PRIVACY POLICY SUMMARY
The present document refers to the Privacy Policy related to the present website (https://rhodesadventures.com) owned by Carolien Brix Limited Liability Company, with VAT No 800404310, Dodonis 2, Rhodes, Greece, e-mail info@rhodes-adventures.com, tel. +30 6974731450, +30 6941429595(also referred as “the company”, the “website” or “we”). This document holds every information and provisions required by law regarding the collection and processing of your personal data. Therefore we endorse you to read them carefully. For any question regarding this policy, you may contact us via the methods stated above.
Browsing through https://rhodesadventures.comand using the services offered, we assume that you agree to this Privacy Policy.
ABOUT THIS WEBSITE
As it is already stated above, the present website (https://rhodesadventures.com) is related to tour services provided by Carolien Brix Limited Liability Company. You can use this website in order to get information about the business, and the services we provide, communicate with us, and/or complete your booking or enquiry.
WHAT PERSONAL DATA MEANS
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
WHAT DATA PROCESSING MEANS
Data processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
DATA CONTROLLER
Data controller for the personal data mentioned in the present policy is Carolien Brix Limited Liability Company, with VAT No 800404310, Dodonis 2, Rhodes, Greece, e-mail info@rhodes-adventures.comtel. +30 6974731450, +30 6941429595. It is the legal person which determines the purposes and means of the processing of personal data. For any issue related to the process of your personal data you should contact the data controller with the above mentioned means.
COLLECTING AND PROCESSING YOUR PERSONAL DATA
When browsing the site, personal data is not collected, except for what is mentioned in the “cookies” section. As far as the use of the services described on the website, it is necessary to collect and process your personal data in accordance with the following terms:
COLLECTION METHOD
Your data is collected though the methods provided in this website, including booking, enquiring or contact forms or sending an e-mail.
PURPOSE OF PROCESSING
The purpose of data processing is:
- A) The ability to communicate with you through the use of electronic forms, emails and any other appropriate means.
- B) Book the services provided in the website.
- C) To safeguard the interests of the company according to its policy as well as the existing legal status.
- E) Receive from you informative emails regarding the use of the service (tips, instructions, information) and inform you about news and offers of the company.
- F) Your billing for our services as well as compliance with statutory obligations (tax, insurance, etc.).
COLLECTABLE DATA
The personal data we may process is:
- Name and surname
- The place where you stay during your vacation and room number
- Phone Number
- Information on your driving license (licence copy)
- Information on your ID or passport (identity / passport copy)
- Data provided through the payment receipt
We encourage you not to share with us your personal data that is not necessary for your booking.
NON-COLLECTABLE DATA
We inform you that we do not gather information or in any other way get access to data related financial information, including your banking accounts, credit cards or related passwords. Every payment is completed through Mollie.com e-payment services, and its related payment service companies (iDeal, Sofort etc.). All financial information are stored by our payment processor (Mollie.com) and/or its affiliates. They does not transmit, disclose or in any other way transfer your payment data to us, except the payment receipt, needed to complete your booking. For any information regarding the payments’ processor privacy policy please visit https://www.mollie.com/en/privacy
PROTECTION OF YOUR DATA
Your above mentioned data will not be at any way willingly disclosed by transmission, dissemination or otherwise made available to third parties unless specifically mentioned above. We take every relevant measures to prevent breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. These measures may include SSL connection, encryption, secured servers etc.
SPECIAL/SENSITIVE PERSONAL DATA
During the booking process or any other interaction with this website (contact or enquires) we do not ask, gather, or process any sensitive data. Sensitive data are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If, at any case, we ask you about sensitive data it will be only to ensure that you are able to join some certain activities (i.e. scuba diving).
LAWFULNESS OF PROCESSING
The lawfulness of the processing is based on the following:
- A) Processing is necessary for the performance of a contract to which the data subject is a contracting party
- B) Processing is necessary to comply with a legal obligation of the controller.
- D) Processing is necessary to safeguard the vital interest of the data subject or other natural person
- C) Consent of the data subject.
DURATION OF THE PROCESSING
Except for data related to compliance with legal obligations, your personal data is retained only for the purposes of completing the booking and receiving the services. That means that we need these data until the day that we provide you the services you have booked.
Emails that are retained for communication purposes (newsletters, offers etc.) are kept indefinitely until you request them to be deleted.
CATEGORIES OF RECIPIENTS
The data is processed by the company as stated above. However, for the purposes of its proper operation and its future improvement, the company reserves the right to transmit the data to third party persons legal or natural, that are related to the operation of the service:
(a) a communications company on the provision of service updates.
(b) executives and associates of the company responsible for the proper provision of the service.
(c) the company that conducts the transfers from and to the hotel and the location of the service. In order to be able to provide the transfer services we share with them a) your first and last name b) your hotel address c) your room number (only of the person who has booked the services).
MINORS DATA
Under this website we do not collect minors data. We do not accept bookings and enquiries from persons under 18 years old. However, it is impossible to know who access and uses our website, therefore we encourage the parents to contact us if they notice any such activity by minors in order to delete their data. It is mentioned that before you receive a service as a minor, the personal data of name and surename will be collected by us, with the consent of your patron/parents.
UNSUBSCRIPTION
In case that you receive newsletters from us (regarding informational or promotional content) and you wish not to receive any more, you have the ability to unsubscribe. You can do it by pressing the “unsubscribe” button at the bottom of the newsletter.
PERSONAL DATA COLLECTED EXCEPT FOR THIS WEBSITE
The present privacy policy refers to the data collected and related to this website, as already mentioned above. The business, though, may collect or process additional data, as for example those included in the “liability form”.
RIGHTS OF THE DATA SUBJECT
According to the legislation you have the following rights regarding your personal data:
- Right of access: You can access and/or receive a copy of your personal data after request. You have to obtain from us confirmation as to whether or not personal information concerning you is processed and access to the personal information.
- Right to rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to erasure (right to be forgotten): Under certain conditions required by the law, you have the right to obtain from us the erasure of personal data concerning him or her without undue delay.
- Right to restriction of processingUnder conditions required by the law, you have the right to obtain from us restriction of processing of your personal data.
- Right to data portability. You have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us.
- Right to object:You have the right to object to the processing of your data on grounds relating to your particular situation.
- Right to complain: If you believe that there is a violation of your rights, regarding your personal data you can file a complaint to the Greek Data Protection Authority (http://www.dpa.gr/), or any other competent authority.
In order to exercise your above mentioned rights please contact us at info@rhodesadventures.gr
The above, are considered as information to be provided to the data subject according to art. 13 of the GDPR.
These terms have been drafted in 02/06/2019