- The information collected through the website https://santorini-luxury-yachting.com will be processed by NOSTALGIA NEPA SA the data controller, for the purposes of processing your request for information or your request to register on the Website or sign up for the newsletter and the services offered by the Website.
You can access and browse our website without disclosing your personal data, however in order to transact with us, request and receive our services you will need to disclose to us certain data. Confidentiality and date protection is important to us and we are determined to do our best to protect your data and to meet all the obligations under data protection and privacy laws related to Greece and the EU. Personal data means any information relating to you which allows us to identify you, such as your name, contact details, and information about your access to our website. We may collect personal data from you when you contact us, through the form provided in our website, use our website, or when you sign up for our newsletter.
Specifically, we may collect the following categories of information:
- E-mail address, when you sign up in our newsletter.
- Name, e-mail address and information that you include in your CV when you decide to send one to us.
- Information about your use of our website.
- The communications you exchange with us or direct to us via letters, emails, calls, and social media.
- Your data may be used for the following purposes:
- Marketing: periodically we will contact you with information regarding our services via e-mail. You will have the choice to opt in or opt out of receiving such communications by indicating your choice when you fill in a contact form. You will also be given the opportunity on every e-mail that we send you to indicate that you no longer wish to receive our direct marketing material.
- Career: If you send us your CV, we will evaluate if you could be the person we wish to work with and we will keep your name and contact information in order to communicate with you, if that is necessary. The personal data you submit on this form will be stored safely on our servers in the EU for three years and will be deleted thereafter. At any point, you can request we delete your personal data or ask information about it by sending us an email to email@example.com
The above processing are based on our legitimate interest in the course of managing its relationships with clients and prospects.
- Your data are transmitted internally to the customer relations department, the marketing and sales department and the communications department. Your data are also accessible to our data processors (specifically for the purposes of hosting the website). Please note that your personal data may be transmitted to third parties only for the purposes referred to in this information note or with your consent.
- Your data protection rights
As provided by the existing legal framework, you have the right to:
- Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request rectification of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no sufficient or legal reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes. You can object to our processing of your data for direct marketing purposes by unsubscribing from our mailing list.
- Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
- Withdraw consent. Where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you want to exercise any of these rights are have any further questions about this policy or how we handle your personal information, or for requests for data access, erasure, etc. please get in touch with us by writing to firstname.lastname@example.org .
Requests to unsubscribe from our mailing list can be made by clicking on the “unsubscribe” link in any of our marketing emails addressed to you.
You also may have the right to make a complaint if you feel your personal information has been mishandled. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant supervisory authority (Hellenic Data Protection Authority, http://www.dpa.gr/)
- Once your data has been deleted, we no longer hold a record of you. We cannot guarantee that we will not contact you again in the future through public data sources. Please allow ten working days for your data to be deleted.
- We store your personal data on our secure, highly confidential database, which can only be accessed by our team. All our employees who have access to and are associated with the processing of personal data, are contractually obliged to respect the confidentiality of your personal data. Your personal data will be retained: – for five (5) years as of the date they are collected, if no contract has been concluded; – if a contract has been concluded or an order placed, throughout the contract period, after which the data will be retained in semi-current records for a duration equal to the warranty period plus the relevant statutory limitation period. It should be recalled that the relevant limitation periods are five (5) years for contractual or extra-contractual civil liability proceedings (excluding injury).
- Securing your personal data
We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction or damage.
To achieve that, we take end-to-end SSL encrypted communications, server and application firewall, application execution isolation and many more measures.
As you browse this Website, we are likely to save data related to your navigation in files known as “Cookies”. These are stored on your terminal (computer, tablet, mobile phone or any other device optimized for the Internet). We have provided this page to help you understand what a Cookie is and enable you to adapt your settings. These Cookies are used by our team to improve your user experience and make it easier to browse this website
A Cookie is a simple text file that is stored in a dedicated space on your terminal’s hard disk, via your browser, when visiting a website or viewing an advertisement. It contains several items of data, including the name of the server that deployed it (server of the website you are visiting), an identifier in the form of a unique number and in some cases a cookie expiry date. In using Cookies a company or organization can recognize the terminal of the users on which it has been stored. It can also collect data related to how they browse websites and offer personalized services to them. We would like to reassure you that these Cookies contain no private data and that only the company or organisation deploying the Cookies can read or modify the data within them.
The Cookies used on this Website – Cookies needed for this Website to work properly: these memorize data you enter in forms, manage and make access to privately accessed pages secure (registration or access to your account, service required, contents of a shopping basket, etc.) – Functional Cookies: these adapt the presentation of the Website to your terminal’s display preferences (language used, display resolution, etc.) and personalize your access to the site. – Analytical Cookies (or “audience measuring Cookies”): these collect traffic data anonymously to build statistics and establish how often the site is visited (number of visits, page views, etc.) and to know how the elements comprising this site are used (sections and pages viewed, etc.) enabling us to track and improve the quality of its services. This site uses Google Analytics, a service analysing Internet sites provided by Google Inc. (“Google”), with which we can analyse the way the website is used by its users. – “Social Cookies”: enable you to interact with social modules on the Website (Facebook, Twitter, etc.). – “Retargeting cookies”: these cookies are used to memorize your information and recognize you when you visit another website that markets, in part, a similar advertising inventory.