Who is responsible for your data

The data controller responsible for the processing described in
this Privacy Policy is:

Information we may collect

Contact enquiries

When you use our contact form, send us an email, telephone us or
contact us through WhatsApp or another communication service, we
may collect information such as:

• Your name.
• Your email address.
• Your telephone number.
• The content of your message.
• Your requested travel or accommodation details.
• Any other information that you choose to provide.

Please do not send payment-card information, passport details,
health information or other sensitive personal information through
the general website contact form.

Reservation information

When you make or request a reservation, information may include:

• Guest names and contact details.
• Arrival and departure dates.
• Number and composition of guests.
• Accommodation preferences and special requests.
• Reservation, payment and transaction information.
• Communications relating to the reservation and stay.

Reservations made through an external booking engine, online
travel agency or payment provider may also be subject to that
provider’s own privacy policy and terms.

Technical and security information

When you visit the website, the website server and security
services may automatically process limited technical information,
including:

• Internet Protocol address.
• Browser and device type.
• Operating system.
• Date and time of access.
• Pages requested.
• Referring website.
• Security and error-log information.

Why we use personal information

We may use personal information to:

• Respond to enquiries and requests.
• Provide information about rooms, services and availability.
• Take steps requested before entering into a reservation contract.
• Process, administer and fulfil accommodation reservations.
• Communicate before, during and after a stay.
• Process payments, refunds and accounting records.
• Provide customer support.
• Maintain the functionality and security of the website.
• Prevent misuse, fraud and security incidents.
• Comply with tax, accounting, public-authority and other legal obligations.
• Establish, exercise or defend legal claims.

Legal bases for processing

Depending on the circumstances, we process personal information
on one or more of the following legal bases:

• Contract: processing required to take steps
  before a reservation or to perform an accommodation contract.
• Legal obligation: processing required to
  comply with tax, accounting, public-authority or other
  applicable legal requirements.
• Legitimate interests: responding to general
  enquiries, operating and securing the website, maintaining
  business records and protecting legal rights, provided that
  these interests are not overridden by your rights.
• Consent: where you have actively consented to
  optional cookies, analytics, marketing communications or
  another specific processing activity.

Where processing is based on consent, you may withdraw that consent
at any time. Withdrawal does not affect processing that lawfully
occurred before consent was withdrawn.

Cookies and similar technologies

Cookies are small text files stored on your device when you visit
a website. They may be used to provide essential functionality,
remember preferences, support security and, where permitted,
understand website usage.

Necessary cookies

Necessary cookies may be used where required for the website,
security functions, language preferences, form operation or cookie
preference management. These cookies cannot normally be disabled
through the website because they are required for essential
functionality.

Optional cookies

Analytics, advertising, social-media and other non-essential
cookies should only be activated after you have provided consent
through the website’s cookie-preference tool.

You can also manage or remove cookies through your browser
settings. Disabling necessary cookies may affect the operation of
certain website features.

Third-party and embedded content

The website may include or link to services provided by third
parties, such as:

• An external reservation or booking engine.
• Online travel agencies.
• Payment service providers.
• Map and location services.
• Social-media or messaging services.
• External PDF documents or other hosted resources.

These providers may process technical information or personal
information according to their own privacy notices. Where legally
required, non-essential third-party content should not be loaded
until you have provided consent.

Who may receive your information

Where necessary for the purposes described above, information may
be shared with:

• Authorised personnel responsible for reservations and guest services.
• Website hosting, maintenance and technical-support providers.
• Email, communications and contact-form service providers.
• Reservation, channel-management and booking-engine providers.
• Payment processors and financial institutions.
• Accountants, legal advisers and other professional advisers.
• Public, tax, regulatory, law-enforcement or judicial authorities where required.
• Other parties where disclosure is required by law or necessary to protect legal rights.

Service providers are expected to process personal information
only for the relevant service and subject to appropriate
confidentiality and data-protection obligations.

International data transfers

Some technology, booking, communications or service providers may
process information outside Greece or the European Economic Area.

Where personal information is transferred to a country that has
not been recognised as providing an adequate level of data
protection, appropriate safeguards should be used as required by
applicable data-protection law.

How long we retain information

We retain personal information only for as long as reasonably
necessary for the purpose for which it was collected and to meet
legal, accounting, security and dispute-resolution requirements.

• General enquiries are normally retained for no longer than
  24 months after the last relevant communication, unless a
  longer period is necessary for an ongoing request or legal claim.
• Reservation, payment, invoice and accounting records are
  retained for the periods required by applicable tax,
  accounting and legal obligations.
• Technical and security logs are normally retained for a
  limited period appropriate to security, troubleshooting and
  fraud-prevention purposes.
• Cookie-consent records may be retained for as long as needed
  to demonstrate and manage your preferences.

Information may be retained for a longer period where required by
law or where necessary to establish, exercise or defend a legal claim.

Your data-protection rights

Subject to the conditions and exceptions provided by applicable
law, you may have the right to:

• Request access to your personal information.
• Request correction of inaccurate or incomplete information.
• Request deletion of your information.
• Request restriction of processing.
• Object to processing based on legitimate interests.
• Request data portability where applicable.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a competent data-protection authority.

To exercise a right, contact us using the details below. We may
request reasonable information to confirm your identity and locate
the relevant records.

We aim to respond without undue delay and normally within one month,
as required by applicable data-protection law.

Automated decision-making

We do not use information submitted through the general website
contact form to make decisions based solely on automated processing
that produce legal or similarly significant effects.

Information security

We use reasonable administrative, organisational and technical
measures intended to protect personal information against
unauthorised access, loss, misuse, alteration or disclosure.

However, no internet transmission or electronic storage system can
be guaranteed to be completely secure. Please avoid sending
sensitive information through ordinary email or the website’s
general contact form.

Children’s information

The website is not designed to collect personal information
directly from children. Reservation information concerning a child
should be provided by their parent, guardian or another authorised
adult and only where necessary for the accommodation service.

External websites

Links to third-party websites are provided for convenience.
Argo Rooms Antiparos does not control the privacy or security
practices of external websites. Visitors should review the privacy
information provided by the relevant third party.

Changes to this policy

This Privacy Policy may be updated when the website, services,
technology providers or legal requirements change. The latest
version will be published on this page together with its
revision date.