Reset Password

Privacy Policy

Villa Del Sissi, operated by Autorentals Crete G.P., manages the website www.sissi-villas.gr. We highly value the privacy of our visitors and users and are dedicated to safeguarding your personal information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) 2016/679. This Privacy Policy aims to provide you with clear information about our privacy practices, specifically how we, as the Data Controller of your personal data, collect, use, and manage information during your visit to our Website.

General Information

This website is dedicated to renting our luxury villa in Sissi, Crete. We provide a booking system for reservations. Our services are available worldwide. We use cookies to enhance functionality, analyze traffic, and personalize your experience through tools like Google Tag Manager, Google Analytics, and Google Ads.

2. The Purposes for Collecting Personal Data

We collect personal data to provide you with the best possible experience on our website and to fulfill our contractual and legal obligations. Specifically, we use your data for the following purposes:
  • Processing Bookings: To manage your villa reservations, process payments, and communicate regarding your booking.
  • Customer Support: To respond to inquiries, provide assistance, and resolve issues related to your booking or our services.
  • Marketing Communications: To send newsletters, promotional offers, and updates if you have opted to receive them.
  • Website Functionality: To ensure the website operates smoothly and delivers a personalized browsing experience through cookies and other technologies.
  • Analytics and Improvements: To analyze user behavior on our website, improve our services, and enhance user experience.
  • Compliance with Legal Obligations: To fulfill our legal and regulatory responsibilities, such as tax reporting and data retention requirements.
  • Security and Fraud Prevention: To protect your data and prevent unauthorized access, fraud, and other malicious activities.

3. What Types of Personal Data We Collect

To provide you with the best possible experience and ensure the security of our website, we collect various types of personal data. This information helps us process bookings, communicate with you, improve our services, and personalize your experience. Below is a breakdown of the personal data we collect and how it is used:

Contact Information

We collect your contact information to process bookings, communicate with you regarding your reservations, and provide customer support. This includes:

  • Name: To identify you and personalize our communication.
  • Email Address: To send booking confirmations, updates, and promotional offers.
  • Phone Number: To reach you quickly if there are any urgent matters related to your booking or stay.
  • Mailing Address: To process bookings and send any necessary physical correspondence, such as invoices or welcome packages.

Booking Details

To manage your reservation and ensure we meet your needs during your stay, we collect the following booking-related information:

  • Dates of Stay: To confirm your reservation and prepare for your arrival.
  • Number of Guests: To ensure we provide the appropriate accommodation and amenities for your group size.
  • Special Requests: Any specific preferences or requests you may have, such as room preferences, dietary restrictions, or accessibility needs, to enhance your stay.

Payment Information

We take the security of your payment information seriously. While we do not store credit card details, we do collect payment data to process transactions securely through our third-party payment provider, Alpha Bank NexiPay. This includes:

  • Credit/Debit Card Information: Collected and processed by Alpha Bank NexiPay to handle payments securely. Your payment data is encrypted and processed in compliance with the highest security standards (PCI DSS).
  • Billing Information: To verify payment and ensure accurate processing of your transactions.

Account Information

If you choose to create an account on our website, we collect the following account-related data:

  • Username: To identify you within our system and provide personalized services.
  • Password: To secure your account and allow you to access your booking history, preferences, and personal information.

Technical Information

We automatically collect technical data about your interactions with our website to ensure it functions correctly and securely. This includes:

  • IP Address: To identify the location of your device and help prevent fraud or unauthorized access.
  • Browser Type: To optimize your experience based on the browser you’re using.
  • Operating System: To ensure compatibility with your device and improve website performance.
  • Device Type: To enhance your browsing experience, ensuring our website works seamlessly on both desktop and mobile devices.
  • Cookies and Similar Technologies: These are used to collect and store information about your preferences, improve website functionality, and provide a more personalized experience.

Usage Data

We collect data about how you interact with our website to understand user behavior and improve our services. This includes:

  • Pages Viewed: To analyze which sections of the website attract the most attention and improve content.
  • Time Spent: To assess user engagement and make the website more user-friendly.
  • Actions Taken: Information on clicks, form submissions, and other actions to optimize website design and functionality.

Cookie Data

We use cookies to enhance your browsing experience by remembering your preferences and settings. Cookies allow us to:

  • Store Preferences: Such as language selection, display preferences, and login credentials (if applicable).
  • Personalize Content: To provide you with relevant offers and recommendations based on your browsing behavior.
  • Analyze Website Usage: Cookies help us track user interactions and improve the website based on user activity.

You can control the use of cookies through your browser settings, including the option to block or delete cookies.

