Privacy Policy

How we process and protect your personal data

Last updated: February 13, 2026

Spiti Athina respects your privacy. This policy explains what personal data we process, why we process it, and what rights you have.

1. Data controller

Spiti Athina is the data controller for the processing described on this page.

Contact: info@spitiathina.be ยท +32 475 28 33 99

2. What data we collect

Depending on your interaction with the site, we may process:

  • Contact details you provide via the contact form (name, email, message, optional stay dates and number of guests).
  • Communication data when you contact us by email, phone, or WhatsApp.
  • Technical data (IP address, browser/device data, and consent preferences) required for security and website operation.
  • Anonymous analytics data, only after cookie consent is given.

3. Purposes and legal basis

We process personal data for the following purposes:

  • To answer inquiries and provide booking information (pre-contractual steps / legitimate interest).
  • To manage communication around reservations (contract performance).
  • To protect the website against abuse and attacks (legitimate interest).
  • To measure website usage with analytics, only after consent (consent).

4. Cookies and analytics

This website uses a consent banner. Before consent, only essential functionality is active.

  • Essential storage: your cookie choice is stored in local storage (`cookie-consent`).
  • Analytics: Google Analytics may be loaded only after explicit consent.
  • No advertising cookies are set by default.

5. Third parties and recipients

Where relevant, data may be processed by trusted service providers such as:

  • Website hosting provider.
  • Email and communication tools.
  • Google (if analytics consent is granted).

We do not sell your personal data.

6. Retention periods

  • Contact requests: kept as long as needed to respond and follow up.
  • Reservation-related communication: retained for operational and legal obligations.
  • Analytics data: retained according to configured analytics settings.

7. International transfers

Some service providers may process data outside the EEA. Where this happens, we rely on appropriate safeguards (for example standard contractual clauses).

8. Your rights

You can request access, correction, deletion, restriction, objection, and data portability where applicable. If processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with your local data protection authority.

9. Security

We apply reasonable technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.

10. Changes to this policy

We may update this policy from time to time. The latest version is always published on this page with the update date above.

11. Contact

For privacy questions, requests, or complaints, contact us at info@spitiathina.be.