Rachi Villas

Privacy Policy

Privacy Policy

This Privacy Policy describes how personal data is collected, used, processed, and protected when you visit and use rachivillas.gr (the “Website”). We are committed to protecting your privacy and handling your personal data transparently and securely, in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Greek and European data protection laws. By accessing or using this Website, you acknowledge and agree to the practices described in this Privacy Policy.

1. Introduction

This Privacy Policy describes how personal data is collected, used, processed, and protected when you visit and use rachivillas.gr (the “Website”).

2. Data Controller

The data controller is Gourzis Panagiotis (VAT Number: 043302211), responsible for the processing of personal data collected through the Website. Any communication regarding personal data, privacy requests, or GDPR rights is handled exclusively through thecontact form available on the Website.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

a. Booking and Reservation Data

  • Full name
  • Email address
  • Reservation details, including selected villa, dates of stay, number of guests
  • Payment and transaction-related information, processed securely by third-party payment providers
  • Any additional information you voluntarily provide during the booking process

This data is required to complete, manage, and confirm reservations.

b. Contact Form Data

  • Name
  • Email address
  • Message content

This data is used solely to respond to your inquiry.

c. Technical and Usage Data

  • IP address
  • Browser type and version
  • Device and operating system information
  • Pages visited and interaction data
  • Date and time of access

This data is used for security, analytics, and Website performance optimization.

4. Purpose of Data Processing

  • Managing and confirming bookings and reservations
  • Processing online payments securely
  • Communicating with guests regarding bookings or inquiries
  • Ensuring payment security, fraud prevention, and regulatory compliance
  • Complying with legal, tax, and accounting obligations
  • Improving Website functionality, performance, and user experience
  • Protecting the Website against unauthorized access, abuse, or fraud

5. Legal Basis for Processing

  • Contractual necessity, where processing is required to perform or manage a booking
  • Consent, where you voluntarily submit data through forms
  • Legal obligation, where processing is required by law
  • Legitimate interest, including service improvement, security, and fraud prevention

6. Payments, Booking Security, and Compliance

Online bookings on rachivillas.gr are completed through a secure booking form that supports online payments via Viva Wallet. Personal data collected during the booking and payment process is processed strictly for reservation confirmation and management, secure payment processing, fraud detection and prevention, compliance with financial, tax, and regulatory requirements, and customer identification required for payment security.

Payment transactions are handled directly by Viva Wallet using industry-standard security measures, encryption, and authentication protocols. We do not store full payment card details on our servers.

Viva Wallet operates as an independent payment service provider and processes personal and transactional data in accordance with its own privacy policy and applicable financial regulations.

7. Data Retention

Personal data is retained only for as long as necessary to fulfill booking and contractual obligations, meet legal, accounting, and tax requirements, and resolve disputes or enforce agreements. Once data is no longer required, it is securely deleted or anonymized.

8. Data Security

We implement appropriate technical and organizational measures to protect personal data, including secure servers and encrypted connections, restricted access to personal data, and regular system monitoring and updates. While we take all reasonable precautions, no online system can guarantee absolute security.

9. Data Sharing and Third Parties

Personal data may be shared only with trusted third parties where necessary, such as:

  • Payment service providers for transaction processing
  • Hosting, analytics, or technical service providers supporting Website operation

All third parties are required to process data in compliance with GDPR and only for the purposes defined by us.

10. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion of your data, where legally permitted
  • Request restriction or object to certain processing activities
  • Request data portability
  • Withdraw consent at any time, where consent is the legal basis

Requests regarding these rights can be submitted only through thecontact form on the Website.

11. Cookies

The Website may use cookies and similar technologies to ensure proper operation, analyze traffic, and enhance user experience. You may manage or disable cookies through your browser settings. Disabling cookies may affect certain Website features or functionality.

12. Third-Party Links

The Website may contain links to external websites operated by third parties. We are not responsible for the content, security, or privacy practices of external websites.

13. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Any changes will be published on this page and take effect immediately upon posting.

14. Contact

For any questions, requests, or concerns regarding this Privacy Policy or the processing of personal data, please use thecontact form available on the Website.