Privacy Policy
Data Controller
The company responsible for processing your data under this Privacy Policy is:
Domain name: www.ostrakotravel.com
Trading name: OSTRAKO TRAVEL
Company name: KONSTANTINA ANASTOPOULOU
NIE: Z2018956K
Registered address: C/. Granate 1, Balcones de los Hidalgos II, Block E, Entrance 1, 1-B, Manilva (29692), Málaga, Spain
Telephone: 614388565
Email: kon.anasto81@gmail.com
At KONSTANTINA ANASTOPOULOU, we recognise the importance of protecting your personal information and are committed to processing it responsibly and in accordance with data protection laws.
This Privacy Policy aims to regulate all aspects relating to the processing of data of the different users who browse or provide their personal data through the various forms available on the website.
Personal Data
Personal data means information that identifies you or makes you identifiable. Through the website, in the relevant fields, we collect the personal data that the user provides to us: name, surname, email address, telephone number, postal address, town/city, etc., as well as any other data voluntarily provided through any social networks in which the user is registered. In this case, privacy will depend on the settings established by the user as well as the terms and conditions of the relevant social network.
Visiting the website does not require the user to provide any personal data. However, if such data is provided, it will be processed lawfully in accordance at all times with the principles and rights set out in the GDPR 2016/679 of 27 April 2016 and the Spanish Organic Law 3/2018 of 5 December (LOPDGDD).
Purpose, Retention Period and Legal Basis for Processing:
The data provided by the user will be processed for the following purposes:
- To process and respond to requests made by the user through the contact form on the website, we collect and process the user’s personal data in order to manage and handle their request, enquiry or any other submission made via that form. These data will be retained for the time necessary to fulfil the request and for the period required by law, with a minimum retention period of 3 years.
The legal basis for the processing of personal data is the consent given by the user when ticking the acceptance box in our privacy policy before submitting the request. The user has the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal. - To manage the user’s registration and participation in the blog comment form on the website. These comments are managed through the WordPress platform. The data provided will be retained as long as the user does not request to unsubscribe from the blog content and for the period established by law, with a minimum retention period of 3 years.
The legal basis for the processing of personal data is the consent given by the user when registering through the blog subscription form and when ticking the acceptance box in our privacy policy before submitting their request. The user has the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal. - To send newsletters and bulletins regarding KONSTANTINA ANASTOPOULOU’s products. With the user’s consent, we collect and process personal data in order to provide information about our products and services. These data will be retained as long as the user does not withdraw their consent to such processing and for the period established by law, with a minimum retention period of 3 years.
The legal basis for the processing of personal data is the consent given by the user when ticking the acceptance box in our privacy policy before subscribing to the newsletter via the form provided for this purpose on the website. The user has the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal. - To improve the user’s browsing experience on the website. This data will be retained as long as the user does not withdraw their consent by deleting cookies, and for the period established by law, with a minimum retention period of 3 years.
The legal basis for improving the user’s browsing experience on the website is the consent given by the user when accepting cookies. The user has the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal. - To manage our social media accounts and send information about our activities and products. This data will be retained as long as the user does not withdraw their consent to such processing and for the period established by law, with a minimum retention period of 3 years.
The legal basis for managing our social media accounts and sending updates about our activities and news is the consent granted by the user for this purpose. The user has the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.
- To process and respond to requests made by the user through the contact form on the website, we collect and process the user’s personal data in order to manage and handle their request, enquiry or any other submission made via that form. These data will be retained for the time necessary to fulfil the request and for the period required by law, with a minimum retention period of 3 years.
Disclosure or communication of personal data and international data transfers:
Your data will not be disclosed or transferred to third parties, except where there is a legal obligation to do so or to service providers engaged by the Data Controller who act as data processors.
Our servers are located within the European Union and, as a general rule, we engage service providers also located within the European Economic Area or in countries that have been deemed to provide an adequate level of data protection.
If it is necessary to use external service providers that require the transfer of personal data outside the European Union or to countries that have not been deemed to provide an adequate level of protection, we will ensure the security and lawfulness of the processing of your data by means of adequacy decisions, standard contractual clauses, binding corporate rules, derogations, or any other instrument approved by the supervisory authority that provides appropriate safeguards for the carrying out of international data transfers.
Data updates
It is important that, in order to keep personal data up to date, the user informs us whenever any changes occur; otherwise, we cannot be held responsible for the accuracy of the data.
The user warrants that the personal data provided are true, ensuring that all information supplied corresponds to their actual situation, is up to date and accurate, and undertakes to notify any changes.
Third-Party Data
If the user provides third-party data for any purpose to KONSTANTINA ANASTOPOULOUL, they guarantee that such data have been obtained lawfully, that the data subjects have been previously informed and their consent obtained for its disclosure, and that the information provided is accurate and truthful.
Mandatory nature of the information requested
All our forms include an asterisk (*) indicating mandatory fields. If the user does not complete these fields or does not tick the box accepting the privacy policy, the submission of the information will not be allowed.
Use of passwords
To access the Client Area, the USER must “Log in” and enter their email address and password, created in accordance with the complexity requirements established at any given time on the website.
Users are responsible for the proper safekeeping and confidentiality of any identifiers and/or passwords they select during registration, and undertake not to share their use with third parties or allow access to unauthorised persons. Users are also obliged to immediately notify the Data Controller of any incident that may allow improper use of such identifiers and/or passwords, such as theft, loss or unauthorised access, so that they may be promptly cancelled.
Rights of data subjects
Tiene derecho a acceder a sus datos y a obtener confirmación sobre su tratamiento, así como una copia de los datos personales objeto de tratamiento. Tiene derecho a actualizarlos y solicitar la rectificación de los datos que sean inexactos o solicitar la supresión cuando los datos no sean necesarios para los fines para los que fueron recabados.
You may request the restriction of the processing of your data and object to its processing by withdrawing your consent, as well as exercise your right to data portability. Likewise, you have the right not to be subject to decisions based solely on automated processing of your personal data. You may exercise your rights by contacting us.
C/. Granate 1, Balcones de los Hidalgos II, Block E, Entrance 1, 1-B, Manilva (29692), Málaga, Spain. Email: kon.anasto81@gmail.com
If you consider that your rights have not been properly addressed, you have the right to lodge a complaint with the supervisory authority at www.aepd.es
Processing of minors’ personal data
Anyone providing data through the forms on this website and accepting its processing declares that they are over 14 years of age, and access to and use of the website by minors under this age is prohibited.
If at any time the Data Controller detects that a child under 14 years of age has provided personal data, such data will be deleted. Likewise, parents or guardians may in any case contact KONSTANTINA ANASTOPOULOU to block the access account of minors under their care who have registered by falsifying their identity.
Social media
The purpose of tools such as Meta, X, Instagram, TikTok and other social networks is to provide visibility and promote the activities carried out by our organisation. These tools store personal data on the respective service providers’ servers and are governed by their own privacy policies. Users are advised to review and read the terms of use and privacy policy of each social network when registering, taking into account the different configuration options available regarding the level of privacy of their user profile on the social network.
The Data Controller also reserves the right to remove from its social media any information posted by third parties that infringes the law, incites such conduct, or contains messages that violate the dignity of individuals or institutions, as well as the right to block or report the profile responsible for such messages.
Cookie Processing:
A cookie is a small file that is downloaded and stored on the user’s computer when they access a website. Cookies allow the website, among other things, to store and retrieve information about the user’s or their device’s browsing habits and, depending on the information they contain and the way the device is used, they may be used to recognise the user.
The user may prevent the creation of cookies by selecting the appropriate option in their browser settings. Further information is available in our Cookie Policy.
