A. INTRODUCTION
1. At DODEKANISOS SEAWAYS, we are constantly making sure we are in line with current national, European and international legal frameworks, including the General Data Protection Regulation (EU) 679/2016 by the European Union.
2. The management and staff of DODEKANISOS SEAWAYS give particular emphasis on safety and respect the privacy and confidentiality of users’ personal data.
3. In this Privacy Policy we would like to inform users about the following:
- Why and how we collect and process personal data.
- The improvement of the services provided, through collection and processing of personal data.
- With whom and for what purposes we share information that is considered personal data.
- The rights that users have on the use of their personal data by us.
- The steps we take to ensure that the information that is considered users’ personal data is safe.
- How users can communicate with us about our privacy policies.
B. DEFINITIONS
For the purposes of this privacy policy, unless otherwise stated, the following terms shall have the following meaning:
1. "Members" signifies the following maritime companies which are members of DODEKANISOS SEAWAYS: “Dodekanisos Shipping MC”, “Dodekanisos Coastal Maritime Company” and “Tourist Maritime Dodecanese MC”, all based in Rhodes (50, Australias str.), or any other companies that will become members of DODEKANISOS SEAWAYS in the future.
2. "Act" means the General Data Protection Regulation 679/2016 by the European Union and any other applicable National, European and international legal framework concerning the protection of personal data.
3. "Vessels" means the following vessels owned by the Members and managed by DODEKANISOS SEAWAYS: “Dodekanisos Pride”, “Dodekanisos Express" and "Panagia Skiadeni", all registered in Rhodes Ship Registry with reg. no.: 46, 38 and 47 respectively or any other ships that might come under the management of DODEKANISOS SEAWAYS in the future.
4. "Privacy policy" means the privacy policy described herein as applicable and subject to revision or amendment of the conditions thereof.
5. “User” means any natural or legal person who uses or visits the DODEKANISOS SEAWAYS website and/or buys tickets for the vessels and/or is a passenger on the vessels and/or uses the "Bonus Ways" miles program and/or entrusts the provision of services to DODEKANISOS SEAWAYS.
6. "BonusWays" means the miles and privileges subscription program offered by DODEKANISOS SEAWAYS to passengers, as this program is described in detail on the DODEKANISOS SEAWAYS website.
7. "DODEKANISOS SEAWAYS" means the consortium under the name "Dodecanese Maritime Lines Consortium”, which is based in Rhodes (3, Australias str.), and whose members are the Members mentioned hereabove.
C. TYPES OF INFORMATION WE COLLECT
1. We would like to inform users that we collect and process their personal data, in order to be able to respond to their needs and to deliver our services in the best possible way.
We only collect as much information as needed to be able to provide services that meet the needs of users.
Usually this information includes:
- contact information (name, e-mail address, residential/business mailing address, fixed/mobile phone number, profession)
- information about the route of travel (reservation code, the transaction details for the reservation, information on the health of Users necessary for ticketing),
- information received from your visits to our website (through cookies).
2. DODEKANISOS SEAWAYS will never request more information than we really need in order to meet our customers’ needs and demands.
3. For any question about the collection and processing of personal data, users can contact us by phone (+ 30 2241071590), via email: [email protected] or by letter at our mailing address.
D. HOW WE COLLECT INFORMATION
1. Our main concern is to keep Users always informed regarding the collection and use of their personal data.
- We receive Users’ personal data only in the following cases:
- In case Users voluntary choose to provide them through their registration in our Bonus Ways program and/or during their subscription to the Newsletter and/or by sending a contact request or
- If it is permitted by the law.
E. REASONS FOR THE COLLECTION AND PROCESSING OF PERSONAL DATA
In general, we gather information in order to:
- provide our services to Users and fulfil our contractual obligations (ticketing, ticket replacement, reimbursement, management and booking confirmation),
- communicate with users whenever we receive the communication form from them,
- respond and generally manage comments, requests, complaints and queries by users,
- keep users informed about news and activities by DODEKANISOS SEAWAYS,
- inform users about promotions and changes to route timetables and schedules,
- inform users about the DODEKANISOS SEAWAYS prices,
- inform users about their remaining miles on the BonusWays program,
- inform users about advertising with DODEKANISOS SEAWAYS.
F. CONSENT
1. We require User consent whenever we are going to use their personal data for direct marketing purposes such as sending informative emails and newsletters.
2. Users may at any time revoke their consent by contacting us either by phone (+ 30 2241071590) or via email: [email protected] .
3. In the event that our users provide personal information/data of a third person, they shall be responsible to notify such third person about the provision, use and processing of data by us and to have secured the explicit consent for the provision and processing of his personal data for the purposes explained here above. In any case, this privacy policy applies to any information that is acquired by a third party in accordance with the above.
G. DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES
1. DODEKANISOS SEAWAYS will never provide/share personal user data to third parties unless:
- Explicit consent has been given,
- It is required by law in accordance with a court order or legal request of any other competent governmental, judicial, police, administrative or regulatory authority in accordance with the relevant applicable laws,
- It is required for a particular route and is in accordance with the agreed procedures (list of passengers and vehicles),
- in case of emergency such as safeguarding the life, health or property of a person.
2. In case of provision/sharing of personal data to third parties as described here above, we seek to limit the scope of information provided to the extent necessary to achieve that purpose.
3. Unless otherwise provided by law, third parties are required to protect users' personal data in accordance with the present policy and to comply with applicable laws and regulations regarding the protection of privacy and personal data.
