Last updated: [October 12, 2025]
This Privacy Policy explains how Villa la pausa ("we," "us," or "our") collects, uses, discloses, and protects your personal data when you visit our website at https://villalapausa.gr/ and when you make inquiries or bookings for our villa.
We are committed to protecting the privacy and security of your personal data in accordance with the European Union's General Data Protection Regulation (GDPR) and Greek data protection laws.
1. Who We Are (Data Controller)
The data controller responsible for the processing of your personal data is:
Villa la pausa Website: https://villalapausa.gr/ Contact Email:
2. Data We Collect About You
We may collect, use, store, and transfer different kinds of personal data depending on your interaction with us:
We do not collect 'Special Categories' of Personal Data (such as data revealing racial or ethnic origin, political opinions, health data, etc.), except where you provide it to us as a special request (e.g., a specific dietary restriction for a chef service). This specific use is based on your explicit consent.
3. How We Collect Your Data
We collect data from you through the following methods:
-
Direct Interactions: You give us your data when you:
-
Fill out a contact or inquiry form on our website.
-
Make a booking for the villa.
-
Communicate with us via email or telephone regarding your booking or stay.
-
Subscribe to a newsletter (if applicable).
-
-
Automated Technologies or Interactions (Cookies): When you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns using cookies and similar technologies. Please refer to our separate Cookie Policy for more details.
-
Third Parties: We may receive Personal Data about you from third parties such as booking agents or online travel agencies (OTAs) when you make a reservation through their platforms.
4. How and Why We Share Your Data
We may need to share your personal data with the parties set out below for the purposes described in this policy:
-
Third-Party Service Providers: We use third-party service providers to help us run our business, such as payment processors, website hosting services, and email service providers. They are only permitted to process your data on our instructions and in compliance with this policy.
-
Villa Owner/Manager: If we act as an agent, we will share essential booking information (Contact Data, Booking Data) with the property owner or local manager to facilitate your check-in and stay.
-
Professional Advisers & Government Authorities: We may disclose your data to professional advisers (like accountants or lawyers) or government bodies (such as the Greek Police, Tax Authority, or Tourist Authorities) when required by law or a judicial order.
-
Booking Channels (OTAs): If you book through a third-party channel (e.g., Airbnb, Booking.com), we share the minimum necessary data back with them to manage the reservation and payment.
We ensure all third parties respect the security of your personal data and treat it in accordance with the law.
5. Data Security and Retention
Data Security: We have put in place appropriate security measures (technical and organizational) to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed.
Data Retention: We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Generally, we keep your personal data for a minimum of 5 years after your last interaction with us to comply with local Greek tax and commercial laws. Data collected based solely on consent (like a marketing subscription) will be kept until you withdraw your consent.
6. Your Legal Rights (GDPR Rights)
Under the GDPR, you have the following rights in relation to your personal data:
-
Right of Access: The right to request a copy of the personal data we hold about you.
-
Right to Rectification: The right to ask us to correct any inaccurate or incomplete personal data we hold about you.
-
Right to Erasure ('Right to be Forgotten'): The right to ask us to delete your personal data when there is no good reason for us to continue processing it.
-
Right to Restriction of Processing: The right to ask us to suspend the processing of your personal data in certain scenarios.
-
Right to Data Portability: The right to request that we transfer your personal data to you or another party in a structured, commonly used, machine-readable format.
-
Right to Object: The right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object. You also have the right to object to processing for direct marketing purposes.
-
Right to Withdraw Consent: Where we rely on consent to process your personal data, you have the right to withdraw that consent at any time.
If you wish to exercise any of these rights, please contact us at [Insert Your Contact Email for Privacy Inquiries]. We will respond to your request within one month.
7. Lodging a Complaint
If you have any concerns or complaints about the way we are processing your personal data, please contact us first so we can try to resolve the issue.
However, you also have the right to lodge a complaint with the Hellenic Data Protection Authority (DPA), which is the supervisory authority for data protection in Greece:
Hellenic Data Protection Authority Address: Kifisias 1-3, PC 115 23, Athens, Greece Contact Center: +30 210 6475600 Website: www.dpa.gr
8. Changes to This Privacy Policy
We keep our Privacy Policy under regular review. Any changes will be posted on this page with an updated "Last updated" date at the top. We encourage you to check back periodically to review the latest version.
