Privacy Policy
Last updated: May 2026
1. Who We Are
This website is operated by LAOURA TANTANOZI – THANOS TANTANOZIS G.P., a general partnership registered in Greece under VAT number 802604536 (ELGEMI 179413806000), with registered address at Agiou Georgiou 54, Epanomi, Thessaloniki, 57500, Greece.
We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable Greek law.
2. What Data We Collect
We may collect the following personal data when you use our website or contact us:
- Name — when you submit an inquiry or contact form
- Email address — for correspondence and booking confirmation
- Phone number — if provided voluntarily
- Message content — the details of your inquiry
- Technical data — IP address, browser type, pages visited (via cookies and analytics tools)
We do not collect sensitive personal data (health, financial, or identity documents) through this website.
3. How We Use Your Data
We use your personal data for the following purposes:
- To respond to your inquiries and confirm bookings
- To communicate with you about your experience
- To improve our website and services
- To comply with legal obligations
We do not use your data for automated decision-making or profiling.
4. Legal Basis for Processing
We process your personal data on the following legal bases:
- Contractual necessity — to fulfil a booking or respond to an inquiry
- Legitimate interests — to improve our services and website
- Legal obligation — where required by Greek or EU law
- Consent — for non-essential cookies and marketing communications (where applicable)
5. How Long We Keep Your Data
We retain your personal data only for as long as necessary:
- Inquiry and booking data — up to 5 years for accounting and legal purposes
- Analytics data — as defined by the respective third-party provider (typically up to 26 months)
- Cookie consent records — up to 1 year
6. Who We Share Your Data With
We do not sell your personal data. We may share it with:
- Service providers — such as email hosting, website hosting, and analytics tools (e.g. Google Analytics)
- Legal authorities — if required by law
All third-party providers are required to handle your data in accordance with GDPR.
7. International Transfers
Some of our third-party providers may process data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
8. Your Rights
Under GDPR, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your data (right to be forgotten)
- Restrict or object to processing
- Data portability — receive your data in a structured, machine-readable format
- Withdraw consent at any time, where processing is based on consent
To exercise any of these rights, contact us at info@komodexperiences.gr. We will respond within 30 days.
You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr.
9. Data Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Our website uses SSL encryption for all data transmission.
10. Third-Party Links
Our website may contain links to third-party websites. This Privacy Policy does not apply to those sites. We encourage you to review their privacy policies before providing any personal data.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The date at the top of this page indicates when it was last revised. Continued use of the website following any changes constitutes your acceptance of the updated policy.
12. Contact
For any questions or requests regarding this Privacy Policy:
LAOURA TANTANOZI – THANOS TANTANOZIS G.P. Agiou Georgiou 54, Epanomi, Thessaloniki, 57500, Greece ✉ info@komodexperiences.gr 🌐 komodexperiences.gr