Privacy Policy

1. Introduction – Data Controller

By using our website and the services we provide, you acknowledge that you accept this Privacy Policy and, where required, consent to the collection and processing of your personal data as described herein. If you do not agree with any provision of this Policy, you must refrain from using our website or services. Please note that we may update this Privacy Policy from time to time to comply with legal or regulatory changes or to reflect improvements in our practices. Any revised version will be posted on the website with a clearly indicated "last updated" date. We encourage you to review this page periodically — continued use of our services after any changes implies acceptance of the updated Policy.

Note for minors: If you are under the age of 16, you must obtain parental or guardian consent before using our website or services. The Company does not knowingly collect or process personal data of children under the age of 16 without such consent.

2. What Data We Collect

When you interact with the Company and use our platform, we may collect various types of personal data. This data may be provided directly by you (e.g., when filling out forms or making a booking) or automatically collected during your visit to our website (e.g., via cookies). Specifically, we may collect the following categories of data:

• Identification and Contact Details: First name, last name, date of birth, gender (where required, e.g., for airline bookings), identification document numbers (ID card, passport – only when necessary for issuing tickets or bookings), phone numbers, email address, home/work postal address, nationality, etc.
• Booking and Travel Information: Details related to your reservations, such as destinations, travel dates, flight or itinerary details, hotel names and room types, flight or room numbers, special requests (e.g., meals, accessibility needs), the number of passengers or travelers included in the booking (along with their data if you provide it), and any travel preferences you communicate to us.
• Financial Data: Payment-related information, such as credit/debit card details (processed through secure systems – the Company does not store full card data), bank account details (if you pay by wire transfer or are due a refund), payment and invoice history, amounts paid, currency used, etc.
• Communication Data: Records of any communications you have with us, whether by email, through our website’s contact form, or by phone. This includes the content of your requests, complaints, or inquiries, as well as our responses. If you use the live chat feature on our website, the exchanged messages may also be stored.
• Account Data: If our website offers the option to create a personal account/profile, we will store your username, encrypted password, preference settings, booking history linked to your account, wish lists, and similar information.
• Marketing Data: You may optionally choose to subscribe to our newsletter or participate in loyalty/promotion programs. In such cases, we will record your email address and any stated preferences (e.g., types of offers you are interested in). Additionally, if you participate in contests or promotional campaigns, we may collect the data you submit for entry purposes.
• Technical Browsing Data (Cookies & related technologies): When you visit our website, certain information is automatically collected through cookies and similar technologies (see the Cookies section below). This may include your IP address, device and browser type, operating system, approximate geographic location (e.g., city), pages visited, date and time of access, time spent on site, and data on clicks or actions taken on the site. This data is anonymized where possible and is primarily used for statistical analysis and to improve our services.

Special categories of data: As a rule, the Company does not seek to collect sensitive personal data (such as health information, religious or political beliefs, genetic/biometric data, etc.), unless it is strictly necessary to provide a specific service you have requested (e.g., health-related information for accessibility accommodations during travel or special airline meal requests). Such data will be voluntarily provided by you with your explicit consent where required, and will be used solely for the intended purpose.

3. Purposes and Legal Basis for Processing

We use your personal data only for lawful purposes and where we have a valid legal basis, in accordance with the General Data Protection Regulation (GDPR). Specifically:

• Provision of Travel Services (Contract Performance): The primary basis for processing your data is that it is necessary for the conclusion and execution of the contract between you and the Company. When you make a booking or request a service, we need your personal details to process your request: confirm availability, issue tickets or vouchers, reserve accommodations, communicate with providers, identify you at check-in, etc. For example, your data is used for:
• Bookings & Travel Documents: Your personal information is used to make bookings in supplier systems (e.g., entering your name and date of birth in airline or hotel reservation systems, recording your passport number if required for non-Schengen flights, issuing tickets or accommodation vouchers). Information such as full name, date of birth, and ID details are essential for these reservations.
• Payments & Invoicing: Processing your payment data to charge you for the service, prevent payment fraud, and issue receipts/invoices in your name.
• Communication with You: Using your contact details (email, phone) to send booking confirmations, tickets, notifications of changes or cancellations, and to request clarification if needed. For example, if a booking is pending due to availability, we will notify you when it is confirmed or if your action is required.
• Customer Support: Using your information and booking history to provide assistance — whether answering your inquiries, resolving booking issues, or handling requests for changes or cancellations in line with applicable policies.
• Execution of Package Tours: If you participate in an organized trip/package, the Company will use your details to organize and deliver the itinerary (bookings, passenger lists, informing guides/local partners of special needs, etc.).

