The data collected are processed by Rhenia Tours Kasmirli SA (henceforth referred to as “we” or “us”), having its registered seat in Samos, Greece.
We have also appointed a data protection officer (“DPO”), who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO at the following contact details.
Name of DPO: Dimitris Kasmirlis
You have the right to make a complaint at any time to your country’s supervisory authority for data protection issues. In Greece this is the Hellenic Data Protection Authority, details of which can be found via the following link: www.dpa.gr. We would, however, appreciate the chance to deal with your concerns before you approach the data protection authority, so please contact us in the first instance using the contact details above.
A necessary prerequisite for the performance of a booking through our website is the collection and processing of your personal data.
Your personal data are being collected in order to fulfil our contractual obligation to you for determined, explicit and legal purposes and they are not further processed in a manner incompatible with those purposes (article 5 par. 1b of Regulation (EU) 2016/679). In this contractual relationship in which You are the Personal Data Subject, our Company acts as either the Data controller or as the Data processor (article 4 of Regulation (EU) 2016/679).
Categories of information that we collect and how we collect your information
Although in certain instances we may ask you to provide us with your personal information, for example, so as to enable you to purchase products or services (and we will make it clear to you at that time what we need from you), you can however visit many pages on our website without the need to supply any type of personal information.
1. Categories of personal data
That said, we may collect, use, store and transfer different kinds of personal data about you, which we have grouped together as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Health Data provided by you to serve you better and meet your particular needs (for example, the provision of disability access).
2. How we collect your information and why we process them
We collect personal data about you whenever you use our services (whether services provided directly by us or by other companies or agents acting on our behalf), when you travel with us, when you use our website , or when you use our chat.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data only:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
- When you have provided us with your explicit consent to do so.
- In case we rely on consent as a legal basis for processing your personal data, please note that you have the right to withdraw your consent at any time by contacting us using the contact details set out at paragraph 1 above.
3. Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so or/and receive your explicit and clear consent.
Third Party Links
Namely, we use the following cookies:
- Technical Cookies – These cookies relate strictly to the use of the website. They are necessary to ensure the effectiveness and security of the website possible.
- Functionality cookies – These are strictly necessary to provide the services requested by the users on this website These cookies are used by the site.
- Analytics cookies – The most helpful information we get for this reason comes from analytics cookies that anonymously define how users interact with and navigate into our pages. This helps us improve our services offering and the online experience, while securing also that our users find the information that they are requesting.
- Social media cookies – We may embed content from social media sites to share social widgets or personalize your experience based on the information you’ve previously shared with your social accounts.
- Advertising cookies – By accepting this cookie, which tracks your browsing habits on our site, you’ll receive personalized advertising content for products and services that you’re actually interested in.
- Affiliated cookies – These cookies only allows us to track if you were brought to our website by one of our affiliates.
Our website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, text files that are stored on your computer and facilitate an analysis of your use of the website. The information generated by the cookies regarding your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports regarding website activities for the website operators and provide other services related to website use and internet use. Google may also transfer this information to third parties, provided that this is legally permitted or if third parties process this data on behalf of Google. Google will not associate your IP address with any other data held by Google.
By using this site, you agree to the processing of your data collected by Google in the way described above and for the aforementioned purpose.
You may deactivate Google Analytics cookies by selecting the appropriate settings on your browser, but we point out that in such case we will not be able to register your purchases.
Who do we share your information with and why?
When you use our website and provide information about yourself, we use this information to complete your booking, fulfil any customer service related requests and provide you with booking related information via email. We do not share this information with third parties with the exception of necessary sharing for the completion of your order and fulfilment of your travel arrangements. Such other parties may include, but are not limited to, ferry companies and other travel suppliers, credit card merchant services, reservation systems, etc.
Although no personal information is collected, we monitor our users’ navigation to our website in order to better understand and serve our customers. We may provide anonymous statistical information based on this data to carefully selected third party partners for business administration purposes, customer support, marketing and quality assurance, operational and analytical purposes. To the extent that any third party has access to your personal information, their use of this information will be limited solely to providing those functions and for no other purpose. We may disclose your personal information to third parties, such as official bodies and our professional advisers, as long as it is deemed necessary (i) for compliance purposes with relevant laws, orders or regulations; (ii) so as to enforce our customer terms and conditions or other contractual agreements; and (iii) in order to protect the property and other rights of the Company, our customers and others (for example, in any way relating to protection against fraudulent activities).
When you make a booking or purchase products or services offered on our website, due to our security-protection and fraud-detection processes, we may pass certain personal information which you provide to us (for example, your name, credit card, billing address details) to third party credit reference agencies, payment processors, or other third parties for the specific purpose of verifying that information. If your personal information cannot be satisfactorily verified (for example, your stated billing address does not match your credit card details), we will contact you to notify you that your purchase request has not been confirmed and to request the correct details, if they can be provided, before we can process your order.
We have put in place appropriate security measures (including encryption, anonymization or/and pseudonymization procedures where required) to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Retention of your information
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Transfer of data
Please be aware that your information may be processed outside Greece, where our servers are located, and our central database is operated. Although the applicable data protection and other laws of the European Union are as comprehensive as those in Greece, please be assured that we will make every effort to ensure that your personal data is processed in accordance with the Greek data privacy legislation and any other relevant legislation in force from time to time.
Right of access, correction and deletion of your data
Being the personal data subject, you have the right to access your personal data that are processed by the Company, whereas you also have the right to request an amendment or correction of any type of Personal Data we hold about you (article 15 of the Regulation (EU) 2016/679). Having in mind the processing purposes of the Company in the course of our contractual relationship with you, you may also request the addition of data, by virtue of an additional request from your side (article 16 of the Regulation (EU) 2016/679).
You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of our services.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Right of erasing your personal data: You have the right at any time to request from the Company (which acts as mentioned as Data Processor) to erase your data in light of the article 17 of the Regulation (EU) 2016/679.
Your personal data are stored for the period necessary for our Company to fully comply with its statutory obligations (article 23 of the Regulation (EU) 2016/679).
Any request regarding the modification, change and / or cancellation of your personal data processed by our Company can be emailed to us at firstname.lastname@example.org
Contact for questions or comments
We are welcoming all your comments or questions.
Other Information You Should Know