Sign In

Privacy policy

Introduction
This Privacy Policy describes how our website collects, uses, stores, and protects the personal data of its visitors and customers. We are committed to protecting your privacy and processing your data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Greek and European legislation.

What is Personal Data?
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one whose identity can be determined, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural, or social identity of that person.

Data We Collect
In order to complete any booking or transaction on our website, it is necessary for you to provide certain personal data, which is collected for security purposes and to complete the provision of services. We collect the following types of personal data:

Booking / Customer Data:

  • Full name
  • Address (street, number, city, postal code) – required for issuing legal documents/invoices
  • Phone number – required for direct communication regarding your appointment
  • Email address
  • Booking Details: Date and time of the service, number of persons, and any special requests or comments related to the booking

Login / Account Data:
When you create an account or log in to manage your bookings.

Payment Data:
We do not store credit card details. Payments are processed through secure third-party payment gateways (banking systems).

Communication Data:
When you contact us via the contact form or email, we collect your name and email address.

Usage Data:
Information about how you use our website (e.g., pages visited, services viewed). This is collected via cookies. For more information, please refer to the Cookie Policy.

Purposes of Processing and Legal Basis
We process your personal data for the following purposes and based on the corresponding legal grounds:

For Booking Processing and Management:

  • Purpose: Availability check, booking confirmation, service provision, payment management, and handling cancellations or refunds
  • Legal Basis: Performance of a contract to which you are a party

For Customer Account Management:

  • Purpose: Creation and management of your account, booking history
  • Legal Basis: Performance of a contract and our legitimate interest in providing a personalized experience

For Communication and Reminders:

  • Purpose: Sending confirmations, appointment reminders, or updates regarding schedule changes
  • Legal Basis: Our legitimate interest in ensuring smooth operation and better customer service

For Marketing (Newsletter / Offers):

  • Purpose: Sending newsletters, offers, or information about new services
  • Legal Basis: Your consent, which you may withdraw at any time

For Improving User Experience and Analytics:

  • Purpose: Analyzing website usage to improve our services
  • Legal Basis: Our legitimate interest or your consent (for marketing cookies)

For Legal Compliance:

  • Purpose: Compliance with tax and accounting obligations, and responding to requests from public authorities
  • Legal Basis: Compliance with a legal obligation

Data Recipients
The data you provide on our website is never disclosed to third parties for their own commercial purposes. However, in order to complete bookings and provide our services, we may share your data with the following partners:

  • Payment Providers: Banking institutions or electronic payment platforms (e.g., Stripe, PayPal, Viva Wallet) for payment processing
  • Accounting / Tax Services: For compliance with our accounting and tax obligations
  • Web Hosting & Technical Support Providers: For the technical operation and support of the booking system
  • Analytics Providers (e.g., Google Analytics): For monitoring traffic and improving the website
  • Calendar Management Platforms (optional): If synchronization with external calendars (e.g., Google Calendar) is required

In all cases, we ensure that our partners adhere to strict data protection standards and act as data processors on our behalf. Additionally, we may disclose your data to public authorities if required by law.

Data Retention Period
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected.

  • Booking / Customer Data: Retained for the period required by tax law (e.g., up to 10 years from invoice issuance)
  • Account Data: Retained as long as your account remains active
  • Newsletter Data: Retained until you withdraw your consent (unsubscribe)
  • Cookie Data: Refer to the Cookie Policy for cookie duration

Your Rights
Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request information and access to your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data under certain conditions (e.g., when no longer necessary or if you withdraw consent). Note: This does not apply where data retention is required by law (e.g., tax records)
  • Right to Restriction of Processing: Request restriction of data processing in specific cases
  • Right to Data Portability: Receive your data in a structured format and transfer it to another controller
  • Right to Object: Object to processing based on legitimate interest
  • Right to Withdraw Consent: Withdraw your consent at any time (e.g., for newsletters), without affecting the lawfulness of processing based on consent before its withdrawal

To exercise any of the above rights, please contact us using the details provided below.

Data Security
Your data is collected and stored securely. We implement all necessary technical and organizational measures (including the use of SSL encryption protocols) to protect your personal data from loss, misuse, unauthorized access, or disclosure. Online payments are carried out in a secure environment provided by our payment partners.

Right to Lodge a Complaint
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the competent Supervisory Authority. In Greece, this is the Hellenic Data Protection Authority (HDPA) (www.dpa.gr).

Contact
For any questions or clarifications regarding this Privacy Policy or the processing of your personal data, you may contact us using the contact details provided on our website.

Copyright © 2025 | All Rights Reserved | Designed and Developed by ACM Digital