For the purposes of the Data Protection Greek and EU Laws, we, Windmills Travel and Tourism, are a data controller. In order to process your booking, we need to collect certain personal details from you. These details will include, where applicable, the names and addresses of party members, credit/ debit card or other payment details and special requirements such as those relating to any disability or medical condition which may affect the chosen holiday arrangements and any dietary restrictions which may disclose your religious beliefs. If we need any other personal details, we will tell you before we obtain them from you.
In case you eventually make a reservation with us we need to pass on your personal details to the companies and organizations who need to know them so that your holiday can be provided (for example hotels, ticketing reservations and shipping companies).
All details you give us in connection with your booking (including those relating to any disability or medical condition or your religious beliefs) will only be used in conjuction with realizing your reservation. We do NOT intend to and we will NOT sell clients names and addresses to other companies or organizations.
If you do not want us to do any or all of these things, please let us know as soon as possible. We are entitled to assume you do not object to our doing any of the things mentioned in this statement unless you tell us otherwise in writing.
Except where expressly permitted by the Greek and EU Data Protection Laws, we will only deal with the personal details you give us as set out above unless you agree otherwise. We have appropriate security measures in place to protect this information.
You are generally entitled to ask us (by letter or e-mail) what details of yours are being held or processed, for what purpose and to whom they may be or have been disclosed. We promise to respond to your request within 40 days of receiving your written request at no fee. In certain limited circumstances we are entitled to refuse your request.