reservations@santosailsathens.com +30 697 331 7990
Book Now
Santo Sails Athens Santo Sails Athens

Privacy Policy

This Privacy Policy explains how Santosails Athens collects, uses, stores, and protects your personal data when you visit our website or make a booking with us.
We are committed to protecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Greek data protection legislation.

Last updated: April 2025

The data controller responsible for your personal data is Santosails Athens, operating as a luxury catamaran cruise service on the Athens Riviera, Greece.
For any questions or requests relating to this Privacy Policy or your personal data, please contact us at: reservations@santosailsathens.com

We may collect and process the following categories of personal data:

  • Identity data: first name, last name
  • Contact data: email address, phone number
  • Booking data: cruise selected, number of guests, date and time of cruise, special requests, dietary requirements, and medical conditions disclosed voluntarily
  • Payment data: payment card details processed securely through our payment provider (we do not store full card numbers)
  • Technical data: IP address, browser type and version, time zone, browser plug-in types, operating system and platform, and other technology on the devices you use to access our website
  • Usage data: information about how you use our website, products, and services
  • Marketing data: your preferences in receiving marketing from us and your communication preferences

We do not intentionally collect any special categories of personal data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, or health data) unless you voluntarily disclose health or dietary information in the context of a booking.

We collect data through the following means:

  • Direct interactions: when you fill in a booking form, create an account, contact us by email or phone, request a quote, or subscribe to our newsletter
  • Automated technologies: when you browse our website, we automatically collect technical and usage data through cookies, server logs, and similar technologies
  • Third parties: we may receive data from payment processors, booking platforms, or analytics providers

We use your personal data for the following purposes:

  • To process and manage your booking and provide the requested cruise service
  • To communicate with you about your reservation, including confirmations, reminders, and updates
  • To process payments and prevent fraud
  • To respond to your enquiries and provide customer support
  • To send you marketing communications where you have consented or where we have a legitimate interest to do so
  • To improve our website, services, and user experience
  • To comply with our legal obligations
  • To manage and protect our business and website (including troubleshooting, data analysis, and system maintenance)

We process your personal data on the following legal grounds:

  • Performance of a contract: processing your booking and delivering the cruise service you have purchased
  • Legitimate interests: improving our services, managing our business, fraud prevention, and direct marketing to existing customers
  • Consent: where you have explicitly given consent, such as subscribing to our newsletter or accepting non-essential cookies
  • Legal obligation: compliance with applicable laws and regulations

Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies may include:

  • Strictly necessary cookies: required for the website to function and cannot be disabled
  • Performance & analytics cookies: help us understand how visitors interact with our website (e.g. Google Analytics)
  • Functional cookies: enable enhanced functionality and personalization
  • Marketing & targeting cookies: used to deliver relevant advertising across the web

You can manage your cookie preferences through your browser settings or our cookie consent tool. Please note that disabling certain cookies may affect the functionality of our website.

We may share your personal data with the following categories of third parties:

  • Payment processors: to securely handle your payments
  • IT and system service providers: who support our website and booking platform
  • Analytics providers: such as Google Analytics, to help us understand website usage
  • Email marketing platforms: used to send newsletters and booking communications
  • Legal and regulatory authorities: where required by law

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes.

Some of our third-party service providers may be based outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your data to the standard required under the GDPR.

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Booking records are typically retained for a period of 5 years in line with Greek tax and commercial law obligations. Marketing data is retained until you withdraw consent or unsubscribe.

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: to receive a copy of the personal data we hold about you
  • Right to rectification: to request correction of inaccurate or incomplete data
  • Right to erasure: to request deletion of your data where there is no compelling reason for its continued processing
  • Right to restriction: to request that we restrict the processing of your data in certain circumstances
  • Right to data portability: to receive your data in a structured, commonly used, machine-readable format
  • Right to object: to object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at reservations@santosailsathens.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr.

We have implemented appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, destruction, or damage. All data transmitted between your browser and our website is encrypted using SSL/TLS technology. Payments are processed through PCI-DSS compliant providers and we do not store full payment card details on our systems.

Our website and services are not directed to children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at reservations@santosailsathens.com and we will take steps to delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will update the “Last updated” date at the top of this page. We encourage you to review this page periodically to stay informed about how we protect your data.

For any questions, concerns, or requests related to this Privacy Policy or the processing of your personal data, please contact us at:
Santosails Athens
Email: reservations@santosailsathens.com
Website: santosailsathens.com