IKIES LUXURY APARTMENTS (“we” or “us”) is committed to protecting the information that you share with us online, using our Website.

We treat the personal data you give to us with care and transparency, acting according to the European Regulation 2016/679 (GDPR) on the protection of the personal data and on the free movement of such data and the Greek Legislation.

We encourage you to read this Privacy Notice carefully when using our website or services or transacting business with us. By reading this Privacy Notice, the user is hereby informed on how we collect, process and protect personal data furnished through our website at

The principles set out in this Privacy Notice apply to all instances in which we receive your personal data as a Data Controller for the purposes described in this Notice.

If you have any questions about our privacy practices, please refer to the end of this Privacy Notice for information on how to contact us. 


Ofrynio Beach,

Municipality of Pangaion, P.O. 64008

tel. +30 2594 031630/+306944747203 (Mr Apostolos Yperifanou)

What is the scope of this Privacy Notice?

This Privacy Notice applies to information collected on our website at It covers how we collect, use, share, and otherwise process Personal Information as of the date that this Privacy Policy is posted. It does not apply to any other information collected by us through any other means.

Linked services, third party sites and content

Our website may, from time to time, contain links to other websites which are outside of our control and are not covered by this Policy. We do not own, operate or control the websites of those third parties and as a result we do not accept any responsibility or liability for other sites’ privacy policies. If you access other websites using the links provided, we encourage you to check their policies before submitting any personal information.

What information do we collect?

IKIES LUXURY APARTMENTS is the only Data controller of the data collected from our website. The term “personal information or personal data” in this Policy refers to information that identifies or is capable of identifying you as an individual.

We do not sell, rent or otherwise disclose personal information collected by us to third parties in the ordinary course of business. The use of information collected through our website shall be limited to the purpose of providing the service for which you have engaged us, such as:

  • Making reservations, accommodation requests and payments;
  • Cancelling or Amending your reservations;
  • Submitting comments, reviews, or other user-generated content;
  • Connecting or interacting with us using the social networks (e.g., Facebook, Instagram, Twitter,TikTok);
  • Requesting customer or technical support;
  • Consenting to marketing communications

Generally, the types of personal data that we process may include:

  • Name, Surname
  • Postalorbillingaddress;
  • E-mailaddress;
  • Telephoneormobilenumber;
  • Nationality
  • Credit card details (name/surname of the holder, card number, expiration data and security code)
  • Official identification documents (e.g., passport identification to verify traveler identities);
  • arrival time and other requests
  • dietary and other requests
  • Cookies and similar technologies;
  • Your preferences regarding your stay (e.g. bed size, type of pillow et.c.); and
  • Otherrelevantdata.

Special Categories of Personal Data – Sensitive Personal Data

When referring to the notions of “special categories of personal data” or “sensitive personal data”, it means that this kind of personal information reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and genetic data, biometric data which allows to uniquely identify a natural person, health data and/or data regarding sexual orientation. At, we do not collect sensitive personal data, unless you provide us them along with an explicit consent for every related purpose of processing. Such a case is when we ask you to provide us or you voluntarily provide us with information about your health (i.e. allergies), in order to be able to offer you the best gastronomic services in relation with your health status. This information is stored securely with restricted access and handled with the greatest respect for your privacy. Where you provide information to us about other people, you need to make sure you have their permission to do so or that you can speak on their behalf, for example, in the case of children.

What is the purpose of collecting such personal information?

We only use your Personal Information, including sharing with service providers or other external entities, to the extent reasonably necessary to fulfill your requests and meet our legitimate business and legal obligations and only for the purposes of performing the requested services. We may also use and combine the information we already have about you (i.e. your last visit) to offer you other products or/and services.

The justification for processing your personal data will be as follows:

  • Provide you with products or/and services, including checking our room availability, managing your reservations, and marketing our products or/and services; (pre-contract negotiations and contract fulfillment/ legitimate interest of IKIES Luxury Apartments)
  • Perform certain services or other transactions initiated by you; (contract fulfillment/ legitimate interest of IKIES Luxury Apartments)
  • Respond to your questions, complaints, or reviews of our product and/or services; (legitimate interest of IKIES Luxury Apartments)
  • Send you communications about online transactions,  booking information/confirmation, newsletters, or other notices you requested or offers tailored to you;
  • Comply with applicable law, obey judicial orders, cooperate with law enforcement authorities, or prevent any suspected illegal activities;
  • For any other everyday business purposes, such as product development and Site administration.

How we keep your personal data secure

We take all the necessary precautions, security measures as well as the relevant technical and organizational measures to ensure the confidentiality of the provided personal data. We store your personal information in secured systems and we have processes in place to ensure the personal information you provide us is kept safe. 

