Privacy Policy

the purpose of this privacy policy

We fully comply with the Regulation (EU) 2016/679 of the European Parliament and the Council on the protection of personal data (General Data Protection Regulation – GDPR), which entered into force on 25.05.2018.

We understand that providing information online involves a great deal of trust on your part. We take this trust very seriously and make it a high priority to ensure the security and confidentiality of the personal information you provide to us when you visit our Website or use our services.

We will only process your personal data as set out in our privacy policy or otherwise notified to or agreed by you or as we are otherwise permitted to do in accordance with data protection laws.

Before submitting your personal information to us, please read this Policy carefully to learn about our privacy practices. By visiting our website at www.villasofmykonos.com, on a mobile phone, tablet, or similar device or in connection with other sites or services, you are accepting the practices described herein.

our role in relation to your personal data

Villas of Mykonos is an online villa rental agency that provides information for vacations, travel tips, and facilitates reservations for accommodation, boat trips, tours, car rentals, air taxis, and many more. Our website, mobile properties, and related applications (collectively, our “Website”) are operated by TRAVEL KEY. For the purposes of data protection laws, we, “Travel Key”, are a data controller in respect of the personal data you provide us with.

YOUR personal data and THE meaning OF processING

When we refer to personal data, we mean any information that relates to an identified or identifiable individual.

Where we refer to process or processing, we mean anything which we may do with your personal data, including collecting, storing, using, disclosing to third partie,s and erasing it.

What personal data DO we collect from you and why

We collect personal data from and about you whenever you use our services, or if you are in touch with us in any way, whether this is directly or indirectly. You may, for example, make your booking or booking enquiry through a travel agent, or you may provide personal information to a third party involved in your travel plans, such as a local service supplier in Mykonos. We also collect data from publicly available sources, which we use to profile clients internally for marketing purposes.

Examples of personal data which we might collect include (but are not limited to):

  • names of all persons travelling
  • contact details (such as telephone number, postal and e-mail addresses) of the person making the booking
  • information in respect of any medical condition, disability or reduced mobility which may affect any person travelling – this comes within special categories of personal data (see below)
  • Your group composition: the ages of people in your group, their dates of birth, gender, nationality and passport information
  • next of kin information
  • dietary information
  • notes about our interactions with you
  • copies of documents such as a passport or a driver’s licence
  • Your feedback on our service, including from third parties.
  • CCTV footage used to keep our villas secure.

For an enquiry, the personal data we will need to process is likely to include the name and contact details of the person making the enquiry.

For a booking or booking enquiry, we will process your personal data (other than any data which comes within special categories of personal data – see below) on the basis that this is necessary for the performance of your contract with us or to enable us to take steps at your request before you enter into a contract with us. We may also need to do so to comply with a legal obligation to which we are subject or in order to protect your vital interests (for example, in an emergency situation).

If you wish to receive brochures or other promotional material from us, we will need your name and the contact details applicable to the form of communication you have consented to. For example, if you wish to receive information by e-mail, we will need your e-mail address.

special categories of personal data

Personal data which concerns your health or which reveals your racial or ethnic origin or your sexual orientation are special categories of personal data. Other information also comes within special categories, but this is unlikely to be relevant to the booking and provision of travel arrangements.

Generally speaking, the processing of special categories of personal data requires your explicit consent.

Accordingly, information concerning any disability, medical condition, restricted mobility or other health-related issues which may affect your travel arrangements (and related requirements), as well as dietary restrictions which disclose your religious beliefs or a health issue, are special categories of personal data. We will ask for your consent to our processing of this information at the time you make your booking or your booking enquiry.

With whom do we share your PERSONAL DATA

When you make a booking, appropriate personal data will be passed on to the relevant suppliers of your chosen arrangements (such as villa owners, caretakers, experience providers, cooks, car rental companies, restaurants, etc.) together with any other third party (such as banks and/or credit card companies) who need this information so that we can arrange for your holiday to be provided. The information may also be provided to government / public authorities such as customs or immigration if required by them, or as required by law. Certain information may also be passed on to security or credit companies.

We may also make personal data available to other companies that provide services on our behalf, such as mailing brochures and marketing material.

