We may collect personal information about you when you use our services, for example, when you make a transfer booking.

Minors

The services offered by us are not directed at children under 16 years old. For children younger than 16 years old, the use of any of our services is only allowed with the valid consent of a parent or a guardian. If we become aware that we process information of a child under 16 years old without the valid consent of a parent or guardian, we reserve the right to delete it.

 Data disclosure

In certain circumstances, we may share your personal information with third parties:

  1. The Supplier : In order to complete your booking and fulfil the contract we have with you we will transfer relevant reservation details to the Supplier. We encourage you to review the privacy policies of any travel supplier whose products you purchase through this website. If you have a query about your transfer, we may contact the Supplier and ask them to handle your request. Please note that these suppliers also may contact you as necessary to obtain additional information about you, facilitate your transfer reservation, or respond to a request. In cases of reservation-related disputes, we may provide the Supplier with information about the reservation process as needed to handle the dispute. This may include a copy of your reservation confirmation as proof that a transfer was actually made.
  2. Third-party service providers: We use service providers to process your personal data on our behalf. This processing is for several purposes, including. website hosting, data analysis, payment processing, customer service, email delivery, credit card processing, auditing, consulting and other similar services Third party service providers are bound by confidentiality clauses and are not allowed to use your personal data for other purposes than instructed by us
  3. Payment providers and (other) financial institutions: We may share your credit card information with Alpha Bank in order for them to authenticate and charge your credit card. When a chargeback is requested for your transfer reservation by either you or by the holder of the credit card used to make your reservation, we need to share certain reservation details with the payment service provider and the relevant financial institution to handle the chargeback. This may also include a copy of your reservation confirmation or the IP address used to make your reservation. We may share information with relevant financial institutions, if we consider it strictly necessary for fraud detection and prevention purposes.
  4. Public authorities under a legal obligation. We disclose personal data to law enforcement insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud or if we are otherwise legally obliged to do so. We may need to further disclose personal data to competent authorities to protect and defend our legitimate business rights or properties, or the rights and properties of our business partners.
  5. Our advisors, which includes our accountants, auditors, lawyers, other professional advisors and business contacts for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations;

Our company does not share or sell your personal information with non-affiliated third parties without your knowledge and explicit consent for their own marketing or commercial use.

International transfer of personal data

Your personal data will not be transferred to countries outside the EU.

In case we may need for some reason to transfer such data,  we will only transfer such data in countries that satisfy the adequate or comparable levels of protection in order to protect personal data held in that jurisdiction, and (where we are required to do so) with your consent.

In case personal data is transferred from the EU to outside the EU, we use Model Clauses, ensuring that such data transfers are compliant with applicable privacy legislation.

Linked services, third party sites and content

Our website may, from time to time, contain links to other websites which are outside of our control and are not covered by this Policy. We do not accept any responsibility or liability for other sites’ privacy policies. If you access other websites using the links provided, please check their policies before submitting any personal information.

Your rights

As a data subject, you have a number of rights. You can:

  1. a) access your personal data stored at any time. You can also ask for free copy of this information. Furthermore, the data subject can have access to the following information:
  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing;
  • the existence of the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.
  1. b) require us to rectify, inaccurate, incorrect or incomplete data; (right to rectification)
  2. c) obtain from us the erasure or the limitation of the data processing, in certain situations, for example where the data is no longer necessary for the purposes of processing; (right to erasure and the right to restriction of processing)
  3. d) receive your Personal Information, which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that data to another entity without limitation. (right to data portability)
  4. e) object to the processing of your data where we are relying on our legitimate interests as the legal ground for processing. (right to object)
  5. f) If you believe that the organisation has not complied with your data protection rights, you can file a complaint to the Greek Data Protection Authority (http://www.dpa.gr/portal/page?_pageid=33,15048&_dad=portal&_schema=PORTAL)

We rely on you to ensure that your personal data is complete, accurate and current. Please do inform us promptly of any changes to or inaccuracies of to your personal data by contacting us.

Where we base our data processing on our legitimate interest or the public interest, you have the right to object at any time to that use of your personal data subject to applicable law.

