top of page

Privacy Policy

Privacy Policy

 

Last updated: November 2025

 

1. Controller

 

The controller responsible for the processing of personal data through this website is Iason Dendrinos, based in Greece.

Contact: holitravelholitravel@gmail.com

 

2. General Information

 

This Privacy Policy explains how Holitravel Ionian (“we,” “us,” “our”) processes personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable data protection laws.

 

3. Categories of Personal Data

 

We may process the following categories of personal data:

    •    Technical and usage data (IP address, browser type, referrer URL, device ID, time of access, session data).

    •    Communication data (emails or messages sent via contact forms).

    •    Analytical and marketing data (interactions with embedded services such as Google Maps or social media).

 

4. Purposes and Legal Basis for Processing

 

Processing activities are conducted under the following legal bases as defined in Article 6 GDPR:

    •    Article 6 (1)(a) – Consent: for analytical, functional, or marketing cookies and third-party services.

    •    Article 6 (1)(b) – Contract performance: to provide requested travel-related information or services.

    •    Article 6 (1)(c) – Legal obligation: to comply with applicable laws or regulatory duties.

    •    Article 6 (1)(f) – Legitimate interests: to ensure the security, functionality, and optimization of our website.

 

5. Data Retention

 

Personal data are retained only as long as necessary for the purposes described above or as required by law.

Session data are deleted after the browsing session ends. Consent-based cookies are stored up to 183 days unless withdrawn earlier.

 

6. Recipients and Third-Party Processors

 

We use trusted service providers under data-processing agreements compliant with Article 28 GDPR:

    •    Wix .com Ltd. – website hosting and content management (data centers in the EU and USA).

    •    Usercentrics A/S – cookie consent management platform.

    •    Google LLC – services including Google Maps, Google Fonts, and Google reCAPTCHA (data transfer to the USA under standard contractual clauses).

 

7. International Data Transfers

 

Where data are transferred outside the European Economic Area, such transfers are protected by Standard Contractual Clauses and appropriate technical and organizational measures.

 

8. Data Subject Rights

 

Under Articles 12–23 GDPR, users have the right to:

    •    Access their personal data.

    •    Rectify inaccurate data.

    •    Request erasure (“right to be forgotten”).

    •    Restrict or object to processing.

    •    Withdraw consent at any time (without affecting prior lawful processing).

    •    Lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr).

 

Requests can be sent to holitravelholitravel@gmail.com.

 

9. Data Security

 

We implement encryption, secure servers, and access control measures to safeguard data against unauthorized access or misuse.

 

10. Changes to This Policy

 

We may update this Privacy Policy from time to time. Updates will be published on this page with a revised “Last updated” date.

bottom of page