Privacy Policy

Privacy and personal data protection policy

Table of Contents

Introduction

The company VIP METEORA TOUR Tax Office of Trikala, VAT No. EL049166698, Business Registration No. 10054553000 and ΜΗΤΕ. Ο7.27.Ε.60.00.ΟΟ.759.0.1.   having its registered office at Kondili 38, Kalabaka 42200, which for the purposes hereof will be hereinafter called the “Company”, and being active also through the website https://vip-meteoratours.gr/, states with this document to the visitor of the above website, who for the purposes hereof will be hereinafter called the “User”, that compliance by the “Company” with the relevant legislation on the protection of personal data and the related procedures observed by the “Company” shall be an essential component of its structure.

Furthermore, for the needs hereof the website https://vip-meteoratours.gr/ will be hereinafter called the “Webpage” or the “Website”.

In order to support this essential component, the “Company” shall implement a series of individual procedures and policies within the framework of its compliance with the General Data Protection Regulation EU 679/2016 and the general legislation on the protection of personal data.

Using the terms set out in this paragraph under the heading “Privacy and personal data protection policy”, the “Company” shall inform each “User” of the purpose of collecting and processing their personal data in the context of its interaction with the “User”.

Moreover, the “Company” shall inform the “User” about how the collection and processing of personal data is carried out, the potential recipients of such data and the purpose for which these recipients process data and in any case how they are managed (rights – obligations) by the “User”.

  1. The “Company” shall state to the “User” that they are obliged before browsing the “Webpage” to read and consult the aforementioned terms concerning privacy and personal data protection and then accept them; they also agree that the “Company” shall be able to modify the content of these terms in the context of legislation.
  2. The “Company” shall inform the “User” that it is the controller of personal data collected from each “User” within the framework of its interaction with them through the “Webpage”.
  3. The “Company” shall state to the “User” that it has taken all necessary organizational and technical measures and shown all due care to update them in accordance with the applicable legislation and the operational needs of the “Website”. The purpose of taking and implementing the aforementioned measures shall be to ensure the confidentiality, integrity and availability of any personal data stated by the “User” and/or transferred during their interaction with the “Company”.

Obligations of the company

On this basis, the “Company” shall operate in such a way so as to ensure an appropriate level of security for personal data against the risks that may arise by taking appropriate measures, as already noted, including, among others, where appropriate:

  1. the pseudonymisation of the encryption of personal data of “Users” with the “Company” being their controller,
  2. the ability to ensure the confidentiality, integrity, availability and reliability of processing systems and services on an ongoing basis,
  3. the ability to restore the availability and access to personal data in due course in the event of a physical or technical event,
  4. the procedure for the regular testing, assessment and evaluation of the effectiveness of technical and organizational measures to ensure the safety of processing,
  5. the obligation of authorized individuals to preserve confidentiality in order to process personal data,
  6. the obligation of processors to preserve confidentiality on behalf of the “Company” as well as all other obligations imposed by the legislation on personal data.

The “Company” shall also inform the “User” that for the safe operation of the “Website” a security certificate for the website of type SSL by Let’s Encrypt is used. 

The “User” has taken into account and shall accept that in order to browse safely the “Website” through the device used, they must have the appropriate equipment and the appropriate means.

Personal data collected by the company

The “Company” shall inform the “User” that in certain cases where they interact with the “Webpage” and more specifically when they wish to communicate with the “Company” through the “Webpage”, they should fill in a contact form, make use of the services provided by the “Webpage”, subscribe to the list of recipients of newsletters as well as make any purchase of a service from those sold by the “Company” via the “Webpage”. They will be required to enter some details and/or personal data, where appropriate.

The “User” shall accept that the “Company” in any of the aforementioned cases will process personal data that the “User” has stated on a case-by-case basis in order to achieve the purpose for which the collection took place, in accordance with all the above.

Purpose of collecting and processing personal data

The “Company” shall inform the “User” that for the purpose of processing their personal data to which the “Company” will proceed, in particular and on a case-by-case basis, and if it has previously informed the “User” thereof, it shall respect the legislation and, more specifically, the provisions of the General Regulation EU 2016/679 as well as the relevant Greek legislation on personal data. More specifically:

