PLAZA AXTE, operated by the company PLAZA AXTE, is fully committed to safeguarding your personal data. This policy outlines our data collection practices in accordance with Greek Law 2472/1997 (as amended and in force) and the General Data Protection Regulation (GDPR – EU 2016/679).

We may collect the following categories of personal data:

• Identification and Contact Information: Full name, telephone number, mailing address (including country, city, postal code), email, and details related to reservations such as check-in/check-out dates, voucher/reference numbers. For corporate clients, we may also collect tax identification numbers and tax authority details.


• Travel and Legal Documents: Nationality, passport or ID details (number, issue/expiry date, place of birth, etc.), including ID details for EU citizens.


• Payment Details: Card numbers and associated billing information.


• Preferences and Sensitive Data: Preferences in services, communication choices, health-related information including allergies, dietary needs, dermatological conditions, and other potentially sensitive data like sexual orientation or smoking habits—collected only with your express consent and where permitted by law.


• Security Monitoring: Use of video surveillance (CCTV) for safety and property protection, where legally permitted.

PLAZA AXTE may collect data about minors, such as names, ages, identification details, and relevant health information for participation in children’s activities. For teenagers (ages 16–18) staying alone, parental or legal guardian consent is required. We urge parents to supervise the disclosure of personal information by minors.

We may collect data from travel agencies, booking platforms, social media (based on your settings), and other third-party services authorized to share such data. This may also include data updates or corrections from these sources.

Your personal data may be processed for the following legitimate and contractual purposes:

• Accounting and Financial: Invoicing, contracts, payment processing, and service cost analysis.


• Marketing and Communication: Newsletters, promotional campaigns, satisfaction surveys, and contests.


• Service Delivery: Reservations, room services, spa and wellness services, events, gym use, and activities.


• Customer Experience: Enhancing service personalization and hospitality levels during your stay.


• Internal Use: Staff training, performance audits, and operational analysis.

Your information will only be used for the purposes stated above unless otherwise permitted by law or with your additional consent.

Your data will be securely stored only for as long as required by legal, operational, or contractual obligations. Requests for deletion can be made and will be assessed based on the legal grounds for data retention.

We may disclose your data to third parties performing services on our behalf, such as:

• Technical Service Providers: IT and infrastructure support.


• Transportation Partners: Taxi or shuttle service providers.


• Business Collaborators: Tour operators, online booking systems, and promotional partners.


• Payment Processors and Banks: Especially in case of overbookings or transaction disputes.

Our partners are contractually obligated to handle your data with confidentiality and care. Data transfers outside the European Economic Area will only occur under strict legal safeguards, with advance notice where required.

We enforce robust security measures—both technical and organizational—to prevent unauthorized access, alteration, or loss of your data. All staff with access are bound by confidentiality obligations. For electronic records, secure deletion methods are applied when data is no longer needed. Paper records are destroyed through secure shredding.

We advise you not to transmit sensitive financial data via email or text. PLAZA AXTE will never request your credit card details via email or SMS.

You have the right to:

• Access and review your personal data


• Correct or update inaccurate or incomplete data


• Request deletion of your data


• Request restriction or object to data processing under specific conditions


• Receive your data in a portable format

Requests will be addressed within one month, provided legal or contractual obligations do not prevent action. Proof of identity may be required to process your request.

You may withdraw your consent at any time, without affecting the legality of processing performed before the withdrawal. Please send a signed withdrawal request including your full name and reason for withdrawal to:

Data Protection Officer – PLAZA AXTE
Address: Kolokotroni 2, Zakynthos, Greece
Email: info@plazazante.gr