• en
Contact us

Privacy policy

Home Privacy policy

The management and protection of the visitor / user’s personal data of the platform is subject to the terms of this notice as well as to national, community and international law on the protection of individuals from the processing of personal data, as is currently the case, and more specifically (GDPR), which is in force since May 25, 2018. Data processing will be done in accordance with the general terms and conditions set out in Regulation (EU) 201 6/679 on the protection of personal data.

Types of Data Collected

While using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

  • Email Address
  • First Name and Last Name
  • Phone Number
  • Address, State, Province, ZIP/Postal code, City
  • Company Signature
  • Cookies and Usage Data

We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

Cookies

Like many websites, we use “cookies”. Cookies are small programs that we transfer to your hard drive that allow us to recognize you and to provide you with a customized experience. If you do not want us to use cookies, you can easily disable them by going to the toolbar of your web browser, and clicking on the “help” button. Follow the instructions that will prevent the browser from accepting cookies, or set the browser to inform you when you receive a new cookie. In addition, you may visit this and other websites anonymously through the use of utilities provided by other private companies.

Usage Data

We may also collect information how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Third Parties

We may collect information that others provide about you when they use our website, or obtain information from other sources and combine that with information we collect through our website. We do not control, supervise or respond for how the third parties providing your information process your personal data, and any information request regarding the disclosure of your personal information to us should be directed to such third parties.

If you link, connect, or login to our website with a third-party service (e.g., Facebook, Twitter, Google, Instagram), we may collect information from the third-party service, such as your registration and profile information. This information varies and is controlled by that service or as authorized by you via your privacy settings at that service.

Legal basis for processing personal information (EEA visitors only)

If you are a visitor from the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

If we ask you to provide personal information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States (Zoho Corporation) and process it there.

Our cloud provider (Zoho Corporation), is a GDPR Compliant company with USA based Servers.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

A La Carte Travel EPE will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

How do we protect security of your Information?

  • We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.
  • We use encryption to protect your information contained in our customer list.
  • We use a firewall to protect against unlawful intrusion.
  • We limit access to your Personal Information on a “need to know” basis.
  • It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when finished using a shared computer.

How Do We Use Your Data?

All personal data is stored securely in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR).

We use your data to provide the best possible services to you. This includes:

  • Responding to communications from you;
  • Supplying you with email newsletters and event invites that you have subscribed to (you may unsubscribe or opt-out at any time);

In some cases, the collection of data may be a statutory or contractual requirement, and we will be limited in the services we can provide you without your consent for us to be able to use such data.

With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email or post with information, news and invites relating to our services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with Our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.

Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:

  1. you have given consent to the processing of your personal data for one or more specific purposes;
  2. processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract;
  3. processing is necessary for compliance with a legal obligation to which we are subject;
  4. processing is necessary to protect the vital interests of you or of another natural person;
  5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
  6. processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Your data protection rights

You have the following data protection rights:

  • If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.
  • In addition, if you are a resident of the European Union, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us at dpo@alacarte-travel.gr
  • You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us at dpo@alacarte-travel.gr.
  • Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

Non Related Entities and Other Websites

This privacy policy does not address, and we are not responsible for the privacy, data or other practices of any entities outside of A La Carte Travel EPE, including franchise companies, Hotel owners, agents, business partners, or any third party operating any site or service to which may be linked to from this site. The inclusion of a link on this site does not imply endorsement of the linked site or service by us. We have no control over, and are not responsible for, any third party’s collection, use and disclosure of your Personal Information. If you link to another site, your privacy depends on the policy of that site. We strongly urge you to check their privacy policy. Not all sites guarantee that they will not share your personally identifiable information with others.

In addition, we are not responsible for the data collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Data you disclose to other organizations through or the Apps or our Social Media Pages.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

How to contact us

If you have any questions or concerns about our use of your personal information, please contact us using the following details: dpo@alacarte-travel.gr

Menu