Greek TravelTellers knows how sensitive your personal information is and we are committed to protecting same and respecting your privacy.
This Privacy Policy (hereinafter referred to as “Policy“) describes how Greek TravelTellers E.E. (hereinafter referred to as “Greek TravelTellers”, “we”, “our” or “us”), with registered seat in Myriofytou 47, Nea Smyrni, Athens 17123, Greece, uses your personal data collected via its website greektraveltellers.com (hereinafter referred to as “Website“) and by any other means (e.g., via telephone calls, social media, cookies, etc.). Please read this Policy carefully.
Greek TravelTellers is the data controller of your personal data.
Personal data means any information relating to an identified or identifiable natural person, in accordance with the General Data Protection Regulation (hereinafter referred to as “GDPR”). This may include information such as your name, gender, age, email address, or your phone number. Generally, the type of personal information we collect about you is limited to any information which is necessary to enable the provision of any services you purchase from Greek TravelTellers, such as your travel arrangements and bookings, or to arrange the provision or purchase of ancillary services and/or products on your behalf from 3rd party suppliers, or to provide information about such services.
1. Information we may collect
- Data processing to enable the use of the Website:
When you visit the Website, we may collect information about your computer, including (where available) your IP address, operating system and browser type, for system administration and to report aggregate information. This statistical data about our users’ browsing actions and patterns does not identify any individual. - Data processing to enable the use of our services:
- We may collect and process some or all of the following personal data that you provide directly when you choose to:
- fill out a form,
- enquire for further information or for our services,
- book or purchase our services,
- contact us via email,
- contact us by phone, or
- subscribe to our newsletter.
You may be asked, as appropriate, to provide your full name, date of birth, age, e-mail address, mailing address, postal or zip code, phone number, the hotel in which you are staying, company name, or position within that company, payment details (such as credit card number, card expiry date, card verification code).
In some circumstances, we may collect personal information about you from a third party. This includes where a person purchases or reserves any service from Greek TravelTellers on your behalf, such as (but not limited to) a family or group reservation, or a reservation made for you by a travel agent. Where this occurs, we will rely on the authority of the person purchasing such service to act on behalf of any other traveler/participant on the reservation.
When you are the one purchasing any service from Greek TravelTellers on behalf of any other person or person(s) (as above referred), you agree you have obtained the consent of said person or persons to collect, use and disclose their personal information in accordance with this Privacy Policy and that you have otherwise made the other person or persons aware of this Privacy Policy. If you become aware that your personal information has been provided to us by another person without your consent, or if you did not obtain consent before providing another person's personal information to us, you should notify us immediately in writing.
- Sensitive personal data:
Sometimes we may require that you provide more information (“sensitive personal data”), in order to ensure the safety and/or proper provision of our services. Below is a description of some of the extra information we may require:
Dietary Restrictions / Preferences: we understand that many of you prefer or are required to follow certain diets. We try to accommodate these choices and needs whenever possible. To accomplish this, your dietary preferences need to be recorded. This information is then transferred to our guides to ensure that your requirements can be met.
Health Condition: we may need information about your age, gender and general health so that we can assist in safeguarding your personal health and safety.
We will only collect sensitive information with your explicit consent, when it is reasonably necessary, and in connection with facilitating your request.
By sharing sensitive personal data with us, you explicitly agree that we are allowed to collect and use this data in accordance with this Privacy Policy so that we can provide our services. If you do not allow us to process sensitive personal data, we may be unable to provide said services, or only partially, as a consequence. In such circumstances you are not entitled to reclaim any payment you or anyone reserving said services on your behalf may have made. - Data Retention Period
Greek TravelTellers retains your information as long as it is necessary and relevant for its operations. In addition, we may retain information from closed accounts to comply with the law, prevent fraud, collect any fees owed, resolve disputes and take other action permitted by law. - Data collected by third party providers
Greek TravelTellers uses a variety of third party service providers to help us provide our own services. Service providers may be located inside or outside of the European Economic Area (“EEA”). In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, the information collected through such means is disclosed to and gathered directly by these service providers as listed below, and any service provider’s use of such information is subject to the service provider’s privacy policies, and not Greek TravelTellers’. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
• Google, for the use of Gmail Suite where Greek TravelTellers email accounts & files are stored.
• Tawk.to, who provides the messenger and chat widget.
