We at “THE FERRIES.COM S.M.S.A.”, owners and administrators of the website, theferries.com, consider the
protection of your personal data of paramount importance to us. By “personal data” we mean any information you
provide to us that relates to you or any other private individual identifiable , directly or indirectly, in
particular by reference to an identifier such as a name, an identification number, location data, an online
identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic,
cultural or social identity of that natural person.
Processing of personal data includes an operation or a set of operations on your personal information or on your
set of personal data, whether or not by automated means, such as collecting, processing, organising ,storing,
retrieving, , consultation, use, disclosing by transmission, dissemination or otherwise making available,
alignment or combination, restriction, erasure or destruction;
So we have prepared this Policy Statement in order to inform you regarding the basic principles by which we
process your personal data when we provide our services to you.
We at the “THE FERRIES.COM S.M.S.A.” and our website, theferries.com, as a data controller fully comply
with the data protection principles mentioned in Article 5 of the General Data Protection Regulation
We are processing personal data lawfully, fairly and in a transparent manner in relation to the data
subject.
We collect personal data for specified, explicit and legitimate purposes and we do not process them any
further in excess of those purposes.
We ensure that the personal data of the data subjects are limited strictly to what is necessary in
relation to the purposes for which we are processing them, and we apply the appropriate organizational
and technical measures to achieve this objective.
We are taking all measures to ensure that personal data are accurate and, where necessary, up to date
with regular audits and modifications.
By “personal data” we mean any information you provide to us, and we are collecting the following
personal data categories from you.
-
Name, Surname, Sex, Age, Date of Birth, Passport Number and Issue Country, email address,
telephone number and home address,
-
travel Destinations, Travel Preferences, Family information,
-
“The Ferries” traveller data such as dates or arrival and departure, port, cabin, special needs,
comments in relation to services’ preferences, provision of services or other services used).
We are processing your personal data specifically for the below mentioned reasons:
-
Route Search: we process your personal data for making and completing your search regarding
your desired destination.
-
Customer service: we process your personal data in order to provide to you the optimum service
regarding the route you want to choose.
-
Communication: Sometimes we may need to contact you by email, mail, phone or text message,
depending on the contact information you have shared with us and your communication consent.
Some of the reasons are mentioned below:
-
Respond to your queries and handle any requests you have submitted to us,
-
notify you on changes that the Ferry Operator or Provider, has informed us and affect your
Voyage or other Service you receive, in case you have given us an order to act as an
intermediary between you, the User of our website, theferries.com, and the Providers
of Tickets and Services,
-
send you tickets by courier to the address you have given us, provided that you have
declared that you want us to do so, through our website, theferries.com,
-
we may send you a customer’s satisfaction questionnaire regarding your experience while
using our services, provided that we have your explicit consent to do so,
-
we may need to verify your information should you require information about your personal
data.
-
Compliance and Legal Claims: There may be cases where we may need to use the data you have
provided, which may include personal data, for managing and resolving legal disputes or
complaints, for regulatory inquiries and compliance, or for the implementation of the
agreement(s), or for complying with legitimate requests from law enforcement authorities to
the extent required by law.
We at “THE FERRIES.COM S.M.S.A.” process your Personal data only if:
-
The data processing is necessary for the performance of our contract,
-
it is necessary for us to comply with our legal obligations or for safeguarding our
legitimate interests arising from your contractual relations with us or any other right we
may have that derives from the local applicable Law,
-
data processing is based on your freely, by affirmative action given consent expressly and
by unambiguous indication of the content of the text you are consenting about. You may have
the possibility to withdraw your consent anytime. For collection of personal data of
children under 16 years old, we are requesting the consent of the parents. We ensure that
the processing of personal data takes place only for the purpose for which the data were
initially collected. In case we may need to process collected personal data for another
purpose, we will seek again your consent with express and determined written format.
Here at “THE FERRIES.COM S.M.S.A.” we are tirelessly performing various actions and procedures
to safeguard our information systems from unauthorized access and misuse, including personal
data. We apply security procedures and technical and physical limitations of access and use of
personal data on our servers. Only authorized personnel have access to personal data in their
work.
Our basic function is to act as intermediary between you, the User of our website,
theferries.com and the Providers of the Tickets and the Services. Whenever we do that,
we may use a third-party supplier or business partner to process personal data on our
behalf. The choice of a third party ensures that this supplier or business partner is fully
compliant with the General Data Protection Regulation and any other applicable laws and will
provide security measures to safeguard personal data that cover all associated risks.
We are retaining your personal data, for as long as it is necessary and reasonable for us
to provide you with our services, to comply with applicable law, for the management of
legal disputes, for the purposes of our activities, including the detection and prevention
of fraud or other illegal activities. All the above personal data are subject to this Data
Protection Policy and in accordance with our data retention scheme.
It is our obligation to provide to you an access mechanism to access your personal data,
in order for you to exercise the following rights:
-
RIGHT OF ACCESS
You have the right to be aware and verify the legitimacy of the processing we are
performing. Thus, you have the right to access the data you have entrusted to us and
get additional information about their processing.
-
RIGHT OF RECTIFICATION
You have the right to study, correct, update or modify your personal data that you
have submitted to us.
-
RIGHT OF RESTRICTION OF PROCESSING
You have the right to request the restriction of the processing of your personal
data when:
(a) you contest their accuracy and until verification,
(b) you object to their deletion and, instead, you request the limitation of their
use,
(c) although your personal data are not needed anymore for processing, but they are
indispensable to you establishing, exercising, supporting of legal claims, and
(d) you object to the processing and until it is verified that there are legitimate
reasons that concern us and override the reasons why you are opposing to processing.
-
RIGHT OF OBJECTION
You have the right to object at any time to the processing of your personal data in
the case that they are necessary for the purposes of legitimate interests we pursue.
-
RIGHT TO DATA PORTABILITY
You have the right to receive, upon request, a copy of the digital data you have
provided to us in a structured form and transfer these data to another controller,
-
RIGHT TO BE FORGOTTEN
Upon request, you have the right to request from the deletion of your personal data.
We will take the required organizational and technical actions to satisfy your
request and will also secure it from any third parties using or processing personal
data on its behalf. In cases of mandatory data processing required by law, this
right is subject to specific restrictions or does not exist, as the case may be.
If you believe that any of your personal data that we hold is incorrect or
inaccurate, you may request to view this information, and correct it or delete it.
Please contact us through the [email protected] in order to provide you the
Data Subject Access Form.
In the case we become aware of a suspected or actual personal data breach, we will
immediately perform any investigation necessary and take appropriate remedial measures
in a timely manner, according to our Data Breach Policy. Where there is any risk to
your rights and freedoms as data subjects, we will notify the Hellenic Data Protection
Authority without undue delay and, when possible, within 72 hours.
If you have any questions or need clarification regarding the processing of your
personal data by our company, please send your message to
[email protected].
