This Privacy Policy (“Policy“) describes how Discover Greek Culture (“DGC“, “we”, “our”, “us”), with registered seat in  1st May 1886 & Omirou Str, no 13 – Aigio, Greece uses your personal data collected via its Website www.discovergreekculture.com (“Website“), and by any other means (e.g., via telephone calls, social media, cookies, etc.). Please read this Policy carefully.

DGC is the data controller of your personal data.

  1. Personal Data We May Collect About You

We may collect several categories of personal data about you for the purposes described in this Policy, including:

  • Contact information (such as your name, email address, telephone number, address, possibly number of children) that you provide by completing forms on the Website, including if you subscribe to our newsletter;
  • Details of any transactions made by you through paypal or credit/debit card;
  • Details of certain allergies you or members of your family may have (such data is required for the wine and gastronomy tours);
  • Personal data of minors;
  • Information regarding opt-ins, subscription or non-subscription for marketing purposes;
  • Personal data that may be contained in communications that you voluntarily send to us, for example to report a problem or to submit queries, concerns or comments regarding the Website or its content; and
  • Information from surveys that we may, from time to time, conduct on the Website for research purposes, if you choose to respond to, or participate in, them.

You are under no obligation to provide any such information. However, if you choose to withhold requested information, we may not be able to provide you with certain services.

Providing your personal data to us (in particular, your personal details, your email, your address, your paypal number, credit/debit card numbers and bank code and your telephone number) is necessary for processing your order/booking,  supplying other services provided on the Website upon your request, such as booking management, answering to user’s requests, carrying out of visiting analysis on the website, etc., or when your personal data is needed to fulfil obligations required by law or regulations. Refusal to provide us with any personal data necessary for performing the above purposes may consequently prevent us from processing your order/booking for services provided on the Website or fulfilling obligations required by law and other regulations. Therefore, failure to provide certain personal data may constitute, in some cases, a legitimate and justified reason for not processing your order/booking and providing the Website’s services.

Disclosure of further personal data to us other than that required for fulfilling legal or contractual obligations and to properly browse our services with necessary traffic data is, on the contrary, optional and does not have any effect on the use of the Website and of its services. We will inform you at every step whether disclosing your personal data to us is required or optional by marking as (optional) the information or data that are not required for the provision of services on the Website.

  1. Minimum Age

Protecting the safety and privacy of children is very important to us. We accept registrations or orders submitted by, and will knowingly collect or use personal data from individuals under the age of sixteen (16) years, only if the holder of parental responsibility has given consent. The aim is to provide customers with discount options for children and minors. By registering or making any orders/bookings on the Website, you confirm that you have reached the age of majority in your country of residence.

  1. Cookies

The Website uses online technologies called “cookies”. Generally speaking, “cookies” are text files that are placed in your device’s browser, then stored on the device, and that can be used to help recognize that browser across different Web pages, websites, and browsing sessions.

DGC  may use cookies or similar technologies to improve use of the Website:

  • to help authenticate you when logging in to the Website;
  • to remember your preferences and registration information;
  • to ensure the security of use of the Website; and
  • to measure and obtain data to improve the effectiveness of the Website.

In addition, DGC may use cookies or similar technologies in order to collect statistics on the Website’s traffic and the way visitors use it.

We use both temporary cookies (“session cookies”) and long-term cookies (“persistent cookies”).  Session cookies are automatically deleted at the end of each session, whereas persistent cookies are stored in between sessions so that we can remember things about you when you return to Our Website and personalize or improve your experience.

You can manage cookies using browser controls in your device (please refer to the “help” section of your browser for details). For further information about how to delete and control cookies go to http://www.allaboutcookies.org/manage-cookies/index.html.

Although cookies may be disabled or deleted, you hereby acknowledge that all or part of the Website may not be accessible if you refuse cookies that are strictly necessary for the provision of the Website.

