Terms and Conditions

KYKNOS INTERNATIONAL TRAVEL AGENCY LTD

Website Privacy Policy for Personal Data

Valid from 01/11/2018

Thank you for visiting the website of KYKNOS INTERNATIONAL TRAVEL AGENCY LTD, which is based in 12 Skouze Str., 185 36 PIRAEUS (hereinafter referred to as KYKNOS TRAVEL).

Before using our site, please read carefully the present Privacy Policy.

Import

KYKNOS TRAVEL as controller of personal data, informs you about how collects and processes information about you.

Personal data (PD) is any information relating to individuals whose identity is known or can be ascertained.

The protection of your personal data is very important for KYKNOS TRAVEL and we take measures in this direction when you visit our Website.

This Privacy Policy lists the kind of information we may collect during your visit to our Website and informs you of how we use this information. When you voluntarily provide us with personal information such as your name, address or email address, we treat this information with absolute confidentiality. Subject to specific provisions of this Privacy Policy, no personal information is being leased, sold, posted or otherwise disclosed to other companies, organizations or websites.

As outlined in the Terms of Use and Cookies Policy http://kyknostravel.gr/en/terms-and-conditions/, the services provided through the website address a general audience, they do not target children and do not collect – knowingly – personal information from children under the age of 16 .

The Privacy Policy applies to all users of the site. This Policy applies to the collection and use of your personal information by KYKNOS TRAVEL.

What information do we collect from you?

When you visit the website KYKNOS TRAVEL, kyknostravel.gr, we may collect data from you. Some of these data may be of personal nature. This data may include search history, IP address, screen resolution, browser you used, operating system and settings, access hours, and your URL. If you are using a portable device, we may also collect data that identifies your device, settings, and location.

KYKNOS TRAVEL reserves the right to collect non-personal user identification [type of browser (browser), type of computer, operating system, internet providers etc.] and/or monitor IP addresses using similar technologies (cookies). The cookies are small text files stored on the hard disk without any user to allow access to documents or files from the user’s computer. They are used to facilitate user access to specific services and/or pages of the Site, as well as for statistical purposes. For example, if you are interested in contacting us through our contact form, we will need to collect your name and email address. For more information about the cookies used by the Website, users are requested to visit the page of the Political Use of cookies (Cookies Policy).

How we collect your personal data

We collect your personal data directly from you. You provide us with your personal data when submit the contact form available on our website

Use – disclosure of personal data

We use your personal information to respond to your requests in the best possible way.

Your personal data that we collect through the website is communicated/transferred to third parties for booking air and boat tickets, for use of means of transport, for hotel reservations, for issuing documents, for issuing tickets and for public authorities.

Storage – protection of personal data

The hosting server (data center) storing your personal data is located in Greece (both Server and the physical forms are at the company’s offices at 12 Skouze Str. in Piraeus).

Time of retention of personal data

The retention time of your personal data is defined as follows:

In case you complete the contact form, your personal data is retained for a period of 20 (twenty) years .

At the end of the period specified by the legal-tax obligation (if any), your personal data will be deleted.

Your rights regarding the processing of your personal data

You have the right to obtain information about your personal data that we have stored at any time, in accordance with applicable law and without any charge. We may request proof of your identity before providing you with this data. In some cases, we may not be able to allow access to certain personal data. For example, if your personal data is related to someone else’s personal data or if they are kept for legal reasons. In these cases, we’ll explain why you can not obtain this data .

You have the right to request the correction or update of your data and KYKNOS TRAVEL will immediately correct it.

You may request deletion of your personal data and KYKNOS TRAVEL will immediately delete it. However, in some cases where existing legal and tax obligations require mandatory retention, it may be forbidden to delete the data. In these cases, we will explain why we can not delete your personal data and for how long.

You have the right to request the termination of the processing your personal data by KYKNOS TRAVEL and KYKNOS TRAVEL will immediately cease processing them. If this is not possible, we will explain why we can not stop processing your personal data.

You have the right to request a restriction of processing your data by KYKNOS TRAVEL and KYKNOS TRAVEL will directly limit the processing. If this is not possible, we will explain why we can not limit the processing of your personal data.

You have the right to request the transfer of your personal data to another entity / organization and KYKNOS TRAVEL will immediately transmit this data. However, in some cases due to KYKNOS TRAVEL’s documented obligations, your request may not be accepted.

In case it is proven that leakage of your personal data has occurred with the result of you suffer material damage or not, you have the right to complain to the competent supervisory authority (Personal Data Protection Authority).

