Privacy policy (GDPR)


Last updated: Jan 28, 2024

We take our guests privacy very seriously and apply a strict policy.

Our DPO (Data Protection Officer) is Andreas Teteris who you will be able to contact via andreas@bigbluenautika.com

Collection of personal data

We collect the following personal data:

  • name
  • address
  • phone-number
  • e-mail address
  • ID-number/passport number
  • credit card information

Needed by us to be able to deliver your trip in a safe and legal way for both us and the guest.

Personal data is collected via the reservation form when booking at our homepage.

Cookies

Both our booking system and webpage provider use session cookies which are deleted when the session is terminated.

We collect usage information from our homepage, instagram and Facebook for analysis of user behaviour by Google Analytics, Facebook Pages and Facebook Ads Manager.

Video may be collected to prevent criminal acts such as theft, vandalism, threats and violence but also to enable us to take action with guests not following our booking conditions and boarding rules.

Storage of personal data

Data is stored in our cloud-based booking system. Webnode keeps all customer data confidential and will only disclose information about the customer to a third party if it is relevant to the service being provided through our agreement. GDPR compliant third-party services may be used for data processing.

Credit card details are stored with Stripe, our credit card payment service. You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy.

For non-EU citizens and in accordance with Border Police requirements, a signed document with personal data is stored in a locked location for three months.

Personal data in our booking system is kept for 18 months.

Usage of personal data

We use personal data to be able to deliver the stay in a safe manner for both us and the guest and in line with European legislation.

Our policy

  • We will not use personal data from our booking system for marketing purposes.
  • We will not use personal data for profiling purposes.
  • We will never sell personal data we have received to a third party.
  • We will never store credit card details as they are not available to us and cannot be communicated or shared.

Consent

As we only use personal data for the purposes mentioned in the point above we assume the guest gives consent by a clear affirmative action (entering their own personal data by themselves and confirming the reservation by pressing a button in the system).

Your right to your information

We will always provide you, free of charge, details about the personal information we have about you in our system.

We will correct, update or erase (after your visit has been completed) any information you require.

We will immediately inform you about any data breach or theft of data.