Privacy Policy

Last Updated: July 2026

1. Scope

This Privacy Policy explains how Lagonisi Olive Retreat collects and uses personal data when you visit lagonisi-retreat.gr, contact us, submit an enquiry, make a direct reservation, stay at the property, or communicate with us before, during or after your stay.

Reservations made through Booking.com, Airbnb or another platform are also subject to that platform’s own privacy notice. Those platforms may act as independent data controllers for their processing.

2. Data controller and contact details

The data controller is Lagonisi Olive Retreat, operated by the owner/manager of the accommodation at Galazias Aktis 404, Kalivia Thorikou 190 10, Attica, Greece.

Property registration number: 00003861904.

Email: info@lagonisi-retreat.gr | Telephone: +30 697 209 8060.

3. Personal data we may collect

  • Identity and contact data: name, email address, telephone number, country and message content.
  • Reservation data: stay dates, number of guests, guest names where required, selected rate, booking source, pet information, special requests, booking status and correspondence.
  • Payment and transaction data: amount, payment status, transaction reference and limited confirmation details. Complete card details are normally processed by the relevant platform, bank or payment provider and are not received or stored by us in full.
  • Stay-related data: check-in information, service requests, complaints, incident or damage reports, lost-property information and feedback.
  • Technical and usage data: IP address, browser, device, operating system, language, access times, pages viewed, referrer and cookie or consent identifiers.
  • Information required by law: identification, tax, guest-registration or transaction information where a legal obligation applies.

4. Sources of personal data

We normally collect data directly from you. We may also receive reservation and contact data from a booking platform, a person booking on behalf of a group, a payment provider, or a service provider involved in the reservation.

5. Purposes and legal bases

  • To answer enquiries and take steps requested before a booking: performance of a contract or pre-contractual steps.
  • To create, administer and fulfil a reservation and provide the accommodation: performance of a contract.
  • To process and reconcile payments, issue receipts and maintain accounting records: performance of a contract and compliance with legal obligations.
  • To comply with tax, registration, public-safety and other legal requirements: compliance with a legal obligation.
  • To protect guests, the property, our systems and legal rights; prevent fraud; manage claims and enforce house rules: legitimate interests and, where relevant, legal claims.
  • To operate, secure and improve the website: legitimate interests for essential technical processing and consent where non-essential cookies or trackers are used.
  • To send promotional messages only where permitted: consent, which may be withdrawn at any time, or another lawful basis allowed by applicable law.

6. When data is required

Certain information is necessary to answer your request, enter into a booking contract, process payment or comply with law. If required information is not provided, we may be unable to complete or perform the reservation.

7. Recipients and service providers

Personal data may be shared only as necessary with booking platforms, website and hosting providers, booking-engine providers, banks and payment processors, accountants, cleaning or maintenance providers, IT/security providers, professional advisers, insurers, public authorities and emergency services.

Service providers acting on our behalf are required to process data only for the agreed purpose and with appropriate confidentiality and security safeguards.

8. International transfers

Some booking, hosting, analytics or communication providers may process data outside the European Economic Area. Where required, transfers are protected by an adequacy decision, approved contractual clauses or another lawful safeguard. Details may be requested using the contact information above.

9. Retention

We keep personal data only for as long as necessary for the purpose for which it was collected and to meet legal, accounting, tax, security and claims-related requirements. Reservation and accounting records may be retained for the applicable statutory period. Enquiries that do not lead to a booking are normally kept only for a reasonable follow-up period, unless a longer period is needed for a dispute or legal obligation.

10. Cookies

The website uses necessary cookies and may use optional preference, analytics or marketing technologies only in accordance with the choices made through the cookie banner. Further details appear in the Cookie Policy and the live cookie declaration.

11. Your rights

  • Access your personal data and receive information about its processing.
  • Correct inaccurate or incomplete data.
  • Request erasure where the legal conditions are met.
  • Request restriction of processing.
  • Object to processing based on legitimate interests and to direct marketing.
  • Receive data in a portable format where applicable.
  • Withdraw consent at any time, without affecting processing already carried out.
  • Lodge a complaint with the Hellenic Data Protection Authority or another competent supervisory authority.

12. Security

We use reasonable technical and organisational measures to protect personal data. No internet transmission or storage system is completely secure, so absolute security cannot be guaranteed.

13. Children and group bookings

A reservation must be made by an adult with legal capacity. A person booking for other guests must be authorised to provide their information and must ensure that they are informed of this Privacy Policy.

14. Changes to this Policy

We may update this Privacy Policy when our services, providers or legal obligations change. The latest version and update date will be published on the website.