Legal Basis: Contract Performance – Article 6(1)(b) GDPR

This processing is strictly necessary in order for us to provide you with the services you have requested.

• Compliance with Legal Obligations (Article 6(1)(c) GDPR):

Certain data is retained or disclosed because we are legally obligated to do so:

• Tax Legislation: We retain records of transactions, invoices, and payments that contain personal data (e.g., name, address, VAT number if provided) in compliance with accounting regulations and for submission to the tax authorities. Greek tax law requires us to retain such records for a specific period (typically at least 5 to 10 years, depending on the case).
  
  
• Tourism Legislation: As a tourism business, we may be required to collect or share passenger data with authorities for safety or statistical purposes (e.g., flight passenger lists, guest information for accommodations under applicable law). Additionally, the law on package travel requires us to provide certain information to travelers in written form, so we retain the documents provided to demonstrate compliance.
  
  
• Regulatory Requirements: Depending on the nature of the transaction, other legal obligations may apply. For example, anti-money laundering (AML) legislation may, in rare cases, require identity verification (e.g., if you make a very large cash payment).
  
  
• Legal Claims: We may retain information where necessary to establish, exercise, or defend legal claims (e.g., in case of a dispute, we will keep related communications and booking records as evidence).

Legal Basis: Legal Obligation – Article 6(1)(c) GDPR

This processing is necessary for our compliance with the aforementioned legal provisions.

• Commercial Communication & Marketing Purposes (Consent)

If you give us your consent, we will use your email address (and possibly your name) to send you newsletters with offers, new services, travel ideas, or promotional campaigns from the Company. We may also send you personalized suggestions tailored to your interests, based on your preferences or booking history, where available.

Receiving such communications is optional and will only occur if you have chosen to subscribe to our mailing list or have explicitly provided your consent at the time of data collection (opt-in). You may withdraw your consent at any time and unsubscribe from such lists by following the instructions included in each email or by contacting us directly. Upon withdrawal of consent, we will cease processing your data for marketing purposes going forward.

Legal Basis: Consent – Article 6(1)(a) GDPR, specifically for the sending of promotional communications.
Note: Even without explicit consent, existing customers may periodically receive information about similar services under the “soft opt-in” exemption provided by e-commerce laws, but always with the option to unsubscribe.

• Service Improvement & Statistical Analysis (Legitimate Interest)

We process usage and preference data (primarily in aggregated or anonymized form) to better understand how our website is used and how we can improve the user experience and the services offered. For example:

• We analyze which pages or services receive more traffic, from which countries users are visiting, and peak usage times, in order to optimize our platform both technically and functionally.
  
  
• We may conduct satisfaction surveys or request reviews/feedback after service completion to measure customer satisfaction and identify areas for improvement.
  
  
• We monitor server logs and automated analytics (e.g., Google Analytics) to detect potential issues, errors, or suspicious activity (e.g., multiple failed payment attempts that may indicate fraud), etc.

In such cases, we ensure that the data is used in a format that does not directly identify individuals, wherever feasible. Our legitimate interest lies in improving our services, understanding market behavior, and ensuring operational continuity and security.

Legal Basis: Legitimate Interest – Article 6(1)(f) GDPR.
We have assessed that this processing does not disproportionately affect your rights, as it involves either anonymized/aggregated data or is in line with the reasonable expectations of users that such analytics are standard practice on most websites. Nevertheless, you have the right to object to processing for statistical purposes if you feel that it impacts your rights (see “Your Rights” below).

 

• Cookies and Targeted Advertising (Consent)

For non-essential cookies (e.g., analytics cookies, third-party cookies used for advertising), we will request your consent via the cookie banner that appears when you first visit our website.

For a detailed explanation, please refer to Section 7: Cookie Policy below.

If you provide consent, we will process your browsing data collected through such cookies in order to analyze your interests and, where applicable, display relevant advertisements on third-party platforms (such as Google, Facebook, etc.). For example, we may use Google Analytics for statistical insights and Facebook Pixel/Google Ads for remarketing purposes, always in compliance with the respective privacy guidelines of these tools.