Minors Data

At IKIES Luxury Apartments, it is not part of our policy to seek or obtain personal data directly from minors (i.e. under the age of 18) without their parental or legal guardian’s consent. However, as it is impossible to always determine the age of persons who access and use our website, we encourage parents or guardians to contact us if they notice any case of unauthorized data provision by minors in order to exercise accordingly their rights such as deletion of their data.

How we use the data we collect from this website?

We always base the processing of your personal data to a valid legal basis such as law, contract or your consent etc.

We need your personal data in order to:

a. Comply with legal obligations:

  • verify your identity
  • Monitor the use of our products and services and content
  • comply with general legal obligations on us
  • Keep guests safe and ensure the security of our premises
  • Ensure the acceptable use of our services
  • Facilitate payments and credit checks (i.e. completing a reservation, billing purposes etc)
  • Investigate and respond to disputes
  • Send you product or service related communications, service messages (Law 3471/2006)

b. Enter a contract or fulfill the hospitality contract we have with you:

  • Provide you with help and support where it may be required. For example, we may contact you to provide assistance if experience technical difficulties, where we have your contact details
  • Provide you with the products and services you have requested, including administering your booking, amend it or cancel it, responding to any enquiries, complaints or requests you may have
  • Verifyyouridentity
  • Process a transaction (i.e. completing a reservation, responding to a request for information etc)
  • Send you product or service related communications, service messages

c. Promote our the legitimate interests:

  • In order to help you enter a contract with us or to fulfill the hospitality contract we already have between us. (Verify your identity, provide you with the products and services you have requested, including administering your booking, amend it or cancel it, responding to any enquiries, complaints or requests you may have)
  • Improve our services as well as promote questionnaires or surveys in order to provide you with better services and provide you personalized offers about our products and services;
  • Monitor the use of our services and content of our website
  • Improve our products and services online and offline, including our website.
  • Comply with legal obligations on us
  • Keep guests safe and ensure the security of our premises
  • Facilitate payments and credit checks

However, for certain activities we may also need your explicit consent to process your data. Where the consent is needed for the processing it is clearly mentioned in this Privacy Notice.

Providing us with personal Information is voluntary, but your refusal to provide personal Information for the above-mentioned purposes may affect our ability to fulfill our contractual obligations or to provide you with benefits or other services, information, and or material requested by you. Even so, unless otherwise specified, not providing your personal information will not result in any direct legal consequences for you.

Withdrawing consent or otherwise objecting to direct marketing/profiling

In addition to sending you information about our products or/and services and in-life communications while you stay with us, where we have your permission or where we are relying on our legitimate interest, we may send you direct marketing communications about our products, services, events and offers.

Direct marketing communications may be sent by post, email, or through social media (such as Instagram, Facebook and TikTok). We may send you direct marketing while you have an ongoing relationship with us and for a reasonable time after you have used one of our products or services where we feel we have a legitimate interest.

If you no longer wish to receive any marketing communications or remain on a mailing list to which you previously subscribed or receive any other communication from us, please unsubscribe from the relevant communication by contacting us.

Even after you opt-out or update your marketing preferences, we may still contact you for other reasons, for example for transactional or informational purposes. These include, for example, customer service issues, or any questions regarding a specific reservation.

How long do we keep your personal data?

We will maintain Personal Information for as long as we are required to do so by applicable law(s), or for as long as necessary for the purpose(s) for the uses set out in this Privacy Notice or while there is a legitimate business reason for doing so.

We will delete Personal Information when it is no longer needed and/or take steps to properly anonymize it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which we are subject) and, in any case, upon expiration of the maximum storage term set forth by applicable law.

Your rights

You, the user, as a data subject, have a number of rights.

You can:

  • ·access your personal data stored at any time and get a copy of this information. Furthermore, the data subject can have access to the following information:
  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing;
  • the existence of the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.

Furthermore, the data subject shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organisation. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.

If a data subject wishes to avail himself of this right of access, he or she may at any time contact us.

· require us to rectify, inaccurate, incorrect or incomplete data; (right to rectification)

· obtain from us the erasure or the limitation of the data processing, for example where the data is no longer necessary for the purposes of processing; (right to be forgotten and the right to restriction of processing)

  • receive your Personal Information, which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that data to another entity without limitation. (right to data portability)

· object to the processing of your data where we are relying on our legitimate interests as the legal ground for processing. (right to object)

If you would like to exercise any of these rights, please contact us at:


Ofrynio Beach,

Municipality of Pangaion, P.O. 64008

tel. +30 2594 031630/+306944747203 (Mr Apostolos Yperifanou)

To access what personal data is held, identification will be required

We will accept the following forms of ID when information on your personal data is requested: a copy of your national ID card, or driving license, or passport, or birth certificate. A minimum of one piece of photographic ID listed above is required. If the documentation you provide us with is not readable, further information may be sought before personal data can be released.

