top of page

Privacy Policy

Last updated: 16/02/2023

 Introduction

Montelle Investments (“The Greek Cookout” “Kissamos Activities” “we” or “us” or “our”) take the security of your personal information very seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information once you visit our website (www.thegreekcookout.com and www.kissamosactivities.com ), including all other forms of media, media channel, mobile website, or mobile application related or connected thereto (collectively, the “Site”), as well as the rights you have to that information. You agree that by accessing the site you have read, understood, and agree to be bound by all these terms of this privacy policy regarding personal data. If you are not eligible or you are not in agreement with these terms, then you are expressly prohibited from using the site and you must discontinue use immediately.

 What are personal data and personal data processing?

Personal data is information that relates to an identified or identifiable individual. “Processing” personal data means collecting or organizing personal data.

 What data do we collect, how do we collect it, and how do we use it?

The processing of your data is collected by The Greek Cookout which includes our parent company Montelle Investments IKE which acts as the data controller located at Skalidi Road 105 Kissamos, Crete, Greece, TEL: (+30) 6948811092. We process personal data based on consent according to Art. 6(1)(a) GDPR, which you are free to refuse. You will see our consent options for data collection when you first visit our site. You can refuse consent at any time, but by doing so, some features of the site may not work as intended. We practice privacy by design and privacy by default to collect only the necessary data needed to ensure a smooth user experience.

 Personal data collected: 

  • Personal identifiers

Source: GOAFFPRO,(If you are an affiliate of ours), Smartwavier, TrekkSoft, You – when you contact us through email, PayPal, Stripe

Purpose: Provide you with service and customer support, personalize the experience, error reporting, legal compliance, Administer sweepstakes, promotions, and contests and offer you new products or services, send you a reminder email upon purchase, Verify your purchase

Disclosure of information: Anonymized to advertisers

Data Retention: 180 days / For how long we are legally obliged to do so? Data will be removed from all accessible servers and documents and only data obligated to keep by law enforcement will be kept in a secure vault not accessible unless required by law. 

 

  • Internet / Network Activity

Source: Google Analytics, WIX

Purpose: Improve interaction with the website and website maintenance

Disclosure of information: Internal

Data Retention: 90 days and then data will be permanently removed and “notes” that are non-identifiable will be kept for revision.

 

  • Geolocation data

Source:  Google Analytics

Purpose: Determine eligibility, customer support, legal compliance

Disclosure of information: Anonymize advertising partners

Data Retention: 90 days and then data will be permanently removed and “notes” that are non-identifiable will be kept for revision.

 

  • Social Media Data

Source: Facebook, TikTok, Twitter, Instagram, LinkedIn

Purpose: Customer support, Remarketing, Employee/business prospects

Disclosure of information: Internal, Remarketing on social media and our site

Data Retention: Within 90 days data will be anonymized and kept for marketing purposes.

 

Having accurate information about you and your use of our site or services enables us to provide you with a smooth, efficient, and customized experience. Under the General Data Protection Regulation (GDPR), The lawful bases we rely on for processing this information are: 

  •  Your consent. You can remove your consent at any time.

  •  We have a contractual obligation.

  •  We have a legal obligation.

  •  We have a vital interest.

  •  We need it to perform a public task.

  •  We have a legitimate interest.

Third-party tools that we use or that we receive your information from:

Google Apps (Email, Cloud, analytics, G Suite), GOAFPRO, TrekkSoft, Smartwavier, Viator, GetYourGuide, Trip Advisor

Keep in mind that some of the above-listed tools that we use to conduct business are located in countries outside the European Union. All of the companies that we work with state full compliance with the GDPR (General Data Protection Regulation) of Europe. Still, we strongly encourage users of this site to review the privacy policy and privacy notice of the above-listed companies as these privacy terms only govern the use of Montelle Investments IKE.

How and why do we share your data?

We use third-party advertisers to conduct business. The data we share with them will strictly be analytical, non-identifiable data. For example, We will present them with a graph that states 100 people purchased a product, and 27% of product purchases were male and 73% female. It is important to know that all our decisions are based upon market research and a physical person, we do not make use of automated decision-making.

What are your data protection rights?

 Our Company would like to make sure you are fully aware of all your data protection rights. Every user is entitled to the following:

 The right to access – You have the right to request Our Company copies of your personal data that we have collected.

The right to rectification – You have the right to request that Our Company correct any information you believe is inaccurate, as well as request the update or completion of information we have about you.

The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to the processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that Our Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.

