Πολιτική απορρήτου

PRIVACY POLICY

FAIRYTALE SUITES - suites.fairytale.com.gr

Τελευταία ενημέρωση: 4/8/2025

1. INTRODUCTION

Fairytale Suites ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our website suites.fairytale.com.gr and our booking services. This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. DATA CONTROLLER INFORMATION

Data Controller:
  • Company: Fairytale Suites
  • Address: Λεοκορίου 16, Αθήνα 105 54, Ελλάδα
  • Email: info@fairytale.com.gr
  • Phone: 2102582341
  • Business Hours: 8:00 AM – 12:00 PM

3. PERSONAL DATA WE COLLECT

3.1 Information You Provide Directly

When making a booking or contacting us, we collect: Booking Information:
  • Full name and contact details
  • Email address and phone number
  • Billing and payment information
  • Special requests or preferences
  • Dietary requirements or accessibility needs
  • Emergency contact information
Communication Data:
  • Messages sent through our contact forms
  • Email correspondence
  • Phone call records
  • Chat or support interactions

3.2 Information Collected Automatically

When you visit our website, we automatically collect: Technical Data:
  • IP address and location data
  • Browser type and version
  • Device information
  • Operating system
  • Pages visited and time spent
  • Referral sources
  • Cookies and similar technologies
Usage Data:
  • How you navigate our website
  • Features you use
  • Booking patterns and preferences
  • Search queries and filters applied

3.3 Information from Third Parties

We may receive data from:
  • Payment processors (transaction confirmations)
  • Booking platforms and partners
  • Social media platforms (if you connect accounts)
  • Marketing partners and affiliates

4. HOW WE USE YOUR PERSONAL DATA

4.1 Legal Bases for Processing

We process your personal data based on:
  • Contract performance: To fulfill your booking and provide services
  • Legitimate interests: To improve our services and communicate with you
  • Legal compliance: To meet regulatory and tax obligations
  • Consent: For marketing communications (where required)

4.2 Purposes of Data Processing

Service Delivery:
  • Processing and managing bookings
  • Providing accommodation services
  • Handling payments and invoicing
  • Customer service and support
  • Managing cancellations and modifications
Business Operations:
  • Improving our website and services
  • Analyzing usage patterns and preferences
  • Preventing fraud and ensuring security
  • Compliance with legal obligations
  • Resolving disputes and enforcing terms
Marketing and Communications:
  • Sending booking confirmations and updates
  • Providing customer support
  • Marketing communications (with consent)
  • Surveys and feedback requests
  • Loyalty program management

5. COOKIES AND TRACKING TECHNOLOGIES

5.1 Types of Cookies We Use

Essential Cookies:
  • Website functionality and security
  • Session management
  • Shopping cart and booking process
  • Authentication and user preferences
Analytics Cookies:
  • Google Analytics (website performance)
  • User behavior analysis
  • Traffic source tracking
  • Conversion measurement
Marketing Cookies:
  • Advertising campaign tracking
  • Social media integration
  • Retargeting and personalization
  • Third-party advertising networks

5.2 Cookie Management

You can control cookies through:
  • Browser settings and preferences
  • Our cookie consent banner
  • Opt-out links from third-party services
  • Privacy-focused browser extensions
Note: Disabling essential cookies may affect website functionality.

6. DATA SHARING AND DISCLOSURE

6.1 When We Share Your Data

We may share your personal data with: Service Providers:
  • Payment processors (secure transactions)
  • Email service providers (communications)
  • Cloud hosting services (data storage)
  • Analytics providers (website improvement)
  • Customer support platforms
Business Partners:
  • Booking platforms and travel agencies
  • Local tour operators and services
  • Transportation providers
  • Insurance companies (when applicable)
Legal Requirements:
  • Government authorities (when legally required)
  • Law enforcement agencies
  • Courts and regulatory bodies
  • Legal representatives

6.2 Data Transfer Safeguards

When transferring data outside the EU, we ensure:
  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Appropriate safeguards and protections

7. DATA RETENTION

7.1 Retention Periods

We retain personal data for: Booking Data: 7 years (tax and accounting requirements) Payment Information: 13 months (fraud prevention) Marketing Data: Until consent is withdrawn Website Analytics: 26 months (Google Analytics default) Communication Records: 3 years (customer service)