We only provide third parties with the personal data they require in order to deliver their services. Other than in relation to government / public authorities (over whom we have no control), we will take appropriate steps which are intended to ensure that anyone to whom we pass your personal data for any reason agrees to keep it secure, only uses it for the purposes of providing their services and does not collect any personal data from you in the course performing their services.

Where we process your personal data

Your personal data will be processed within Greece and/or any other country(ies) of the European Economic Area (EEA). EEA countries are all the member states of the European Union together with Norway, Iceland and Liechtenstein.

We may also process personal data outside the EEA. Data protection laws may not be as strong outside the EEA as they are in the EEA. Personal data will not be transferred to a country outside the EEA unless (1) the country to which it is transferred is one which the European Commission considers to provide an adequate level of data protection or (2) the personal data is transferred to a company which is required by our contract with them only to deal with the data in accordance with our instructions and to maintain appropriate security to protect the personal data which we are satisfied they have or (3) we are obliged to provide the personal data to a government / public authority in order to provide your holiday.

How do we protect your personal data

We want you to feel confident about using our website, and we are committed to protecting the data we collect, taking appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, your personal data. While no one can guarantee security, we have implemented appropriate administrative, technical, and physical security procedures to help protect your personal data that you provide us with. For example, only authorized employees are permitted to access personal information, and they may only do so for permitted business functions. In addition, we use encryption when transmitting your personal data between your system and ours, and between our system and those of the parties with whom we share sensitive information, and we employ firewalls and intrusion detection systems to help prevent unauthorized persons from gaining access to your data.

Use of your personal data to send you information about our OFFERS & other services in the future

We will only retain and use your personal data for marketing purposes where you have specifically consented to our doing so or, in relation to e-mail marketing, where we comply with the Privacy and Electronic Communications Regulations 2003 (PECR). PECR permits us to send you e-mail marketing where you have previously provided us with your e-mail address in the course of entering into a contract with us for tour arrangements or negotiations for such arrangements, and we wish to e-mail you marketing material about our similar services or products. You will, of course, be given the opportunity to opt out of receiving such e-mail marketing communications when you first provide us with your e-mail address and whenever we send you any e-mail marketing.

You may provide your consent by opting to receive marketing material either online or by telephone, or by marketing text messages. You will, of course, be allowed to opt out of receiving such text message marketing communications when you first provide us with your phone number and whenever we send you any SMS marketing. You may also choose in what ways you are happy to receive communications from us. You may, for example, be happy to receive information and offers by post and e-mail but not by telephone.

Can you withdraw your consent to our processing OF your personal data?

Yes, you can withdraw your consent to receiving marketing material or other communications from us, either generally or in any particular way, at any time by emailing us at marketing@villasofmykonos.com. Alternatively, you can telephone us.

How TO find out what information we HAVE about you

You are entitled to ask us (by letter or e-mail) what personal data of yours is being held or processed, for what purpose and to whom it may be or has been disclosed. No fee will be charged for responding to this request unless it is obviously unfounded or excessive, or we have previously provided the same information. We promise to respond to your request without delay and in any event within 1 month, unless the request is complex or you have made numerous requests, in which case we may be able to extend our response time by a further 2 months.

What TO do if the personal data we HAVE is inaccurate, out of date or incomplete

If you believe this is the case, please tell us by e-mail as soon as possible. We will rectify the problem within 1 month or within 3 months if the rectification request is complex.

How long we retain and process your personal data

We will not process your personal data in a form which enables you to be personally identified for any longer than is necessary in order to fulfil the purpose for which it was originally collected or for any other legitimate business purpose.

Where your personal data has been provided for the purpose of the holiday arrangements or other services you have contracted, we are entitled to retain this data for a period of at least 6 years after those arrangements have been completed. In certain limited circumstances, we may be able to retain it for a longer period.

If you have consented to receive marketing communications from us, we may continue to use your personal data for this purpose until you withdraw your consent or otherwise, for as long as we reasonably consider your consent remains valid and effective.

Can you ask us to delete your personal data?

Yes, you can ask us to erase your personal data in certain circumstances, for example, where you have withdrawn your consent to further marketing material where the data in question has only been processed for this purpose. However, this is not always the case. Please see the previous paragraph for further information on the period of time we may retain personal data.