Legal Basis: Consent – Article 6(1)(a) GDPR, in conjunction with the ePrivacy Directive as applicable to cookie usage.

4. Data Sharing with Third Parties

As part of our operations, the Company shares certain personal data with third parties. This is done only when necessary for the purposes outlined in this Privacy Policy or when there is a valid legal basis for doing so. The third parties that may receive your data include:

• Travel Providers/Suppliers:

These are third parties that deliver the services you have booked through us. We share only the minimum necessary data required to fulfill the booking. For example:

• Airlines / Ferry Operators:
  We provide your full name (and that of any fellow travelers), date of birth, gender, nationality, and passport or ID number where required, to issue travel tickets. Contact details (mobile number, email) may also be shared to allow the airline or ferry company to notify you directly of schedule changes or for online check-in purposes.
  
  
• Hotels / Accommodation Providers:
  We share your name (and the names of any accompanying guests) and stay dates to confirm the room reservation. Special requests or preferences (e.g., non-smoking room, accessibility needs) will also be communicated to the accommodation provider.
  
  
• Transport and Car Rental Companies:
  We provide the necessary information to complete a booking for a rental vehicle or bus/train tickets. For car rentals, this typically includes name, date of birth (to check age restrictions), and driver’s license number (usually required upon pickup), along with contact details.
  
  
• Local Tour Operators, Guides, Museums, etc.:
  We may share a list of participants with names (and occasionally ages, e.g., for child discounts) when arranging tickets or group activities such as guided tours or excursions.
• These providers act as independent data controllers once they receive your personal data, processing it for their own purposes (namely, to deliver the service you booked). They apply their own privacy policies regarding how your data is managed (e.g., an airline must comply with applicable laws concerning passenger lists like API/PNR requirements). While we are not responsible for the privacy practices of these third parties, we select them based on their reliability and adherence to legal requirements—for instance, we only work with well-known airlines and hotels that are subject to recognized data protection regulations.
  
  

• Partnered Service Providers (Data Processors):

In some cases, we use external service providers and contractors to help us deliver our services or process your data. These third parties act on our instructions and under a data processing agreement in accordance with Article 28 of the GDPR, ensuring they follow our guidance and implement appropriate safeguards. These include:

• Payment Service Providers (PSPs):
  Payment gateways and banks process your transactions (e.g., [Bank]/[PSP] handles card payments). These entities directly collect your card details through their secure platforms. We do not store your card details and only receive confirmation of payment status and a transaction reference.
  
  
• IT Support & Hosting Providers:
  These include the company hosting our website and databases, software developers maintaining our platform, and providers of cloud or backup solutions. They may occasionally access your data—for instance, a technician might view database records when resolving an issue—but they are bound by confidentiality clauses and only access data when strictly necessary.
  
  
• Travel Agent Partners:
  If your booking is handled through a larger travel network or global distribution system (GDS)—such as through intermediaries for flights or hotel wholesalers—your data may pass through these systems. In such cases, these intermediaries may be considered data processors or, at times, joint controllers, and are bound by the same data protection obligations under the GDPR.
• Email/SMS Providers:
  We use third-party platforms to send bulk communications such as newsletters or booking notifications. These providers receive only the necessary contact data (e.g., your email address or phone number) and the message content to be delivered.
  
  
• Accountants / Legal Advisors:
  We may share data with professionals who provide us with accounting or legal services. For instance, they may need access to invoicing records (containing names and payment details) to fulfill their responsibilities. These parties are also bound by strict professional confidentiality obligations.
  
  
• We remain fully responsible for your personal data, even when processing is delegated to third-party service providers. We ensure all processors are contractually committed to uphold at least the same level of data protection as we do.
  
  
• Public Authorities and Regulators:
  As mentioned earlier, we may be legally required to disclose your personal data to governmental or regulatory authorities (e.g., during a tax audit or based on a court order). Such disclosures are strictly limited to what is necessary to comply with legal obligations.
  
  

 

Transfers Outside the EU/EEA

Most of our servers and core partners operate within the European Economic Area (EEA), and thus your data is processed in accordance with EU law. However, some data transfers may involve third countries outside the EU/EEA:

• Travel Providers Abroad:
  Many international travel providers (e.g., airlines, hotel chains) are based outside the EEA or operate servers there. When we enter your booking into their systems, it may involve a cross-border data transfer. This is legally permitted under GDPR Article 49(1)(b), as it is necessary for the performance of your contract. Major international providers typically also adhere to Standard Contractual Clauses (SCCs) or other protective frameworks.
  
