BlackSwan Yachting Santorini & Cyclades

Privacy Policy

This Privacy Policy describes how the company named ” PROFIT NP SINGLE MEMBER PRIVATE COMPANY” acting by law as a “Data Controller”, processes personal data following the applicable national legislation and the European Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as the “Regulation”).

Data Controller:
Our company ” PROFIT NP SINGLE MEMBER PRIVATE COMPANY “, with the distinctive title ” PROFIT NP SM PC”, with registration number 156021701000,
TIN: 801400738 KEFODE Attikis Tax Office
HEAD OFFICE: 30 PORTARIAS street, PANORMOU ATHENS, P.C. 11523
Tel.: + (30) 210 6990177
E-mail: info@profitnp.com.gr

Data Protection Officer (DPO):
For any matter relating to the processing of personal data, please contact us directly at e-mail: info@profitnp.com.gr

Responsible Authority for the Protection of Personal Data:
Hellenic Data Protection Authority
(Kifisias 1-3, P.C. 11523, Athens, Tel.: +(30) 210 6475600, Fax: 210 6475628,
e-mail: contact@dpa.gr )
What is Personal Data?
The term “personal data” refers to any information relating to an identified or identifiable natural person, i.e. information about natural persons, such as name, full name, postal address, e-mail address, contact telephone number, etc., which identifies or can identify you.

What is the processing of Personal Data?
‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

What data do we collect:
When you browse through our website https://www.blackswan.com.gr/
We provide you with access to our website, ensure that it is not offline and receive anonymous statistics that help us determine if we have been successful.
We process your personal data to provide you with access (such as your IP address) and use it to ensure the security of our website.
When you enter our website, they are automatically sent by the terminal browser you use and without any action on your part to our website’s transit server:
the IP address of your device,
the date and time of access,
the name and web address (URL) of the requested file,
the website/application from which the access was made (referrer-URL),
the browser you are using, the operating system of your computer that can access the Internet, and the name of the access provider.
The above data are temporarily stored in a log file for the purposes of proper connection creation, and comfortable use of our website. If you have consented to “geolocation” in your browser or operating system or other settings of your terminal, we will use this function to be able to provide you with personalized services concerning your current location (your location data) in relation exclusively to the location of our offices. Once you stop using our website, the geolocation data is deleted

When you use the Contact Us and Book Online page on https://www.blackswan.com.gr/
When you contact us via the form on our website or by email at info@blackswan.com.gr , we also receive personal data from you, that includes your full name (first name and surname), email address and telephone number. This data is used by us only for the management of your request and for the communication between us and not for advertising purposes, nor do we share it without your consent.

Information collected through cookies when you browse the site. You can learn more about our use of cookies here.

Your social media username, if you interact with us through social media, to facilitate a response to your comments or questions.

Traffic statistics of our website.

Third party information
We may receive information about you from third party social networking services when you choose to connect to those services.
Based on current partnerships, we receive information that you have posted and/or consented to from Google, Facebook, Twitter, YouTube, when you choose to use these services.

Use of Social Networks
” PROFIT NP SM PC ” manages professional accounts in the social networks Facebook and Instagram, where we publish information about our services, as well as photos sent to us by users.
Legal basis: consent (Article 6(1)(a) GDPR), which allows us to process your personal data with your consent and until it is withdrawn.
Social Plug-ins and Social Network Buttons: our website includes social plug-ins and buttons (e.g. for Facebook, Instagram), which you can use to share our company’s content or interact with our accounts on these social networks. These buttons are links to third party websites that collect and process personal data according to their own privacy policies, for which we are not responsible. Users are advised to be aware of the privacy policies of the respective social networks. We have integrated these plug-ins to make our website more functional and to enhance our company’s presence and promotion on social networks. Our presence on these networks is based on our legitimate interest in advertising our services and creating interaction with our customers.
Use of Social Networks: when users express a preference (e.g., “like” or “follow”) on our page on social networks, they agree, in accordance with the practices of the respective networks, to receive messages, advertisements and content from our page. If users address questions or posts, these will be visible to “friends” or “followers” of our page and can be answered through the features of the social network itself.
If our users send us personal or direct messages, their content may be accessible to our employees or external partners who manage our social network presence. Users should not post or send offensive, illegal or sensitive content, such as special category data or data of minors, as we cannot ensure the security of or restrict access to such data. If these restrictions are violated, we reserve the right to delete the content and, if necessary, to disclose user information to the relevant authorities.
Links to Third Party Websites and Applications : Our website may contain links to other third-party websites or applications. By activating these links, third parties may collect or disclose user data in accordance with their own privacy policies. The Company has no control over third party websites and is not responsible for their privacy practices. Users are advised to read the privacy policies of the websites they visit. The presence of these links on our website is based on our legitimate interest in improving our services and developing our business through interaction with relevant platforms and services.