• PayPal and Stripe, as payment processing providers.
• Regiondo, as a booking engine.
2. Tracking technology we may use
Greek TravelTellers uses, or our 3rd party advertising partners use, various tracking technologies, such as cookies, web beacons, tags, scripts, analytics software or other similar technologies, that help us better manage, operate, administer, maintain, develop, analyse and support the Website and the services provided by Greek TravelTellers.
- Facebook Pixel
The Website contains tracking technology by Facebook. This may include cookies (see point ‘e’ below). Facebook collects and stores usage data in pseudonymous profiles for the purposes of web analysis and interest-based advertising. You can opt-out of such data collection and storage at any time with effect for the future by visiting https://www.facebook.com/ads/preferences/ or by setting an opt-out-cookie on your device via the website of the EDAA. You will find further information on the data processing by Facebook in the privacy policy of Facebook (https://www.facebook.com/privacy/explanation) and on this webpage. - Google Analytics
The Website uses Google Analytics, a web analytics service by Google. Google Analytics uses cookies (see point ‘e’ below) in order to analyse your use of this Website. The information about your use of this Website collected using cookies is usually transferred to and stored on servers of Google in the US. Prior to the transfer to the US, Google masks and thereby anonymises your IP address within the territory of the EU or of the European Economic Area. Only in exceptional cases, the full IP address is sent to and masked by Google servers in the US. On behalf of the website provider, Google will use this information to analyse your use of the Website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not combine your IP address with any other data held by Google.
You may refuse to have cookies stored on your device by appropriately configuring your browser or by using a privacy plugin. Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available here: https://tools.google.com/dlpage/gaoptout?hl=en-GB. Further information on the data processing in the context of Google Analytics is available under: https://policies.google.com/privacy?hl=en. - Google AdWords conversion and remarketing
We also use Google Analytics to evaluate data from the Google services AdWords for statistical purposes. This way, in order to improve our services, we can analyse what happens after a user has clicked on one of our ads, e.g. whether a user has ordered a product or has viewed the ad from a mobile device. Furthermore, you may receive interest-based ads through these services. You can opt-out of such interest-based ads via the Google Ads setting pages: https://adssettings.google.com.
The Website uses the remarketing feature of Google. Essentially, this serves to present interest-based advertisements to visitors to a website belonging to the advertising network of Google. To enable this, cookies are stored on your computer. When you visit our site and then call up a website belonging to the advertising network of Google, you may therefore be shown advertisements of Greek TravelTellers. According to Google, it does not collect any personal data in this process. If you, nevertheless, do not wish to use the Google remarketing feature, you can deactivate this by changing the appropriate settings under https://adssettings.google.com. You can find further information about Google remarketing and the Google Privacy Policy under: https://policies.google.com/technologies/ads. - Google Tag Manager
This website uses Google Tag Manager to manage website tags. A tag is a JavaScript snippet that can be used to send information from a website to a third party, in particular in the context of web tracking. The tool Google Tag Manager itself does not collect personal data. Rather, the tool triggers other tags that may collect data (such as the tag of Google Analytics). Google Tag Manager does not access such data. A deactivation on the domain level or cookie level will affect all tracking tags implemented via Google Tag Manager. This facilitates the implementation of an effective opt-out of web tracking. - Cookies
Generally speaking, cookies are small text files that are placed in your device’s browser, then stored on the device, and that can be used to help recognize that browser across different web pages, websites, and browsing sessions. Cookies can be used to recognise you when you visit the Website, remember your preferences, and give you a personalised experience that’s in line with your settings. Cookies also make your interactions with the Website faster and more secure.
For more information about the cookies we use and how to opt-out please visit our Cookies Notice.
3. Payments on our website
a. EveryPay
Recognizing the importance of electronic payment security, EveryPay is a licensed Payment Institution by the Bank of Greece (Decision No. 280/3 / 23-7-2018 GG B 3010 / 25-7-2018), and manages securely card payment transactions, in accordance with the regulatory framework of the card transaction security management standard. EveryPay is certified in accordance with the PCI DSS compliance standards. All EveryPay services are made through secure connections with 256bit SSL certificates. EveryPay also supports the ability to use the 3D Secure service, an additional security token for VISA & MasterCard. The Payer then has to enter his personal secret code to complete the transaction successfully.
b. Stripe
A PCI-certified auditor has audited Stripe. They are a certified PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, they use the best-in-class security tools and practices to maintain a high level of security at Stripe. Stripe forces HTTPS for all services using TLS (SSL), including their public website and the Dashboard to ensure secure connections:
- Stripe.js is served only over TLS.
