Privacy Policy

1. Who We Are

Gospartan (“we”, “our”, “us”) is a premium private transfer service operating in Sparta, Laconia, Greece. We are the data controller responsible for your personal information collected through this website (gospartan.gr) and through our booking and communication channels.

Contact: info@gospartan.gr  |  Sparta, Laconia, Greece

2. What Data We Collect

We may collect and process the following categories of personal data:

• Identification data: Full name, as provided when making a booking or enquiry.
• Contact data: Phone number and email address.
• Booking data: Pick-up and drop-off locations, date and time of travel, number of passengers, special requirements.
• Communication data: Messages, emails, or call records relating to your enquiry or booking.
• Technical data: IP address, browser type, pages visited, and time spent on site (collected via cookies — see Section 8).

We do not collect sensitive personal data (health, biometric, financial beyond payment reference) unless strictly necessary and with your explicit consent.

3. How We Use Your Data

We use your personal data for the following purposes:

• Processing and confirming your transfer booking.
• Communicating with you about your booking, including changes or cancellations.
• Providing customer support and responding to enquiries.
• Sending service-related notifications (e.g. driver details, ETA).
• Improving our website and services through aggregated analytics.
• Complying with legal obligations applicable in Greece and the European Union.

4. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases, as defined by the General Data Protection Regulation (EU) 2016/679 (“GDPR”):

• Contract performance (Art. 6(1)(b)): To fulfil a booking or respond to a pre-contractual enquiry.
• Legal obligation (Art. 6(1)(c)): To comply with applicable Greek and EU law.
• Legitimate interests (Art. 6(1)(f)): To improve our services and maintain website security.
• Consent (Art. 6(1)(a)): For non-essential cookies and marketing communications, where applicable.

5. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by Greek or EU law:

• Booking and communication records: up to 5 years, in line with Greek commercial and tax law.
• Website analytics data: up to 26 months.
• Enquiries that do not result in a booking: deleted within 12 months.

6. Sharing Your Data

We do not sell, rent, or trade your personal data. We may share data with:

• Our drivers, solely for the purpose of completing your booked journey.
• IT and hosting service providers who process data on our behalf under data processing agreements.
• Greek public authorities or courts, where required by law.

All third parties are required to handle your data securely and in accordance with applicable data protection law.

7. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Request correction of inaccurate or incomplete data.
• Right to erasure: Request deletion of your data where no legal obligation requires its retention.
• Right to restriction: Request that we limit how we use your data in certain circumstances.
• Right to portability: Receive your data in a structured, machine-readable format.
• Right to object: Object to processing based on legitimate interests.
• Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.

To exercise any of these rights, contact us at info@gospartan.gr. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr.

8. Cookies

Our website uses cookies to ensure basic functionality and to analyse site usage. We use:

• Strictly necessary cookies: Required for the website to function. Cannot be disabled.
• Analytics cookies: Help us understand how visitors use the site. Only set with your consent.

Your accessibility preferences (font size, contrast, etc.) are stored in localStorage on your device and are not transmitted to our servers.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our website is served over HTTPS. Access to personal data is restricted to authorised personnel only.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The “Last updated” date at the top of this page will always reflect the most recent revision. Continued use of the website after any changes constitutes acceptance of the updated policy.

11. Contact

For any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact us: