Privacy Policy

The data controller responsible for your personal data is Strimoniko Hotel, located at Leof. Egnatias 49, 630 72 Asprovalta, Chalkidiki, Greece. You may contact us at info@hotel-strimoniko.gr or by telephone at +30 23970 22209. This privacy policy applies to the processing of personal data in connection with our website (strimonikoshotel.com), our contact and enquiry forms, and any communications you have with us.

We process your personal data in accordance with: • Regulation (EU) 2016/679 (General Data Protection Regulation — GDPR) • Greek Law 4624/2019 on the protection of personal data • Directive 2002/58/EC (ePrivacy Directive) as implemented in Greek law The Hellenic Data Protection Authority (HDPA) supervises the application of data protection law in Greece. You may lodge a complaint with the HDPA at www.dpa.gr.

We collect and process the following categories of personal data: • Contact form: name, email address, arrival and departure dates, number of guests, room preference, enquiry type, and your message. • Communications: if you contact us by telephone, email or WhatsApp, we may retain your contact details and the content of our correspondence. • Technical data: when you visit our website, we may automatically collect your IP address, browser type, and device information. See our Cookie Policy for details. We do not collect special categories of personal data (e.g. health, religion) unless you voluntarily provide such information and we have a lawful basis to process it.

We process your data for the following purposes and on the following legal bases: • Responding to enquiries and providing information about our hotel — legitimate interest (Art. 6(1)(f) GDPR) and, where applicable, performance of a contract (Art. 6(1)(b) GDPR). • Managing reservations and bookings — performance of a contract (Art. 6(1)(b) GDPR). • Complying with legal obligations (e.g. tax, guest registration) — legal obligation (Art. 6(1)(c) GDPR). • Improving our website and services — legitimate interest (Art. 6(1)(f) GDPR), subject to your consent where required by the ePrivacy Directive. We will not use your data for marketing purposes without your explicit consent.

Your data may be shared with: • Service providers who assist us (e.g. hosting, email delivery, booking systems). We ensure they process data only on our instructions and in compliance with GDPR. • WhatsApp (Meta): if you contact us via WhatsApp, your messages are processed by Meta in accordance with their privacy policy. Meta may transfer data outside the EU under appropriate safeguards. • Google: our website embeds Google Maps. Google may collect data as described in Google's Privacy Policy. • Public authorities when required by law. We do not sell your personal data. Any transfer of data outside the European Economic Area is carried out with appropriate safeguards (e.g. adequacy decisions, Standard Contractual Clauses).

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected: • Enquiry data: up to 24 months after the last contact, unless a booking or legal obligation requires longer retention. • Booking and guest data: as required by Greek law (e.g. guest registration records) and for the duration of any contractual or legal claims. • Marketing consent: until you withdraw consent. After the retention period, we securely delete or anonymise your data.

Under the GDPR and Greek Law 4624/2019, you have the right to: • Access: obtain confirmation as to whether we process your data and a copy of that data. • Rectification: have inaccurate data corrected. • Erasure: request deletion of your data in certain circumstances. • Restriction: limit processing in certain situations. • Portability: receive your data in a structured, machine-readable format. • Object: object to processing based on legitimate interests. • Withdraw consent: where processing is based on consent, you may withdraw it at any time. • Lodge a complaint: with the Hellenic Data Protection Authority (www.dpa.gr). To exercise these rights, contact us at info@hotel-strimoniko.gr. We will respond within one month.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These include secure hosting, encrypted communications where appropriate, and access controls.

We may update this privacy policy from time to time. The current version is always available on this page. We will notify you of significant changes where required by law. Last updated: March 2025.