- Stripe’s official libraries connect to Stripe’s servers over TLS and verify TLS certificates on each connection.
They regularly audit the details of their implementation, including the certificates they serve, the certificate authorities they use, and the ciphers they support. They use HSTS to ensure that browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.
All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons can obtain plain text card numbers but can request that cards are sent to a service provider on a static allowlist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in a separate hosting environment, and doesn’t share any credentials with Stripe’s primary services including their API and website.
4. Use of your collected personal data
Any use of your personal data by Greek TravelTellers is consistent with this Privacy Policy. We may use your information to:
• process your online requests and bookings/orders and provide you with the requested services and information offered through the Website;
• verify and carry out financial transactions in relation to payments you make;
• audit the downloading of data from the Website;
• improve and customise the Website, our products, services and our business in general, such as by tracking your preferences, history and interactions with the Website;
• identify visitors to the Website;
• carry out data analytics, market research and data enrichment, such as by analysing your preferences, shopping history and interactions with the Website together with data collected from third parties, such as data that you agree to share with us on social networks (e.g., Facebook, Instagram, etc.) and/or that we may collect from publicly accessible databases;
• correspond with you to resolve your queries or complaints; and
• send you marketing communications containing news, information and updates about our products and services, offers, promotions and special events, and other marketing communications that may be of interest to you by SMS, email or telephone), and customise your experience with us to your interests and shopping habits and improving our services, notably via profiling.
Whenever we process your personal data, we act on the basis of a lawful “justification” (or legal basis) for such processing. In the majority of cases, the processing of your personal data will be justified on one of the following bases:
• processing is necessary to perform a contract with you or take steps that you have requested in order to enter into a contract by filling the online booking form (e.g. sale contract);
• processing is necessary for us to comply with a legal obligation;
• processing is in our legitimate interests as a business, and our interests are not overridden by your interests, fundamental rights or freedoms. Our legitimate interests may include our interest in using customer and Website user personal data to conduct and develop our business activities (in cluding by carrying out standard marketing activities), with current and potential customers and Website users; and in establishing, exercising or defending legal claims; or
• processing is based on your prior explicit consent, such as segmented and customised marketing activities. This consent can be expressed by clicking the check box with the consent clause.
5. Disclosure of your personal data
We may disclose your personal data to our service providers who assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in performing other tasks, as appropriate. Furthermore, your personal data may be disclosed to an insurance company affiliated with us to guarantee the safety of our customers during the tours and to the tour guide. In case of wine and gastronomy tours certain categories of your personal data, such as your name and your allergies may be disclosed to the restaurants.
Your personal data will be accessible by authorised personnel of Greek TravelTellers, and service providers acting on our behalf on a need-to-know basis.
Due to the nature of the Greek TravelTellers’ business, for the purposes set out above, we may transfer your personal data to third parties located in other countries outside the EU/EEA, including the USA and other countries that have data protection framework which may be not equivalent to that in your country of residence. In the event your personal information is transferred outside the EU/EEA, Greek TravelTellers undertakes the obligation to ensure that transfers to those countries will be made pursuant to the Standard Contractual Clauses approved by the European Commission or any other safeguards where permissible by the applicable data protection law each time in force, of which you can request a copy via email.
We may also share your personal data with third parties in connection with potential or actual sale of our company or any of our assets, or those of any associated company, in which case personal data held by us about our users may be one of the transferred assets.
We will also respond to requests for personal data where required by to do so by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.
6. Security
We place great importance on the security of all personal data associated with our users. We have adopted security measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access. For the best possible protection of your personal data outside the limits of our control, your device should also be protected (such as by installing an updated antivirus system) and your internet service provider should take appropriate measures for the security of network data transmission (such as, for example, firewalls and anti-spam filtering).
While we take all reasonable steps to protect your personal data, we cannot guarantee that the personal data you disclose to us will be 100% secure, nor that any data breach will not occur.
