Privacy Policy
Daytrips4u respects your privacy and handles your personal data with care, restraint, and lawful purpose. This page explains what information we collect, why we collect it, how long we keep it, and what rights you have.
This policy is intended for website visitors, booking enquiries, customers, and business contacts.
1. Who controls your data
For the purposes of applicable data protection law, the data controller for personal data collected through daytrips4u.com is:
Daytrips4u / Luxury Services Crete IKE
Kato Gouves, Crete, Greece
Email: info@daytrips4u.com
Phone: +30 6974 356802
Replace or expand the company details above if you want the policy to display registered office, VAT number, or G.E.MI. details.
2. What personal data we collect
Depending on how you interact with our website and services, we may collect the following categories of data:
- Identity and contact data: name, email address, phone number, country, accommodation details, and other enquiry details you provide.
- Booking data: selected tour, travel date, pickup information, group size, special requests, and payment or voucher references.
- Communication data: messages sent through contact forms, email, WhatsApp, chat tools, or other customer service channels.
- Technical data: IP address, browser type, device information, operating system, referring pages, and general usage logs.
- Marketing data: preferences about receiving offers, newsletters, or promotional communications, where applicable.
- Transaction data: limited payment-related information where necessary for bookings, refunds, accounting, or fraud prevention. We do not intentionally store full payment card details on our own servers unless clearly stated otherwise.
3. How we use your data
We use personal data only where there is a proper reason to do so. In practical terms, this usually means keeping the wheels of your booking from falling off in the middle of the road.
- To answer enquiries and provide information about tours, activities, transfers, and related services.
- To process bookings, coordinate pickups, issue vouchers, manage changes, and provide customer support.
- To communicate with you before, during, and after your booking.
- To process payments, refunds, invoices, and basic accounting records.
- To improve website functionality, troubleshoot technical issues, and maintain security.
- To send marketing communications where you have consented, or where lawful under applicable rules.
- To comply with legal, tax, regulatory, and record-keeping obligations.
- To protect our legitimate business interests, including fraud prevention, service quality monitoring, and defence of legal claims.
4. Legal bases for processing
Under the GDPR, we rely on one or more of the following legal bases depending on the situation:
- Performance of a contract: when processing is necessary to provide a booked tour, answer a pre-booking request, or manage related arrangements.
- Legal obligation: when we must keep records for tax, accounting, regulatory, or compliance purposes.
- Legitimate interests: for the day-to-day operation of our business, website security, fraud prevention, service administration, and reasonable business communications, provided your rights do not override those interests.
- Consent: where required, especially for certain marketing communications or non-essential cookies and similar technologies.
5. Cookies and similar technologies
Our website may use cookies, pixels, tags, analytics tools, and similar technologies to make the website function properly, remember preferences, measure performance, and understand how visitors use the site.
Types of cookies we may use
- Strictly necessary cookies: required for core site functions and security.
- Analytics cookies: used to understand traffic and website performance.
- Preference cookies: used to remember settings and improve user experience.
- Marketing cookies: used to measure campaigns or show relevant advertising, where applicable.
Where legally required, non-essential cookies will only be set after your consent. You can also manage cookies through your browser settings.
If your website uses Google Analytics, Meta Pixel, Hotjar, reCAPTCHA, booking widgets, or live chat tools, list them explicitly here and connect them to your consent banner settings.
6. When we share personal data
We do not sell personal data. We may share it only where reasonably necessary, including with:
- Payment processors and banks.
- Website hosting, email, CRM, analytics, and IT service providers.
- Tour operators, drivers, guides, activity providers, or other service partners involved in fulfilling your booking.
- Accountants, legal advisers, insurers, and regulatory authorities where required.
- Public authorities or courts where disclosure is required by law or necessary to establish, exercise, or defend legal claims.
Third-party providers only receive the data they need for the specific task at hand. No one gets the whole kitchen when they only need a spoon.
7. International transfers
Some of our service providers may process personal data outside the European Economic Area. Where that happens, we aim to ensure an appropriate level of protection through lawful transfer mechanisms, such as an adequacy decision or the use of appropriate contractual safeguards.
8. How long we keep your data
We keep personal data only for as long as there is a valid business or legal reason to do so.
| Category | Typical retention approach |
|---|---|
| General enquiries | Usually up to 12–24 months after the last meaningful contact, unless a longer period is needed for follow-up or dispute handling. |
| Booking and service records | Usually kept for the duration of the booking and for a reasonable period afterwards for support, dispute resolution, and business records. |
| Invoices and accounting records | Kept for as long as required under applicable tax and accounting laws. |
| Marketing preferences | Kept until you opt out, withdraw consent, or the data is no longer useful for the purpose collected. |
| Technical logs | Kept for a limited period necessary for security, diagnostics, and website administration. |
Your actual retention schedule should be aligned with your accounting obligations, booking platform arrangements, and internal record-keeping practices.
9. Your rights
Subject to applicable law, you may have the right to:
- request access to your personal data;
- request correction of inaccurate or incomplete data;
- request deletion of data in certain circumstances;
- request restriction of processing in certain circumstances;
- object to processing based on legitimate interests;
- receive your data in a portable format where the law provides for portability;
- withdraw consent where processing is based on consent;
- lodge a complaint with the competent supervisory authority.
To exercise your rights, contact us using the details below. We may need to verify your identity before acting on a request.
10. Security
We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. That said, no website or transmission method is perfect. Anyone promising otherwise is selling fairy tales with extra varnish.
11. Children’s privacy
Our website and services are not intentionally directed at children for independent contracting. Where booking data includes minors, we expect that information to be provided by a parent, guardian, or responsible adult as part of the booking process.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The latest version will always be posted on this page with an updated effective date.
13. Contact us
If you have questions about this Privacy Policy or how we handle personal data, contact:
Daytrips4u / Luxury Services Crete IKE
Email: info@daytrips4u.com
Phone: +30 6974 356802
You also have the right to lodge a complaint with the Hellenic Data Protection Authority if you believe your personal data has been handled unlawfully.