Your Cart

Terms & Conditions - Privacy Policy

Personal data processing policy

Legal basis of data processing


The Company under the name "NAPA IKE TOURIST COMPANIES Varko Pogonias - Palairos", is the owner of the website which will be referred to as "the Company". The users or visitors of the website are referred to as "the Customer", This confidentiality statement applies to the customers served by the Company as well as to the ordinary visitors of its websites.

The Company strictly adheres to a specific security policy, including the Data Processing and Communications Privacy Policy. The Company takes all appropriate technical and organizational measures to ensure the confidentiality of the Customer's communications and to protect the Personal Data he has declared. The Company does not guarantee the security of data transmitted via networks, to the extent that their protection is not achieved by taking appropriate security measures imposed by the relevant institutional and/or regulatory framework.

If a visitor/user does not agree with the personal data processing conditions provided for in this section, he/she must not use the services of this website.

Legal basis of data processing

The collection, storage and maintenance of updated contact information is done with the sole purpose of verifying the submitted information, ensuring continuity of services and servicing the Company's customers, within the framework of the Company's operating and data security regulations as well as its contractual and legal obligations to provide satisfactory services to its customers. The Company provides rental villas.

The Company's Security Policy is based on:

the relevant provisions of the National Law on the Protection of Personal Data and on ensuring the Confidentiality of Communications (indicatively we mention Law 2472/1997 on the protection of personal data, Law 3471/2006 on the protection of privacy in the field of electronic communications , as they apply today,

the Regulations for Ensuring the Confidentiality of Communications of A.D.A.E. as published in Official Gazettes 87 & 88/26-1-2005 and in force, the P.D. 47/2005),

the relevant provisions of Community Law (European General Data Protection Regulation/GDPR – 2016/679).

The relevant texts are also publicly available on the respective websites of the competent supervisory/auditing Authorities, namely the Data Protection Authority (DPA,, the Communications Privacy Authority (A.D.A.E., www and the National Telecommunications & Posts Commission (E.E.T.T., In any case, the privacy policy of our company's communications is formulated based on the above provisions, and is updated on a periodic basis, depending on developments in technology and applicable legislation.

The users/visitors of the website, subject to the provisions:

of Greek law (Law 2472/1999 "on the protection of personal data" as applicable, Law 2774/1999 "on the protection of personal data in the telecommunications sector", Law 2472/1997 as supplemented by the decisions of the President of Personal Data Protection Committee, Presidential Decrees 207/1998 and 79/2000 and Article 8 of Law 2819/2000).

and European law: directives 95/46/EC – 97/66/EC and European General Data Protection Regulation/GDPR: EU 2016/679),

agree and accept the processing of personal data in accordance with what is described in this statement.

Information about the data we collect

Data we collect

Any internet user who visits the website is not required to submit personal information for its use.

If the visitor wishes to submit a question about the availability of rental villas, he can do so either by phone: 6977581562 or by using the form available on the website then when submitting the question he will be asked to state the following information :

name and surname

e-mail address

date of arrival and date of departure

amount of visitors

If the visitor wishes to contact our company through the contact form available on the website then he will be asked to state the following information:


email address (

If the visitor only wishes to take part in some of the updates, events or activities that take place on this website, he should only state his email address.

The Company may keep on file and process the personal data it will receive after clear information and consent of the data subject, for a specific purpose, with a specific duration and with security.

Purpose of data collection

The personal data declared to the Company are limited to the absolutely necessary data for the safe, functional and computerized service and are used exclusively by the Company, for the purpose of supporting, promoting and executing the transactional relationship between them. In other words, the information declared in the forms of the website is an electronic inquiry about the availability of villas (it is not an online reservation), and a way of communication between the user / customer and the company so that it is properly served and informed for anything that concerns him.

In order to prove the user's consent to the processing of his personal data by the Company, the IP address of his connection to the website, the time and the details for which he gave his consent are recorded.

When the Customer sends the Company a query or request via the internet (email or contact form at, he is immediately informed and his consent is requested to the fact that any information he provides is used by the Company for to answer his question electronically.

Data retention time The personal information is kept securely for as long as the Customer is registered in any of the Company's services and is deleted after the termination of the business relationship with the Company in any way or if this is requested by the customer

Disclosure of personal data

The Company, within the framework of the operation of its website, expressly declares that the data of any form, which are collected through this website, are absolutely confidential and will not be sold, rented, transferred or disclosed to any third party and for any reason.

The Company does not have a publicly accessible list of e-mail addresses or other details of its customers.

When someone communicates via email with the Company, then depending on the nature of the request/query, the type and scope of the information requested, the competent representative of the Company will first check whether the sender's email address is authorized for communication (to receive answers or information or request the execution of a task by the Business) and in any case will provide him with information relating exclusively to the customer account to which his email address is linked.