You accept the inherent security implications of dealing on-line over the Internet and will not hold Greek TravelTellers or their processors responsible for any data breach unless it is due to our gross negligence. In particular, Greek TravelTellers excludes any liability for damage or loss suffered by the Website’s user as a result of the inadequacy, dysfunction or incompatibility of the user’s equipment with the Website and/or failure by the user to implement reasonable and necessary protection against harmful programs, devices or communications.
7. Your rights
Under Data Protection regulations, you have a number of important rights regarding your personal data that you may exercise at any time by contacting us at . These rights are as follows:
• Right to be informed: you have the right to be informed about the collection and use of personal data. We do this in this Privacy Policy and our Cookies Notice.
• Right of access, rectification and erasure: you have the right to request access to and obtain a copy of any of your personal data that we may hold, to request correction of any inaccurate data relating to you and to request the deletion of your personal data under certain circumstances.
• Right of data portability: under certain conditions, you have the right to receive all such personal data which you have provided to us in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
• Right to restriction of processing: you have the right to restrict our processing of your personal data where:
• you contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
• the processing is unlawful but you do not want us to erase the data;
• we no longer need your personal data for the purposes of the processing, but you require such data for the establishment, exercise or defence of legal claims; or
• you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether we have overriding compelling legitimate grounds to continue processing.
Where personal data is subject to restriction in this way, we will only process it with your consent or for the establishment, exercise or defence of legal claims.
• Right to object to processing justified on legitimate interest grounds: where we are relying upon legitimate interest to process personal data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims. Where we rely upon legitimate interest as a justification for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.
Greek TravelTellers will respond to any any appropriate request to access, correct, update or delete your personal information without excessive delay. Before we proceed with any request, we will take steps to verify the identity of the person making the request. We will promptly fulfill your request to delete your personal data unless this data is required to be retained by law. Also, we will not be able to delete information that is required to maintain our business purpose or that is required to facilitate your contract with us.
8. Your consent to provide personal information
Any service that Greek TravelTellers provides to you is purely voluntary. You are not required to provide any personal or/and sensitive information to us unless you choose to access features of the tour/service that requires such information. If you do not agree with the terms of this Privacy Policy or Greek TravelTellers’ Terms & Conditions related to our services, then do not provide us with personal information, exit from the Website, and discontinue using our services.
Accordingly, by accessing, visiting, using any of the functionalities on the Website (including, but not limited to, booking services online or filling out the Contact Form or/and Inquiry Form), you expressly consent to our collection, use, disclosure, and retention of your information as described in this Privacy Policy and in Greek TravelTellers’ Terms & Conditions.
9. Other provisions
- Protection of minors
Children and adolescents with limited legal capacity are as a matter of principle not allowed to transfer any personal data to the Website without prior consent of their parents or legal guardian. Greek TravelTellers will in no way knowingly collect personal data from children or adolescents with limited legal capacity, use these data in any form, or divulge these data to third parties without authorisation. If you are under 18, please do not give us any Personally Identifiable Data. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children to never provide Personally Identifiable Data on the Website without their permission. If you have reason to believe that a minor has provided Personally Identifiable Data to Greek TravelTellers through the Website, please contact us, and we will endeavour to delete that information from our databases. - Links to third party websites
The Website may provide links to other third party websites (“Third Party Websites”). This Privacy Policy applies only to the Website and not to any Third Party Websites. We suggest that you contact those sites directly for information on their privacy, security, data collection and distribution policies. - Newsletter & emails
If you have purchased on the Website, there is a good chance you will receive emails from us. We will only send you emails which you have signed up to receive, or which pertain to the services we provided to you. To send you emails, we use the name and email address you provide us. The Website also logs the IP address you used when you signed up for the service to prevent abuse of the system. No identifiable information is otherwise tracked outside this Website except for the email address. - Terms of Service
Please also visit our Terms & Conditions section establishing the use, disclaimers, and limitations of liability governing the use of the Website, a link to which can be found at the bottom of this page. - Updates and changes to our Privacy Policy
We may occasionally change this Privacy Policy, for example, to comply with new requirements imposed by the applicable laws or technical requirements. We will post the updated Privacy Policy on the Website. We may also notify you in case of material changes and seek your consent to those changes, where required by applicable law. You are thus encouraged to periodically review this page for any changes.
This Privacy Policy was last modified on February 14th, 2023. - If there are any questions regarding this Privacy Policy you may contact us at