Last Updated: November 2025
1. Introduction
This privacy policy explains how Triton Properties IKE collects, uses, and protects your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Greek Law 4624/2019.
IMPORTANT: By making a booking with us, you enter into a contractual relationship that requires us to process certain personal data. This policy explains your rights and how we handle your information.
2. Data Controller
Organization: Triton Properties IKE
Location: Attica, Greece
Contact: bookings@tritonproperties.biz
3. Personal Data We Collect
We collect the following categories of personal data:
Booking Information: Name, email address, phone number, postal address, booking dates, number of guests
Payment Information: Payment card details (processed securely by Stripe – we do not store complete card details)
Identification Documents: Passport or national ID copies (required by Greek short-term rental regulations and anti-money laundering laws)
Technical Data: IP address, browser type, device information (collected automatically when you visit our website)
Communication Records: Emails, messages, and other communications with us
4. Legal Basis for Processing
We process your personal data based on the following legal grounds:
• Contractual Necessity: Processing your booking, payment, and stay details is necessary to fulfil our rental contract with you
• Legal Obligation: Greek law requires us to:
– Collect and verify guest identification documents
– Submit booking and invoice data to the Greek tax authorities (AADE)
– Retain financial records for 5 years
• Legitimate Interests: Fraud prevention, security, improving our services
5. How We Use Your Personal Data
We use your personal data to:
Process and manage your booking and payment
Provide access to the rental property
Communicate with you about your reservation
Comply with Greek legal and tax requirements
Prevent fraud and ensure security
Improve our services and website functionality
We do NOT use your data for marketing purposes or send promotional emails without your explicit consent.
6. Third-Party Service Providers
We share your personal data with the following third-party service providers who help us operate our business:
• Hosthub: Property management system that manages bookings and guest information
• Stripe: Payment processing for credit card transactions
• Oxygen: Invoicing software that transmits booking and payment data to the Greek tax authorities (AADE) as required by law
All third-party service providers are contractually obligated to process your data only for the specified purposes and to implement appropriate security measures.
7. International Data Transfers
Some of our service providers are based in the United States or may process data outside the European Economic Area (EEA).
Data transfers to countries outside the EEA are protected by:
Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions where the European Commission has determined that the recipient country provides adequate data protection
8. Data Security
We implement appropriate technical and organizational security measures to protect your personal data, including:
Encrypted data transmission and storage
Secure password-protected systems with restricted access
Regular security audits and updates
However, no method of internet transmission or electronic storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.
9. Data Retention
We retain your personal data for the following periods:
Booking and financial records: 5 years from the date of your stay (required by Greek tax law)
Identification documents: 5 years from the date of your stay (required by Greek short-term rental and anti-money laundering regulations)
Communication records: 2 years after your last communication with us
Technical data: 90 days from collection
After these periods, we securely delete or anonymize your data.
10. Cookies and Tracking
Our website uses essential cookies that are necessary for the website to function properly (e.g., maintaining your session during booking). These cookies do not require your consent.
We do NOT use analytics cookies, advertising cookies, or third-party tracking technologies.
11. Your Rights Under GDPR
You have the following rights:
Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your data
(Note: We cannot delete data we are legally required to retain for 5 years under Greek law)
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests
Right to Lodge a Complaint: File a complaint with the Greek Data Protection Authority (Hellenic Data Protection Authority – HDPA)
To exercise any of these rights, please contact us at bookings@tritonproperties.biz. We will respond to your request within 30 days.
12. Greek Data Protection Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with:
Hellenic Data Protection Authority (HDPA)
Address: Kifissias Ave. 1-3, 115 23 Athens, Greece
Phone: +30 210 6475600
Website: www.dpa.gr
13. Changes to This Policy
We may update this privacy policy from time to time. Any changes will be posted on our website with an updated “Last Updated” date. For significant changes, we will notify you via email.
14. Contact Us
If you have any questions about this privacy policy or how we handle your personal data, please contact us:
Email: bookings@tritonproperties.biz
We will respond to all inquiries within 30 days.