  1. Web Tracking

a) Google Analytics

This Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”).
 For this purpose, a cookie is installed on your computer. The information generated by the cookie about your use of the Website (including your IP address) will be transmitted to and stored by Google on servers in the United States.

On behalf of the Website provider Google will use this information for the purpose of evaluating your use of the Website, compiling reports on Website activity for Website operators and providing other services relating to Website activity and internet usage to the Website provider. Google will not associate your IP address with any other data held by Google. For further information on how Google uses your data, please refer to https://policies.google.com/privacy?hl=el#infocollect.

Objection to data collection:

Besides changing your browser settings, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en

b) Facebook Custom Audience Pixel

We participate in Facebook’s Custom Audience program which enables us to display personalized ads to you when you also have subscribed to Facebook and log in into your Facebook account. This tool allows us to personalize our ads based on your usage of our Website in order to provide ads specifically tailored for you. To this end, we share your email address or phone number in a hashed format which permits Facebook to identify you in case you have also subscribed to Facebook.

Objection to data collection:

Besides changing your browser settings, you can adjust your ad preferences through your Facebook settings if you do not want to receive interest-based ads on Facebook.

  1. Use of Your Personal Data

We may use your personal data to:

  • process your online requests and bookings/orders  and provide you with the requested services and information offered through the Website;
  • verify and carry out financial transactions in relation to payments you make;
  • audit the downloading of data from the Website;
  • improve and customise our Website, our products, services and our business in general, such as by tracking your preferences, history and interactions with the Website;
  • identify visitors to the Website;
  • carry out data analytics, market research and data enrichment, such as by analyzing your preferences, shopping history and interactions with the Website together with data collected from third parties, such as data that you agree to share with us on social networks (e.g., Facebook, Instagram, etc.) and/or that we may collect from publicly accessible databases;
  • correspond with you to resolve your queries or complaints; and
  • send you marketing communications containing news, information and updates about our products and services, offers, promotions and special events, and other marketing communications that may be of interest to you by SMS, email or telephone), and customize your experience with us to your interests and shopping habits and improving our services, notably via profiling.

Whenever we process your personal data, we act on the basis of a lawful “justification” (or legal basis) for such processing. In the majority of cases, the processing of your personal data will be justified on one of the following bases:

  • processing is necessary to perform a contract with you or take steps that you have requested in order to enter into a contract by filling the online booking form (e.g., sale contract);
  • processing is necessary for us to comply with a legal obligation;
  • processing is in our legitimate interests as a business, and our interests are not overridden by your interests, fundamental rights or freedoms. Our legitimate interests may include our interest in using customer and Website user personal data to conduct and develop our business activities (including by carrying out standard marketing activities) ,with current and potential customers and Website users; and in establishing, exercising or defending legal claims; or
  • processing is based on your prior explicit consent, such as segmented and customized marketing activities. This consent can be expressed by clicking the check box with the consent clause.
  1. Disclosure of Your Personal Data

We may disclose your personal data to our service providers who assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in performing other tasks, as appropriate. Furthermore, your personal data may be disclosed to an insurance company affiliated with us to guarantee the safety of our customers during the tours and to the tour guide. In case of wine and gastronomy tours certain categories of your personal data, such as your name and your allergies may be disclosed to the restaurants.

Your personal data will be accessible by authorized personnel of DGC, and service providers acting on our behalf on a need-to-know basis.

Due to the nature of the DGC’s business, for the purposes set out above, DGC may transfer your personal data to third parties located in other countries outside the EU/EEA, including the USA and other countries that have data protection framework which may be not equivalent to that in your country of residence. In the event your personal information is transferred outside the EU/EEA, DGC undertakes the obligation to ensure that transfers to those countries will be made pursuant to the Standard Contractual Clauses approved by the European Commission or any other safeguards where permissible by the applicable data protection law each time in force, of which you can request a copy via email.