In order to exercise these rights or if you have any questions about our privacy policy or if you need help with exercising or understanding the privacy options, please contact us at vassilis@kyknostravel.officegate.gr.

Changes to privacy policy

The KYKNOS TRAVEL may modify this Privacy Policy. Please check the Application Date at the beginning of this Policy to see when this Policy was last reviewed. Every revision will be implemented as soon as we review the revised Policy.

If we make substantial changes to this Policy that extend our rights to use personal data that we have already collected from you, we will inform you and provide you with the option of using this data in the future.

Valid from 01/11/2018

PLEASE READ CAREFULLY THE TERMS OF USE OF OUR WEBSITE BEFORE USE. THESE TERMS OF USE GOVERN YOUR ACCESS AND USE OF THE WEB SITE.
THE WEBSITE IS AVAILABLE TO YOU FOR ACCESS AND USE ONLY IF YOU AGREE TO THE TERMS AND CONDITIONS REFERRED TO AS FOLLOWS.
IF YOU DO NOT AGREE TO ALL TERMS OF USE, YOU ARE NOT ALLOWED TO ACCESS AND USE OUR WEBSITE.
BY YOUR ACCESS TO THE WEB SITE OR ITS USE, YOU DECLARE THAT YOU ACCEPT YOUR COMMITMENT AS OBTAINED BY THE TERMS OF USE.

1 SUITABILITY OF WEBSITE USER

The site is provided by KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. and is available to both legal entities and persons over the age of 16 who can enter into legally binding agreements under the current legislation. If you do not meet the requirements, you may not use the site.

2 AMENDMENT OF TERMS OF USE

KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. has the right to revise and update these Terms of Use at any time. The continuation of use of the Site after any changes to the Terms of Use, implies that you accept these changes. Each item on the Site may be modified, filled in, deleted or updated without notice under the absolute discretion of KYKNOS INTERNATIONAL TRAVEL AGENCY LTD.

3 PRIVACY

The Personal Data Protection Policy of KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. governs the use of the information collected or provided by you on the Site. To get acquainted with the Personal Data Protection Policy of KYNNOS INTERNATIONAL TRAVEL AGENCY LTD. click on the relevant link http://kyknostravel.gr/en/reports/.

4 LICENSE – WEB SITE PROPERTY

The entire content of the website including, without limitation, texts, news, graphics, photographs, charts, pictures, services and generally any kind of archives are intellectual property and governed by national, European and international Intellectual Property laws.

Therefore, reproduction, republication, copying, storage, sale, distribution, distribution, publication, execution, downloading, translation and modification of any part of the website is expressly prohibited and in any way without the express prior written consent of KYNNOS INTERNATIONAL TRAVEL AGENCY LTD . The registered trademarks and names on this website are trademarks and are protected by the abovementioned copyright laws. By way of exception, individual parts of the content of the website may be stored or copied on a simple personal computer strictly for personal use without the intention of commercial exploitation. In case of storage or copying of content from the website it should be referred to as a source of origin, although this does not in any way imply the granting of intellectual property rights. Certain elements contained on the website and originating from other entities are the intellectual property of originators.

5 RESTRICTIONS ON THE USE OF THE WEBSITE

In addition to the other limitations set forth in these Terms of Use, you agree to the following:

a) You will not conceal the source of information transmitted through the Site
b) You will not provide false or misleading information through the Site
c) You will not log in and use any services, information, applications etc. available through the Site in a manner not expressly permitted by KYKNOS INTERNATIONAL TRAVEL AGENCY LTD.
d) You will not import / upload to the site elements containing viruses, Trojan horses, worms, time bombs or other computer programming routines that are intended to cause damage, interference, interception or seizure of any system, Site or Information or that violate the intellectual property rights of others.

6 LINKS WITH ANOTHER WEB SITE

a) External links.The Site may contain links to third-party websites and resources (linked sites).These linked locations are provided for your convenience only and not as sites whose content is approved by KYKNOS INTERNATIONAL TRAVEL AGENCY LTD or KYKNOS INTERNATIONAL TRAVEL AGENCY LTD does not provide promises or warranties as to the accuracy, performance or quality of any content, software, service or application available in any associated site. KYKNOS INTERNATIONAL TRAVEL AGENCY LTD is not responsible for the availability of the linked sites or the content or activities of these sites. If you decide to sign in to affiliated sites, this is at your own responsibility and risk. In addition, the use of linked sites is subject to the applicable policies, terms and conditions, including, but not limited to, the privacy policy of the linked site.