  
• Third-Party Services (e.g., email marketing or cloud storage outside the EU):
  If we use external platforms based outside the EEA (e.g., an email marketing tool hosted in the USA), we ensure the destination country either has an adequacy decision by the European Commission or the provider has entered into Standard Contractual Clauses with us. Additional safeguards may also be applied where required.
  
  

We do not sell or rent your personal data under any circumstances. All data sharing occurs strictly under the terms and purposes described, with proper legal and technical safeguards in place, and never beyond what is necessary without your explicit consent.

5. Data Subject Rights

In accordance with the General Data Protection Regulation (GDPR) and Greek data protection laws, you have a number of rights regarding the personal data we process about you. You may exercise the following rights, subject to the applicable legal conditions:

• Right of Access: You have the right to obtain confirmation as to whether or not we process your personal data, and if so, to access and receive a copy of such data. You are also entitled to receive information about the purposes of processing, categories of data involved, recipients or categories of recipients, data retention periods, and your associated rights (as also outlined in this Privacy Policy).
  
  
• Right to Rectification: You may request the correction of inaccurate or incomplete personal data concerning you. For example, if your name is misspelled or you have updated your contact information (e.g., address or email), we will update our records without undue delay.
  
  
• Right to Erasure ("Right to be Forgotten"): You may request the deletion of your personal data where, for example, the data are no longer necessary for the purposes for which they were collected, or where you withdraw your consent (in cases where processing is based on consent). Please note, this right is not absolute — if we are legally obligated to retain certain data (e.g., transaction records), or if overriding legitimate interests apply (e.g., legal defense purposes), some data may not be immediately deleted. In all cases, we will inform you accordingly.
  
  
• Right to Restriction of Processing: You have the right to request the temporary restriction of processing of your personal data under specific circumstances. This means that we may continue to store the data, but will not process them further except for storage purposes until the issue is resolved. This right may apply, for example, if:
  
  
  • you contest the accuracy of the data (for the period it takes to verify it),
    
    
  • the processing is unlawful but you prefer restriction over erasure,
    
    
  • the data are no longer needed for processing but you require them for legal claims, or
    
    
  • you have objected to the processing (see below) and the verification of overriding legitimate grounds is pending.
• Right to Notification Regarding Rectification, Erasure, or Restriction: You have the right to be informed when we have rectified or erased your personal data or restricted their processing, especially if such data have been disclosed to third parties. In such cases, we will take reasonable steps to inform the relevant third parties so they can also update or delete your data accordingly. You will be notified about these actions to the extent required by law.
  
  
• Right to Data Portability: You may request to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format (e.g., CSV or Excel), where the processing is carried out by automated means and based on your consent or a contract. You may also request, where technically feasible, that such data be transmitted directly to another controller of your choice. Please note that this right applies only to data you have actively provided (e.g., profile details or preferences), and not to any data derived or inferred by us.
  
  
• Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on our legitimate interests. In such cases, we will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms (e.g., for the establishment, exercise, or defense of legal claims). Where personal data are processed for direct marketing purposes, you have an absolute right to object at any time — if you inform us that you no longer wish to receive newsletters or promotional messages, we will immediately cease such communications.
  
  
• Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar way. (Note: Our company does not engage in such automated decision-making without meaningful human involvement.)

To exercise any of the above rights, you may contact us using the details provided in Section 1. We will review and respond to your request without undue delay and, in any case, within one (1) month of receiving it. In cases of particularly complex or multiple requests, this deadline may be extended by an additional two (2) months — in such cases, we will notify you of the extension and the reasons for the delay.

• The exercise of your rights is free of charge. However, if a request is clearly unfounded or excessive (e.g., repetitive without justification), we reserve the right to charge a reasonable administrative fee or to refuse to act on the request, in which case we will provide a reasoned explanation.
• Finally, you have the right to lodge a complaint with the competent supervisory authority if you believe that your data protection rights have been violated. In Greece, the competent authority is the Hellenic Data Protection Authority (HDPA), located at 1-3 Kifissias Avenue, Athens, 11523. You can find more information and instructions on how to submit a complaint at the Authority’s website: https://www.dpa.gr.