  1. In case the “User” wishes to contact the “Company” through the contact form of the “Webpage” in order to get any information about the services provided via the “Webpage”, about possible services and/or any clarification related to the purchase process of these services, the “Company” will proceed to the necessary processing of personal data in order to communicate with the “User”, e.g. by using them for the purpose of communication. In this case, the “User” shall be required to enter in the field indicated by the “Webpage” their e-mail address, so that the communication between the “Company” and the “User” can be feasible. In addition, the “User” through the contact form of the “Webpage” may transfer, voluntarily and without having been requested to do so by the “Company”, any personal data which are not necessary to achieve communication with the “Company”, in accordance with all the above, and the “Company” may take note of them, too.
  2. In order to carry out the process of concluding the distance sale of the services provided through the “Webpage”, the “User” based on the steps indicated by the “Website” shall be required to state any personal data at each stage from the beginning until the completion of the distance sale. For this reason, the “Company” shall proceed to the necessary processing of these data stated by the “User”, thus aiming at completing the sale above. It is noted here, as an example, that the “User” in the aforementioned case shall make a statement of data according to the above during the selection of services, their characteristics, payment method for possible cancellation of services, etc. During the process of concluding the distance sale, the “Company” will collect and process the following data: the name, surname, address of the meeting point, age group, passport number, and shoe number in some cases, contact phone number, mobile phone number, “User” e-mail address, services selected by the “User” and any information the “User” may indicate through their communication with the “Company” without having been requested to do so by the “Company”. In case the “User”, in addition to their own data, shall state data – personal data of a third party, then they shall promise, guarantee and commit to the “Company” that they have the relevant explicit consent of each person – subject of personal data and based on this consent they shall state and transfer these data to the “Company” according to all the above; then, the “Company” shall process them, including but not limited to the case of statement on behalf of minors. The “Company” shall state to the “User” and the “User” shall accept that in any case for any claim raised by any third party against the “Company” the “User” shall be held exclusively responsible. The “Company” shall reserve the right to claim compensation for any positive or consequential damage suffered by the above cause.
  3. Newsletters. The “User” shall have the ability following the procedure previously indicated by the “Website” – and therefore through their account – to subscribe to the group of individuals who wish to receive newsletters from the “Company”. More specifically, the “User” must, after accepting the terms of the personal data policy, state the email where they wish to get any information from the “Company”. For the purpose of collecting data so that the “Company” shall send newsletters to the “User” about its services and then sending them, the “Company” shall state and the “User” shall accept that this happens after the prior explicit consent of the “User”, who, by subscribing to the field indicated by the “Website” and based on the proposed procedure, shall explicitly agree with the collection of their data by the “Company” and then with the sending of the above newsletters. The “Company” shall inform the “User” that it reserves the right to withdraw the statement of consent and request their removal from the relevant list of recipients. Moreover, the “Company” shall inform the “User” that they have the right upon request to update and/or correct the information above. In order to perform any of the above actions (withdrawal of statement of consent, removal from the relevant list of recipients, update and/or correction of information) the “User” shall be able to contact the “Company” by sending an email to the following address info@vip-meteoratours.gr. In any case, the “User” shall be able to unsubscribe through a special and appropriate unsubscribe field in the respective newsletter received.
  4. The “User” shall be able to leave a comment on the posts of the “Website” by filling in the appropriate fields, in case they wish to do so through the special section of the blog included in the “Webpage”. During this process, the “Company” will collect and process the following information: name, surname, and e-mail address as well as any information that the “User” may state through this communication with the “Company” without having been requested to do so by the “Company” and therefore the “Company” will be aware of them. The “Company” shall urge and point out to the “User” not to proceed, in any way in which they choose to communicate with the “Company”, to the transfer of any personal data of their own and/or third parties to the “Company”, which are not necessary for the purpose for which they communicate each time with the “Company”; in any case, it shall inform the “User” that if this happens, it is the sole responsibility of the “User”, whereas the “Company” shall reserve the right to follow any appropriate procedure for this case. The “Company” shall state to the “User” and the “User” shall accept that in any case for any claim raised by any third party against the “Company”, due to the transfer of his/her data by the “User” to the “Company”, the “User” shall be held exclusively responsible. The “Company” shall reserve the right to claim compensation for any positive or consequential damage suffered by the above cause.

Cookies policy

  1. The “Company” shall inform the “User” that the “Webpage” uses cookies for various purposes. Cookies are small files with information. The website, which uses those files (cookies), stores them (and more specifically the web server) on the browser of a visitor. Therefore, each time the visitor shall return, they shall remember their actions and preferences for a period of time, so they do not need to enter these preferences every time on the website or while browsing its pages. According to the above and if the “Webpage” uses cookies, when the “User” is browsing the “Webpage”, the “Webpage” shall be able to retrieve this information. The “Company” shall point out to the “User” that it is not possible to identify the “User” due to the use of cookies by the “Webpage”. In any case, the “User” shall be able, through the appropriate settings provided for by their browser, to request that cookies be rejected, if they wish to do so. More specifically:
    -For Google Chrome, the user can, by clicking on the lock to the left of the address and then on the “Cookies” button, select which cookies they want to delete or even block.
    -For Mozilla Firefox, the user can, by clicking on the lock to the left of the address and then on the “Clear Cookies and Site Data” button, select which cookies they want to delete.