(b) Internal connections. Link to any page of the Site other than the KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. via simple text link is strictly prohibited unless there is a separate agreement to connect with KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. Any web site or other device that provides a link to https://kyknostravel.gr/en/ or any page available within it is not permitted to (a) reproduce the Content, (b) use a browser or margin environment around the Content, (c) Undertake in any way that the KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. (d) misinterpret any situation, including its relationship with the KYKNOS INTERNATIONAL TRAVEL AGENCY LTD., (e) to provide false information about services of KYKNOS INTERNATIONAL TRAVEL AGENCY LTD , and (f) use any logo or trademark of KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. without its express written permission of KYKNOS INTERNATIONAL TRAVEL AGENCY LTD.

7 TERMINATION – SUSPEND THE OPERATION OF THE WEBSITE

You agree that KYKNOS INTERNATIONAL TRAVEL AGENCY LTD, at its absolute discretion is entitled to terminate or suspend the use of the site, content and/or information by you at any time and for any reason, or without reason, even if access and use is still allowed others. With such suspension or termination of use, you are required to (a) immediately stop the use of the site and services, and (b) destroy any copy of the content you have created. Your access to the Website, the Information or the Services after the termination, suspension or interruption of the above is an act of unlawful entry. In addition, you agree that KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. is not liable to you or to any third party for any termination or suspension of your access to the Website, the Information and/or the Services.

8 LIMITATION OF LIABILITY

KYKNOS INTERNATIONAL TRAVEL AGENCY LTD makes the best possible effort to ensure that the information on the site and its content as a whole is accurate, clear, valid, complete, correct and available.

Under no circumstances, including such negligence, is there any responsibility for KYKNOS INTERNATIONAL TRAVEL AGENCY LTD of any damage that may be caused to the public due to this use of the site https://kyknostravel.gr/en/

9 OBLIGATIONS OF VISITOR

The visitor to https://kyknostravel.gr/en/ is required to comply with the relevant provisions of Greek, European and International Law and the relevant legislation governing telecommunications. In addition, the person concerned must refrain from any illegal and abusive use of the Network content. The visitor bears responsibility for any form of damage caused to the site by the visitor due to inappropriate actions. In the event of any action, claim, administrative or judicial action against the website, due to any form of infringement, the visitor undertakes to intervene in the relevant court proceedings and, on the other hand, to indemnify the website in case it is required to pay compensation or other.

10 APPLICABLE LAW AND OTHER TERMS

This contract of use is governed by the provisions of Greek and International Law, as well as the Directives and Regulations of European Law. It is interpreted on the basis of good faith and business ethics. In the event that a provision is found to be unlawful and therefore void or voidable, it shall automatically cease to be valid, without in any way undermining the validity of the other terms. The Courts of Piraeus are competent courts for any disputes arising from this case.

If you find any problems with the content of the website, please contact KYKNOS INTERNATIONAL TRAVEL AGENCY LTD by phone +302104514482 or by email: vassilis@kyknostravel.officegate.gr

INFORMATION TEXT FOR TRAVEL AGENCIES’ CUSTOMERS

The company KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. as a data controller responsible for the processing of personal data collected by you under our contract for the provision of travel services (organized or individual excursions, purchase of tickets, reservation and accommodation, etc.) informs you the following:

Personal data collected from you [Contact Details (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services, public and private, length of stay, location stay, travel program)] are kept safe for the implementation of the contractual obligation.
If you are participating in excursions to foreign countries, your data [ Contact Details (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), data movement (departures – destinations, flight numbers, public transport, public and private routes, duration of stay, place of stay, travel plan)] will be transmitted to the country / countries you are traveling to .
If you participate in excursions / conferences / meetings, etc. which also include your data stay [ Contact Information (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services public and private, length of stay, location stay, travel program)] will be forwarded to the corresponding hotel business .
In case you take part in excursions / conferences / meetings etc. that include your airplane, ship, train, etc. your data [ Contact Information (e.g. surname, first name, surname, passport number, police ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services public and private, length of stay, location accommodation, travel plan)] will be forwarded to the respective airline, coastal and other ticket issuing companies .
If you participate in excursions co-organized with other travel agencies, your data [ Contact Information (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services public and private, length of stay, location stay, travel program)] will be transmitted to these offices .
If you participate in excursions for which insurance is mandatory, your data [ Contact Details (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services public and private, length of stay, location stay, travel program)] will be transmitted to the cooperating insurance company .
In case you wish to rent a means of transport within the framework of our contract, your data [ Contact details (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services, public and private, length of stay, location stay, travel program)] will be transferred to the corresponding carriers.
If you are participating in excursions to foreign countries where a visa is required, if you wish our company’s support for visa issuance, your data [ Contact Details (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services public and private, length of stay, location stay, travel program)] will be transmitted to the respective issuing public service.
If you are participating in excursions including visits to museums, attractions etc. requiring the issue of a special card for entry, your data [ Contact Details (e.g. surname, first name, surname, passport number, ID, Visa number , phone, home address, email), Personal Information (e.g. date of birth, nationality, place of birth), Information about children (e.g. name, date of birth, passport number), billing details (e.g. credit card number, VAT number), Conformity Program Member (the membership number for our business’s loyalty program or third party program such as this airline), Preferences and Interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests), Meal preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services public and private, length of stay, location residence, travel program)] will be transmitted to the respective providers of the entry cards.

