We place great emphasis on the protection of your privacy and data protection. We therefore inform you about the collection and use of personal data when using our website. Collection and processing when using the contact form When using the contact form, we collect personal data (individual data on personal or factual circumstances of a particular or identifiable natural person) only in the extent provided by you.
We only use your e-mail address to process your request. Your data will be deleted if you have not agreed to further processing and use.
We collect personal data (individual data on personal or factual circumstances of a specific or identifiable natural person) only in the extent provided by you. Your personal data will be processed and used to fulfill your request and to process your inquiries.
After complete processing of the contract, all personal data will be stored first, taking account of tax and commercial storage periods and then deleted after expiration of the deadline if you have not agreed to the further processing and use.
Our Internet pages use so-called cookies in several places. Cookies are small text files which are stored on your computer and which your browser saves. They are designed to make our offer of user- More effective and safer. Furthermore, cookies enable our systems to recognize your browser and provide you with services. Cookies do not contain personal data.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Our website address is: https://www.chaniasegwaytours.com.
1. GDPR COMPLIANCE
This Privacy Notice provides mandatory information as required under Articles 13 and 14 of the European General Data Protection Regulation (GDPR) regarding the transparency of personal data processing.
2.The Data Controller for personal data
The Data Controller for the personal data processed by us is the Client Company of Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” (the employer of the natural person, whose data is collected, hereafter referred to as the Data Subject). The Data Controller could pass personal data of their employees to Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” to manage routes on behalf of those employees in connection with their business.
Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” as Data Processor acting on the instructions of the Data Controller under a written contract with them, will subsequently use that personal data to facilitate routes arrangements for the Data Subject. It is this contract which forms the ‘Legal Basis’ for the processing of personal data carried out by Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” in these circumstances.
Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” will be a Data Controller if it collects personal data directly from a Data Subject in relation to a separate contract with them. Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” also acts as a Data Controller for any personal data held regarding its own employees, processing data under its Contract of Employment with those Data Subjects. In both cases Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” processes personal data under Article 6.1(b) of the GDPR (performance of a contract).
3. Your Rights
As a Data Subject you have rights under the GDPR. These rights can be seen below. Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” will always fully respect your rights regarding the processing of your personal data, and has provided below the details of the person to contact if you have any concerns or questions regarding how we process your data, or if you wish to exercise any rights you have under the GDPR.
4. Contact Details
The identity and contact detail for the Data Protection Officer within Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” is:
Despina Koutrouli
25 Episkopou Chrisanthou Str. Venetian Port, Chania 73100, Greece
Email: info@chaniasegwaytours.com
5. Data Protection Principles
Despina Koutrouli “Chania Segway Tours” and “Chania Bike Tours” has adopted the following principles to govern its collection and processing of Personal Data:
6. Transfers to Third Parties
We do not transfer personal data to any third party.
Appendix – Definitions of certain terms referred to above:
Personal Data:
(Article 4 of the GDPR): ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing:
(Article 4 of the GDPR): means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, erasure or destruction.
Legal Basis for Processing:
(Article 6 of the GDPR): At least one of these must apply whenever personal data is processed:
Data Controller:
(Article 4 of the GDPR): this means the person or company that determines the purposes and the means of processing personal data
Data Processor:
(Article 4 of the GDPR): means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller.
Data Subject Rights:
(Chapter 3 of the GDPR) each Data Subject has eight rights. These are: