Stay Helios
Contact
Book your stay

Legal

Privacy Policy

Last updated: April 2026

1. Data Controller

Stay Helios (“we”, “us”, “our”) is the data controller responsible for your personal data.

  • Business name: Stay Helios
  • Address: Profitou Amos, Faliraki 85105, Rhodes, Greece
  • License number: 1476K132K0486000
  • Email: info@stayhelios.com

2. What Data We Collect

We may collect and process the following categories of personal data:

2.1 Contact Form & Booking Enquiries

When you submit a contact form or make a booking enquiry through our website, we collect your name, email address, phone number (if provided), and the content of your message.

2.2 Analytics Data

We use privacy-focused analytics to understand how visitors use our website. This may include page views, referral sources, browser type, device type, and approximate geographic location. We use Plausible Analytics, which does not use cookies and does not collect personally identifiable information. If Google Analytics is enabled, it may collect additional data as described in its own privacy policy; IP addresses are anonymised.

2.3 Booking Engine Data

Room bookings are processed through an external third-party booking engine. When you proceed to make a reservation, you leave our website. The booking engine operator is an independent data controller, and their own privacy policy applies to any data you provide during the booking process.

3. Legal Basis for Processing

We process your personal data on the following legal bases under the GDPR:

  • Consent: When you submit a contact form, you consent to us processing your data to respond to your enquiry.
  • Legitimate interest: We use analytics to improve our website and services, which constitutes a legitimate business interest that does not override your rights.
  • Contractual necessity: If you make a booking enquiry, processing your data is necessary to respond to your request and provide our services.
  • Legal obligation: We may process data to comply with applicable Greek and EU law.

4. How We Use Your Data

We use the data we collect to:

  • Respond to your enquiries and messages
  • Process and manage booking requests
  • Improve our website, content, and services
  • Comply with legal and regulatory requirements

5. Data Retention

Contact form submissions are retained for up to 24 months after the date of your last enquiry, unless a longer retention period is required by law. Analytics data is retained in aggregate, anonymised form and cannot be linked back to individual users.

6. Third Parties

We may share data with or data may be processed by the following third parties:

  • Plausible Analytics — privacy-focused website analytics (no cookies, no personal data)
  • Google Analytics — website analytics (if enabled), with IP anonymisation active
  • External booking engine — room reservations are handled by a third-party platform
  • Vercel — website hosting provider
  • Railway — backend hosting provider

We do not sell, rent, or trade your personal data to any third party.

7. Cookies

For full details about the cookies used on this website and how to manage your preferences, please see our Cookie Policy.

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right to rectification: You may request correction of inaccurate or incomplete data.
  • Right to erasure: You may request deletion of your personal data, subject to legal retention obligations.
  • Right to data portability: You may request your data in a structured, commonly used, machine-readable format.
  • Right to restrict processing: You may request that we limit how we use your data.
  • Right to object: You may object to processing based on legitimate interest.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at info@stayhelios.com. We will respond within 30 days of receiving your request.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this policy periodically.

11. Contact & Complaints

If you have any questions about this Privacy Policy or wish to make a complaint, please contact us at info@stayhelios.com.

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr).

← Back to homepage