The Company does not provide information (and especially personal data) via email and telephone.

The Company considers the requests completed by its customers and the electronic mail sent through its services confidential and does not pass on their content except to the directly interested recipient and to the law, if it is requested or in the event that the content of the message is considered that affects her or is connected to illegal actions.

If a Customer or user provides a false email address or attempts to impersonate someone else when sending information online, all information as well as the user's IP address will be part of any lawful investigation that may be ordered.

Sharing of data by third parties

In an effort to provide high quality services we may from time to time include links from third parties on our website. These links are governed by separate and independent Data Protection terms. We recommend that you study these principles when visiting such websites. The Privacy Authority only covers our website and not other websites. Consequently, the website bears no responsibility for the content and activities of these linked websites.

Correctness and completeness of personal data

To submit an electronic inquiry about the availability of villas from the website, you do not require registration, but for completion a name, surname, telephone, email, date of arrival, date of departure, number of guests are required.

Subject consent to data processing

The consent of the subject of personal data on the website is one of the legal bases for processing in the context of EUGDPR and the Company has the following necessary features:

Unbound: consent requests are separate from other terms and conditions. Consent is not a condition for subscribing to a service unless it is necessary for that service.

Active consent: We do not use pre-populated checkboxes but invalid opt-in boxes or similar active opt-in methods (eg a binary choice based on preference).

Very specific: we give detailed options to separately consent to different types of processing, where necessary.

Named: we name our organization and any third parties (where applicable) that will be based on the user's consent.

Documented: we keep records to demonstrate what the individual has consented to, including what they were told and when and how they consented.

Easy to withdraw: we tell our users that they have the right to withdraw consent at any time and how to do so, having made it as easy to withdraw as it is to give consent with simple and effective consent and withdrawal mechanisms.

Balanced: there is no lack of balance in the relationship between the individual and the Business and the rights of both are protected and ensured to the highest degree in order to realize the purpose of both (acquiring and using services and providing the services respectively).

Data subject rights

We know and demonstrably protect all the legal rights of the subject protected by the GDPR:

We provide the right to access the data

We provide the right to correct the data

We provide the right to delete the data

We provide the right to restrict data processing

We notify correction or deletion or restriction of processing, if and when it occurs

We provide data portability in a structured, compatible and machine-readable format

We provide the right to object to data processing

We do not implement automated individual decision-making including profiling, so the subjects' right to object does not apply.

We respond to the subjects' requests within the prescribed time frame (within 1 month of receiving the request and with a margin for an extension of 2 more months, if this is required and justified), while in case of an extension we will inform the subject within 1 month of the extension as well as the reasons for the delay.

Security measures for data protection

How we protect personal data

The design of data protection concerns the collection of data from customers, the storage of data, the transmission of data requested by customers and the management of data by its employees during the exercise of their duties and only under the conditions provided by the Company's Security Policy.

The data registered and hosted in the Company's infrastructure are stored on servers protected with the strongest possible levels of security measures.

Cookies & marketing policy

Cookies policy at

During any user visit to the Company's Site, the pages he sees along with the Cookies they may contain, are "loaded" (downloaded) to his device. Cookies are text files (Textfiles) with a unique identification code, through which the Company's Server recognizes the user's computer. Cookies record only the areas of the Site that the computer in question has visited and for how long and are called First-party Cookies and include Session & persistent Cookies:

Visit cookies (Session Cookies), i.e. temporary Cookies that remain in the Cookies file of your device's browser only during your visit and are deleted when you close the browser. These are for visitors (visitor shopping cart) and logged in customers (to keep them logged in) until the Cookie expires (until it is deleted from the Browser for visitors and two hours for logged in users).

Persistent Cookies, which remain in the Cookies file of your device's browser even after the browser is closed, sometimes for a year or more (the exact length of stay depends on the lifetime of each Cookie) until delete the Cookie from the user's device. Persistent Cookies are used to remember the user's username or user preferences in terms of customizing our website.

The user has the possibility at any time to configure his computer to accept the existence of Cookies, to be notified when a Cookie is issued or to reject the installation of Cookies. In case the user has configured his browser (Browser: Firefox, Chrome, Opera, Safari, etc.) to reject Cookies, he can browse the Company's Site anonymously, until the moment he registers for one of its services, when their acceptance is necessary.

If you do not agree with the above personal data processing policy, you must not use the services of this website and delete the account you maintain with us.

For users under the age of 18, it is assumed that the prior consent of the parents/guardians is obtained in every case of declaration of personal information on the Company's websites.

The Company reserves the right to change this data policy, always in accordance with the Laws and Greek and European Law.

Responsible for the protection of information and data of the website according to the law is NAPA IKE TOURISM ENTERPRISES, Varko Pogonias-Palairos, DOU AGRINIOU, VAT number 800915472, Location: Varko.