In our company KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. from now on and for the sake of brevity KYKNOS TRAVEL, we prioritize the protection of your personal data as part of our philosophy. We know that the confidentiality of your Personal Data is particularly important to you and we strive to be as transparent as possible in the way we serve you. Our company KYKNOS TRAVEL is fully in line with the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data (GDPR). This Privacy Policy aims to help you understand how we collect, use, share and protect your personal information.

The collection, use and disclosure of your personal data from our side is based on the provision of our services to you, our compliance with the applicable law, and sometimes your consent or our legitimate interest .

By applying appropriate technical data security measures and adopting internal management procedures, as well as physical protection measures, we enhance the security of your personal data. We continuously evolve our systems and processes in order to achieve at any time the expected environment of transparency, confidentiality and security.

Privacy Policy

“Personal data” is any information that is collected, recorded or stored in a form that can allow for an immediate (e.g. surname) or indirect (e.g. phone number) identification with an individual.

We recommend that you read this text, which describes the privacy policy, before you provide this information.

The “Privacy Policy of Customer Personal Data” is part of the terms and conditions governing our services. By accepting these terms and conditions, you explicitly accept these provisions.

Scope

In our company KYKNOS TRAVEL, we know how important it is to protect our customers’ privacy and try to be clear about how we collect, use, communicate, transfer and store your personal data. This Privacy Policy is a summary of our practices in relation to this data.

The Privacy Policy applies as an indication and not as a limitation to any Service or function provided by us and referred to the Privacy Policy for our company’s website https://kyknostravel.gr/en/, for any promotional actions (collectively referred to as our “Services”).

The Privacy Policy applies to your use of our Services with or without the use of electronic media.

It is important to read carefully the Privacy Policy because each time you use our Services, you agree with the practices described in the Privacy Policy. If you do not agree with the practices described in the Privacy Policy, you should not use our Services.

For What Purposes Do We Collect Data?

We collect and use personal data to manage your relationship with our business and to be able to offer you our Services. Some personal data is collected to provide you with personalized and improved services.

We collect preliminary data in order to:

The provision of tourist services,

(a) in particular:

Creation and storage of legal / tax documents in accordance with applicable law
Booking, rental and ticket issuance of all means of transport on your behalf.
Reservation of hotel rooms, purchase of accommodation and management of your access to and accommodation in them.
Ticketing – entry tickets for museums, exhibitions, shows, attractions etc.
We manage lists of personal customer data for operational / organizational reasons such as nominal lists of participants in group tours.

b) Facilitating travel documents issuance (visa)
c)Travel insurance for personal accidentsand health, under the terms of the respective contracts. Also, if the insured event (accident or illness) occurs, you must give your consent to transfer to the insurance company of all the necessary documents so that you can be compensated. For minors under the age of 15, consent must be given by the parent.
d)Organization and management of conferences, seminars, exhibitions, business trips, meetings, events etc.
e)Hiring transport vehicles & VIPtransfer management, under the terms of the providers of these services.
f)Booking, purchasing and ticketing regarding all forms of transport, hotel reservation, residence purchase and management of transport and accommodation in them for business groups.
g)Travel services(including all or some of the above) for carrying out medical or thematic tourism (religious, educational or other)
h) Flight Check-InServices

(j) Transport services for unaccompanied minors.

To improveour service offerings.

So that we adapt our products and services to better meet your requirements

We process your personal data with marketing software for marketing and promotional purposes , but also to better understand your requirements and desires.
We inform you of special offers and new services
To be able to offer custom content and recommendations based on your previous activities on our Services.