    However, the “Company” shall point out to the “User” that in case the “User” proceeds through the aforementioned browser settings to the non-acceptance of cookies, it may not be possible for them to access all or part of the “Webpage” functions.
    -The “Company” shall inform the “User” that it makes use of Google Analytics for the “Website” data.
    -The “Company” shall use a series of cookies for the purposes below:

    The “Company” shall point out to the “User” that it uses certain cookies which help the “User” when browsing the “Website” and offer the opportunity to the “Company” to gather information on how the “Website” works, but also allow the proper operation of the “Webpage”.
    Furthermore, the “Company” shall use a series of cookies so that:
    -its advertising promotion is possible through the processes of online marketing,
    -it can proceed to a statistical analysis of the consumer behavior data of the “User” in order to improve its promotional actions with a view, for example, to target the “User” with appropriate advertising campaigns,
    -transactions through the “Website” can be completed as per case.

  2. The “Company” shall point out to the “User” that in case they connect via the “Website” to the websites of third parties (natural or legal persons), including social media, these websites may use cookies and therefore the “User” shall be obliged to be informed about the cookies policy used by these websites and the possibilities offered to their visitors for the acceptance, rejection and management of cookies in general.

Consent to the Privacy Policy

The “User”, after having read this policy, shall understand that the processing of the stated personal data, for which the “Company” is a controller, will be carried out by the “Company” as part of its communication with them, in the context of concluding and completing the distance purchase of services, the marketing of the “Company” services as well as in the context of providing the services offered in general through the “Website” to the “User”.

The “Company” shall state and the “User” shall accept that in case it is necessary for the “User” to state on the “Website” any personal data, they must state accurate, true and up-to-date data and shall be solely responsible in case of failure to reach communication on the grounds of non-compliance with this obligation; at the same time the “User” shall have the sole responsibility for updating the data stated on the “Website” and shall do so in a way available each time by the “Webpage”.

Recipients of personal data

The “Company” shall state that it does not transfer and/or disclose the “User” data, including personal data, without having the consent of the “User”, unless required by law, or in case of a change in the ownership or legal form in general of the “Company”.

However, the use of the stated “User” personal data will also be made by recipients to whom the “Company” transfers data; in particular:

  1. within the framework of providing services to the “User” by employees of the “Company” and more specifically by employees authorized to provide services on a case-by-case basis,
  2. in the context of supporting, upgrading, and maintaining the information systems of the “Company”, e.g. by companies offering internet services, hosting for the e-shop, maintenance, etc.,
  3. in the context of implementing services that the “User” has obtained through the “Website”, the personal data necessary for the service’s provision shall be also transferred to the companies cooperating with the “Company”, such as tourist offices, hotels, restaurants, taxis, public transport (buses, trains), etc.,
  4. within the framework of the advertising activities of the “Company’, the companies offering advertising services and/or statistical analysis of data collected by the “Company”, provided that it has the consent of the “User” for this purpose.

The “Company” shall point out to the “User” that the personal data of the “User” will be also processed by financial institutions in the context of the necessary financial transactions of the “Company” with each “User”.

Third-Party Services and Links

The “Company” shall indicate to the “User” that the “Website” may contain links and/or hyperlinks to websites of third parties (natural and/or legal persons), including social media.

The “User” shall understand that the websites of these third parties are governed by their own personal data protection policy, for which the “Company” has no responsibility, and it shall point out to the “User” that it is advisable to take note of the personal data protection policy which may be available to the website of such third parties prior to any visit to it.

Your Choices and Rights

  1. The “Company” shall inform the “User” that, if the “User” has made a personal data statement due to the use of the “Website, which are collected by the “Company” as the controller, it may exercise the right of access, correction of personal data, limitation or opposition to the processing, portability and deletion of data, as per case, provided that processing is not necessary for the fulfillment of the legal obligation imposing it as well as for the establishment, exercise or support of legal claims.
  2. These “User” rights, as described above, shall derive from the general legislation on personal data and the General Data Protection Regulation (EU) 2016/679 (Articles13-22). As for the exercise of the above rights or for any clarification, the “User” may contact the “Company” by sending an email to the following address: info@vip-meteoratours.gr.
  3. The “Company” shall inform the “User” that they have the right to appeal to the Hellenic Data Protection Authority (address: 1-3 Kifissias Str., Postal Code 11523, Athens, tel. 2106475600, e-mail address: contact@dpa.gr) in case they consider that their rights regarding personal data have been affected.

Communication with the company

If you have any questions about the way our data protection policy is enforced at VIP METEORA TOUR, please contact:

 
The company’s contact information: 
VIP METEORA TOURS