Can this privacy policy be changed?

Yes, from time to time, we may need to make changes to this privacy policy. These may be required as a result of changes in data protection laws or in the guidance issued by regulators, or where we make changes to our procedures.

Does our website use cookies?

Yes, as this is a common practice, our website uses cookies. A “cookie” is a small data file that our website server stores on your computer in order to collect information about your visit and to remember you when you visit again at a later date. 

WHY DO WE USE cookies

The main purpose of a cookie is to identify users and to personalise their visit by customising web pages for their use. We may also use third parties who will collect data that is not personally identifiable to analyse site visits and carry out other similar activities. In the course of doing so, they may place their own cookies on your computer so that they can collect information about your visit. The Help portion of the toolbar on most browsers should tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable most types of cookies. Please note that you may, if you wish to disable or delete such cookies through your internet browser. However, doing so may mean you will be unable to access our website or parts of it, your experience of our website may be adversely affected, and/or you may not receive information which is relevant to your personal interests. If you’ve used our website, we may use advertising on other websites and on social media sites and apps to remind you about the services we provide based on your browsing.

What types of cookies do we use

Per-session cookies – We only use these while you are visiting our website, and they are deleted when you leave. They remember you as you move between pages, for example, recording the items you add to an online shopping basket. They also help maintain security.

Persistent cookies – These cookies stay on your computer until they expire or are deleted. We set automatic deletion dates so that we don’t keep your information for longer than we need to.

First and third-party cookies – Whether a cookie is ‘first’ or “third-party” refers to the website or domain placing the cookie. First-party cookies, in basic terms, are cookies set by a website visited by the user – the website displayed in the URL window. Third-party cookies are cookies that are set by a domain other than the one being visited by the user. If a user visits a website and a separate company sets a cookie through that website, this would be a third-party cookie.

HOW TO OPT OUT OF COOKIES

Please note that our website may not work correctly if you change certain preferences, such as disabling all cookies. Please also note that after applying these settings, you will continue to receive advertising, although it may not be tailored to your likely interests using information collected from cookies and similar technologies on your device.

First Party Cookies. If you’d rather we didn’t use cookies when you visit us, click here for information on how to configure your browser settings to reject cookies. Please note, disabling these types of cookies won’t turn off advertising on our websites, and the advertising you see may be less relevant to you.

Third Party Cookies. If you would like to opt out of third-party cookies, here are some options:

  • If you would like to opt out of receiving personalised ads from third party advertisers and ad networks who are members of the Network Advertising Initiative (NAI), or who follow the Digital Advertising Alliance’s (DAA) Self-Regulatory Principles for Online Behavioral Advertising, you can by visiting the opt-out pages on the NAI website and DAA website, or click here to opt out.
  • Google provides a suite of tools to control its cookies: Google Analytics, which is a tool used to track and report website traffic, provides an out-out browser add-on that can be downloaded here. Google Safety Centre has a tool where you can control the ads you see on Google and control the data used for serving ads to you. It can be found here.
  • If you wish to block other cookies, including those being served by companies that are not part of the NAI or the DAA you can use the browser-level cookie controls described below.

If you have a complaint about the processing of YOUR personal data

If you have any complaint about the way in which your personal data has been dealt with, please let us know by email to marketing@villasofmykonos.com. We will investigate and respond to you as soon as we reasonably can. 

THE USE OF CONTACT FORMS 

By using our Contact Forms, you agree to the storage and handling of your data as described in this Privacy Policy. Our website is also protected by reCAPTCHA, and the Google Privacy Policy and Terms of Service additionally apply.

Compliance with THE children’s online privacy protection act

Protecting the privacy of the very young is especially important. For that reason, we never collect or maintain information at our Site from those we actually know are under 13, and no part of our website is structured to attract anyone under 13. Should an individual whom we know to be a child under age 13 send personal information to us, we will delete or destroy such information as soon as reasonably possible.

Your acceptance of these terms

By using our website and services, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our website and services. Your continued use of the website and services following the posting of changes to this policy will be deemed your acceptance of those changes.