Last Updated: 17/11/2024
Mythical-sands.com (“we,” “us,” or “our”) is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or use our services.
By using our website or services, you acknowledge and agree to the terms outlined in this Privacy Policy.
1. Who We Are
Mythical-sands.com
Address: Georgiou Drosini, Paralimni 5291, Cyprus
Email: booking@mythical-sands.com
If you have questions regarding this policy or how your data is handled, please contact us at the above details.
2. Personal Data We Collect
We may collect and process the following personal data:
2.1 Data You Provide Directly
Name, email address, phone number
Payment and billing details
Booking or rental information
Communication preferences
Any additional information you provide in contact forms or messages
2.2 Data We Collect Automatically
IP address and browser type
Device type and operating system
Pages you visit and time spent on our website
Cookies and tracking technologies (see Section 7)
3. Legal Basis for Processing
Under GDPR, we process your personal data on the following legal bases:
Performance of a Contract: To process your bookings and provide services.
Legitimate Interests: To improve our website, services, and customer experience.
Legal Obligation: To comply with legal and regulatory requirements (e.g., tax laws).
Consent: For marketing communications or optional services, where explicit consent is provided.
4. How We Use Your Data
We use your personal data for the following purposes:
To process and confirm bookings or reservations.
To communicate with you about your rental or inquiries.
To improve our website and services through analysis and feedback.
To send promotional offers, updates, and newsletters (only if you’ve opted in).
To comply with legal obligations, such as tax reporting.
5. Your Rights Under GDPR
As an individual in the EU, you have the following rights regarding your personal data:
Right to Access: Request a copy of the personal data we hold about you.
Right to Rectification: Correct any inaccuracies in your personal data.
Right to Erasure (Right to Be Forgotten): Request that we delete your personal data, subject to legal obligations.
Right to Restrict Processing: Request limits on how we process your data in certain situations.
Right to Data Portability: Request a copy of your personal data in a machine-readable format.
Right to Object: Object to processing for specific purposes, such as direct marketing.
Right to Withdraw Consent: Withdraw your consent where processing is based on it.
Right to Lodge a Complaint: File a complaint with your local Data Protection Authority.
To exercise your rights, please contact us at [Insert Contact Email]. We will respond within 30 days, as required by GDPR.
6. Data Retention
We retain your personal data only for as long as necessary to:
Fulfill the purposes outlined in this policy.
Comply with legal or regulatory obligations.
Resolve disputes or enforce agreements.
When your data is no longer needed, we securely delete or anonymize it.
7. Cookies and Tracking Technologies
Our website uses cookies to enhance your experience. These include:
Essential Cookies: Necessary for website functionality.
Analytics Cookies: Help us analyze user behavior.
Marketing Cookies: Used to deliver personalized ads.
You can manage or disable cookies through your browser settings. For more details, review our Cookie Policy.
8. Sharing Your Data
We do not sell or rent your data. However, we may share your personal data with:
Service Providers: Payment processors, property managers, or IT support providers, under strict confidentiality agreements.
Legal Authorities: When required by law or to protect our rights.
Business Transfers: In case of mergers, acquisitions, or asset sales, your data may be transferred as part of the business.
9. International Data Transfers
If your data is transferred outside the EU/EEA (e.g., to servers in another country), we ensure adequate protection through:
Adequacy Decisions: Countries deemed by the EU to provide adequate data protection.
Standard Contractual Clauses (SCCs): Legal agreements ensuring your data remains secure.
Contact us for more details about international data transfers.
10. Data Security
We take appropriate technical and organizational measures to protect your personal data, including:
Encryption and secure storage.
Regular monitoring and updates to our systems.
Limiting access to authorized personnel only.
While we strive to protect your data, no system is entirely secure. In the event of a data breach, we will notify affected individuals and regulators as required by GDPR.
11. Children’s Privacy
Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us so we can delete it.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Effective Date.” We encourage you to review this policy regularly.
13. Contact Us
If you have questions or concerns about this Privacy Policy or your data, please contact us at booking@mythical-sands.com