If you believe that the organisation has not complied with your data protection rights, you can file a complaint to the Greek Data Protection Authority (,15048&_dad=portal&_schema=PORTAL)

Disclosure of your personal data

In some cases we may be required to disclose your personal information to comply with legal requirements and requests from government agencies if required for the purposes set out above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.

Your information will only be shared and used in accordance with this Policy and where an agreement is in place to ensure that your information is protected.

We won’t sell your personal information without your consent or share it with other organisations for their own marketing purposes.

We may also disclose your personal information to our group companies or to third parties:

We may share your personal data:  

  • with third-party payment processors, payment service providers, IT and marketing support service providers and other consultants, vendors and service providers who need access to such information to carry out work or provide services on our behalf or who help us to provide these services to you;
  • with anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organisers and your employer) in order to fulfill contractual obligations;
  • with any law enforcement, courts, Government or regulatory bodies (in whatever jurisdiction), or otherwise in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, court order or legal process;
  • if we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of our premises or any third parties
  • with our advisors, which includes our accountants, lawyers, other professional advisors and business contacts for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations; and
  • otherwise as permitted or required by applicable laws and regulations.

Overseas Transfers of Your Personal Data 

Your personal data will be stored at our premises in which you stay or visit. Your personal data will not be transferred to countries outside the EEA.

In case we may need for some reason to transfer such data, we shall only transfer such data in countries that satisfy the adequate or comparable levels of protection in order to protect personal data held in that jurisdiction, and (where we are required to do so) solely under your consent.

In case personal data is transferred from the EU to outside the EU, we use Model Clauses, ensuring that such data transfers are compliant with applicable privacy legislation.

Ιn relation to any transfer to a third party in a country that is not subject to an adequacy decision by the EU Commission, such transfer will be appropriately protected through mechanisms such as EU Commission approved standard contractual clauses, an appropriate Privacy Shield certification or Binding Corporate Rules. A copy of the relevant mechanism can be provided for your review upon request.

Our processors

There may be situations where we use data processors – companies who act on our behalf – to collect your information for us or to use the personal data we pass to them to provide your service. These processors can only use your information in accordance with our instructions and for the purposes in this Policy. 

Do not track signals or browser/device settings

Our website is not designed to respond to “do not track” signals or browser/device settings.

Cookie Policy

Our site uses cookies. A “cookie” is a small file of letters and numbers that is sent to your computer by a website and automatically saved on your computer by your web browser (e.g. “Internet Explorer”). Each time you request a page from the website, your web browser sends this cookie back to the website server.

You are not obliged to accept cookies. If you wish, you can set your browser to notify you before you receive a cookie so you have the chance to accept it and you can also set your browser to refuse to receive or send all cookies. The website  contains step-by-step guidance on how cookies can be switched off by users.

For more information about our cookie policy visit our website as mentioned above.

Please note that our advertisers and third party partners may also use cookies. These parties may use so-called “third party” cookies so that they can track your response to their adverts and/or identify you on any other website that you visit which also contains their adverts. Please refer to their Privacy Notice for further details.

Social media login

Our websites and apps provide plug-ins to social media websites, including Facebook, Twitter, Google+, Tripadvisor and Instagram.

If you make use of, or log-in to, the social media features on our websites or apps, we may (depending on your privacy settings) access, use and store information about you, including, but not limited to: your name, e-mail address, gender, location, profile, picture, contacts, and any other information you have chosen to make available.

To find out more about the reasons and extent to which social media sites collect and process your data, or to change your privacy settings, please refer to your social media provider’s privacy policy.

Changes to our Privacy Policy

From time to time we may make changes to this Policy. If we make any material change in how we collect, use, disclose, or otherwise process your data, we will prominently post notice of the change on our site for at least thirty (30) days before putting the change into effect. These updates might be in relation to changes in the law, best practice, changes to the services we provide or collection and use of your personal information.

Your continued use of our website after the updates to this Notice is deemed acceptance of those changes. If any proposed change is unacceptable to you, you may request that we remove your personal data (and/or that of other individuals for whom you made your travel reservations) from our records.


If you would like to get in touch with us, please contact:


Ofrynio Beach,

Municipality of Pangaion, P.O. 64008

tel. +30 2594 031630/+306944747203 (Mr Apostolos Yperifanou)