Privacy Policy

Our company, Vittorakis Travel, is the data controller responsible for your personal data in accordance with GDPR. For any questions or requests related to data protection, you can contact us at [email protected]

We collect personal data that you voluntarily provide, such as:

• Contact information (name, email, phone) to provide our services and communicate with you.
• Booking information (date, time, number of participants) to organize your experience.
• Payment information (only necessary details) required to complete transactions.

In some cases, we may also collect data regarding the use of our website, such as IP address, device information, and cookies, to improve our services and analyze website traffic.

We use your personal data for the following purposes:

• To fulfill your requests (e.g., bookings, service information).
• To improve our services through website usage analysis.
• To send newsletters and offers, only if you have explicitly consented.

Data processing is based on:

• Your consent where required (e.g., for sending newsletters).
• Contract performance when it relates to providing our services.
• Our legitimate interests (e.g., website improvement), as long as they do not override your rights.

According to GDPR, you have the following rights:

• Right of access to your personal data.
• Right to rectification of inaccurate or incomplete data.
• Right to erasure (the “right to be forgotten”), provided there are no legal obligations to retain it.
• Right to restrict processing in specific cases.
• Right to data portability to another data controller.
• Right to object to the processing of your data under certain conditions.

To exercise your rights, please contact us at [email protected]. We will respond within 30 days of receiving your request.

We take all necessary measures to protect your personal data from unauthorized access, loss, or disclosure.
Your data is securely stored, and we use encryption for sensitive information.

Your personal data will not be shared with third parties, except where necessary to provide the service (e.g., payment providers) or as required by law. When necessary, we only work with third parties who meet security standards and comply with GDPR.

We retain your data only for as long as necessary to fulfill the purposes for which it was collected or as
required by law. Your data is securely deleted when it is no longer needed.

We use cookies and similar technologies to enhance your browsing experience. You can manage your
cookie preferences through your browser settings. For more information, please refer to our Cookies Policy.

We reserve the right to update this Privacy Policy periodically. Any changes will be posted on our website, and we encourage you to review it regularly.