Privacy Policy / GDPR
DATA PROCESSING POLICY & CIVIL DATA PROTECTION :
The Privacy Policy declares our Company's compliance with the Regulation on the Protection of Personal Data, but also respect for the protection of privacy and the security of personal data.
The processing of your personal data that is done for the provision of the services of the General Tourism Company ATHANASIADIS TRAVEL FAMILY to you, is based on the conclusion and execution of a contract.
The processing of your personal data for marketing or promotional purposes, based on your consent.
We retain your personal data for the duration of our transaction and for at least fifteen (15) years in order to be able to fulfill our obligation to maintain accurate records for tax or other administrative authorities.
We retain the personal data of the persons who gave us their consent for promotions until these persons tell us that they no longer wish to receive newsletters or promotional material from us.. Your personal data is not shared or published and is used solely for bookings.
Information such as name, Adjective, Date of birth, phone, e-mail and in some cases travel document information (passport or identity card), are the absolutely necessary data to make reservations.
The above items are used:
1. In Air / Shipping Companies for the issuance of the airline / ferry fare.
2. In Hotels / Rental rooms / Apartments to book the room.
3. In Museums for the issuance of entrance tickets.
4. In Transport and Car Rental Companies, for car rental and the issuance of train / bus tickets.
The General Tourism Company ATHANASIADIS TRAVEL FAMILY will not sell, trade or disclose to third parties information resulting from the registration and use of a service on our website (such as names and addresses) without the consent of the user or customer. The above does not apply in cases of a prosecutor's warrant or other judicial intervention, when there is an imminent danger to the user or to others.
Protection & Personal Data Processing:
Personal data is any information concerning an identified or identifiable natural person. An identifiable natural person is one whose identity can be verified, directly or indirectly, in particular by reference to an identity identifier, such as name, in ID number, in position data, in online (on-line) ID or one or more factors specific to the physical, normal, genetic, psychological, economic, cultural or social identity of that natural person. But even more personal information such as habits, preferences, biometric data, Mrs..
Any Company that handles personal data relating to living individuals, within the EU, is required by 25 May 2018 fully comply with EU Regulation 679/2016, for the protection of personal data.
The validity of the Regulation is immediate in all EU Member States. The collection of personal data is a form of processing, as is storage, the organization, the structure, the change, the recovery, the search for information, the use, deletion or destruction.
Our company, through the Privacy Policy, inform individuals about the processing of personal data, thus helping individuals to make informed decisions about their relationship with the business.
Personal Data Processing:
When you call us, you visit our website, you cooperate with us, ask questions or ask for our cooperation, we can ask you for information (name, address, email, phone, etc.) depending on the type of relationship between us. Still, it is possible, choose to voluntarily disclose additional personal data to us (as in the case of sending a CV) or additional information (such as tax or commercial items, as part of your briefing or co-operation investigation).
We collect information, directly or indirectly, in the following ways:
• Information that you send or give us, when contacting us or visiting our website, electronically or otherwise.
• Information we receive from your use of our services or the services of our partners.
• We use various technologies to collect and store preferences and these may include the use of technologies such as cookies.
• Our official website does not collect any information related to the behavior, activities and location of the user.
Use of Personal Data:
We use the information we collect (as described above), and in accordance with the consents you have given us, to:
• We process and serve your request for the provision of a tourist service.
• We provide personalized and up-to-date services or products.
• We communicate with you through news letters, according to your registration through the corresponding form, to inform you about new services or products that may interest you.
• We process your payments.
• Answer the questions you have asked us.
• Implement the framework of our Company's Privacy Policy.
When contacting a representative of our Company, we maintain a file of communication messages, so that we can resolve your requests. We do not allow unauthorized entities without your consent, have access to your information. For all the above, your consent is a necessary condition.
The Rights of our Customers:
Our Customers, users of our services and visitors to our website have, in the framework of the Regulation on the Protection of Personal Data, rights that follow the relevant legislation.
• Right of access to their personal data.
• Right to correct their personal data.
• Right to delete their personal data.
• Right to restrict the processing of their personal data.
• The right to be informed about the correction or deletion or restriction of the processing of their personal data.
• Right to portability of their personal data.
• Right to object to the processing of their personal data.
• Right to object to automated individual decision making including profiling.
The Obligations of our Company:
Among the obligations of our Company are included:
• The principle of accountability, concerning 6 principles governing the processing of personal data (legality, objectivity and transparency, limitation of purpose, minimization of personal data, accuracy of personal data, limitation of storage period, security, integrity, and confidentiality).
• Any processing of personal data is legal, only if one of the following applies 6 conditions:
1. The data subject has consented to the processing of personal data.
2. The processing of personal data is necessary for the execution of a contract, where the subject is a party.
3. Processing is necessary to comply with the legal obligation of the controller.
4. Processing is necessary to safeguard the vital interest of the natural person.
5. Processing is necessary for the performance of a duty in the public interest or in the exercise of public authority delegated to the controller.
6. Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, unless the interest or fundamental rights and freedoms of the natural person prevail.
• In addition, implement the appropriate technical and organizational measures to protect the Company and our partners from unauthorized access or alteration, breach or destruction of personal data in our possession. Specifically:
1. We control the data collection, storage and processing practices, including physical security measures, to protect against unauthorized access to systems and processes.
2. Access to personal information is limited and controlled, and these individuals are subject to strict contractual obligations of confidentiality.
3. In the case of external partners (for maintenance or support purposes) they have, potential, access to personal data, relevant annexes to existing cooperation agreements cover the requirements of the Regulation.
• Throughout the personal data processing cycle (from collection to destruction), we take appropriate technical and organizational measures, to ensure confidentiality, the integrity and availability of personal data. We require similar measures from third parties that handle or process personal data.
Access to Your Personal Data:
Within the framework of the rights provided by the Regulation, you can ask:
• Information about your personal data
• Correction for your personal data.
• Restriction of processing for your personal data.
• Delete for your personal data.
In such cases you should send a request to the email of our Company, [email protected] and fill out an access request (SAR: Subject Access Request) which we will send to you upon your request. We are obliged to answer you about it, within one month of receiving your application (SAR).
Cookies information:
You can delete Cookies from your computer or refuse to use them, while navigating the official website of our Company www.athanasiadistravel.gr. Legislative Framework - Regulation Update: Applicable Law is Greek Law, as regulated in accordance with the General Regulation on the Protection of Personal Data 2016/679 / EU, and in general the current national and European legislative and regulatory framework for the protection of personal data. and competent courts for any emerging disputes related to your personal data are the competent Courts of Athens.
We update this Policy whenever necessary. If there are significant changes to the Policy or the way we use your Personal Data, we will publish on our official website www.athanasiadistravel.gr, updating this.
Ways of communication:
Personal Data Processing Officer Ioannis Athanasiadis
Address: UNIVERSITY 67 ATHENA
Phone: 210-3312333 – 6972331251
Email: [email protected]