When we reference Seafront Protaras, we also mean the websites managed by Seafront Protaras Ltd, such as https://seafrontprotaras.com/, www.facebook.com/seafrontprotaras and https://www.instagram.com/seafrontprotaras/
‘Data Controller’ means the person or organization which determines when, why and how to process Personal Data and implements appropriate technical and organizational measures to comply with the Law;
‘Data Protection Officer’ means the person who is formally appointed with the purpose of ensuring that we are aware of and comply with our data protection responsibilities and obligations according to the Law;
‘Data Subject’ means a living, identified or identifiable natural person about whom we hold Personal Data;
‘Personal data’ means data about the Data Subject who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access;
‘Processing’ means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure or destruction;
‘Special Categories of Personal Data’ means the information revealing racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, sexual life, sexual orientation, biometric or genetic data;
For the purposes of this Policy, Personal Data includes Special Categories of Personal Data.
‘Third Party’ means the recipient of your Personal Data as defined below.
The kind of information we collect about you
The purpose of the Processing of your Personal Data is largely based on each of our services that you have requested, used or intend to use:
- Contact details (e.g. name, surname, email address, physical address, phone number);
- Personal Correspondence (e.g. emails that you send to us, information posted publicly on our social media channels);
- Payment information (e.g. payment card information, IBAN, PayPal account, bank account);
- Employee Information (e.g. social insurance number, bank account)
- Website information (e.g. geographical coordinates, IP address)
- Educational background (e.g. university, work experience etc.)
- Any additional information that can be necessary for the provision of particular services (e.g. food allergies, Tax Identification Number, Driving License etc.)
In the event that you provide us with Personal Data about other individuals, you warrant to us that you have obtained such individuals’ permission to do so.
We do not collect or process Personal Data of children without prior consent from their parents or legal guardian (e.g. allergies, names, age).
We may use certain sensitive (or “special category”) personal data where you have given your explicit consent to us doing so, to better serve and meet your needs. Such sensitive data is only shared with other members of Seafront Protaras or our third-party service providers acting as data processors (e.g. excursion providers, babysitters, transport providers) for the purpose of providing the services you request and will not be shared or used by us for any other purposes.
On what legal basis do we process your Personal Data
As Data Controllers we may collect and process your Personal Data for any or all of the following purposes:
- Contractual Obligations: Are necessary to enter into a contract and/or to perform the contract in order to fulfill the services that you have requested (e.g. Hiring of Yachts, Hiring Babysitters, Hiring a Chef, Booking Excursions and Tickets, Car Rental, Taxi Services, Hiring Charter Planes, Reservations etc.);
- Consent: You have given consent to the processing of your Personal Data for a specific purpose (e.g. Receiving newsletters and/or promotional emails etc.)
Consent may be withdrawn at any time by contacting our Data Protection Officer at the contact details provided below.
- Legitimate Interests: Are necessary for the purposes of our legitimate interests or of a third party (e.g. legal claims), except where these interests are overridden by your interests or fundamental rights and freedoms, especially in cases where the Data Subject is a child;
- Legal Obligations: Is required for complying with the Law and/or any applicable law (e.g. the obligation of keeping accounting records).
Who Receives your Personal Data
Your Personal Data are only accessible by the following Third Parties:
- The employees with a need for access to fulfill the purposes set out above;
- Any of our sub-contractors and/or service providers, including but not limited to IT service providers, Credit/Debit Card Processing Companies which process credit/debit card payments, Yacht companies, Chefs, Taxi Companies, Charter Companies, Excursion and Tour Operators;
- Marketing service providers (e.g. to send e-mails – if you consent/opt-in to receive newsletters and/or promotional emails, consent to participate in our contests and other such promotional offers etc.);
In case of an absence of your consent, your Personal Data will not be disclosed to any Third Party, other than the above-mentioned, unless the disclosure is required and/or mandatory under the provisions of any legislation, regulation or upon governmental, supervisory, competent authority request.
When we enter to an engagement with a Third Party pursuant to which your Personal Data may be processed by that party, we enter into a processing agreement with that party in order to ensure that this Third Party processes the Personal Data strictly according to our instructions and implements the appropriate administrative, physical and technical measures to protect the Personal Data from unauthorized or accidental use, collection, access, damage, loss or disclosure.
Transferring your Personal Data outside European Union (‘EU’) and European Economic Area (‘EEA’)
We generally do not transfer your Personal Data to countries outside of EU and EEA (‘Third Countries’), except where required by the purposes set out in this Policy. If we need to transfer any Personal Data to Third Countries, we always ensure that the transfer meets the relevant requirements of the Law and we take all steps required to ensure that your Personal Data continues to receive our standards of protection.