How do we use your Personal Data:
Depending on the case, your data is used for the following purposes:
Completion of service requests: We process your data to fulfil our contractual relationship, complete service orders, provide customer service, comply with legal requirements and manage any legal claims. If we do not collect the necessary data at the time of request, we will not be able to properly process your request or comply with our legal obligations. We may also need to share your data with third parties to process the provision of the service. Your data may be retained for a reasonable period of time to fulfil our contractual obligations and to comply with legal obligations (e.g., tax obligations).
Contact: we use your data to respond to requests, queries, refunds or complaints. The information you give us allows us to manage your requests in the best possible way and to keep a record to serve you more efficiently in future communications. This is based on contractual and legal obligations, as well as our legitimate interest in continually improving our services.
Develop and improve our services: We process your data to develop and improve our services, based on our legitimate business interest.
Compliance with contractual or legal obligations: Your data is used to fulfil contractual obligations to you or to comply with legal obligations and court orders.
Protection against fraud and illegal activities: We monitor browsing activity to promptly resolve problems and protect the integrity of the site. For example, we use automated IP address tracking to detect possible unauthorized access.
Sending legally required or necessary updates: we send updates required by law or necessary to inform you of changes to our services. These messages include privacy policy updates and legally required information about your requests. Such communications do not include promotional content and do not require prior consent if sent via email or SMS. Without this data, we cannot comply with our legal obligations.
*It is noted that the processing of your data is carried out either by authorized personnel of the Company or by the Company’s information systems and electronic devices. In some cases, external partners committed to the confidentiality and protection of your data may carry out the processes necessary to support objectives strictly related to our website, services and sales.

Why do we collect your personal data:
The above personal data are processed by our Company exclusively for the following purposes and in accordance with the following legal bases, as defined by the General Data Protection Regulation (EU) 679/2016 (GDPR):
Contract performance (Article 6(1)(b) GDPR): for the performance of the distance selling contract and the execution of orders on www.blackswan.com.gr or for taking measures at your request before the conclusion of the contract, it is necessary to process the personal data provided during the registration and management of your request. The processing includes the registration and management of the order, the recording and monitoring of transactions and communication for the processing stages. The purpose of this processing is to complete the specific request, to communicate and send informative messages and clarifications related to the order, to confirm and identify you in any necessary case.
Consent (Article 6(1)(a) GDPR): for specific cases, such as the promotion of our company and its services in social networks, enabling users to express their opinion through comments or “like” for the services and the posting of photos, we ask for your consent. When collecting data, we inform you which data is necessary for each service. Your consent is free and can be withdrawn at any time, without affecting the lawfulness of the processing prior to the withdrawal.
Legal obligation (Article 6(1)(c) GDPR): processing is necessary for the Company to comply with legal obligations, such as tax law, e-commerce law, trade law and other regulatory requirements.
Legitimate interest (Article 6(1)(f) GDPR): In certain cases, we process your data based on the Company’s legitimate interests, in a way that is reasonable in the context of our business and does not substantially affect your rights, freedom or interests. Examples of this processing include developing and improving our services, preventing fraud, protecting the security of our systems and answering questions about our services before a sale.
Based on the above, the Company processes your data in full compliance with the provisions of EU Regulation 2016/679 (GDPR), ensuring that there is a clear and legally valid basis for each type of processing.

Who are the recipients of your Data
Your personal data can only be accessed by authorized Company personnel, limited to the absolutely necessary people, who are bound by a confidentiality obligation. In addition, affiliated companies or third-party service providers, acting as Processors on our behalf, have access to your Data in accordance with our instructions and the processing contracts we enter into with them, as provided for by Article 28 GDPR.

