close

Privacy Policy

Privacy Policy (GDPR-Compliant)
Mystery Suites & Apartments
Website: https://mysterysuites.gr/

1. Data Controller

The Data Controller responsible for processing your personal data is:

Mystery Suites & Apartments
Address: Meg. Alexandrou 20, P.C. 60063 Nei Pori, Pieria, Macedonia, Greece
Email: mysterysuites@gmail.com
Phone: +30 6970376170

For any data protection-related inquiries, you may contact us at the above details.

2. Scope of This Policy

This Privacy Policy applies to all users of the website https://mysterysuites.gr/ and describes how we collect, use, disclose, and protect personal data in accordance with:

  • The General Data Protection Regulation (EU) 2016/679 (GDPR)

  • Applicable Greek data protection laws

3. Categories of Personal Data

We may collect and process the following categories of personal data:

a. Identification & Contact Data

  • Full name

  • Email address

  • Telephone number

b. Booking & Transaction Data

  • Arrival and departure dates

  • Accommodation preferences

  • Number of guests

  • Special requests

  • Payment-related data (processed via secure third-party providers)

c. Technical & Usage Data

  • IP address

  • Browser type and version

  • Device identifiers

  • Log data (pages visited, session duration, referring URLs)

d. Marketing & Communication Data

  • Preferences in receiving marketing communications

  • Consent records

4. Purposes of Processing & Legal Bases

We process your personal data only when we have a lawful basis under Article 6 GDPR:

Purpose Legal Basis
Managing bookings and reservations Performance of a contract (Art. 6(1)(b))
Responding to inquiries Legitimate interest (Art. 6(1)(f))
Sending confirmations and service communications Contractual necessity
Compliance with tax/legal obligations Legal obligation (Art. 6(1)(c))
Marketing communications Consent (Art. 6(1)(a))
Website analytics and improvements Legitimate interest / Consent (cookies)

5. Special Categories of Data

We do not intentionally collect sensitive personal data (as defined under Article 9 GDPR), unless explicitly provided by you (e.g., accessibility requirements or health-related requests). Such data will only be processed with your explicit consent.

6. Data Sharing & Processors

We may share your personal data with trusted third parties acting as Data Processors under GDPR, including:

  • Online booking platforms and reservation systems

  • Payment service providers (PCI-DSS compliant)

  • IT and website hosting providers

  • Analytics and marketing service providers (e.g., Google Analytics, Meta Pixel – if used)

  • Accountants and legal advisors

All processors are bound by Data Processing Agreements (DPAs) and confidentiality obligations.

We may disclose data to public authorities when required by law.

7. International Data Transfers

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as:

  • European Commission Standard Contractual Clauses (SCCs)

  • Transfers to countries with an adequacy decision

8. Data Retention

We retain personal data only as long as necessary:

  • Booking and financial records: up to 10 years (Greek tax law compliance)

  • Customer communications: up to 2–5 years

  • Marketing data: until consent is withdrawn

  • Analytics data: according to cookie settings

After this period, data is securely deleted or anonymized.

9. Cookies & Tracking Technologies

We use cookies in accordance with the ePrivacy Directive and GDPR.

Types of Cookies Used:

  • Strictly Necessary Cookies (no consent required)

  • Analytics Cookies (require consent)

  • Marketing/Tracking Cookies (require explicit consent)

A cookie banner allows users to:

  • Accept or reject non-essential cookies

  • Manage preferences

You can also control cookies through your browser settings.

10. Data Security Measures

We implement appropriate technical and organizational measures in accordance with Article 32 GDPR, including:

  • SSL encryption (HTTPS)

  • Access control and authentication

  • Data minimization principles

  • Regular security updates and monitoring

11. Your Rights Under GDPR

You have the following rights:

  • Right of access (Art. 15)

  • Right to rectification (Art. 16)

  • Right to erasure (Art. 17)

  • Right to restriction of processing (Art. 18)

  • Right to data portability (Art. 20)

  • Right to object (Art. 21)

  • Right to withdraw consent at any time

To exercise your rights, contact us at [Insert Email].

You also have the right to lodge a complaint with the supervisory authority:

Hellenic Data Protection Authority (HDPA)
Website: https://www.dpa.gr/

12. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

13. Third-Party Links

Our website may contain links to external websites. We are not responsible for their privacy practices.

14. Children’s Data

Our services are not directed at individuals under 18. We do not knowingly collect personal data from children.

15. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with a revised effective date.

16. Contact Information

For any questions or requests regarding this Privacy Policy:

Mystery Suites & Apartments
Email: mysterysuites@gmail.com
Phone: +30 6970376170
Address: Meg. Alexandrou 20, P.C. 60063 Nei Pori, Pieria, Macedonia, Greece

Last Updated: [27.03.2026]


top
close
Logo

About

Rooms

Services

Gallery

Contact

Call us:
+30 35634 3444
Follow us:
Facebook-square Instagram