III. Managing our relationships with you before, during and after our cooperation.

Management of loyalty programs.
Management of customer databases.
Evaluation and analysis of the market, our customers, our products and our services.
Generation of statistics and reports.
Management of preferences for new and recurring customers.
Delivery of leaflets in order to promote products and offers or to communicate with you by phone.
Management of deletion requests from update lists.
Creation and management of questionnaires and statistics.

IV . Improving our Services

We conduct market research and analysis of questionnaires and customer reviews.
We handle customer complaints.
We offer you the benefits of loyalty programs

Compliance with Greek and European law.

VI . Market Research & Promotion

We may conduct market research regarding customer satisfaction and quality assurance as well as direct marketing and sales promotions .
We may conduct targeted advertising campaigns on the Internet through third-party websites.

Which Personal Data Do We Collect?

Possible ways to collect information include collecting information directly from you, collecting information during your visits to our sites, viewing our online content, or using other services and gathering information about you from other sources.

Information you provide directly to us :

The information we are required to ask you and / or your family members is the following:

[ Contact Details (eg surname, first name, surname, passport number, identity card details, Visa number, phone, home address, email), Personal Details (eg date of birth, nationality, place of birth), information about children (eg name, date of birth, passport number), billing details (eg credit card number, VAT number), Loyalty Program Member (the membership number for our business program or third party program such as this airline), Preferences and Interests (eg non-smoking room, preferred floor, type of bed, sports, cultural interests), Nutritional preferences and habits , Medical data related to your health (for instance allergies, medical reports and certificates, medical examination results, etc. pathological conditions data), travel data (origins – destinations, flight numbers, transport services, public and private, time of stay, location residence, transportation schedule ) , Questions and comments made during or after the provision of our services. ]

The Personal Data we collect and relate to persons under the age of 16 years is limited to Name, Surname, Nationality and Date of Birth and can only be provided to us by an adult guardian. We are grateful for all your actions that ensure that your children do not send us personal information without your consent (especially via the Internet). If you still receive such information, you can contact the Privacy Officer at 210 4514482 or send e- mail to vassilis@kyknostravel.officegate.gr to schedule the deletion of this information.

In addition, Personal Data like the copy of your passport, your leisure activities, hobbies, possible health problems, eating habits or if you are a smoker or not, can be classified sensitive. We process such information only if is provided solely by yourself or for the persons you exercise custody (or parental responsibility), if you are required by applicable law or you have expressly given us your consent (eg in order to provide you with the appropriate Service, or to offer you a package of services tailored to your needs).

Information is collected directly from you when you contact us by telephone or email, or when you provide us with any other information, when you choose to participate in our offers and programs, and when you create an account on a company’s website. Below, you can see some examples of information that we can collect directly from you:

Full name
Email address

Some of our Services enable us to provide information directly to us. For example:

Some of our Services enable users to create accounts or profiles. In conjunction with these Services, we may ask you to provide some information about yourself in order to set up your account or profile. For example, you may submit certain information about yourself, such as name and email address, when n sign up for our business newsletter or fill in an on-line contact form if you are interested in sending printed files to your location.

Third party information:

We can collect information from other sources, including commercially available sources or from public sources (sources open to the public such as, for example, telephone directory, internet, public lists of professional associations, clubs, professional unions); in accordance with what is permitted by law. Examples of information we may collect from other sources are Your Name and Email Address.

We can combine all the information we have collected for you and you in order to improve communication between us and to develop high-quality products and services.

We may also receive information about you from third party social networking services when you choose to connect to these services.

You may choose not to provide us with certain types of information, but if you do, it may affect your ability to use certain Services.

When Do We Collect Personal Data?

We collect personal data on various occasions such as:

(a) Provision of Tourist Services (as described for the purposes mentioned above)

Pricing and payment of services.
Various requests, complaints/reports and/or disputes

(b) Transmission of information by third parties:

Affiliated travel agents, partner travel agencies, GDS reservation systems, Online booking systems – and other reservation systems

Link to our web sites.
Connect to the WiFi network of our company.
Filling online forms.

