How we handle your

Personal Data

Privacy Policy

We recognize that the security of personal data is a particularly important issue. With this privacy policy we wish to explain our practices regarding the security of the personal data we collect when you visit this website.

Please read our privacy policy carefully before providing us with any personal information. If you use our website to order one or more products, you are deemed to consent to our use of your Personal Data in accordance with this policy.

The website spilia-chios.gr is the online presence of the Spilia Traditional Village Houses, through which we wish to highlight its services and advertise our accommodation.

Legal Representative: Iasonas Psomadakis
Contact Email address: info@spilia-chios.gr
Address: Spilia, 82300, Kardamyla, Chios, Greece

At spilia-chios.gr, we strive to deliver high quality services. For this purpose, we or the services we use on our Website collect a series of personal data, such as your name, your phone number and your email address.

Personal Data can be freely provided by the visitor to our Website, such as Website Usage Data, and is collected automatically when visiting it. Unless otherwise specified, all data requested by our Website is mandatory and failure to provide this data may make it impossible to provide this service (for example, in the contact form, in case an email address is not filled in, it is impossible to send your message to us).

We do not knowingly collect Personal Data from children under the age of 18, and in the event that we learn that we have collected or received personal data from children under the age of 18, we will automatically delete such information. It is our policy to post any changes we make to our privacy policy on this page, which we encourage you to visit regularly to check for any changes.

Processing Methods

Our Website takes appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of Data. Data processing is carried out using computers and/or IT-enabled tools, following organizational procedures and ways strictly related to the indicated purposes.

In addition to the Data Controller, in some cases, the Data may be accessible to external parties (technical support service providers, distributors, hosting providers, IT companies) appointed, if necessary, as data processors by the owner a list of these parts may be requested from the Owner at any time. The updated list of these parts can be requested from the Owner at any time.


The Data is processed, in the part attributable to us, at the Owner’s operating offices and at any other point (hosting server within Greek territory) where the parties involved in the processing are located. The transmission of information over the Internet can never be completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee 100% the security of your data transmitted to our website.

About Any transmission is at your own risk. After we receive your Personal Data, we use strict procedures and security features to try to prevent any unauthorized access.

Personal data must be processed and stored for as long as is required by the purpose for which it was collected. Therefore:

  • Personal data collected for purposes related to the performance of a contract between the Owner and the Visitor are retained until the contract is completed.
  • Personal Data collected for the purposes of the legitimate interests of the visitor to our Website are retained as long as necessary to fulfill those purposes.

Our visitors can find specific information about the legitimate interests pursued by the Website Owner in the relevant sections of this document or by contacting them.

The Website Owner may be able to retain the personal data for a longer period of time, whenever the visitor has given his consent to the processing in question, as long as this consent is not withdrawn. In addition, the Owner may be required to retain Personal Data for a longer period of time, whenever required to fulfill a legal obligation or upon the order of an authority.

Once the retention period has expired, the Personal Data will be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to transfer data cannot be exercised after the end of the retention period.

The Personal Data of our visitors is collected to enable the Owner to provide its Services, as well as for the following purposes:

  1. for system administration purposes,
  2. to analyze user behavior and trends in order to improve and understand how people use our website,
  3. to get in touch with you,
  4. to confirm and identify the visitor in any necessary case,
  5. in case you have asked us to or to respond to any messages you have sent us,
  6. in case it is necessary to notify you of any changes or updates regarding our services.

The personal data we collect when you fill out the contact form or the house reservation form of spilia-chios.gr is your Name, Email Address and Phone Number.

Visitors may exercise certain rights regarding data processed by the Owner.In particular, visitors have the right to do the following:

  • To withdraw their consent at any time. Website visitors have the right to withdraw their consent where they have previously consented to the processing of their Personal Data.
  • To refuse the processing of their data. Website visitors have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent. More details are provided in the dedicated section below.
  • To gain access to their data. Website visitors have the right to find out if data is being processed by the Owner, to obtain notification of certain aspects of the processing and to obtain a copy of the data being processed.
  • To verify and correct their data. Visitors  have the right to verify the accuracy of their Data and request that it be updated or corrected.
  • To limit the processing of their Data. Website visitors have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than their storage.
  • Have their personal data deleted or otherwise removed. Website visitors have the right, under certain circumstances, to request the deletion of their Data from the Owner.
  • To receive their data and transfer it to another controller. Website visitors have the right to receive their data in a structured, widely used and machine-readable format and, if technically possible, to transmit it to another controller without any hindrance. This provision applies on the condition that the Data is processed by automated means and that the processing is based on the consent of the Visitor, on a contract to which the Visitor is a party or on its pre-contractual obligations.
  • File a complaint. Website visitors have the right to lodge a claim with their Data Protection Authority.

Your Personal Data is safe with us. We will never transfer your Personal Data to third parties, although we may, in certain circumstances, forward or provide your Personal Data to third parties in accordance with this policy or where we are required to do so by law.

We may disclose your Personal Data if it is necessary to prevent, detect and prosecute illegal or suspected illegal activities or to prevent other harm or in response to legal action or for the purpose of asserting rights and our requirements.

We use cookies and tracking tools to collect aggregate usage and demographic information about our users over time.You can read our Cookies Policy to learn more about how we use cookies.

The Services of spilia-chios.gr may include links to third-party websites, to which you may be transferred (e.g. to watch a video at youtube). Please note that we are not responsible for the privacy practices of such third party websites.We encourage you to read the privacy statements/policies of each third party website you link to from our Services.

Personal data (or data)

Any information that directly, indirectly or in connection with other information – including a personal identification number – enables the identification or identification of a natural person.

Usage Data

Information collected automatically through this Site (or third-party services used by it), which may include: the IP addresses or domain names of the computers used by Visitors using our Site, URIs (Uniform Resource Identifier) the time of the request, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the server’s response (successful outcome, error, etc.), the country of origin, the features of the browser and operating system used by the Visitor, various time-per-visit details (eg, time spent on each page of the Website) and details about the path taken followed in the Application with specific reference to the sequence the pages you have visited and other parameters related to the operating system of the device and / or the IT environment of the Visitor.


The person who uses this Website and who, unless otherwise specified, coincides with the Data Subject.

Data subject

The natural person to whom the personal data refer.

Data processor (or data controller)

The natural or legal person, public authority, organization or other body that processes the personal data on behalf of the Owner, as described in this privacy policy.

Data controller (or owner)

The natural or legal person, public authority, organization or other body which, alone or jointly with others, determines the purposes and means of processing Personal Data, including security measures related to the operation and use of this Application.The data controller, unless otherwise specified, is the owner of this Website.

The Website

This website through which the Visitor’s Personal Data is collected and processed.


Each service provided through this Website as described in the relevant terms of use (if any).

European Union (or EU)

Unless otherwise stated, all references made in this document to the European Union include all current member states in the European Union and the European Economic Area.


Small data files stored on the Visitor’s device.

Legal information

This privacy statement has been prepared based on the provisions of several pieces of legislation, including Regulation (EU) 2016/679 (General Data Protection Regulation).This privacy policy relates solely to this Website, unless otherwise stated in this document.

If you have any questions about this text, please contact us at email: aquasports.zematas@gmail.com.