Communication Data

We collect records of your communications with us to provide efficient customer support and improve our services. This includes:

  • Emails: Correspondence sent to and received from us, such as booking inquiries, feedback, or requests for assistance.
  • Messages: Any messages sent through our website or customer service channels.
  • Inquiries: Information related to questions or concerns you may have regarding your booking, our services, or the website.

4. How Long We Store the Data

We are committed to ensuring that your personal data is stored only for as long as necessary to fulfill the purposes outlined in this privacy policy. We also retain data to comply with legal obligations, resolve disputes, and enforce our agreements. Below is a breakdown of how long we store different types of personal data:

Booking and Transaction Data

We retain your booking and transaction data for a period of up to 7 years. This retention period is necessary to comply with tax and accounting regulations, which require us to keep records of financial transactions for a specified period. This data includes:

  • Booking details: such as dates, number of guests, and special requests.
  • Payment information: such as transaction records and billing details.
  • Invoices and receipts: for your stay.

Once the retention period has passed, your booking and transaction data is securely deleted or anonymized to ensure it can no longer be associated with you.

Account Information

If you create an account with us, we will store your account information until you request its deletion or after a period of 2 years of inactivity. This includes:

  • Username and password.
  • Account preferences and any other information you provide during account creation or updates.

If your account remains inactive for 2 years, we may automatically deactivate or delete your account to ensure data security. You can request account deletion at any time, and we will process your request promptly.

Marketing Data

We retain your marketing data until you withdraw your consent or unsubscribe from our communications. This includes:

  • Email address and preferences for receiving newsletters, promotions, or other marketing materials.
  • Consent records indicating your preferences for marketing communications.

You can opt out of marketing communications at any time, and we will promptly remove you from our mailing list. If you withdraw consent, we will retain your data only for the purposes of ensuring that you are not contacted again.

Technical and Analytics Data

We retain technical and analytics data for a maximum of 26 months. This data helps us analyze website performance and improve user experience. It includes:

  • IP addresses and browser types.
  • Device information and operating systems.
  • Website usage data such as pages visited, time spent on the site, and actions taken.

After 26 months, we anonymize or securely delete this data to prevent any personal identification. This allows us to continue analyzing website performance without compromising your privacy.

Legal Compliance

Certain data may be retained for longer periods to comply with legal obligations or to support legal claims. This includes:

  • Data required for regulatory compliance, such as tax records or contracts.
  • Data necessary for legal claims, disputes, or investigations.

We will retain such data only for as long as required by applicable laws or regulations. Once the legal retention period expires, this data will be securely deleted or anonymized.

Once the retention period for each type of data expires, we ensure that your data is securely deleted or anonymized, so it can no longer be associated with you. We take appropriate measures to protect your personal data during its retention period and after it is deleted.

5. International Data Transfers

We primarily store and process your data within the European Economic Area (EEA). However, some third-party services we use, such as Google Analytics, may involve data transfers outside the EEA. In such cases, we ensure appropriate safeguards are in place, such as:
  • Using providers certified under the EU-US Data Privacy Framework or equivalent.
  • Implementing Standard Contractual Clauses (SCCs) as approved by the European Commission.

6. Automated Decision-Making

We do not use your data for automated decision-making or profiling that produces legal or significant effects.

8. Third Parties We Share Data With

We take your privacy seriously and are committed to ensuring that your personal data is handled securely. We only share your data with trusted third parties when it is necessary to provide our services to you. These third parties are carefully selected, and we ensure that they comply with strict data protection standards. Below is a list of the third parties with whom we share your data and the purposes for which it is shared:

Payment Processing

To process payments securely, we use Alpha Bank NexiPay, a trusted payment service provider. When you make a payment, your payment information (such as credit card details) is securely transmitted to NexiPay for processing. We do not store your payment card details, as they are handled directly by NexiPay. This ensures that your financial data is processed in compliance with the highest security standards, including the Payment Card Industry Data Security Standard (PCI DSS).

Analytics and Marketing

We use third-party services like Google Analytics, Google Ads, and Facebook Pixel to help us understand how visitors interact with our website, improve user experience, and deliver targeted advertising. These services collect data such as your IP address, browser type, and interaction with our site, which is used for analyzing traffic patterns, optimizing content, and showing relevant ads. While we do not share any personally identifiable information with these services, they may use cookies to track your online behavior across different websites and devices.

  • Google Analytics: We use Google Analytics to analyze how visitors use our website, which helps us improve the functionality and performance of the site.
  • Google Ads: Google Ads helps us reach potential customers by showing targeted ads based on your behavior on our site.
  • Facebook Pixel: Facebook Pixel enables us to track conversions from Facebook ads and optimize our ad campaigns by understanding user actions on our website.

These third-party services may also use cookies and similar technologies to gather information. You can control the use of cookies through your browser settings.

