HomeThe VillaSurroundingsReviewsContact
Book Now
NLDEFRESITPTPL

Legal

Privacy Policy

Last updated: March 2026

1. Introduction

Sunset Hill Villa Rhodes ("we", "us", or "our") operates the website sunsethillvillarhodes.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or make a booking.

By using our website, you consent to the practices described in this policy. If you do not agree with this policy, please do not use our website.

2. Information We Collect

2.1 Personal Information

When you make a reservation or contact us, we may collect:

  • Full name (first and last name)
  • Email address
  • Phone number
  • Postal address (street, city, postal code, country)
  • Number of guests and travel dates
  • Special requests or remarks

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited, time spent on pages, and navigation paths
  • Referring website or source
  • Language preferences

3. How We Use Your Information

We use the information we collect to:

  • Process and manage your villa reservations
  • Communicate with you about your booking (confirmations, reminders, check-in details)
  • Respond to your inquiries and support requests
  • Send booking confirmations and invoices
  • Improve our website and user experience
  • Comply with legal obligations

We do not use your personal information for marketing purposes unless you have explicitly opted in to receive marketing communications.

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on:

  • Contractual necessity: Processing required to fulfil your booking
  • Legitimate interest: Improving our services and website functionality
  • Consent: Where you have given explicit consent (e.g., cookies, marketing)
  • Legal obligation: Compliance with tax, accounting, and regulatory requirements

5. Cookies

Our website uses essential cookies to ensure proper functionality. These cookies are necessary for the website to operate and cannot be switched off.

We may also use:

  • Analytics cookies: To understand how visitors use our website (e.g., Google Analytics)
  • Preference cookies: To remember your language preference and other settings

You can manage your cookie preferences through our cookie banner or your browser settings. Disabling certain cookies may affect website functionality.

6. Data Sharing and Third Parties

We may share your personal information with:

  • Booking management systems: To process and manage reservations (e.g., MyTourist)
  • Email service providers: To send booking confirmations and communications
  • Payment processors: To handle secure payment transactions
  • Analytics providers: To analyse website usage (anonymised where possible)

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. Specifically:

  • Booking data: Retained for up to 7 years for tax and legal compliance
  • Contact inquiries: Retained for up to 2 years after your last interaction
  • Website analytics: Retained for up to 26 months

8. Your Rights

Under the GDPR, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Restriction: Request restriction of processing of your data
  • Portability: Request transfer of your data in a structured format
  • Objection: Object to processing based on legitimate interest
  • Withdraw consent: Withdraw previously given consent at any time

To exercise any of these rights, please contact us at info@sunsethillvillarhodes.com. We will respond to your request within 30 days.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes:

  • SSL/TLS encryption for all data transmitted through our website
  • Secure storage of personal data with access controls
  • Regular review of our security practices

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. International Data Transfers

Your data may be processed in the European Union (Greece and the Netherlands). If data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place in compliance with GDPR requirements.

11. Children's Privacy

Our website is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

You also have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated. In Greece, this is the Hellenic Data Protection Authority (HDPA).