Third Party Access Terms to Your Personal Data

The recipients or third parties to whom we may disclose personal data are primarily the following:

Your travel sponsors. Our services to you are provided in accordance with the terms of service agreements of your employer or travel sponsor. We share your data with them in order to enable them manage the needs of their business trips, to be able to carry out the duty of concern towards their employees and to ensure compliance with their policies. At the request of your employer or travel sponsor, we may also share data with our partners.
Travel suppliers and other providers of travel services. We share information with travel vendors (for example airlines and hotels) and travel service providers (for example, ticketing systems and travel application providers) as well as their partners as required for travel booking and travel services to you or your travel sponsor. We do not sell information to third parties in a way that allows them to promote their own products or services directly to you.
Affiliates. Your personal data may be shared with affiliates of our company.
Business associates. We may also share your personal data with trusted companies partners. These agencies may use your information to provide you with the services you have requested, to predict your interests and perhaps to provide you with promotional material, advertisements and other material.
Service Providers and/or any third party who may be processing on our behalf. We may also disclose your personal data to companies that provide services for and/or on our behalf, such as computer contractors, bulk mailers, banks, credit card issuers, law firms, mail service companies, printing services companies, etc.
We may also share personal data with third parties if requested by you or on your own consent.

There may be cases that we will share your information with other third parties:

To the extent required or permitted by law. We may disclose information to regulatory authorities, courts and government agencies where we believe that this would be permitted or required by law or regulatory or legal process or in order to defend our interests, rights or property or others.
to confirm or to implement our compliance with the policies governing our Services and
to protect the rights, property or security of our business or any affiliate, business partner or client.

Protection of Personal Data during International Transfer

If you choose to travel abroad, your personal data will be transferred to third parties, inside or outside the EU, in countries offering different levels of personal data protection, depending on where you are destined, in order to provide you with the services you have chosen, otherwise for the execution of our contract and your consent.

Please note that data protection and other laws in the countries where you are traveling and therefore may transfer your personal data may not be as protective as in your own country. The transmission will take place in accordance with the law regarding the processing of personal data in order to ensure the adequate protection of your personal data.

Our company applies the appropriate measures to ensure the safe transfer of your personal data to an external recipient located in a country offering a different level of protection from that imposed by the GDPR.

In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties if you give your consent or explicitly request it in written.

In order to provide you with the best possible service, we provide access to your personal data or to certain specific categories of your personal data, to our appropriate and authorized staff, regardless of whether it is located at our headquarters or at a branch. This includes:

Administration
Accounting department
Reservation department

What we do to keep your personal data safe .

We have obtained reasonable organizational and technical means to protect your personal data we collect in connection with the Services and in particular any sensitive personal data that is collected. Our IT Partners follow international standards and practices in order to ensure the safety of our facilities and data encryption.

However, although we take reasonable steps to protect your personal data, no web site, no Internet transmission, no computer system, and no wireless connections are completely safe.

Data Storage

We take reasonable steps to ensure that your personal data is retained only for as long as necessary for the purpose for which it was collected or for as long as required by contract or under applicable law.

Cookies, Beacons, and Similar Technologies

As you navigate to a website, certain information may be collected passively (without you actively providing it), using various technologies and means, such as Internet Protocol addresses, cookies, Internet tags, as well as collection of navigation data. We, as well as certain third parties that provide content, advertisements, or other functionality to our Services, may use this type of technology in certain parts of our Services.

For more information, please refer to the Cookies Policy and check the Cookies Table for detailed information on the cookies and other tracking technologies used on our Website https://kyknostravel.gr/en/terms-and-conditions/. In this Policy, you will also find information on how to disable cookies and tracking technologies if you do not agree to using them. If you do not disable any cookies or other tracking technologies, we will conclude your consent to their use.

Access , Correction of Personal Data you & Right to Delete Personal Information

According to the legislation on certain types of processing, you may be entitled to request details regarding the personal data we collect and to correct any inaccuracies.

In principle, the correction of inaccurate information is provided for free. However, if permitted by law, we may charge you a small fee for this option. We may refuse to proceed with requests that are repeated unreasonably, require disproportionate technical effort, jeopardize the privacy of others, are extremely impractical or involve access not otherwise required by domestic law.

If you wish to check, correct, update or delete the personal data you have provided through the Website, please contact the person responsible for the personal data via a written request at the following address. We will try to comply with your request as soon as possible.

Update

This policy may be modified in accordance with applicable law or to achieve best practices. From our side, we will announce any change to our privacy policy to ensure that you are aware of any changes. By accessing or using our Services, once we have posted such an up-to-date version of the Privacy Policy, you agree to the new practices contained in the update. The latest version of the Privacy Policy will always be on our website https://kyknostravel.gr/en/terms-and-conditions/

Printed form of this Policy can be found at our business secretariat or can be sent to you on request at the contact form that is always on our website https://kyknostravel.gr/en/

Questions and Communication

For any questions regarding this policy or general protection and data security in business our, contact the Law Officer Privacy on the phone +30 210 4514482 or send an email to vassilis@kyknostravel.officegate.gr

DATA SUBJECT ACCESS REQUEST PROCEDURE

Valid from 01/11/2018

The company under the name KYKNOS INTERNATIONAL TRAVEL AGENCY LTD. with the distinctive title KYKNOS TRAVEL which is based in Skouze 12, 185 36 PIRAEUS (hereinafter referred to as KYKNOS TRAVEL) is the Controller of Personal Data which it collects and processes in its activities.

