Privacy Policy

This privacy policy explains how we process personal data in accordance with the General Data Protection Regulation (EU 2016/679 – GDPR) and the applicable provisions of Greek law (Law 4624/2019).

1. Controller

The controller of this website is:

Mark Hadfield
The Bay Tree Villa
73008 Almyrida
Greece
E-Mail: info@thebaytreevilla.com
Telephone:‎ +30 694 549 7047

2. Access Data (Server Log Files)

We process access data on the basis of our legitimate interest (Art. 6(1)(f) GDPR) to ensure the secure and stable operation of this website. Our hosting provider (IONOS SE, Germany) stores access data in so-called server log files.

Depending on the request and technical circumstances, these log files may include:

  • timestamp (time of access)

  • IP address and host name

  • information about the requesting client (typically the browser)

  • operating system

  • origin link / referrer URL (where applicable)

  • search engine used and, where available, the search query

  • number of page requests / page views (derived from logged requests)

  • approximate session duration (derived from timestamps of requests; not an exact measurement)

We use this data for technical administration, troubleshooting, and security (e.g., to detect misuse and attacks). We may review log files retrospectively if there are concrete indications of unlawful use.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

3. Contact / Booking Enquiries

If you contact us (e.g., by e-mail, telephone, WhatsApp, or via a contact/booking form if provided), we process the information you submit, typically:

  • name

  • e-mail address

  • telephone number

  • travel period and number of guests

  • any message content you provide

We use this data exclusively to respond to your enquiry and, where applicable, to take steps prior to entering into a rental contract and/or to manage a booking.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures / contract).

4. Data Sharing (in case of a booking)

We do not sell personal data and do not share your data with third parties for advertising.

In case of a booking, certain personal data may be shared only where necessary to perform the rental agreement and/or to comply with legal obligations, for example:

a) House manager / property management

To enable check-in, guest support and property management, we may share the booking details necessary for these purposes, typically:

  • first and last name of the main guest/contracting party

  • travel dates and basic booking details

  • contact information (where required for coordination)

Legal basis: Art. 6(1)(b) GDPR.

b) Authorities (where legally required)

Where legally required, we may transmit guest information for statutory registrations and/or booking declarations (e.g., to the competent tax authority). This may include:

  • first and last name of the main guest/contracting party

  • passport/ID number of the main guest/contracting party (where required, in particular for foreign guests)

Legal basis: Art. 6(1)(c) GDPR (legal obligation) and/or Art. 6(1)(b) GDPR (contract), depending on the specific obligation and context.

c) Optional service providers (only if requested by you)

If you request optional services (e.g., taxi transfers, restaurants, excursions), we may share only the data necessary to arrange the requested service (typically name and relevant booking details).

Legal basis: Art. 6(1)(b) GDPR.

5. Cookies

This website may use technically necessary cookies to ensure basic functionality and security. We do not use cookies for advertising purposes.

If additional cookies or tracking technologies are used in the future, this privacy policy will be updated accordingly.

Legal basis (technically necessary cookies): Art. 6(1)(f) GDPR.

6. Embedded Services (e.g., Google Maps)

If we embed third-party services (for example Google Maps), your IP address and technical information may be transmitted to the respective provider when the content is loaded.

Where possible, we use solutions that load such content only after an active user action (e.g., “click to load”).

Legal basis: Art. 6(1)(f) GDPR.
If consent is requested for certain services in the future, the legal basis will be Art. 6(1)(a) GDPR.

7. Data Retention

We retain personal data only as long as necessary for the purposes described above or as required by applicable legal obligations (e.g., tax and commercial retention requirements). After that, data will be deleted or anonymised, where possible.

8. Your Rights

You have the following rights under the GDPR:

  • right of access (Art. 15 GDPR)

  • right to rectification (Art. 16 GDPR)

  • right to erasure (Art. 17 GDPR)

  • right to restriction of processing (Art. 18 GDPR)

  • right to data portability (Art. 20 GDPR)

  • right to object (Art. 21 GDPR)

You may exercise these rights by contacting us using the contact details in section 1.

9. Supervisory Authority

You have the right to lodge a complaint with the Greek Data Protection Authority (Hellenic Data Protection Authority – HDPA).

10. Changes to this Privacy Policy

We may update this privacy policy from time to time. The latest version will always be available on this website.

Scroll to Top