Η. RETAINING PERSONAL DATA
1. We keep personal data of users, in a way that allows for their recognition, only for as long as it is necessary for the purposes for which the personal data are processed.
Additionally, the retention time for some of the personal data may depend on the existing relevant legislation as well as by our own policies regarding dispute resolution, dealing with complaints, the prevention of fraud and other illegal activities.
When consent is required for the collection and processing of personal data, e.g. for direct marketing purposes such as sending informative e-mails and newsletters, personal data is kept until the withdrawal of the relevant User consent, which can take place anytime.
Revocation of consent does not affect the lawfulness of the processing which was based on consent during the period prior to the revocation.
2. After the end of the period of retaining of personal data, the personal data shall be destroyed, erased or anonymized.
I. USERS’ RIGHTS
1. Users should be aware that according to the European legislation on personal data, they have a series of rights related to personal data held by us. Specifically, they may request us to:
- provide them with information on the purposes of processing, any recipients to whom the data were communicated or will be communicated, the retention period of their data, their rights regarding the collection and processing of their data by us,
- correct their data, if they believe them to be inaccurate or to fill in missing data,
- delete their data, if there are specific reasons, provided by law,
- restrict the processing of their data if there are specific reasons, provided by law,
- demonstrate their data to them in a format that will allow them to have access to said data, use it and to process it with the commonly-used processing methods, as well as to transfer it, whenever this is technically feasible, to another controller when the processing is carried out by automated means and is based on consent for one or more specific purposes or for executing a contract in which the user is a contracting party,
- oppose the processing of their personal data at any time for reasons associated with their particular situation, in cases where the processing is necessary for the purposes of their legitimate interests that we, as data controllers, serve, as well as in processing which is conducted for the purposes of direct marketing and consumer profiles,
- stop processing data that were offered to us with their consent and especially those that are used to send promotional messages and newsletters, following a withdrawal of consent.
2. Users also have the right to submit a complaint to the Data Protection Authority (www.dpa.gr ) in case of breach of the relevant provisions of the law.
3. In order to request any of these actions, Users can contact us by phone (+ 30 2241070590) and via e-mail: ([email protected] ).
We will consider the request in accordance with the relevant provisions of applicable privacy legislation and will respond as soon as possible (within 30 days from receipt of the request).
There is the possibility we might ask for some evidence of their identity (e.g. copy of ID card or passport) in order to avoid unauthorized disclosure of their personal data.
4. To ensure that users' personal data is accurate and up-to-date, we recommend users to inform us regularly on their information as appropriate (e.g. in the event of a change of address or e-mail).
J. SAFETY
We acknowledge the importance of information safety and we are in a constant process of revision and improvement of technical and organizational measures in order to ensure the appropriate level of risk prevention.
For our website, our servers and other informational infrastructure, we have set and implemented appropriate security measures to protect user data from misuse, unauthorized access or disclosure, loss, alteration or destruction.
Although there is no "guaranteed security" either within or outside the Internet, we aim to protect user information using appropriate and reliable administrative, procedural and technical precautions, including controlled access, firewalls and encryption.
K. COOKIES
1. When users visit our website, we receive information about them using small files with alphanumeric characters called cookies, which are stored on their computers. These cookies assign their computer with a unique identifier, which in turn becomes the user identity each time they return to our website.
2. Cookies have been designed in order to save time, as it helps us offer Users a personalized experience without them having to remind us of their preferences each time they return to our website. Cookies do not cause damage to Users’ electronic equipment, nor can they read information from other files on their computer's hard drive.
3. Cookies are kept just as long as users are on our own website and do not gather information about them from the moment they leave our website to visit another website. We are not the only ones placing cookies on Users’ devices and we are not responsible for the presence of third-party cookies and how they are used.
4. The application (browser) used by the Users to visit websites may be regulated to handle cookies in accordance with their preferences as follows:
- accept all cookies,
- reject all cookies,
- accept or reject cookies on a case by case basis.
5. Users should contact the browser developer or vendor to be accurately informed on security settings available regarding cookies. We inform Users that if they reject all cookies, they may not be able to properly use all features of our website.
6. Prior consent of Users is required for the use of cookies. Exception to this rule will only be cookies that serve functional website needs (functional cookies) that are necessary for loading and effective operation of the website.
L. LIABILITY DISCLAIMER FOR THIRD-PARTY WEBSITES
Although our website may contain links to third-party websites, we are not responsible for privacy practices or the content of those websites and explicitly deny any liability for any loss or damage which may be caused by the use of such links.
We do not monitor the privacy practices or the content of those sites.
Should users have any questions about the privacy practices of another site, they must contact the Chief Privacy Officer who has jurisdiction on this website.
M. PERSONAL DATA OF MINORS
This website is targeted at EU citizens who have completed the sixteenth year of age and only allows citizens who have completed the sixteenth year of age to create an account.
Our practice is not to obtain and/or maintain on our knowledge data or any other information about persons under sixteen (16) years.
N. CONTACT
1. We encourage users to contact us regarding issues related to their personal data and the protection of their privacy, for example in order to:
- update their details,
- change the way in which they want to communicate,
- stop our informational and promotional threads,
- opose questions or comments about the privacy practices that apply in relation to this Privacy Policy.
2. Users may contact us for all of the above and other related matters in any of the following ways:
- by email: [email protected]
- by post: 3, Australias str., 85100 Rhodes
- by telephone: (+ 30 2241070590)
We might revise this privacy policy occasionally in order to adapt to the changing legal, regulatory, business and technological framework.
Our website allows users to read our applicable Privacy Policy and the date of implementation, to check on the most recent revision.