When can Personal Data be transferred outside of the EU and the EEA
- If the European Commission has made a finding that the Third Country, territory or sectors within the Third Country ensures an adequate level of privacy protection (Adequacy Decision);
- The Third Party has signed the standard data protection clauses (i.e. contract) adopted by the European Commission and agreed to apply the privacy standards of protection of the European Union;
- The Data Subject has provided consent to the transfer.
Retention of Personal Data:
We will retain your Personal Data for as long as it is necessary to fulfill the purpose for which it was collected or for as long as is required/permitted by applicable law.
Personal Data received, based on your consent, for newsletters and/or information about prizes giveaways and/or promotional emails will be retained until you withdraw your consent.
Protection of Personal Data:
To safeguard your Personal Data from unauthorized access, collection, use, damage, loss, disclosure, copying or similar risks, we have introduced appropriate administrative, physical and technical measures such as up to date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of Personal Data to Third Parties. We also allow access to Personal Data only to those employees who need to know such data and they will only process your Personal Data on our instructions.
However, no method of transmission over the internet or method of electronic storage is completely secure. While security cannot be guarantee, we try to protect the security of the Data Subject’s Personal Data and we constantly review and enhance our information security measures.
Your rights in relation to your Personal Data
Right to access:
Request access to your Personal Data (commonly referred to as a “data subject access request”). This enables you to receive a copy of your Personal Data that we hold about you;
Right to rectification:
Request to correct or update any of your Personal Data which we hold. This enables you to have any incomplete or inaccurate information we hold about you corrected. We strive to retain only Personal Data that is accurate, complete and up to date;
Right to data portability:
Request the transfer of your Personal Data to another party;
Right to erasure:
Request to delete your Personal Data. However, we may need to retain certain information for legal or administrative purposes, such as record keeping and detect fraudulent activities.
Right to restrict processing:
Request to restrict the use of your Personal Data;
Right to object:
You have the right to object to the collection and use of your Personal Data (e.g. when we use your Personal Data on the basis of your consent, you can withdraw that consent at any time);
How can you exercise your rights in relation to your Personal Data:
If you wish to exercise any of your rights, you may contact our Data Protection Officer in writing or via email at the contact details provided below:
Name: Kyriacos Papademetriou
Address: Protara 53,Protaras,5296, Cyprus
The Data Protection Officer has the right to require the individual making the request to provide certain identification documents/information to be able to verify his/her identity.
The Data Protection Officer will respond to your requests within thirty (30) days after receiving your email/letter.
Right to lodge a complaint:
You have the right to lodge a complaint about the use of your Personal Data by contacting the Office of the Commissioner for Personal Data Protection in Cyprus at the contact details below:
Office address: Iasonos 1, 1082 Nicosia, Cyprus
Postal address: P.O. Box 23378, 1682 Nicosia, Cyprus
Tel: +357 22818456
Fax: +357 22304565
Effect of Policy and Changes to Policy
We keep this Policy under review, and we may modify it from time to time without any prior notice. You should review our Policy on our website periodically to ensure that you are aware of any such modifications/updates.
Our website uses cookie technology. Cookies are small files saved to your computer or mobile device that track, save and store information as well as your interactions and usage of our website. The primary purpose for collection of data from users to our site is to allow us to provide a smooth efficient and personalized experience while using our site. Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive, they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
We also collect other forms of non-personal information such as browsers used to access our website, search terms used to find the website, traffic referrals and links to our website. Cookies collected by us are used to enable certain functions and tools of our website, assist in the navigation of the website, track resources and data used on this site and remember computer settings. You may prevent your computer from accepting cookies by modifying the properties on your web browser (see your browser’s “Help” option on how to do this).
Types of Cookies
Strictly Necessary Cookies:
These cookies are necessary for the website in order to enable you to use certain features of the website, such as request specific services, setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These are used to allow the website to remember choices you make (such as language) and provide enhanced features to improve your web experience.
These cookies enable the site to function correctly and are used to gather information about how visitors use the site. This information is used to compile reports and help us to improve the site. Cookies gather information in anonymous form, including the number of visitors to the site, where visitors came from and the pages they viewed.
These cookies are specifically designed to gather information from you on your device to display advertisements to you based on relevant topics that interest you. The information the cookies gather on you can be shared with other advertisers to measure the performance of their advertisements. These cookies are also used to build user profiles from visitors to the website to gather statistics on the performance of the advertisements that can carry across many websites. These cookies can track a user as they visit other websites. Examples of the use of these cookies, is the social media cookies that are placed on our website to track users and provide ads on the social media platforms used by our visitors.
These cookies are used to produce statistical analyses of the way users navigate the site (using computers or mobile devices), the number of pages viewed, or the number of clicks made on a page during navigation of a site.
You can prevent the setting cookies by adjusting the settings on your browser (see your browser’s “Help” option on how to do this). Be aware that disabling cookies may affect the functionality of this and other websites that you visit.