Hosting Services

Our website is hosted by a third-party hosting provider who ensures the secure storage of your data. The hosting provider is responsible for maintaining the servers on which our website operates, and they implement appropriate security measures to protect your data from unauthorized access. Your data may be temporarily stored on these servers during your interaction with our website, but it is always handled securely and in accordance with privacy regulations.

Other Third-Party Service Providers

In addition to the above, we may share your data with other trusted service providers who assist us in running our business operations. These may include customer support services, email marketing platforms, or cloud storage providers. All such third parties are required to adhere to strict data protection agreements and are only permitted to use your data to the extent necessary to provide their services.

No Unauthorized Sharing

We want to reassure you that we never sell or share your personal data with unauthorized third parties. Your privacy is important to us, and we only share your data with third parties when it is essential to deliver our services or comply with legal obligations. We do not allow any third parties to use your data for their own marketing purposes without your consent.

If you have any concerns or questions about the third parties with whom we share your data, please feel free to contact us.

8. Your Data Subject Rights

Under the General Data Protection Regulation (GDPR), you have several rights concerning the personal data we collect and process. These rights allow you to have more control over your data, and we are committed to helping you exercise them. Below are the rights you have regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. This allows you to verify the information we have and ensure that it is being processed lawfully. If you request a copy of your data, we will provide it in a clear and accessible format.

Right to Rectification

If you find that the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it. We strive to ensure the accuracy of the information we hold, and we will make the necessary amendments as soon as possible.

Right to Erasure

You have the right to request the deletion of your personal data, also known as the “right to be forgotten.” However, this right is subject to certain legal conditions. For example, we may be required to retain some data for legal or contractual reasons. If your request meets the criteria, we will delete your data without undue delay.

Right to Restrict Processing

In some cases, you may request that we restrict the processing of your personal data. This means that we can store your data, but we cannot use it for certain purposes unless you provide consent or the processing is required by law. You can request this restriction if you believe the data we hold is inaccurate or if you have objected to its processing.

Right to Data Portability

You have the right to request that we transfer your personal data to another organization, or to you, in a structured, commonly used, and machine-readable format. This right allows you to move, copy, or transfer your data easily for your own purposes.

Right to Object

You have the right to object to the processing of your personal data in certain situations, particularly when the processing is based on legitimate interests or is being used for direct marketing purposes. If you object to the processing of your data, we will review your request and ensure that your rights are respected, unless there are compelling legitimate grounds for continuing the processing.

Right to Withdraw Consent

If we process your personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing that occurred prior to the withdrawal. You can withdraw your consent by contacting us directly, and we will ensure that your data is no longer processed for the specific purpose you initially agreed to.

Right to Lodge a Complaint

If you believe that your rights under the GDPR have been violated, you have the right to lodge a complaint with the relevant data protection authority in your country. This could be the supervisory authority in your jurisdiction, who will investigate the matter and provide guidance on how to resolve the issue.

9. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on our website, and we will notify you of significant changes through email or website announcements.

Effective Date: 06/01/2025

Last Updated: 06/01/2025

Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:
  • Email: info@sissivillas.com
  • Phone: +30 6972 449 513

Data Controller according to the GDPR is Autorentals Crete G.P. - Dimitris Kopidakis

Address Panagiou Tafou, 72400
Sissi, Lassithi Crete - Greece
GREEK MINISTRY OF TOURISM
(EOT Licence)		 1375454
General Commercial Registry (GEMI) 172746841000
Telephone Number +30 6972 449 513
Data Protection Officer Dimitris Kopidakis
Email dimikopidakis@yahoo.gr
Please use the above contact information to get in touch with us if you want to send us a privacy request or if you have any questions, comments, or concerns regarding our privacy practices.

Book Your Stay at Villa del Sissi Today

Ready for your unforgettable getaway? We can’t wait to welcome you to Crete’s best-kept secret!
x
×

Book Now

Guests
Adults
Ages 13 or above
0
Children
Ages 2 to 12
0
Infants
Under 2 years
0
Close
Heating Pool
€ 100
Per night

Add to Favorites
Contact Owner
Share

  • About Sissi Villa

  • Located in the peaceful village of Sissi, Crete, Villa del Sissi is a luxurious, 5-bedroom getaway. Dramatically set for comfort with all modern amenities and a heated pool, with easy access to local beaches and attractions. Ideal for family, friends and escape memories.

  • ΕΟΤ: 1375454
    G.E.MI.: 172746841000
    Telephone: +30 2841071203

  • Explore the beaches and villages of Crete, Rent your car today!

  • Explore the beaches and villages of Crete – Rent your car today!

  • Contact us

    Panagiou Tafou, 72400 Sissi, Crete - Greece

    (+30) 6972 448449 513

    bookings@sissi-villas.group.gr

Copyright Sissi Villas, All Rights Reserved