At Lanari Traditional Guesthouse, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the General Data Protection Regulation (GDPR) and applicable Greek data protection laws.
1. Data Controller
The data controller responsible for your personal data is:
Lanari Traditional Guesthouse
Livadi Olimpou 1
40002, Greece
Email: lanari@lanari.gr
2. Information We Collect
We may collect and process the following categories of personal data:
- Identity information: Full name, nationality, and identification document details as required by Greek law for guest registration.
- Contact information: Email address, telephone number, and postal address.
- Booking information: Dates of stay, room preferences, number of guests, and special requests.
- Payment information: Payment method details necessary to process your reservation. We do not store full credit card numbers on our systems.
- Communication data: Records of correspondence when you contact us via email, phone, or our website contact form.
- Technical data: IP address, browser type, operating system, and browsing behaviour on our website, collected through cookies and similar technologies.
3. How We Use Your Information
We process your personal data for the following purposes and legal bases:
- To fulfil your booking (contractual necessity): Processing reservations, managing your stay, and providing guest services.
- To comply with legal obligations: Guest registration as required by Greek hospitality law, tax record-keeping, and law enforcement requests.
- For legitimate interests: Improving our services, responding to enquiries, maintaining security, and fraud prevention.
- With your consent: Sending promotional communications about our guesthouse, special offers, and events. You may withdraw consent at any time.
4. Cookies
Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device that help us understand how you interact with our site.
- Essential cookies: Required for the website to function properly. These cannot be disabled.
- Analytics cookies: Help us understand website usage patterns to improve our content and user experience. These are only set with your consent.
- Marketing cookies: Used to deliver relevant advertisements and track campaign effectiveness. These are only set with your consent.
You can manage your cookie preferences through your browser settings or our cookie consent tool. Disabling certain cookies may affect the functionality of our website.
5. Third-Party Services
We may share your personal data with the following categories of third parties, solely for the purposes described in this policy:
- Booking platforms: If you make a reservation through a third-party platform, your data may be shared between us and the platform in accordance with their respective privacy policies.
- Payment processors: Secure payment service providers who process transactions on our behalf.
- Analytics providers: Services such as Google Analytics that help us understand website usage (data is anonymised where possible).
- Government authorities: Greek police and tax authorities as required by law for guest registration and financial reporting.
We do not sell your personal data to any third party.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
- Booking and guest records: Retained for 5 years after your last stay, as required by Greek tax and hospitality regulations.
- Communication records: Retained for up to 2 years after your last interaction.
- Marketing consent records: Retained for as long as you remain subscribed, plus 1 year after withdrawal of consent for record-keeping.
- Website analytics data: Retained for up to 26 months in anonymised form.
7. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of access: You may request a copy of the personal data we hold about you.
- Right to rectification: You may request that we correct any inaccurate or incomplete personal data.
- Right to erasure: You may request that we delete your personal data, subject to our legal obligations to retain certain records.
- Right to data portability: You may request that we provide your personal data in a structured, commonly used, and machine-readable format.
- Right to restrict processing: You may request that we limit how we use your data in certain circumstances.
- Right to object: You may object to the processing of your data for direct marketing purposes at any time.
- Right to withdraw consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
8. Contact for Data Requests
To exercise any of your rights or to raise a concern about how we handle your personal data, please contact us at:
Lanari Traditional Guesthouse
Livadi Olimpou 1
40002, Greece
Email: lanari@lanari.gr
We will respond to your request within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encrypted data transmission, secure server infrastructure, and restricted access to personal data on a need-to-know basis.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised "last updated" date. We encourage you to review this policy periodically.