top of page

Privacy Policy

Responsible

Catorgreece I.K.E.

(Greek legal form: Idiotiki Kefaleouchiki Eteria (I.K.E.) / Private Limited Company (I.K.E.))

Plimmiri, 85109

Southern Rhodes, Greece

Represented by:

Dr. Hanns and Elisabeth Harpf

Telephone: +43 664 5433 369 or +30 698 5089 395

Email: info@plimmirivillas.com

1. General information

We take the protection of your personal data very seriously and treat it confidentially and in accordance with the statutory data protection regulations and this privacy policy. Personal data is any data that can be used to personally identify you. This privacy policy explains what data we collect, what we use it for, and on what legal basis. Please note that data transmission over the Internet (e.g., when communicating by email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.

2. Data collection on this website
How do we collect your data?

Your data is collected in two ways: firstly, when you provide it to us (e.g., via the contact form, email, or telephone).

The following data may be processed in particular:

  • Name

  • Email address

  • Dates of stay/booking request

  • Other information from your request

 

Further data is collected automatically or with your consent by our IT systems when you visit the website (e.g., browser, operating system, time of page access).

What do we use your data for?

The data is processed:

  • for the provision and optimization of the website

  • for processing your requests (e.g., availability requests)

  • for initiating contracts

What rights do you have?

You have the right to:

  • Access your stored data

  • Correction or deletion

  • Restriction of processing

  • Withdrawal of consent

 

You also have the right to lodge a complaint with the competent supervisory authority.

3. Hosting

Our website is hosted by Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel. WIX processes data such as user behavior, visitor sources, region, and technical information. Cookies are also set that are necessary for operation and security. The data may be stored on servers worldwide, including in the USA. For details, please see the Wix Privacy Policy:

https://wix.com/about/privacy.

According to Wix, data transfers to the USA and other third countries are based on the EU Commission's Standard Contractual Clauses or comparable safeguards pursuant to Article 46 GDPR. Details can be found here:

https://wix.com/about/privacy-dpa-users.

Data transfer is based on standard contractual clauses and the EU-US Data Privacy Framework (DPF):

Further information can be obtained from the provider at the following link:

https://www.dataprivacyframework.gov/participant/5626.

Legal basis: Article 6(1)(f) GDPR or consent (Article 6(1)(a) GDPR, Section 25 TDDDG).

 

A data processing agreement (DPA) has been concluded.

4. Server-Log files

The hosting provider automatically collects server log files.

These include, for example:

  • Browser type and version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of the server request

  • IP address

 

This data is not combined with other data sources.

 

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in the technically flawless presentation and security of the website).

5. Cookies

Our website uses cookies (session and persistent cookies).

Cookies are used for:

  • technical functionality

  • security

  • analysis of user behavior

 

Legal basis: Art. 6 para. 1 lit. f GDPR or your consent (Art. 6 para. 1 lit. a GDPR, § 25 TDDDG).

 

You can control or disable cookies via your browser settings. Disabling cookies may limit functionality.

6. Consent-Management (Usercentrics)

We use Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, to manage your consent.

 

The following data is processed:

  • Consent status

  • Time of decision

  • Anonymized IP address

  • Browser and device information

 

This processing serves to fulfill legal documentation obligations. Further information:

https://usercentrics.com/privacy-policy/

Consent can be withdrawn at any time.

7. Contacting

When you contact us (via contact form, email, or telephone), your information will be stored to process your request. This includes, in particular:

  • Name

  • Contact details

  • Request for accommodation or booking

 

The data will not be shared without your consent.

 

Legal basis:

  • Art. 6 para. 1 lit. b GDPR (pre-contractual measures)

  • Art. 6 para. 1 lit. f GDPR (legitimate interest)

  • If applicable, Art. 6 para. 1 lit. a GDPR (consent)

 

The data will be stored until the purpose for which it was collected no longer applies or statutory retention obligations exist.

8. Google-Maps

This website uses Google Maps (Google Ireland Limited, Dublin). Using this service involves processing your IP address and technical data, which may be transferred to the USA. Google may also load Google Fonts.

 

For more information on how Google handles user data, please see Google's Privacy Policy:

https://policies.google.com/privacy?hl=en.

 

Legal basis: Article 6(1)(f) GDPR or consent.

Data transfers to the USA are based on the EU Commission's Standard Contractual Clauses.

Details can be found here:

https://privacy.google.com/businesses/gdprcontrollerterms/ and

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
 

For more information on how user data is handled, please see Google's privacy policy:

https://policies.google.com/privacy?hl=en.
 

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. Further information can be obtained from the provider at the following link:

https://www.dataprivacyframework.gov/participant/5780.

9. SSL/TLS encryption

This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser's address bar changes from "http://" to "https://" and by the lock symbol in your browser's address bar. When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

10. Storage period

Your personal data will remain with us until the purpose for processing it no longer applies. If you submit a legitimate request for erasure or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible grounds for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the data will be deleted once these grounds cease to apply.

11. Legal basis for processing

Depending on the case, processing is based on:

  • Art. 6 para. 1 lit. a GDPR (consent)

  • Art. 6 para. 1 lit. b GDPR (contract/request)

  • Art. 6 para. 1 lit. c GDPR (legal obligation)

  • Art. 6 para. 1 lit. f GDPR (legitimate interest)

12. Recipients of data

Data is only shared:

  • for contract fulfillment

  • when legally required

  • when in the interest of a legitimate interest

 

We have data processing agreements in place with our service providers.

13. Revocation and objection

You can withdraw your consent at any time.

You have the right to object under Article 21 of the GDPR, in particular to direct marketing.

14. Further rights

You have the right to:

  • Locate your data to a supervisory authority

  • Data portability

  • Access, rectification, erasure

  • Restriction of processing

15. Changes

We reserve the right to amend this privacy policy as needed.

Source: https://www.e-recht24.de

bottom of page