Privacy Policy

PRIVACY POLICY

MTG Travel

Last updated: [26/02/2026]

1. Data Controller Information

This website is owned and operated by:

MTG Travel – Vasileios Manolis
Registered Address: Airport area field 948 Po Box 60148 zip 57001 Thermi Thessaloniki, Greece
VAT Number: EL059276674
Email: info@mtgtravel.gr
Telephone: +30 2392401627

For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), we act as the Data Controller of your personal data.

2. Scope of This Policy

This Privacy Policy explains how we collect, use, store, and protect personal data when you:

  • Visit our website (www.mtgtravel.gr)

  • Book transfers or tours

  • Contact us via forms, email, WhatsApp, or phone

  • Subscribe to our newsletter

  • Interact with us through third-party platforms

3. Personal Data We Collect

Depending on the service provided, we may collect:

A. Identification & Contact Data

  • Full name

  • Email address

  • Phone number

  • Pickup/drop-off address

  • Country of residence

B. Booking & Travel Information

  • Flight details (flight number, arrival/departure time)

  • Hotel information

  • Number of passengers

  • Luggage details

  • Special requests (e.g., child seats)

C. Payment & Transaction Data

  • Billing address

  • VAT details (for invoices)

  • Payment confirmation details

⚠️ We do not store full credit card details. Payments are processed securely through certified third-party payment providers.

D. Technical Data

When you visit our website, we may automatically collect:

  • IP address

  • Browser type and version

  • Device type

  • Operating system

  • Website navigation behavior

E. Marketing Data

  • Newsletter subscription preferences

  • Communication preferences

4. Legal Basis for Processing (Article 6 GDPR)

We process personal data only when we have a lawful basis:

1️⃣ Performance of a Contract

When you book a transfer or tour, we process your data to:

  • Confirm and manage your reservation

  • Provide transportation services

  • Issue invoices

  • Communicate booking details

2️⃣ Legal Obligation

We retain invoicing and accounting data in accordance with Greek tax law.

3️⃣ Legitimate Interest

We may process data for:

  • Fraud prevention

  • Website security

  • Improving services

  • Business administration

4️⃣ Consent

We rely on your consent for:

  • Newsletter subscriptions

  • Marketing communications

  • Non-essential cookies

You may withdraw your consent at any time.

5. How We Use Your Personal Data

We use your information to:

  • Process bookings and provide services

  • Send booking confirmations

  • Communicate driver details

  • Provide customer support

  • Issue invoices and payment reminders

  • Improve website performance

  • Comply with legal obligations

  • Send marketing communications (if you have opted in)

We do not sell personal data to third parties.

6. Sharing of Personal Data

We may share personal data only when necessary with:

  • Drivers and subcontracted transport partners

  • Accountants and tax advisors

  • IT service providers

  • Payment processors

  • Hosting providers

  • Marketing and analytics providers

  • Legal authorities where required by law

All partners are contractually bound to process data securely and lawfully.

7. Bookings Through Third-Party Platforms

If you book our services through platforms such as:

  • Viator

  • GetYourGuide

  • Bókun

Please note:

  • These platforms act as independent Data Controllers.

  • Your data is also processed according to their privacy policies.

  • We receive only the data necessary to perform the booked service.

8. International Data Transfers

Some service providers (e.g., analytics or cloud hosting providers) may process data outside the European Economic Area (EEA).

In such cases, we ensure appropriate safeguards are implemented, including:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions by the European Commission

9. Data Retention Period

We retain personal data only as long as necessary:

  • Booking & service data: up to 5 years

  • Accounting & invoicing data: 10 years (Greek tax law)

  • Marketing data: until consent is withdrawn

  • Analytics data: according to cookie retention policies

After the retention period expires, data is securely deleted.

10. Security Measures

We implement appropriate technical and organizational measures including:

  • SSL encryption

  • Secure servers

  • Access controls

  • Firewall protection

  • Restricted staff access

  • Secure backup systems

Despite these measures, no internet transmission is completely secure.

11. Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion (“right to be forgotten”)

  • Restrict processing

  • Object to processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, contact us at:
📧 info@mtgtravel.gr

You also have the right to lodge a complaint with:

Hellenic Data Protection Authority (HDPA)
Website: www.dpa.gr

12. Cookies & Tracking Technologies

Our website uses cookies to:

  • Ensure website functionality

  • Analyze website traffic

  • Improve user experience

  • Deliver relevant advertisements

We use services such as:

  • Google Analytics

  • Google Ads

Non-essential cookies are activated only after your consent via our cookie banner.

You can manage or withdraw your consent at any time through the cookie settings panel.

13. Third-Party Websites

Our website may contain links to third-party websites.
We are not responsible for their privacy practices.

14. Children’s Data

Our services are not directed to individuals under 18 years of age.
We do not knowingly collect data from minors.

15. Policy Updates

We may update this Privacy Policy from time to time.
The latest version will always be published on our website with the updated date.