For any of your requests in regards to this Privacy Policy and to exercise any of your rights or if you have a complaint, please contact  us at info@hoteltransfers.gr

We are entitled to refuse a data access request from you where (i) such request is manifestly unfounded or excessive, in particular because of its repetitive character (in this case, if we decide to provide you with the personal data requested, we may charge you a reasonable fee to account for administrative costs of doing so), or (ii) we are entitled to do so pursuant to data protection legislation.

To access what personal data is held, identification will be required (see below).

How we protect your personal data

Our company is designed to provide reasonable and appropriate organizational, technical, and administrative measures to protect your personal data against unauthorized or unlawful access, alteration, disclosure, or destruction. We use a secure online transmission procedure, the so-called "Secure Socket Layer" (SSL) transmission, to protect the personal data of our users. You can see this from the fact that an "s" (https://) is added to the address component http://. The SSL encryption guarantees that your data is transmitted in an encrypted and complete way.

We observe reasonable procedures to prevent unauthorised access to, and the misuse of, personal data and protect the data we hold, our systems, networks, and services.

We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.

Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us by contacting us  at info@hoteltransfers.gr.

For your protection, we will only implement requests with respect to personal information about you (not anyone else), and we may need to verify your identity before implementing your request. We will comply with your request as soon as reasonably practicable and in accordance with applicable law. We will try to respond to your requests within 30 working days.

We may need to retain your personal data for as long as we deem it necessary to enable you to use our services, to provide our services to you (including maintaining the online booking account (for booking changes and cancellations), to comply with applicable laws, resolve disputes with any parties and otherwise as necessary to allow us to conduct our business, including to detect and prevent fraud or other illegal activities. All personal data we retain will be subject to this Privacy Policy. If you have a question about a specific retention period for certain types of personal data we process about you, please contact us via the contact details provided below.

Data retention period

We will maintain Personal Information for as long as it is necessary to comply with any applicable law(s), or for as long as necessary for the purpose(s) set out in this Privacy Policy or while there is a legitimate business reason for doing so. We will delete Personal Information when it is no longer needed and/or take steps to properly anonymize it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which we are subject) and, in any case, upon expiration of the maximum storage term set forth by applicable law. In general, your personal data will be retained by us for two years from the last date of contact or transaction.

For travel agents, we may store their information for as long as they maintain their profile account. For deletion requests please send us an email at info@hoteltransfers.gr

Cookie Policy

Our website uses cookies. A "cookie" is a small file of letters and numbers that is sent to your computer by a website and automatically saved on your computer by your web browser (e.g. "Internet Explorer"). Each time you request a page from the website, your web browser sends this cookie back to the website server.

You are not obliged to accept cookies. If you wish, you can set your browser to notify you before you receive a cookie so you have the chance to accept it and you can also set your browser to refuse to receive or send all cookies. The website www.allaboutcookies.org  contains step-by-step guidance on how cookies can be switched off by users.

For more information about our cookie policy visit: .... 

Special categories of personal data

We do not collect sensitive personal data, unless you provide us them along with an explicit consent for every related purpose of processing.

Social media login

Our websites and apps provide plug-ins to social media websites, including Facebook and Twitter.

If you make use of, or log-in to, the social media features on our websites or apps, we may (depending on your privacy settings) access, use and store information about you, including, but not limited to: your name, e-mail address, gender, location, profile, picture, contacts, and any other information you have chosen to make available.

To find out more about the reasons and extent to which social media sites collect and process your data, or to change your privacy settings, please refer to your social media provider’s privacy policy.

Updates to this Privacy Policy

We may change this Privacy Policy from time to time. Any changes to this privacy policy will become effective when we post the revised Privacy Policy on our website. Your use of our website services following these changes means that you accept the revised Privacy Policy. We encourage you to periodically review this privacy policy to stay informed about how we collect, use, and share personal information.

Contact

If you would like to get in touch with us, please contact:

hoteltransfers.gr

Airport Transfer Services
255 Rodos - Lindos Avenue
85100 Rhodes GR
Gr t.  +30 2241 0 85332 – f. +30 22410 85662
UK t. +44 20 339 32052
info@hoteltransfers.gr