How your Data is shared
Disclosure of data by our Company: We share with:
Third party service providers that process data on our behalf, hosting and data maintenance, email distribution, research, analytics and promotional management. For any cooperation with third party providers, we enter into specific contracts in accordance with Article 28 GDPR, ensuring that appropriate technical and organisational protection measures are implemented.
Other third parties, when required to:

Compliance with requests from an organ of the Greek state, court decisions or applicable law (Article 6(1)(c) GDPR),
Prevent illegal use or violations of our Terms of Use and policies,
Protecting the Company from third party claims; and
Preventing or investigating cases of fraud.
Other third parties, with your consent (Article 6(1)(a) GDPR), to share data for purposes you have agreed to.
Sharing Data from you: if you choose to use social media, you can share information such as your username, profile picture and geographic location. You may also share content and interaction information with the Company.
The Processors processing on our behalf have agreed and contractually committed to our company, such as:
Maintain strict confidentiality,
They shall not disclose data to third parties without authorization and permission from us,
They shall not disclose or disclose data to anyone other than the data subject without our prior written consent and shall not disclose it to anyone other than the data subject without our prior written consent.
They comply with the legal framework for the protection of personal data and in particular Regulation (EU) 979/2016 ( GDPR).

Data transfer
Personal data is stored within the EU. However, some of the recipients of the Data with whom we share your Personal Data may be located in countries other than the one where the original collection of your Personal Data took place. The laws in those countries may not provide the same level of data protection as the country that originally provided your Personal Data. However, when we transfer your Personal Data to recipients in other countries, including the United States, we are committed to protecting your Personal Data as described in this Privacy Policy and in accordance with applicable law. We take steps to comply with applicable legal requirements for transferring Personal Data to recipients in countries outside the European Economic Area or Switzerland that do not provide an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries enjoys adequate protection under data protection rules. These include signing the Contractual Clauses, certifying that the recipient has adopted the European Binding Rules in accordance with the GDPR (Articles 44-46)
Data Storage
Data is stored for as long as required by law or for the fulfilment of the purposes of the Policy (unless a longer storage period is required by applicable law).

Personal Data Security
” PROFIT NP SM PC ” applies appropriate technical and organizational measures to ensure the secure processing of personal data and to prevent accidental loss or destruction and unauthorized and/or illegal access, use, modification, or disclosure of them.
To ensure an appropriate level of security against the risks and the selection of the appropriate technical and organizational measures, the company shall take into account the latest technological and other developments, the cost of implementation, the nature, context, and purposes of the processing, as well as the probability and risk of accidental loss or destruction and unauthorized and/or illegal access to, use, modification or disclosure of personal data, and the seriousness of the risks involved.
For the security of our website, to ensure the integrity, secrecy, and provenance of any information during transmission, we use the secure HTTP connection through the network security protocol technology, Secure Sockets Layer (SSL).

Your rights when we process your data:
You have the right to know when ” PROFIT NP SM PC ” processes your data and particularly you have the right to access and correct the information without delay, in case it is inaccurate or incomplete. You have the right to be informed at any time about the data stored concerning your person, their origin, their receiver, and the purpose of their processing.
In addition, you may object to their processing, if you consider it to be unfair and illegal and request their deletion.
You have the right to revoke your consent at any time: If the processing of your data by “PROFIT NP SM PC ” is based on your consent, you are entitled at any time to object to this processing by revoking your consent with future effect. You may request to notify third parties for any of the above changes, to whom your data has been disclosed. You also have the right to not comply with automated decisions (made solely by machines) that offend you, as defined by law. Finally, you have the right to complain at any time if you believe that your data protection rights have been infringed.

How to exercise your rights
If ” PROFIT NP SM PC “, processes personal data concerning you and you wish to exercise your rights regarding their protection, please contact us by e-mail at info@profitnp.com.gr , or in a sealed envelope, to the attention of the Data Protection Officer (DPO) at ” PROFIT NP SM PC ” 30 PORTARIAS street, PANORMOU ATHENS, P.C. 11523. In principle, we cannot accept verbal requests (by telephone or in-person), as we may not be able to process your request immediately without first analyzing it and making a reliable identification of you.

Right of Appeal to the Authority
You also have the right to appeal to the Hellenic Data Protection Authority on issues relating to the processing of your personal data. For the competence of the Authority and how to file a complaint, you can visit its website http://www.dpa.gr -> My rights -> File a complaint), where you will find detailed information.

Policy Amendments
This Policy is updated whenever necessary. We encourage you to read this Policy from time to time to know how your Data is protected.

Last update: January 2025