KYKNOS TRAVEL respects the rights of personal data subjects and has established this process to manage the underlying claims.

The Data Protection Officer that is responsible for receiving the requests of the subjects is HATZIANTONIOU VASSILIOS (tel: +302104514482, email: vassilis@kyknostravel.officegate.gr). The requests of the subjects are received by Mr Hatziantoniou and then forwarded to the employee (appointed by Mr. Hatziantoniou) who will address each individual request.

This procedure describes the actions that are being followed for the management of the subjects requests.

Right to access

If the data subject requests access to his or her personal data, the following steps will be followed:

Identification of the data subject by on-the-spot check if the information is requested in writing or physically
Identification of the data subject by other means if the information is requested to be provided verbally
Confirmation by the Data Protection Officer whether or not the personal data may be processed
Provision of a copy to the subject of his/her personal data in the company. For additional copies that may be requested by the data subject, the company may charge a reasonable fee for administrative expenses. If the data subject submits the request by electronic means and unless otherwise requested, the update must be provided in an electronic form commonly used.

Note : In case the data subject already holds the information or its dispensation requires a disproportionate effort for the data controller, then the subject does not have the right of access.

When personal data is not collected directly from the data subject then the controller should be informed of all the information available about subject’s origin.

The company must satisfy this right without delay and at the latest within a month from the request submission. The one-month deadline may be extended for two months if the request is complex or the number of copies the company has to provide is large. However, the Data Protection Officer must inform the subject about the extension within one month of the request submission.

Right to rectification

If the data subject requests the correction of inaccurate personal data relating to him/her, the following procedure should be followed:

Identification of the data subject by on-the-spot check if the information is requested in writing or physically
Identification of the data subject by other means if the information is requested to be provided verbally
Correction of the inaccurate subject’s personal data by the company without delay
Completion of incomplete personal data through a supplementary statement if required so by the data subject
Should the company notify each recipient to whom it was disclosed about the correction of personal data, unless it proves to be impracticable or if it involves a disproportionate effort
The data subject should be informed by the company regarding those recipients if required so by the data subject
The data subject should be informed by the company that the data has been corrected and recorded

Right to deletion

If the data subject asks for the deletion of personal data relating to him/her, the following procedure should be followed:

Identification of the data subject by on-the-spot check if the information is requested in writing or physically
Identification of the data subject by other means if the information is requested to be provided verbally
Checking of the legal basis of the processing in order the company to determine whether the subject has the right to request such action
Should the company disclose the deletion of personal data to each recipient to whom it was disclosed unless it proves impracticable or involves a disproportionate effort
The data subject should be informed by the company regarding those recipients if required so by the data subject
The data subject should be informed by the company that the data has been deleted

In order to be able to fulfill a deletion request, the company should check that one of the following applies:

personal data is no longer necessary in relation to the purposes for which it was collected or processed otherwise
the data subject withdraws the consent on which processing is based in accordance with Article 6 (1) (a) or Article 9 (2) (a) and there is no other legal basis for the processing
the data subject is opposed to processing in accordance with Article 21 (1) and there are no compelling and legitimate reasons for the processing or the data subject is opposed to treatment in accordance with Article 21 (2)
personal data has been illegally processed

Right to restriction of processing

If the data subject asks to limit the processing of his or her personal data, the following procedure should be followed:

Identification of the data subject by on-the-spot check if the information is requested in writing or physically
Identification of the data subject by other means if the information is requested to be provided verbally
Checking of the legal basis of the processing in order the company to determine whether the subject has the right to request such action
The data subject should be informed by the company that the processing of the personal data has been restricted

In order to be able to fulfill a deletion request, the company should check that one of the following applies:

The accuracy of personal data is disputed by the data subject for a period of time allowing the company to verify the accuracy of the personal data
Processing is illegal and the data subject opposes the deletion of personal data and asks, instead, to limit its use
The company no longer requires personal data for the purposes of processing, but this data is required by the data subject to establish, exercise or support legal claims
The data subject has objections to processing according to Article 21 (1) while the verification that the legitimate reasons of the company override the data subject’s is pending

Note : The controller can only remove the processing restriction after the consent of the data subject:

– for the foundation, exercise or support of legal claims

– to protect the rights of another natural or legal person

– for reasons of major public interest of Greece or the European Union

In any such case, the data subject should be notified before the processing restriction is lifted .

