Privacy Policy

Last updated: 14.02.2026

This Privacy Policy explains how Prado Apartment Hotel I.K.E. (“we”, “us”, “our”) collects and processes personal data when you visit our website or make a reservation. We provide short-term accommodation rental services in Limani Litochorou (Litochoro), Pieria, Greece.

1. Who we are

Website: https://pradolitochorou.com

Controller (Data Controller): Prado Apartment Hotel I.K.E.
Registered office: Limenas Litochorou, 60200, Pieria, Greece
Business Tax ID (ΑΦΜ): EL802408390
G.E.MI. No.: 175826248000
Tourism License (MHTE): 0936K132K0213500
Contact email: reception@pradolitochorou.com
Phone: +306947579096

2. What personal data we collect

Depending on how you use the website, we may collect:

  • Reservation data: name, contact details (email/phone), stay dates, number of guests, accommodation details, special requests.
  • Payment-related data: transaction identifiers and payment status. Card details are processed by our payment providers and are not stored by us.
  • Technical data: IP address, browser type, device information, approximate location (country/city), pages visited, and timestamps.
  • Communications: messages you send us by email or contact forms.

3. Why we use your data (purposes)

We process personal data to:

  • provide and manage reservations, check-in/check-out, and guest services;
  • process payments and prevent fraudulent transactions;
  • communicate with you about your booking or requests;
  • comply with legal obligations (tax, accounting, tourism regulations);
  • ensure website security and performance;
  • analyze aggregated website usage to improve our services (where permitted and based on your cookie choices).

4. Legal bases (GDPR)

We process personal data under one or more of the following legal bases (GDPR):

  • Contract (Art. 6(1)(b)): to take steps at your request prior to booking and to perform the accommodation contract.
  • Legal obligation (Art. 6(1)(c)): for accounting, invoicing, and other legal compliance.
  • Legitimate interests (Art. 6(1)(f)): to secure the website, prevent abuse, and improve services.
  • Consent (Art. 6(1)(a)): for non-essential cookies/trackers where required (you can withdraw consent at any time via cookie settings).

5. Payments

We accept payments via Visa, Mastercard, Maestro, American Express and Diners credit and debit cards through Nexi e-Commerce. Bank transfers may also be accepted where applicable.

Card payments are processed securely via the electronic payment platform “Nexi e-Commerce” of Nexi Payments Greece S.A. We do not store full card numbers or CVV codes on our servers. Payment processing may involve the collection of technical and transaction data needed to complete and secure the payment.

6. Cookies and similar technologies

We use cookies and similar technologies to ensure the website works properly and, where permitted, to measure and improve performance. For detailed information about cookies used on this website and your choices, please refer to our Cookie Policy (EU).

7. Embedded content from other websites

Pages on this site may include embedded content (e.g. videos, images, maps). Embedded content behaves in the same way as if you visited the other website directly. Those websites may collect data about you, use cookies, and monitor your interaction with the embedded content, depending on their own policies.

8. Who we share your data with

We may share your data only when necessary, for example with:

  • Payment providers (e.g. Nexi) to process payments;
  • IT/hosting and security providers who help us operate and protect the website;
  • Accounting/legal advisors when required for compliance;
  • Authorities when required by law.

If you request a password reset (if user accounts are enabled), your IP address may be included in the reset email.

9. How long we retain your data

We keep personal data only for as long as needed for the purposes described above:

  • Reservation and transaction records: retained as required by applicable tax/accounting laws.
  • Communications: retained as needed to respond and for record-keeping.
  • Technical logs: retained for a limited time for security and troubleshooting.

10. Your rights (GDPR)

Depending on the circumstances, you may have the right to request access, correction, deletion, restriction, portability, or to object to processing. You may also withdraw consent for non-essential cookies at any time.

To exercise your rights, contact us at: reception@pradolitochorou.com

11. Where your data is sent

Visitor messages and technical data may be processed by our service providers (e.g., hosting/security tools). Where transfers outside the EEA occur, we ensure appropriate safeguards as required by law.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be published on this page with an updated “Last updated” date.

13. Contact

If you have questions about this Privacy Policy, please contact:
reception@pradolitochorou.com