Privacy policy

Privacy policy

The registration number of tourist enterprises (ΜΗ.Τ.Ε.) 0933E81000104301

General

This privacy policy has been developed in compliance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). By virtue of this policy notice, we inform you about the type of information capable of identifying you as a particular individual (hereinafter referred to as “personal information”) we may collect from you, the purposes for which we will use your personal data, with whom such information will be shared, and the security procedures we have implemented to protect your privacy.

Personal data is information that can be related to a specific individual, such as the individual’s name, location data, an identification number or email address, your transactions with us and the credit card information.

The data collected are processed by Amfipoli Travel SA (henceforth referred to as “we” or “us”), having its registered seat in Thessaloniki, Greece.

You have the right to make a complaint at any time to your country’s supervisory authority for data protection issues. In Greece this is the Hellenic Data Protection Authority, details of which can be found via the following link: www.dpa.gr. We would, however, appreciate the chance to deal with your concerns before you approach the data protection authority, so please contact us in the first instance using the contact details above.

By using our platform and services, you enter into a contractual agreement with us. A necessary prerequisite for the performance of a booking through our website is the collection and processing of your personal data.

Your personal data are being collected in order to fulfil our contractual obligation to you for determined, explicit and legal purposes and they are not further processed in a manner incompatible with those purposes [article 5 par. 1b of Regulation (EU) 2016/679]. In this contractual relationship in which You are the Personal Data Subject, our Company acts as either the Data controller or as the Data processor [article 4 of Regulation (EU) 2016/679].

Categories of information that we collect and how we collect your information

Although in certain instances we may ask you to provide us with your personal information, for example, so as to enable you to purchase products or services (and we will make it clear to you at that time what we need from you), you can however visit many pages on our website without the need to supply any type of personal information.

1. Categories of personal data

That said, we may collect, use, store and transfer different kinds of personal data about you, which we have grouped together as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.

  • Contact Data includes billing address, delivery address, email address and telephone numbers.

  • Financial Data includes bank account and payment card details.

  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.

  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

  • Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.

  • Usage Data includes information about how you use our website, products and services.

  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

  • Health Data provided by you to serve you better and meet your particular needs (for example, the provision of disability access).

2. How we collect your information and why we process them

We collect personal data about you whenever you use our services (whether services provided directly by us or by other companies or agents acting on our behalf), when you travel with us, when you use our websites, or when you use our chat, our call centre or mobile applications.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data only:

  • Where we need to perform the contract we are about to enter into or have entered into with you.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

  • Where we need to comply with a legal or regulatory obligation.

  • When you have provided us with your explicit consent to do so.

  • In case we rely on consent as a legal basis for processing your personal data, please note that you have the right to withdraw your consent at any time by contacting us using the contact details set out at paragraph 1 above.

3. Purposes for which we will use your personal data

We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need clarifications about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below:

Purpose / Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer (a) Identity
(b) Contact
Performance of a contract with you
To process and deliver your order, including:
(a) Manage payment and charges
(b) Collect and recover money owed to us
(c) Customer support in relation to your order
(a) Identity
(b) Contact
(c) Financial
(d) Transaction
(e) Marketing and Communications
(a) Performance of a contract with you
(b) Necessary for our legitimate interests (
to recover debts due to us)
To manage our relationship with you, which will include:
(a) Notifying you about changes to our terms or privacy notice
(b) Asking you to leave a review or take a survey
(a) Identity
(b) Contact
(c) Profile
(d) Marketing and Communications
(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (
to keep our records updated and to study how customers use our products / services)
To enable you to take part in a prize draw, competition or complete a survey (a) Identity
(b) Contact
(c) Profile
(d) Usage
(e) Marketing and Communications
(a) Performance of a contract with you
(b) Necessary for our legitimate interests (
to study how customers use our products / services, to develop and grow our business)
To manage and protect our business and the website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (a) Identity
(b) Contact
(c) Technical
(a) Necessary for our legitimate interests (for running our business, provision of admin and IT services, network security, to prevent fraud and in the context of a business reorganization)
(b) Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (a) Identity
(b) Contact
(c) Profile
(d) Usage
(e) Marketing and Communications
(f) Technical
Necessary for our legitimate interests (to study how customers use our products/services, to develop products and services)

Based on consent with respect to direct marketing and in order to grow our business and to inform our marketing strategy

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences (a) Technical
(b) Usage
Necessary for our legitimate interests (to define type of customers for our products/services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that might be of interest to you (a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Profile
Based on your consent. In this case our Company may apply automated procedures so as to analyze your behavior and your preferences, in order to identify and suggest services and goods that might be of your interest.

4. Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so or/and receive your explicit and clear consent.

