Personal Data Protection & Security Statement
Nostalgia Sailing shall process your personal data in compliance with General Data Protection Regulation (GDPR) (EU) 2016/679 and Greek National Law 4624/2019, and has taken all reasonable organizational, technical and security measures for the protection of personal data against unauthorized access, misuse, detection, loss or destruction.
In charge of data processing:
Full Name of Legal Entity: “Nostalgia Sailing” Chalatsis N.E.P.A.
M.C.P.Y. Registration Number: 3444/23-04-2021
Registered / Postal Address: 1 K.Kerkyra Str. GR 41221, Larissa, Greece
Telephone Number: (+30) 699 5326833
Contact e-mail: email@example.com
Legal Base & purpose of personal data processing
Your personal data is collected and processed on the basis of:
- Your Consent given to us to process your personal data for the purpose of contacting you, providing you with quotations, communicating to you company news, promotional offers and other information related to our business.
- Operational & Contractual Requirements for the purpose of entering into or performing any contractual agreement with you and fulfilling the contractual obligations arising thereof.
- Legal Requirements imposed by regulations in force, as for the purposes of notification and registration which we are obliged to perform in compliance with legislative conditions for conducting the activity of yacht chartering and of concluding charter agreements.
- Other Legitimate Interest, as for the purpose of optimising our product or service mix to provide you with services best-suited to your preferences, assessing your satisfaction from our services and from the yacht that you chartered, improving our website content, improving our business processes, marketing efforts, products and services.
How we collect personal data
As we collect information through many sources we have grouped them for your ease of reference by type of interaction and channels of enquiry and communication with us.
Should you choose to
- place a request for information
- place an inquiry for products or services
- pay for products or services through our website
- subscribe to our newsletters and publications
- sign up and participate to a competition, promotion or survey
- give us feedback on our services and products
- interact with our company for any other purpose
then you may provide us personal data by,
- filling-in forms through our websites
- filling-in forms when visiting us at fairs
- filling-in forms when visiting us at our base
- corresponding with us by post, phone, email, in person or otherwise
We may receive personal data of yours from third parties such as your cooperating yacht charter broker or travel agency as when you will be placing an inquiry or order for our products or services through them. In the case of a confirmed booking, which includes a broker, we ask to receive from the broker the crew list filled, along with copy of the skipper’s license. Crew list details include full name of all the passengers, tel. numbers, ID or passport number, ethnicity, gender and home address. Those details are stored within NOSTALGIA Sailing with the purpose of offering discounts (repeated client discount) during future bookings.
Automated Technology Interactions:
By visiting and browsing our websites, we may automatically collect statistical and technical data that can identify your device and town but not you as a person. We collect this personal data by using server logs, cookies and data analytics technologies and services provided by third party suppliers such as Google based outside the EU. Please refer to our Cookies Policy for more information.
Should you be chartering a yacht, it is also possible that we may automatically collect yacht coordinates tracking information mainly for safety and emergency handling purposes but also so as to enhance the level of charter base service level you receive.
Where we store your data
Your information is stored on our servers and protected physical storage locations in our head offices as well as servers owned by third parties as further explained below. We implement a variety of procedures and technologies including security equipment (controlled access technology and CCTV monitoring) and software (firewall, antivirus, data encryption) to protect your information from unauthorized access, use, or disclosure.
Just like almost any business worldwide we obtain business essential services such as e-mailing and data storage from external suppliers. We take great care in selecting only reputable trustworthy suppliers such as Google, Microsoft, Dropbox and Mailchimp especially because they process and store your data on servers of their own that are dispersed in many countries and so possibly located outside the country where you live or the European Economic Area (EEA).
Despite all reasonable measures being taken, it is well understood that no business can fully eliminate security risks associated with information.
How long we retain your data
Your personal data is retained for as long as it is required to fulfil the purposes we collected it for, or as mandated by applicable legislation and regulations (including tax and accounting requirements as well as purposes of an investigation or dispute).
You may at any time unsubscribe from our marketing activities (i.e. Newsletters and Publications) and we will immediately update your marketing preferences so you will no longer be receiving marketing activities from us. However, your personal data previously collected (including any e-mails exchanged) can and will be retained for legal and legitimate purposes (as when such information is pertinent to a previous product or service order of yours).
Who we share personal data with
Sharing your information is strictly limited to serving legitimate purpose and Nostalgia Sailing will never sell or otherwise make your information available to any third party for any purpose which lies beyond operational or legal requirement.
Your personal data will be accessible by our staff through a structured system of authorization and access levels whilst some of our staff may be accessing it from remote locations (as when in a marina). Our personnel receive training on Data Protection issues so that they have a good understanding of the potential risk of harm from unauthorized use or disclosure of your personal data and take great care to ensure that their handling practices minimize such risk (so for example, your printed charter documentation will move through the various stages required to obtain permit to sail always enclosed in company folder and will never be left unattended or accessible by unauthorized persons).
Your personal data will be shared by us on an as-necessary basis with service providers (e.g. IT provider, analytics companies, pay per click (PPC) and E-Newsletters services), operational partners (e.g. fleet operators, charter brokers, yacht owners, yacht crews, charter-base operators), other suppliers (for as long as they are required to provide you services or goods ordered through us) and competent authorities but the amount of your information shared will at all times be limited to the minimum required for the purpose it is intended to serve, always taking under consideration the nature and sensitivity of personal data.
Your rights to your personal information
Subject to applicable Law, you under certain circumstances have the right to request,
- to access your personal data
- to correct your personal data
- to erase your personal data
- to object processing of your personal data
- to restrict processing of your personal data
- to transfer your personal data to another company
- to withdraw consent
- to lodge a complaint
To receive more information or exercise any of your rights please contact us at firstname.lastname@example.org. Before responding to your request, we may ask you to verify your identity and to provide further details about your request whilst we will make best effort to respond within reasonable time. We normally do not require a fee so you may access your personal data (or process any other request pertinent to your personal data) but please keep in mind that a fee will need to be charged in cases of requests that are clearly unfounded, repetitive or excessive.