Privacy Policy

PRIVACY POLICY

Who we are

Our website address is https://dreamboat.gr/, which serves as the online presence of our company, “Dream Boat Ios – Private Boat Rental Services.” The headquarters of the company are located on Ios Island, Greece.

PROTECTION AND MANAGEMENT OF GENERAL PERSONAL DATA

Personal Data (PD) refers to any information about an identified or identifiable natural person. A person is considered identifiable if their identity can be determined, directly or indirectly, by linking them to an identifier such as a name, identity number, location data, online identifiers, or other specific factors related to their physical, physiological, genetic, psychological, economic, cultural, or social identity. This definition also includes more intimate details such as habits, preferences, and biometric data. Every organization handling personal data of living individuals within the EU must adhere to the EU Data Protection Regulation 679/2016, effective from May 25, 2018, which mandates the protection of personal data across all EU Member States. Processing of personal data encompasses activities like collection, storage, organization, structuring, alteration, retrieval, search, use, disclosure, deletion, or destruction. Through its Privacy Policy, a business educates individuals on the handling of their personal data, empowering them to make informed decisions regarding their interaction with the company.

Our company gathers personal data (PD) to facilitate our daily operations and services, and occasionally to comply with relevant laws and regulations. Our Privacy Policy asserts our adherence to the EU’s data protection regulations and our commitment to safeguarding personal data privacy and security. The objectives of this policy are to:

Educate individuals about the PD we collect and process, including the purpose, method, and duration of the processing.
Ensure individuals are informed of their rights and our responsibilities regarding accountability and security.
Offer a straightforward method for securing consent, one of the six legal grounds for processing PD, and provide the option to withdraw consent at any time.

This Privacy Policy applies generally to any individual engaging or planning to engage in any form of cooperation with us.

TYPES OF PERSONAL DATA WE PROCESS

When you contact us, visit our website, inquire, or order our services, we may request personal information (PD) such as your name, address, email, phone number, IBAN, age, or date of birth. You may also choose to provide us with additional PD (such as submitting a resume) or other information (such as updates on specific products or services). We collect data, either directly or indirectly, through:

Information you provide when contacting us or visiting our website.
Data we gather from your use of our products, services, or those of our partners.
Various technologies we employ to collect and store data, including cookies (discussed below).
Information from advertising networks, our customers, or third parties to notify you of services that might interest you.

For more details on how to access, manage, or delete your information, see the subsequent sections.

HOW WE UTILIZE PERSONAL DATA

We utilize the data we collect, based on the consent you grant us, to:

Process your orders.
Provide you with personalized and updated services.
Inform you about new services or products that may interest you.
Handle your payments or detect and prevent potential fraud.
Address your queries.
Uphold the guidelines of this Privacy Policy.

We maintain a record of communications to resolve any issues you may have. We strictly prohibit unauthorized access to your data without your consent. Consent is required for all the actions mentioned above (refer to the sections below).

SHARING YOUR PERSONAL DATA

We do not disclose or share personal data with external companies, organizations, or individuals unless one of the following conditions is met:

With your consent: We share your data with external entities only with your explicit approval. For external processing: We provide personal data to trusted external partners and entities to process on our behalf following our instructions, our Privacy Policy, and other confidentiality and security measures. For legal reasons: We disclose personal data to public authorities when necessary to comply with laws, regulations, legal procedures, or governmental requests. For research purposes: We may provide anonymized data for scientific research or statistical analysis.

YOUR RIGHTS AND OUR OBLIGATIONS

YOUR RIGHTS:

Under the Regulation for the Protection of Personal Data, our clients, service users, and website visitors have the following rights, provided they do not contradict existing legislation:

Access to their personal data. Correction of their personal data. Deletion of their personal data. Restriction of their personal data processing. Notification of correction, deletion, or processing limitations. Portability of their personal data. Objection to the processing of their personal data. Objection to automated decision-making, including profiling.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

OUR OBLIGATIONS:

Upholding the principles of accountability in line with the six principles of personal data processing: lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; and integrity, security, and confidentiality.
Ensuring all personal data processing activities are legitimate if they meet any of the following conditions:
The individual has consented to the data processing.
The processing is necessary for the execution of a contract to which the individual is a party.
The processing is required to fulfill a legal obligation of the data controller.
The processing is essential to protect the vital interests of the individual.
The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
The processing is needed for the legitimate interests pursued by the data controller or a third party unless overridden by the individual’s fundamental rights and freedoms.

We adopt appropriate technical and organizational measures to protect our company and customers against unauthorized access, modification, tampering, or destruction of personal data in our possession.

Specifically:

Many of our services are encrypted.
We regulate data collection, storage, and processing practices, including security measures, to prevent unauthorized system access.
Access to personal data is restricted and controlled, with strict confidentiality obligations enforced contractually.
If external partners need access to personal data for maintenance or support purposes, relevant contractual provisions ensure compliance with the Regulation.

Throughout the entire personal data processing cycle (from collection to destruction), we implement the necessary technical and organizational measures to guarantee the confidentiality, integrity, and availability of personal data. We also require similar standards from third parties handling or processing personal data.

ACCESSING YOUR PERSONAL DATA

As part of the rights granted under the Regulation, you can request access, correction, processing limitations, or deletion of your personal data. To exercise these rights, submit a Subject Access Request (SAR) form via our “Contact Us” section. We are obligated to respond within one month of receiving your SAR. While our goal is to provide you with easy access to your personal data whenever you use our services, please note that data cannot be deleted when legal obligations require its retention (e.g., labor laws mandating a 10-year retention period). You can exercise your rights by requesting a SAR form through our “Contact Us” section and submitting the completed form.

COOKIES INFORMATION

Our website uses cookies (session, persistent, and flash cookies) to enhance the speed and quality of service during your visits. A cookie is a file stored on your computer that improves website performance. Users are informed about our cookie usage, and continued use of the site implies consent. If you choose not to use cookies, you can disable them, but this may reduce the functionality of certain website features.

HOW WE USE COOKIES

Like most online services, our website employs first-party and third-party cookies for various purposes. First-party cookies are essential for website functionality and do not collect personal data. Third-party cookies help us understand website performance, user interactions, secure our services, provide relevant advertisements, and improve user experience.

TYPES OF COOKIES WE USE

Our website’s cookies fall into the following categories:

Necessary: Essential for website functionality and basic security features. These cookies do not store personal information.
Analytics: Used to analyze visitor interactions with the website, providing metrics on visitor numbers, bounce rates, traffic sources, and more.
Advertisement: Track visitors across websites to deliver relevant advertisements and marketing campaigns.

MANAGING COOKIE PREFERENCES

You can adjust your cookie preferences by clicking the “Settings” button and toggling cookie categories in the popup. To change preferences during a browsing session, click the “Privacy & Cookie Policy” tab to revisit the consent notice and adjust your preferences or withdraw consent entirely. Different browsers offer various methods to block or delete cookies.