Privacy Policy

Vilana Studios is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or make a reservation.

By using our website or booking our accommodation, you agree to the practices described below.

1. Information We Collect

1.1. Information You Provide Directly

We may collect the following personal data when you:

• Make a reservation
• Contact us through forms or email
• Check in at the accommodation

This may include:

• Full name
• Email address
• Phone number
• Address / country
• Payment details (processed securely by third-party providers)
• Special requests or preferences
• Identification documents (if required by Greek law for check-in)

1.2. Information Collected Automatically

When you visit our website, we may automatically collect:

• IP address
• Browser type & device information
• Pages visited
• Cookies and usage data

This data is used exclusively for website functionality, security, and analytics.

2. How We Use Your Information

We use your personal data for the following purposes:

• To process and manage your reservation
• To communicate with you regarding your stay
• To comply with legal obligations (e.g., visitor registry required by Greek law)
• To improve our services and website
• To respond to your inquiries
• For security and fraud prevention

We do not sell, rent, or trade your personal information.

3. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Contractual necessity: to complete your reservation and provide accommodation
• Legal obligation: compliance with tax and hospitality laws
• Legitimate interest: ensuring safety, improving services, preventing fraud
• Consent: when you voluntarily submit information (e.g., contact forms)

4. Data Sharing

We may share data only with:

• Reservation platforms (e.g., Booking.com)
• Payment processors (for secure transactions)
• Professional service providers (IT, accountants)
• Greek authorities, only when legally required

All third-party providers follow GDPR standards.

5. Data Retention

We retain your personal data only for as long as necessary:

• Reservation and billing data: as required by Greek tax law
• Guest registry: as required by tourism regulations
• Email communications: for service and administrative purposes

When data is no longer needed, it is safely deleted.

6. Cookies

Our website may use cookies to:

• Ensure proper functionality
• Improve user experience
• Analyze traffic

You may disable cookies through your browser settings. Some site features may not function properly without them.

7. Data Security

We take appropriate technical and organizational measures to safeguard your information against:

• Loss
• Theft
• Unauthorized access
• Alteration or destruction

However, no online transmission is 100% secure. We do our best to protect your data.

8. Your Rights Under GDPR

You have the right to:

• Access your personal data
• Correct inaccurate information
• Request deletion (“right to be forgotten”)
• Restrict or object to processing
• Receive a copy of your data (data portability)
• Withdraw consent at any time

To exercise any of these rights, contact us.

9. Links to External Websites

Our website may include links to third-party sites. We are not responsible for their privacy practices or content.

10. Changes to This Privacy Policy

We may update this Privacy Policy occasionally. Updates will be posted on this page with the revised date.