Right of portability

If the data subject asks for the portability of his or her personal data, the following procedure should be followed:

Identification of the data subject by on-the-spot check if the information is requested in writing or physically
Identification of the data subject by other means if the information is requested to be provided verbally
Checking of the legal basis of the processing in order the company to determine whether the subject has the right to request such action
The company to provide the subject with the related personal data in a structured, commonly used and machine-readable format
Transmit personal data without objection from the company to another controller if requested by the data subject and is technically feasible

In order for the controller to make this request, all of the following should apply:

personal data is processed by automated means (excluding printed files)
the legal basis of the treatment is either consent of the data subject, or application of a contract to which the data subject is a contracting party
personal data is related to the data subject; and has been provided by the subject. It is assumed to have been provided by the data subject when supplied consciously and actively, but also when produced and collected from the activities of users, when using a service or device

Right to oppose in processing

If the data subject opposes the processing of his or her personal data, the following procedure should be followed:

Identification of the data subject by on-the-spot check if the information is requested in writing or physically
Identification of the data subject by other means if the information is requested to be provided verbally
Checking of the legal basis of the processing in order the company to determine whether the subject has the right to request such action
The company stops processing the subject’s personal data

Note : The company may continue processing the personal data of the subject if it demonstrates imperative and legitimate processing grounds that override the data subject’s interests, rights and freedoms, or the foundation, exercise or support of legal claims.

Right to oppose profiling

If the data subject asks not to be the subject of a decision taken solely on the basis of an automated processing, including profiling, which produces legal effects affecting him or which significantly affects him in a similar way in the processing of personal data concerning him or her the following must be done by the competent body (eg an enterprise):

Identification of the data subject by on-the-spot check if the information is requested in writing or physically
Identification of the data subject by other means if the information is requested to be provided verbally
Checking of the legal basis of the processing in order the company to determine whether the subject has the right to request such action
Application of appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, at least the right to ensure human intervention from the point of view of the controller, expressing opinion and challenging the decision

Personal Data storage and destruction policy

Valid from 01/11/2018

Introduction

According to Article 5 of GDPR 2016/679, personal data must be kept for the period necessary for the purposes for which it is processed. The below policy gives the guidelines for storing and destroying personal data.

Storage areas for personal data

Storage areas include:

servers
e-mails
computers (desktops and laptops)
personal electronic devices (BYOD)
backup storage disks
printed files

General periods maintaining PD

Generally, personal data should only be retained for as long as necessary. Retention periods may vary depending on the type of data processed, the purpose of the treatment, or other factors. The issues to be addressed include:

If legal requirements are in place to maintain specific data in accordance with:

Commercial laws
Tax laws
Labor laws
Administrative laws.

During the retention period it is necessary:

the establishment of periodic reviews of the data retained
the establishment and verification of retention periods for the data, taking into account the following categories:

the requirements of your business
the type of personal data
the purpose of the processing
the reasons for processing
the data subjects

If precise retention periods cannot be established, KYKNOS INTERNATIONAL TRAVEL AGENCY LTD shall specify the criteria by which the period may be determined.

End of PD preservation period

Data must be deleted when:

the data subject withdrew his/her consent to processing
the contract has been executed or can no longer be executed.
the data is no longer up to date.

However, after the expiration of the current retention period, personal data must not be deleted altogether, provided the personal data are anonymous. This can, for example, be achieved through:

the deletion of unique identifiers that allow the distribution of a data set to a single person
the deletion of individual information identifying the data subject (either alone or in combination with other data);
separating personal data from unrecognizable information (e.g., an order number from the customer’s name and address).

Obligation of informing the subjects

In addition to other information obligations, in the context of data retention, data subjects should be informed of:

the retention period
if a fixed retention period cannot be provided, the criteria used to determine that period
the new retention period if the purpose of the processing has changed since the acquisition of personal data.

Changes to the PD Storage and Destruction Policy

KYKNOS INTERNATIONAL TRAVEL AGENCY LTD may modify the present Storage and Destruction Policy of the DS. Please check the Application Date at the top of this Policy to see when this Policy was last reviewed.