Third Party Links

Our website may contain links to websites operated and maintained by third parties over whom we have no control. The data protection policies of those websites are not covered by this privacy policy. Any information you provide to third-party websites or to websites recommended by us with respect to your travel reservations will be governed by the terms of each such website’s privacy policy. Please note that when you click on one of these links, you are entering another website, and we have no responsibility or liability whatsoever for the content, actions, or policies of such third-party websites. We encourage you to read the privacy policies of all third-party websites (on top of this privacy policy), since such privacy policies may be materially different from this privacy policy.

Cookies policy

We would like to inform you that our website accepts the use of “cookies”, to determine how users reach our website and to track general usage patterns once a user is on our website. Cookies are messages that web servers pass to your web browser when you visit websites. Your browser stores each message in a small file, which will give us information about your last visit to our website. This information are collected and analysed in total in order to improve the functioning, the content and the overall appearance of our website. Most internet browsers accept the use of cookies automatically, but you can always choose not to accept a cookie by changing your computer settings, or by asking for your permission into accepting each cookie separately, but please note that this will limit the range of features available to you on the website.

Namely, we use the following cookies:

  • Technical Cookies– These cookies relate strictly to the use of the website. They are necessary to ensure the effectiveness and security of the website possible.

  • Functionality cookies– These are strictly necessary to provide the services requested by the users on this website. These cookies are used by the site “https://www.amfipolitravel.com”.

  • Analytics cookies– We’re constantly trying to improve our website through the simplification of the search and booking process. The most helpful information we get for this reason comes from analytics cookies that anonymously define how users interact with and navigate into our pages. This helps us improve our services offering and the online experience, while securing also that our users find the information that they are requesting.

  • Social media cookies– We may embed content from social media sites to share social widgets or personalize your experience based on the information you’ve previously shared with your social accounts.

  • Advertising cookies– Let us help you see the deals you really care about. By accepting this cookie, which tracks your browsing habits on our site, you’ll receive personalized advertising content for products and services that you’re actually interested in.

  • Affiliated cookies– We want to reward our affiliates for the business they bring us, but we can only do it with your help! These cookies only allow us to track if you were brought to our website by one of our affiliates.More specifically:

Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google Inc. (“Google“). Google Analytics uses “cookies”, text files that are stored on your computer and facilitate an analysis of your use of the website. The information generated by the cookies regarding your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports regarding website activities for the website operators and provide other services related to website use and internet use. Google may also transfer this information to third parties, provided that this is legally permitted or if third parties process this data on behalf of Google. Google will not associate your IP address with any other data held by Google.

By using this site, you agree to the processing of your data collected by Google in the way described above and for the aforementioned purpose. If you do not want Google to receive information from your browser when you open the pages, you will find the link to opt-out solution for Google Analytics here.

You may deactivate Google Analytics cookies by selecting the appropriate settings on your browser, but we point out that in such case we will not be able to register your purchases.

Who do we share your information with and why?

When you use our website and provide information about yourself, we use this information to complete your booking, fulfil any customer service related requests and provide you with booking related information via email. We do not share this information with third parties with the exception of necessary sharing for the completion of your order and fulfilment of your travel arrangements. Such other parties may include, but are not limited to, ferry companies and other travel suppliers, credit card merchant services, reservation systems, etc.

These service providers will disclose information about your travelling profile to the ferry company, car rental company and other travel suppliers, from whom you have purchased products / services. Although we attempt to carefully select our travel suppliers so as to be reputable and reliable companies and we endeavour to place contractual restrictions on our third party partners who receive your personal information in order to ensure that they use this information in accordance with this Privacy Policy and applicable data protection laws, we cannot guarantee that these third party suppliers are not using or disclosing your information without your permission. Therefore, we encourage you to review the data privacy practices of any travel suppliers whose products you purchase via our website. In addition, these travel suppliers may also contact you as necessary to obtain additional information about your confirmed reservation.

Although no personal information is collected, we monitor our users’ navigation to our website in order to better understand and serve our customers. We may provide anonymous statistical information based on this data to carefully selected third party partners for business administration purposes, customer support, marketing and quality assurance, operational and analytical purposes. To the extent that any third party has access to your personal information, their use of this information will be limited solely to providing those functions and for no other purpose. We may disclose your personal information to third parties, such as official bodies and our professional advisers, as long as it is deemed necessary (i) for compliance purposes with relevant laws, orders or regulations; (ii) so as to enforce our customer terms and conditions or other contractual agreements; and (iii) in order to protect the property and other rights of the Company, our customers and others (for example, in any way relating to protection against fraudulent activities).

