PRIVACY POLICY & PERSONAL DATA PROTECTION (GDPR)

Last updated: 02/01/2026

 

 

1. Who we are (Data Controller)

 

The Data Controller for your personal data is the operator of Nidimos Hotel – Delphi (the “Hotel”).

For any questions/requests regarding your data, please contact:

Email: This email address is being protected from spambots. You need JavaScript enabled to view it. | Tel.: +30 22650 82056, +30 22650 83293

 

 

2. What data we collect

 

Depending on how you contact us or make a reservation, we may collect:

 

  • Contact details: full name, email, phone number

  • Booking details: dates, number of guests, preferences, notes (e.g. special requests)

  • Technical data: IP address, device/browser type, strictly necessary functional cookies

  • Payment data: payments are processed via a certified provider (Eurobank/Cardlink). The Hotel does not store full card details.

 

 

 

3. Why we use your data (Purposes)

 

We process your data to:

 

  • Handle contact requests (form / email / phone)

  • Create, confirm and manage reservations

  • Send essential stay-related communications (e.g. confirmation, payment instructions, changes)

  • Customer service and complaint handling

  • Comply with legal obligations (accounting/tax/tourism regulations)

 

 

 

4. Legal basis

 

Processing is based on:

 

  • Performance of a contract (reservation/stay)

  • Legitimate interests (service, operational organization, system security)

  • Legal obligation (accounting/tax)

  • Consent, only where required (e.g. non-essential cookies, if any)

 

 

 

5. Data sharing (Processors/Third parties)

 

We share data only when necessary, with:

 

  • WebHotelier (booking engine) as a data processor

  • Hotelizer (PMS / reservation management) as a data processor

  • Eurobank / Cardlink (secure online payments – PCI DSS/PCI SSC) as payment provider

  • Accountants/tax advisors and public authorities where required by law

    We do not sell or disclose your data for third-party marketing purposes.

 

 

 

6. Data retention

 

We keep your data:

 

  • For as long as needed to handle your reservation/request

  • And thereafter for the period required by law (e.g. accounting/tax), or to support legal claims.

 

 

 

7. Security

 

We apply appropriate technical and organizational security measures. Payments are processed via certified payment systems (Cardlink/Eurobank). The Hotel does not store full card details.

 

 

8. Your rights

 

You have the right to:

 

  • Access, rectification, erasure

  • Restriction or objection to processing

  • Data portability (where applicable)

  • Withdraw consent (where processing is based on consent)

    To exercise your rights: This email address is being protected from spambots. You need JavaScript enabled to view it.

    You may also lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr).

 

 

 

9. Cookies

 

nidimoshotel.gr uses strictly necessary cookies only for the proper operation of the website and/or the booking engine.

We do not use newsletter cookies and we do not use marketing cookies.

If non-essential cookies (e.g. analytics) are added in the future, a consent mechanism (cookie banner) will be provided before enabling them.

 

 

10. External links

 

Our website may contain links to third-party platforms (e.g. social media or partners). We are not responsible for the privacy practices of third-party websites.

 

 

11. Changes to this Policy

 

We may update this policy from time to time. The “Last updated” date will reflect any changes.