6. Data Security and Retention Periods

Security:
We implement appropriate technical and organizational measures to safeguard your personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include, but are not limited to:

• Controlled access to our information systems (only authorized personnel for specific purposes),
  
  
• Up-to-date security software, firewalls, and antivirus protection,
  
  
• Encryption of sensitive data (e.g. SSL for secure data transfer, encrypted passwords),
  
  
• Regular data backups,
  
  
• Internal security policies and staff training on data protection and confidentiality.
  
  

While no method of data transmission over the Internet or method of electronic storage is entirely secure, we are committed to maintaining a high level of security and continuously upgrading our measures. In the unlikely event of a personal data breach that may pose a risk to your rights and freedoms, we will follow the applicable notification procedures, including informing both you and the competent supervisory authority, as required under the GDPR.

Data Retention:
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Specifically:

• Booking and transaction data is retained throughout the duration of our contractual relationship (i.e., from the time of booking until the completion of your trip) and for a reasonable period afterward to support post-travel matters (e.g. disputes or follow-up requests).
  
  
• After service completion, certain data may be archived for reference purposes. For example, we may retain your travel history to offer more tailored service in future bookings or to address future questions or claims.
  
  
• Data subject to accounting and tax regulations (e.g. invoices containing your personal information) will be retained for at least the legally required period – typically 10 years from issuance, or longer in case of ongoing audits or legal obligations.
  
  
• Data collected based on your consent for marketing purposes will be retained until you withdraw your consent or opt out of receiving communications. If you remain inactive for an extended period (e.g. no email opened within 2 years), we may remove you from our list and delete your data from our marketing database.
  
  
• Technical data collected via cookies varies in lifespan depending on the type of cookie. Most analytics cookies do not retain identifiable data beyond a few months. You may also delete cookies manually at any time (see next section).
  
  
• In the event of a legal dispute or claim, we may retain relevant data until the matter is fully resolved, even if this exceeds the retention periods mentioned above

At the end of the applicable retention period, and provided the data is no longer required, we follow secure data deletion and destruction procedures. For example, we remove electronic records from active databases and backups, and we physically destroy hard copies through shredding. In certain cases, we may retain anonymized statistical data (from which you cannot be identified) for longer periods, as such data is no longer considered personal data under applicable data protection laws.

7. Use of Cookies & Similar Technologies

Like most websites, we use cookies and related technologies (such as pixel tags, local storage, etc.) to automatically collect certain information. These technologies help us recognize you as a unique user, remember your preferences, improve your user experience, and analyze website traffic and performance.

What are cookies?
Cookies are small text files stored in your web browser (on your computer or mobile device) when you visit a website. Each cookie is unique to your browser and contains anonymous information, often a randomly generated identifier. There are various types of cookies:

• Session cookies: These are temporary and remain active only for the duration of your visit. They are deleted when you close your browser.
  
  
• Persistent cookies: These remain stored on your browser for a predefined period, even after closing it (ranging from days to years). They are typically used to remember your preferences or for repeat visits.
  
  
• First-party cookies: These are set by the website you are visiting (in this case, www.plousconcierge.com) and are only accessible by that website. They usually relate to core website functionality (e.g., remembering cart contents, language settings).
  
  
• Third-party cookies: These originate from a different domain than the one you are visiting, typically from a third-party service the website uses. Common examples include analytics tools (e.g., Google Analytics) or advertising platforms (e.g., Facebook, Google Ads) used for statistics or marketing purposes.
  
  

Which cookies do we use?

Our website uses the following categories of cookies:

• Strictly Necessary Cookies: These are essential for the website to function properly and to deliver the services you have requested (e.g., browsing pages, accessing secure areas, or using a shopping cart). These cookies do not store personally identifiable information and do not require your consent.
  
  
• Functionality/Preference Cookies: These cookies remember your choices (e.g., language, currency, login credentials) and provide enhanced, personalized features. They may also be used to prevent displaying the same notification repeatedly. While not strictly required, they improve the user experience.
  
  
• Analytics & Performance Cookies: We use tools such as Google Analytics to collect aggregated and anonymous data on how users interact with our site. These cookies help us understand metrics like the number of visitors, popular pages, referring websites, time spent, and error occurrences.This data is aggregated and anonymized; we do not seek to identify individuals. It is used solely to help us improve the performance of our website and the quality of our services. For example, we may use cookies like _ga, _gid from Google Analytics. We request your consent to use these cookies in accordance with applicable data protection laws.
  