When you make a booking or purchase products or services offered on our website, due to our security-protection and fraud-detection processes, we may pass certain personal information which you provide to us (for example, your name, credit card, billing address details) to third party credit reference agencies, payment processors, or other third parties for the specific purpose of verifying that information. If your personal information cannot be satisfactorily verified (for example, your stated billing address does not match your credit card details), we will contact you to notify you that your purchase request has not been confirmed and to request the correct details, if they can be provided, before we can process your order.

When you purchase a product from our website

When you purchase products from us online, we ask you for your name, address, contact telephone number, email address and credit card information. We also record your IP (Internet Protocol) address, which is the address of your computer on the Internet.

We will use your information to verify your credit card details for your purchase, process your order and to send you your products. We will also send you a receipt via email and we may use your telephone number to contact you regarding your purchase.

We require this information in order to process your payment, deliver your products or services and fulfil our contract with you. We record your IP address in order to show that the correct tax was applied to the sale, which we are required to do by law.

Your information is stored on our website and on our cloud server, both of which are based within the European Union. Your credit card details are passed to a third-party payment processor which is certified to the EU-US Privacy Shield (which requires effective safeguards for your information). We do not retain your credit card information.

We do not use the information you provide to make any automated decisions that might affect you. [Describe any automated decisions that are made, including profiling].

We keep your order information for an indefinite period, as the licenses we sell for our products do not expire.

How you can access your information

We take reasonable steps to ensure that your information is relevant to its intended use, accurate, and complete. You can access and update your contact information by visiting the My Account on the website. Please note that after you close an account, you will not be able to sign in or access any of your personal information. However, you can open a new account at any time.

Data Security

We have put in place appropriate security measures (including encryption, anonymization or/and pseudonymization procedures where required) to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Retention of your information

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us. You can ask us to delete your data at any time.

Display of tailored advertising

We are committed to providing you with relevant content and information. To do this, we may, through cookies and other technologies, collect information about your travel-related searches. We use this information, together with other information we may have collected about you, to serve you with ads, on our website or elsewhere online, that match your apparent interests. Please note that we do not combine the information we collect about your travel-related searches on this website with personal information (such as email address) to serve you with ads across other websites. We also do not share your personal information with third parties so they can serve you other advertisements.

If you wish us to stop sending you newsletters or details of other offers and promotions (opt out) please automatically subscribe through the unsubscribe link in our emails or please, contact us here: [email protected]

Transfer of data

Please be aware that your information may be processed outside Greece, where our servers are located, and our central database is operated. Although the applicable data protection and other laws of the European Union are as comprehensive as those in Greece, please be assured that we will make every effort to ensure that your personal data is processed in accordance with the Greek data privacy legislation and any other relevant legislation in force from time to time.

Furthermore, in order to process your data as described in this privacy policy, we may need to send your information internationally including to countries outside the European Economic Area (EEA) for example. Despite the fact that these jurisdictions provide for similar protection in respect of personal information privacy, we will however take steps to ensure that your personal information is transferred, stored, and processed in accordance with appropriate security standards and in accordance with the terms of this Privacy Policy and applicable data protection laws.

Right of access, correction and deletion of your data

Being the personal data subject, you have the right to access your personal data that are processed by the Company, whereas you also have the right to request an amendment or correction of any type of Personal Data we hold about you [article 15 of the Regulation (EU) 2016/679]. Having in mind the processing purposes of the Company in the course of our contractual relationship with you, you may also request the addition of data, by virtue of an additional request from your side [article 16 of the Regulation (EU) 2016/679].

You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of our services.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Right of erasing your personal data: You have the right at any time to request from the Company (which acts as mentioned as Data Processor) to erase your data in light of the article 17 of the Regulation (EU) 2016/679.

Your personal data are stored for the period necessary for our Company to fully comply with its statutory obligations [article 23 of the Regulation (EU) 2016/679].

Any request regarding the modification, change and / or cancellation of your personal data processed by our Company can be emailed to us here: [email protected]

Contact for questions or comments

We are welcoming all your comments or questions.

You may also contact us at any time to:

  • Request access to any information that we have about you,

  • Correct or amend any information we have about you and/or,

  • Delete any information that we have about you.

If you have questions or comments about this privacy policy, or if you are concerned that we have not followed the principles set forth in this privacy policy, please send an email here: [email protected]

Other Information You Should Know

This Privacy Policy was revised and posted by Amfipoli Travel SA on 11/03/2020. We may, at our sole discretion, revise this privacy policy at any time and all such revisions shall be effective when posted, so please check this policy from time to time. Privacy Policy changes will apply to the information collected from the date we publish the revised Privacy Policy, as well as to existing information held by us. The use of our website after the posting of such changes shall constitute acceptance of such changes.

~On behalf of everyone at our team thank you for reading!

Amfipoli Travel SA © 2020