On this page we provide clear and complete information about your personal data that our website gathers. You can also view and control its handling.
There is a new regulation in the European Union valid after the 25th May 2018, called General Data Protection Regulation (GDPR). It provides strict guidelines on how one’s personal data is gathered and handled. This also affects companies and individuals that reside outside of the EU, but collect data from EU citizens.
If you notice we missed any crucial information you need, please contact us.
Who we are
We are a Greek travel agency and tour operator company, owners of the travelanddo.com and travelanddo.net domains.
Our full details are:
“TRAVEL AND DO ESERVICES”
A company fully licensed by the Greek National Tourism Organisation (GNTO)
License number: 0206E70000669801
Post Address: 56, Stratigou Dagli street – 10445 Athens – GREECE
What personal data we collect and why we collect it
When you leave comments on the site we collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection.
Information submitted through the contact forms on our site are sent to our company email, hosted by Gmail. Google adheres to the EU “Privacy Shield” policy and you can find more information about this here.
While we keep these submissions for customer service purposes they are never used for marketing purposes or shared with third parties.
Our site uses the following cookies:
- Google Analytics cookies – these are set for monitoring and tracking visitors behavior on the site.
- WordPress logged-in cookies – these are used by WordPress to authenticate logged-in visitors, password authentication and user verification.
- WPML cookies – these are used by our WPML plugin to identify the preferred user’s language as our site is multilingual.
- W3 Total Cache cookies – these are used by W3 Total Cache plugin to monitor referrer and user identification for caching purposes.
Embedded content from other websites
Articles on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website.
Who we share your data with
We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. However, some data is transferred and/or stored with third-party services we use, like cloud-based services and payment processors. This is done as a way to provide you with a better overall service and user experience.
Here are the services we use to make our own service better for you:
- Mailchimp – we store our client contact details for newsletters, announcements, and usability testing invite purposes. They can opt-out of these at any time.
- PayPal – we use Paypal as one of our payment processor. During checkout, a client will provide login information and credit card info. This information is processed directly within this gateway payment and we do not save it on our sites.
Who can see my personal information
If you are not a registered member in our site, there is no personal information we have or can see about you.
If you are a registered member (this option will be activated in the future), your personal information can be accessed by:
- Our System administrators.
- Our supporters when they need to (in order to provide support) get the information about the client accounts and access.
How long we retain your data
If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.
How we protect your data and what data breach procedures we have in place
We protect customer data with the following site features:
- We are entirely using SSL/HTTPS throughout all our sites. This encrypts our user communications with the servers so personal identifiable information is never captured by third parties without authorization.
- Databases are sanitized (actual user personal details are removed) before deploying to development or testing environment.
In case of a data breach, System administrators will immediately go through affected users and will attempt to reset passwords if needed after informing the user.
What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being currently our customer (i.e. basic account information like an email address).