We may also share your personal data with third parties in connection with potential or actual sale of our company or any of our assets, or those of any associated company, in which case personal data held by us about our users may be one of the transferred assets.

We will also respond to requests for personal data where required by to do so by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.

  1. Security

We place great importance on the security of all personal data associated with our users. We have adopted security measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access. For the best possible protection of your personal data outside the limits of our control, your device should also be protected (such as by installing an updated antivirus systems) and your internet service provider should take appropriate measures for the security of network data transmission (such as, for example, firewalls and anti-spam filtering).

While we take all reasonable steps to protect your personal data, we cannot guarantee that the personal data you disclose to us will be 100% secure, nor that any data breach will not occur.

You accept the inherent security implications of dealing on-line over the Internet and will not hold DGC or their processors responsible for any data breach unless it is due to our negligence. In particular, DGC excludes any liability for damage or loss suffered by the Website’s user as a result of the inadequacy, dysfunction or incompatibility of his/her equipment with the Website and/or failure by the user to implement reasonable and necessary protection against harmful programs, devices or communications.

  1. Retention of Your Personal Data

Our general approach is to retain your personal data only for as long as required to fulfil the purposes for which it was collected. We generally retain your personal data for five years from the end of our relationship or from the last contact with you, unless local law requires otherwise. However, in some circumstances we may retain personal data for longer periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements.

In specific circumstances we may also retain your personal data for longer periods of time corresponding to the applicable statute of limitations so that we have an accurate record of your dealings with us in the event of any complaints or challenges.

  1. Your Rights

You have the following rights with respect to your personal data:

  • Right to withdraw consent where applicable, you have the right to withdraw your consent at any time.  For example, if you wish to opt-out of receiving electronic marketing communications, you can change your settings in your account on the Website, use the ‘unsubscribe’ link provided in our emails, or otherwise contact us directly and we will stop sending you communications.
  • Right of access, rectification and erasure you have the right to request access to and obtain a copy of any of your personal data that we may hold, to request correction of any inaccurate data relating to you and to request the deletion of your personal data under certain circumstances. You can see and update most of this data yourself online, or by contacting directly Mrs Sophia Antoniadou [email protected].
  • Right of data portabilityUnder certain conditions, you have the right to receive all such personal data which you have provided to us in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
  • Right to restriction of processingyou have the right to restrict our processing of your personal data where:
    • you contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
    • the processing is unlawful but you do not want us to erase the data;
    • we no longer need your personal data for the purposes of the processing, but you require such data for the establishment, exercise or defence of legal claims; or
    • you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether we have overriding compelling legitimate grounds to continue processing.

Where personal data is subject to restriction in this way, we will only process it with your consent or for the establishment, exercise or defence of legal claims.

  • Right to object to processing justified on legitimate interest groundswhere we are relying upon legitimate interest to process personal data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims. Where we rely upon legitimate interest as a justification for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.

You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes applicable law; in Greece, this is the Hellenic Data Protection Authority, at:

http://www.dpa.gr/portal/page?_pageid=33,43534&_dad=portal&_schema=PORTAL

For further information regarding your rights, to exercise any of your rights, or if you have any questions regarding the processing of your personal data please contact Mrs Sophia Antoniadou [email protected].

Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. We will endeavour to respond to your request within all applicable timeframes.

  1. Newsletter & emails

If you have purchased on our website, there is a good chance you will receive emails from us.

We will only send you emails which you have signed up to receive, or which pertain to the services we provided to you.

To send you emails, we use the name and email address you provide us. Our site also logs the IP address you used when you signed up for the service to prevent abuse of the system.

No identifiable information is otherwise tracked outside this website except for the email address.

  1. Changes to this Policy

We may occasionally change this Policy, for example, to comply with new requirements imposed by the applicable laws or technical requirements. We will post the updated Policy on the Website. We may also notify you in case of material changes and seek your consent to those changes, where required by applicable law. You are thus encouraged to periodically review this page for any changes.