The data controller of all data listed above is Montelle Investments IKE, Skalidi Road 105 Kissamos, Crete, Tel: (+30) 2822024701. If you make a request, we have (1) one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: info@kissamosactivities.com

Images

When you take part in our Greek night and show up in our facilities your image may be shared online for marketing purposes. You hereby acknowledge and accept images of you and the parties that you are responsible for, for being shared online in perpetuity.

 SECURITY OF YOUR INFORMATION

Your personal information is very important to us and We use administrative, technical, and physical security measures to help protect it. Our Company securely stores your data at the physical location of Skalidi 105 Kissamos, Crete, Greece, and on the Google Cloud.

Our Company will keep your Personal Identifiable Data for the amount of time listed above and then remove it from all accessible resources and servers. Personal Identifiable Data that we are permitted to keep by law, will be safely stored in a vault and will only be accessed by strictly authorized personnel if obliged to do so by law.

WE KEEP YOUR DATA SAFE AND SECURE BY:

– We use encryption to keep your data private.

– We take the required steps through physical security, software security, pseudonymization, cybersecurity, organizational measures, and the proper training and monitoring of all parties involved to protect your personal data and privacy.

– Data is only kept for the purpose listed above and when that purpose is complete, this data is removed from all accessible servers.

– Access to personal information and data is restricted to employees, contractors, and agents who need that information to process it. Anyone with the authority to authorize this information does so under strict confidentiality and the rules and regulations required by the GDPR (General Data Protection Regulation).

– All users will be immediately notified if there is a security breach and their information might be at risk.

TRACKING TECHNOLOGIES

What are cookies?

 Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you through cookies or similar technology.

For further information, visit https://www.allaboutcookies.org/ or our website’s cookie notice to see how we use cookies. By using the Site, you agree to be bound by our Cookie Notice.

 We use cookies and other tracking technologies. Your personal information is not collected through the use of tracking technology when you access the Site. In addition to our cookie consent tool, you can remove or reject cookies through your web browser settings, but be aware that rejected cookies could affect the availability and functionality of the Site. They can be made ineffective by declining all cookies or by modifying your web browser’s settings to notify you of all cookies, decline certain cookies, or notify you when a cookie is presented, which allows you to accept or decline cookies on an individual basis and can generally be found in the browsers “help” button. Like most websites, if you choose to disable cookies, some of our services may not operate properly. 

   CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Because there is not yet a common understanding, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If such a standard for online tracking is confirmed, we will do so and we will inform you about that practice in a revised version of this Privacy Policy. Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. 

 POLICY FOR CHILDREN

 The website, products, and services are addressed to persons aged eighteen (18) and over. We do not knowingly market or solicit children under the age of 18. If you become aware of any data, we have collected from children under the age of 18, please contact us using the contact information provided below. If a user under the legal age of 18 is interested in viewing the content of the site or he/she wants to make a purchase, this user needs to do so under the authority of a legal guardian and this privacy policy, as well as our company’s Terms and Conditions, need to be read to the minor by the legal guardian.

NOTICE TO CALIFORNIA USERS

 Subject to the limitations under California Civil Code § 1798.83, if you are a California resident and have used our services or have a relationship with us, once a year, you may ask us to provide you with certain personal information that we have disclosed to third parties for their direct marketing purposes during the current calendar year. We will not discriminate against you for accessing your rights under the CCPA and you may also request the identity of certain third parties that received your personal information from us for their direct marketing purposes during the current calendar year.

 THIRD-PARTY WEBSITES 

This Privacy Notice governs your personal information obtained when using this site and we do not guarantee the safety and privacy of your information once you use these links to leave the site. The privacy policies and practices of any third-party website are your responsibility to read and understand before you visit the site or provide them with any information. You agree to not hold us liable for any damages or losses when using the site/services of any third party third-party or third-party websites.

 CHANGES TO THIS PRIVACY POLICY

We will make changes or modifications to the terms of this privacy notice at any time and as we see fit. “Last updated” date at the top of these terms of this privacy notice will be updated when such changes are made, and you waive any right to be personally notified of each such change. It is your responsibility to review the terms of this privacy notice from time to time and stay informed of all updates or changes. 

You have the right to complain if you feel that any of your personal data has been violated at The  Data Protection Authority Offices: Kifissias 1-3, 115 23 Athens, Greece Data Protection Authority Offices: Kifissias 1-3, 115 23 Athens, Greece, +30-210 6475600, Fax: +30-210 6475628, E-mail: contact@dpa.gr

If you want to access your rights or for any questions regarding this Privacy Notice or the data we collected from you please contact us at:

 info@thegreekcookout.com

bottom of page