Last update: 09 November 2025
This Privacy Policy explains how Mastrokostopoulos Travel collects, uses and protects personal data through the website https://mastrokostopoulos-travel.gr, in accordance with the General Data Protection Regulation (EU 2016/679 – GDPR) and applicable European data protection laws.
1. Data Controller
Business name: Mastrokostopoulos Travel
Legal form: Sole proprietorship
VAT number: 168278681
GEMI: xxxxxxxxxxxx
Address: 125 Pefkon, Heraklion 14121, Athens, Greece
Phone: +30 69702 999 11
E-mail: info@mastrokostopoulos-travel.gr
Hosting provider: pointer.gr
2. What data we collect
Our website does not require account creation and we do not provide user login areas or personal data storage for registered profiles.
We collect personal data only when a visitor chooses to contact us or submit a booking request through:
✅ Contact or Booking Form
- First and last name
- E-mail address
- Phone number
- Travel dates and details
- Message text / request details
✅ Technical data (for website functionality)
- IP address, browser and device type
- Essential cookies
- Google Analytics cookies (only with user consent)
We do not collect payment card details, and there are no online payments through the website.
3. Purposes of processing
We process personal data strictly for:
- Responding to inquiries and providing customer support
- Managing booking requests and travel services
- Fulfilling legal obligations (tax or invoicing, if applicable)
- Website analytics through Google Analytics (only with consent)
We do not create user profiles, perform automated decision-making, or share data with third parties for advertising.
4. Cookies
We use:
- Essential cookies for security and proper website operation
- Analytics cookies (Google Analytics) only if the user gives consent through the cookie banner
The user can withdraw or modify cookie consent at any time through “Cookie Settings.”
5. Data sharing
Data may be shared only with:
- Our hosting provider (pointer.gr)
- Google Analytics (only if the user has given consent)
We do not sell, rent or disclose personal data to third-party marketing networks.
6. Retention period
- Contact/booking form submissions: up to 12 months
- Tax or invoicing records: as required by law
- Cookies: according to user choices in the cookie banner
After the retention period, data is securely deleted or anonymized.
7. Your rights
Users can request, at any time:
- Access to their personal data
- Rectification or updating
- Deletion (“right to be forgotten”)
- Restriction of processing
- A copy of their data (data portability)
- Withdrawal of cookie consent
All requests can be made by e-mail at: info@mastrokostopoulos-travel.gr
No account is required — identity is confirmed via contact details.
8. Data security
We apply appropriate technical and organizational security measures, including HTTPS encryption and limited access to stored data.
No user accounts are created, no passwords are stored, and we do not maintain a customer database with login access.
9. Minors
Our services are intended for adults.
If we become aware that personal data of a minor has been submitted without parental consent, we will delete it immediately.
10. Changes to this policy
This Privacy Policy may be updated.
The version dated 09 November 2025 is the current and valid version.
Contact for privacy matters
Mastrokostopoulos Travel
E-mail: info@mastrokostopoulos-travel.gr
Phone: +30 69702 999 11