Personal Data Protection Policy

Holiday Plan – Spyridon Chergkeletzakis & SIA E.E.
Rodopis Street 90, Piraeus, Greece
Tel: +30 210 4620120
Email: info@holidayplan.gr

Holiday Plan – Spyridon Chergkeletzakis & SIA E.E. acts as the Data Controller for the personal data collected and processed in relation to the services provided through our website and our travel services. This policy explains what personal data we collect, why we collect it, how we use it, and what rights you have under applicable data protection legislation.

1. What is Personal Data?

Personal data means any information that can identify you directly or indirectly as a natural person. This may include, for example:

  • Name and surname

  • Email address

  • Telephone number

  • Postal address

  • IP address

  • Booking or travel-related information

2. What Personal Data We Collect

We collect only the personal data that is necessary for the provision of our services, the handling of your requests, and the execution of travel arrangements.

The data we may collect includes:

  • Identity details, such as name and surname

  • Contact details, such as email address and telephone number

  • Booking details required for reservations, transfers, excursions, hotel arrangements, ferry tickets, yacht rentals, aircraft/helicopter services, or other travel services

  • IP address and technical data for website security and smooth operation

  • Information you voluntarily provide through contact forms, booking forms, inquiry forms, or newsletter subscription forms

Where cookies or similar technologies are used, data is collected according to your consent and the relevant cookie settings.

3. Why We Process Your Personal Data

We process your personal data only when necessary and for specific purposes, including:

  • To respond to your inquiries

  • To prepare travel proposals or quotations

  • To manage reservations, pre-bookings, and confirmed bookings

  • To provide transfer services, tours, excursions, hotel reservations, ferry tickets, yacht rentals, aircraft or helicopter arrangements

  • To communicate with you regarding your booking or request

  • To comply with tax, accounting, legal, or regulatory obligations

  • To protect the security and proper operation of our website and services

  • To send newsletters or promotional updates, only where you have given consent

4. Legal Basis for Processing

Your personal data may be processed on one or more of the following legal bases:

  • Performance of a contract or pre-contractual request

  • Your consent

  • Compliance with legal obligations

  • Legitimate business interest, where applicable and permitted by law

5. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purpose for which it was collected and for as long as required by applicable law.

Where required for tax, accounting, legal, or regulatory purposes, personal data may be retained for up to seven (7) years after the completion of our cooperation, unless a longer period is required by law or necessary for the protection of our legal rights.

After the relevant retention period expires, personal data is securely deleted, destroyed, or anonymized, unless further retention is legally required.

6. Who Has Access to Your Data

Access to your personal data is limited to authorized personnel of our company and, where necessary, trusted partners involved in the provision of travel services.

This may include:

  • Transportation providers

  • Cooperating vehicle partners

  • Hotels

  • Ferry companies

  • Guides or escorts

  • Other travel service providers required for the execution of your booking

We do not sell, rent, or disclose your personal data to third parties for unrelated commercial purposes.

Your data may be disclosed to public, judicial, tax, or law enforcement authorities only where required by applicable law.

7. Data Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

Our website uses security measures and technical protection systems designed to support the safe operation of our online services.

8. Your Rights

Under applicable data protection legislation, including the General Data Protection Regulation (EU) 2016/679, you have the right to:

  • Request access to your personal data

  • Request correction of inaccurate or incomplete data

  • Request deletion of your personal data, where legally permitted

  • Request restriction of processing

  • Object to the processing of your personal data, where applicable

  • Request transfer of your data to another controller, where applicable

  • Withdraw your consent at any time, where processing is based on consent

To exercise any of these rights, you may contact us at:

info@holidayplan.gr

We will respond to your request without undue delay and, in any case, within one month of receipt. If the request is complex or there are multiple requests, this period may be extended by up to two additional months, in accordance with applicable law.

9. Newsletter and Promotional Communication

If you choose to subscribe to our newsletter or promotional updates, we may use your contact details to send you information about our services, offers, and travel-related updates.

You may withdraw your consent at any time by using the unsubscribe link included in our emails or by contacting us at:

info@holidayplan.gr

10. How to Contact Us

For any question, clarification, or request regarding the processing of your personal data, you may contact us at:

Holiday Plan – Spyridon Chergkeletzakis & SIA E.E.
Rodopis Street 90, Piraeus, Greece
Tel: +30 210 4620120
Email: info@holidayplan.gr

11. Right to Lodge a Complaint

If you believe that your personal data has been processed in violation of applicable data protection law, you have the right to lodge a complaint with the Hellenic Data Protection Authority.

Hellenic Data Protection Authority
Kifisias 1–3, 115 23 Athens, Greece
Tel: +30 210 6475600
Website: www.dpa.gr
Email: contact@dpa.gr

12. Applicable Law

This policy is governed by Greek law, the General Data Protection Regulation (EU) 2016/679, and the applicable national and European legal framework for the protection of personal data.

The competent courts for any dispute relating to the processing of personal data are the competent courts of Athens, Greece