Back to top

Privacy Policy

This Privacy Policy applies to www.creteforlove.com, owned and operated by Crete For Love. This Privacy Policy describes how we collect and use the information, which may include personal data you provide on our web site, www.creteforlove.com. It also describes the choices available to you regarding our use of your personal data and how you can access and update this data.

Data Collection

The types of personal data that we collect may include:

  • Your first name, last name, email address, telephone, and other information you may provide us through our contact form or otherwise.
  • Information you provide to us in order to be able to provide our services to you.
  • Data you may provide regarding your marketing preferences or in the course of participating in surveys, contests or promotional offers.
  • You may always choose what personal data (if any) you wish to provide to us. If you choose not to provide certain details, however, some of our services we provide to you may be impacted.

Cookies

When using our website, we may collect information automatically through cookies, some of which may be personal data. This includes data such as language settings, IP address, location, device settings, device OS, log information, time of usage, URL requested, status report, user agent (information about the browser version), operating system, browsing history, and type of data viewed. For information on how we use cookies, see our Cookies Policy.

Processing Purposes

We use your personal data for the following purposes:

A. Customer service: We use your personal data to provide customer service.
B. Other communications: There may be other times when we get in touch by email, by post, by phone or by texting you, depending on the contact data you share with us. There could be a number of reasons for this, such as to respond to and handle requests you have made.
C. Analytics, improvements and research: We may use personal data to conduct research and analysis. We may involve a third party to do this on our behalf.
D. Security, fraud detection and prevention: We use the information, which may include personal data, in order to prevent fraud and other illegal or infringing activities. We also use this information to investigate and detect fraud. We can use personal data for risk assessment and security purposes, including the authentication of users. For these purposes, personal data may be shared with third parties, such as law enforcement authorities as permitted by applicable law.
E. Legal and compliance: In certain cases, we may need to use the information provided, which may include personal data, for legitimate reasons for conventional and / or legal authorities concerning in particular the conduct of bookkeeping and accounts clearance, to handle and resolve legal disputes or complaints, for regulatory investigations and compliance, or to enforce agreement(s) or to comply with lawful requests from law enforcement insofar as it is required by law.

Legal Bases

  • In view of purposes A-D, we use your data for our legitimate interests, such as providing the appropriate services to you, to improve our services and the content on our website, and for administrative, fraud detection and legal purposes.
  • In respect of purpose E, we also rely, where applicable, on our obligation to comply with applicable law.

If needed in accordance with applicable law, we will ask your consent. You can withdraw your consent anytime by contacting us at the email that follows. If you wish to object to some of the processing set out above, please contact [email protected].

Data Sharing

  • Third-party service providers: We may use service providers to process your personal data strictly on our behalf. This processing would be for purposes as included in this Privacy Policy such as facilitating reservation payments, sending out marketing material or for analytical support services. These service providers are bound by confidentiality clauses and are not allowed to use your personal data for their own purposes or any other purpose. We do not sell or rent your personal data.
  • Competent authorities: We may disclose personal data to law enforcement and other governmental authorities insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud.

International Data Transfers

We avoid transfers of personal data to countries outside the European Union, whose data protection laws are not as comprehensive as those of the countries within the European Union. . If, however, such a transfer has to take place, and as is required by European law, we shall only transfer personal data to recipients offering an adequate level of data protection. In these situations, we make contractual arrangements to ensure that your personal data is still protected in line with European standards.

Security

We observe reasonable procedures to prevent unauthorised access to, and the misuse of, information including personal data. We use appropriate business systems and procedures to protect and safeguard information including personal data. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorised personnel are permitted to access personal data in the course of their work.

For maximum security, the information you send us online, including personal data, is transferred through a Secure Sockets Layer (SSL) line which confirms the encryption of the data when transferred over the internet, so that they cannot be read.

Please note that, despite the strict data protection measures we take, no data transfer method over the internet or data storage method is 100% secure.

Data Retention

We will retain your information, which may include personal data, for as long as we deem it necessary to provide services to you, comply with applicable laws, resolve disputes with any parties and otherwise as necessary to allow us to conduct our business including to detect and prevent fraud or other illegal activities. All personal data we retain will be subject to this Privacy Policy. If you have a question about a specific retention period for certain types of personal data we process about you, please contact us via the contact details included below.

Your choices and rights

We want you to be in control of how your personal data is used by us. You can do this in the following ways:

  • You can ask us for a copy of the personal data we hold about you.
  • You can inform us of any changes to your personal data, or you can ask us to correct any of the personal data we hold about you.
  • In certain situations, you can ask us to erase or block or restrict the processing of the personal data we hold about you, or object to particular ways in which we are using your personal data. Please note that we cannot delete the data that are necessary to conventional and / or legal authorities concerning in particular the conduct of bookkeeping and accounts clearance.
  • In certain situations, you can also ask us to send the personal data you have given us to a third party.

Where we are using your personal data on the basis of your consent, you are entitled to withdraw that consent at any time subject to applicable law. Moreover, where we process your personal data based on legitimate interest or the public interest, you have the right to object at any time to that use of your personal data subject to applicable law.

We rely on you to ensure that your personal data is complete, accurate and current. Please do inform us promptly of any changes to or inaccuracies of your personal data by contacting [email protected]. We will handle your request in accordance with the applicable law.

Links

Our website may provide links to a number of websites that we believe might be useful for you. Those external websites belong to third parties and they may not follow the same privacy policy that we follow. We urge you to read their privacy policy before submitting any personal data.

Relevant Legislation

Click here for more information on the European Union General Data Protection Regulation 2018 (GDPR)

Questions or Complaints

If you have questions or concerns about our processing of your personal data, or if you wish to exercise any of the rights you have under this policy, you can contact us via [email protected].

Changes to the Policy

Just as our business changes constantly, this Privacy Policy may also change in the future. If you want to see changes made to this Privacy Policy from time to time, we invite you to access this Privacy Policy to see the changes. If we make material changes or changes that will have an impact on you (e.g. when we start processing your personal data for other purposes than set out above), we will contact you prior to commencing that processing.