7.2 Deletion Criteria

Data is deleted when:
  • Retention period expires
  • Purpose for processing is fulfilled
  • Legal obligations are met
  • You withdraw consent (where applicable)
  • You exercise your right to erasure

8. YOUR RIGHTS UNDER GDPR

8.1 Individual Rights

You have the right to: Access: Request copies of your personal data Rectification: Correct inaccurate or incomplete data Erasure: Request deletion of your data Restriction: Limit how we process your data Portability: Receive your data in a portable format Objection: Object to certain types of processing Automated Decision-Making: Not be subject to solely automated decisions

8.2 Exercising Your Rights

To exercise your rights:
  1. Contact us using the details in Section 2
  2. Provide proof of identity
  3. Specify which right you want to exercise
  4. Include relevant details about your request
Response Time: We will respond within 30 days of receiving your request.

8.3 Right to Complain

You have the right to lodge a complaint with:
  • Greek Data Protection Authority (DPA)
  • Address: Kifisias 1-3, PC 11523, Athens
  • Phone: +30 210 6475 600
  • Email: contact@dpa.gr

9. DATA SECURITY

9.1 Security Measures

We implement appropriate technical and organizational measures: Technical Safeguards:
  • SSL/TLS encryption for data transmission
  • Secure servers and databases
  • Regular security updates and patches
  • Access controls and authentication
  • Firewall and intrusion detection systems
Organizational Measures:
  • Staff training on data protection
  • Access controls and authorization levels
  • Regular security audits and assessments
  • Incident response procedures
  • Data breach notification protocols

9.2 Data Breach Response

In case of a data breach, we will:
  • Assess the risk and impact
  • Notify authorities within 72 hours (if required)
  • Inform affected individuals promptly
  • Take immediate remedial action
  • Conduct thorough investigation

10. CHILDREN'S PRIVACY

10.1 Age Restrictions

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent.

10.2 Parental Responsibility

If you are a parent or guardian making a booking that includes children:
  • You are responsible for providing their information
  • You consent to our processing of their data
  • You can exercise rights on their behalf

11. THIRD-PARTY LINKS AND SERVICES

11.1 External Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of external sites. We recommend reviewing their privacy policies before providing personal information.

11.2 Integrated Services

We use third-party services including:
  • Google Analytics: Website analytics and performance
  • Payment Processors: Secure payment processing
  • Social Media Plugins: Social sharing and integration
  • Booking Platforms: Distribution and reservations
Each service has its own privacy policy governing data collection and use.

12. INTERNATIONAL TRANSFERS

12.1 Transfer Mechanisms

When transferring data internationally, we use:
  • Standard Contractual Clauses (SCCs)
  • Adequacy Decisions by the European Commission
  • Binding Corporate Rules
  • Consent (in limited circumstances)

12.2 Non-EU Transfers

Data may be transferred to countries outside the EU for:
  • Cloud storage and processing
  • Customer support services
  • Payment processing
  • Analytics and marketing services
We ensure appropriate safeguards are in place for all international transfers.

13. MARKETING COMMUNICATIONS

13.1 Consent and Preferences

We will only send marketing communications with your consent. You can:
  • Opt-in during the booking process
  • Update preferences in your account
  • Unsubscribe from any email
  • Contact us to update preferences

13.2 Types of Communications

Marketing communications may include:
  • Special offers and promotions
  • Newsletter and updates
  • Survey and feedback requests
  • Loyalty program benefits
  • Local area information and recommendations

14. UPDATES TO THIS POLICY

14.1 Policy Changes

We may update this privacy policy to reflect:
  • Changes in our practices
  • Legal or regulatory requirements
  • New features or services
  • Feedback from users and authorities

14.2 Notification of Changes

We will notify you of significant changes by:
  • Posting the updated policy on our website
  • Sending email notifications (for material changes)
  • Updating the "Last Updated" date
  • Highlighting key changes in our communications

15. CONTACT INFORMATION

15.1 Data Protection Inquiries

For questions about this privacy policy or data protection matters: Email: info@fairytale.com.gr Phone: 2102582341 Address: Λεοκορίου 16, Αθήνα 105 54, Ελλάδα Business Hours: 8:00 AM – 12:00 PM

15.2 General Contact

Website: suites.fairytale.com.gr Email: info@fairytale.com.gr
Effective Date: This privacy policy is effective as of the date listed above and supersedes all previous versions. Language: In case of discrepancies between different language versions of this policy, the English version shall prevail.
To top