  
• Advertising/Targeting Cookies: These may be placed by advertising partners (third parties) via our website. They are used to build a profile of your interests and display relevant ads on other websites. For instance, if you visited our site and viewed a specific travel package, you may later see ads for that package elsewhere—this is due to remarketing cookies. These cookies identify your browser and device but do not directly store personal data. Disabling them does not prevent advertising altogether, but you may see less relevant ads.
  
  
• Social Media Cookies: If our site integrates features from social networks (e.g., Facebook “Like” or “Share” buttons), those platforms may place their own cookies when you interact with their plugins. These cookies allow the social network to recognize you (if logged into your account) and associate the interaction with your profile. We do not control these cookies; they are subject to the respective platform’s privacy policy.
  
  

Cookie Consent
Upon your first visit, a cookie banner will prompt you to accept or configure your preferences for non-essential cookies. You may opt in or out of cookie categories (functionality, analytics, advertising) based on your preferences. You can change your cookie settings at any time via our [“Cookie Settings”] page or through your browser settings. Please note that rejecting certain cookies—especially functionality ones—may affect your experience or disable some site features.

Managing Cookies via Browser Settings
Most web browsers (Chrome, Firefox, Safari, Edge, etc.) allow you to control cookies through their settings. You can delete all cookies already stored and configure your browser to block future cookies. However, doing so may require manual adjustment of preferences upon each visit and may impact the functionality of certain services. You can find more details on how to manage cookies at the following link:https://support.google.com/chrome/answer/95647?hl=en&co=GENIE.Platform%3DDesktop

Third-Party Cookies

Our website uses certain third-party cookies to enhance functionality and support our analytics and marketing efforts. These include:

• Google Analytics (Google LLC): Used for website traffic statistics. The collected data (e.g., IP address, user behavior) is partially anonymized (e.g., IP masking) and stored on Google’s servers. Google complies with applicable data transfer mechanisms such as Standard Contractual Clauses (SCCs). You may fully opt out of Google Analytics by installing the opt-out browser add-on: https://tools.google.com/dlpage/gaoptout.
  
  
• Google Ads / DoubleClick Cookies: These cookies support remarketing and conversion tracking, helping us assess the effectiveness of our advertising campaigns and retarget users who have shown interest in our services. You can manage your ad preferences via Google at: https://adssettings.google.com.
  
  
• Facebook Pixel: If implemented, this tool tracks website activity to enable advertising on Facebook and Instagram. Data collected via the pixel is subject to Facebook’s Privacy Policy: https://www.facebook.com/privacy/explanation. You can manage your ad preferences directly in your Facebook account.
  
  
• Other Third-Party Plugins: Embedded content such as YouTube videos, Google Maps, or other widgets may set their own cookies upon loading. Where applicable, such content will only be activated upon your prior consent (e.g., “click-to-load” or consent banner blocking by default).
  
  

Summary:
We use cookies to improve our services and enhance your experience, while fully respecting your privacy rights. We do not share personally identifiable cookie data with unauthorized third parties. For more detailed information, please refer to our standalone Cookie Policy or adjust your preferences as described in our cookie settings.

 

8. Policy Updates & Contact

This Privacy Policy may be updated periodically to reflect changes in our data handling practices or to comply with new legal obligations. The date of the latest revision will be clearly stated at the top of this document. We encourage you to review the Policy regularly, especially before making a new booking, to stay informed of any changes. In the event of material updates (e.g. changes to processing purposes or your rights), we may also notify you via email or pop-up notification on our website.

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data by the Company in general, please do not hesitate to contact us using the details below:

• E S Concierge and Broker Services I.K.E. – Data Protection Department
• Address: Nikolaou Plastira 20, Nea Smyrni, 17121, Greece
• Phone: +30 698 231 0287
• Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
  
  

We will be happy to assist you and respond to any questions regarding your personal data or this Policy.

Last updated: [11/06/2025]

 

By accepting the above Terms of Use and this Privacy Policy, you confirm that you have read, understood, and agreed to its content.
Thank you for choosing Plous Concierge for your travel services. We are committed to providing high-quality service while fully respecting your privacy and data protection rights.

We wish you safe and enjoyable travels! 🌍✈️