Privacy Policy

Alma Thera – Santorini

Last updated: February 2026

Alma Thera (“we”, “our”, “us”) operates the website www.almathera-santorini.com.
We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Greek data protection laws.

This Privacy Policy explains how we collect, use, and protect your information when you visit our website or make a booking.

1. Who We Are

Alma Thera
Santorini, Greece
Email: info@almathera-santorini.com
Phone: +30 6946783418

If you have any questions about this Privacy Policy or how we process your data, please contact us using the details above.

2. What Personal Data We Collect

We may collect the following information:

a) When You Make a Booking

  • Full name
  • Email address
  • Phone number
  • Billing information
  • Country of residence
  • Stay details (check-in / check-out dates)
  • Special requests

b) When You Contact Us

  • Name
  • Email address
  • Phone number
  • Message content

c) When You Book Extra Services

  • Name
  • Contact details
  • Selected service
  • Booking date and time

d) Automatically Collected Data

When you browse our website, we may collect:

  • IP address
  • Browser type
  • Device type
  • Pages visited
  • Cookies and usage data

3. How We Use Your Information

We process your data to:

  • Manage and confirm reservations
  • Process payments
  • Provide customer support
  • Arrange additional services (transfers, tours, boat rental, massage, etc.)
  • Improve our website and services
  • Comply with legal and tax obligations
  • Send booking confirmations and necessary stay information

We do not sell your personal data.

4. Legal Basis for Processing

We process your personal data based on:

  • Contractual necessity (to complete your reservation)
  • Legal obligations (Greek tourism and tax regulations)
  • Legitimate interest (improving services and security)
  • Consent (for marketing communications, if applicable)

5. Sharing Your Data

We may share your information with:

  • Payment processors
  • Transfer and tour providers (only when you book such services)
  • Accounting and legal advisors
  • IT and website hosting providers

All third parties are required to process your data securely and in compliance with GDPR.

6. Data Retention

We retain personal data only as long as necessary:

  • Booking data: up to 10 years (as required by Greek tax law)
  • Contact form messages: up to 24 months
  • Marketing data: until consent is withdrawn

7. Cookies

Our website uses cookies to:

  • Ensure proper website functionality
  • Analyze website traffic
  • Improve user experience

You may disable cookies in your browser settings. Some website features may not function properly if cookies are disabled.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent at any time

To exercise your rights, contact us at info@almathera-santorini.com.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data from:

  • Unauthorized access
  • Loss
  • Misuse
  • Alteration

Our website uses SSL encryption for secure data transmission.

10. Third-Party Links

Our website may contain links to third-party websites (such as booking platforms or tour providers). We are not responsible for their privacy practices.

11. Updates to This Policy

We may update this Privacy Policy periodically. Any changes will be published on this page with the updated date.