Privacy Notice

The sole proprietorship under the name “Dioni Kalogeropoulou” and the distinctive title “Diodati Villas” (MI.T.E. registration no. 0831Κ91000428201), with registered seat in Lefkada Greece (hereinafter “Diodati”) is the Data Controller of your personal data, during your visit to this website and use of other services. Diodati is committed to respecting and protecting the privacy of this website’s visitors and users of its services and is obligated to inform you in a transparent way of the respective processing of your data.

Diodati reserves the right to amend and update this Notice whenever necessary. If there are any changes to this Notice, the new document will be uploaded on the website. Therefore, you are kindly requested to carefully read this Privacy Notice and check the webpage periodically.

The protection of your personal data is subject to the relevant provisions of the applicable European legislation (mainly EU General Data Protection Regulation 2016/679) and respective Greek law for the protection of the individuals from the processing of personal data, as supplemented by decisions of the competent supervisory authorities.

1. Does this apply to me?

The information provided in the following paragraphs refers to the processing of personal data with respect to services and features provided through the website, as well as with respect to the bookings made for accommodation in Diodati Villas, online through or via phone at +306959555844 (hereinafter the “Services”).

Please do not use the Services of this website if you are younger than 15 years old.

2. What personal data does Diodati process?

In the context of the Services, Diodati collects and further processes the following categories of personal data:

A. When booking a villa for accommodation;

Basic information (such as name, surname, account password)
Contact details (such as postal address, mobile and landline phone number, email address, preferred means of contact, preferred language of contact)
Other information relating to your booking through this website (such as order history, room type, location of the transaction)
Payment details regarding the transaction (such as credit/debit card details)
Voice recording of the transaction concluded, when booking via phone.

B. When receiving newsletters

Contact details (email address, preferred language of contact)
Optional information for receiving personalised communications (such as date of birth, sex, profession, preferences of vacations and tourist services).

C. When using other features and services through

Contact details and other information that may be provided by you -regarding any request and query- via any of Diodati’s email addresses indicated at for such communication.

In certain cases, Diodati also collects automatically technical information that does not directly identify you, such as the browser type, PC operating system, domain name of the webpage from which the connection was made, location and other information arising from the use of website cookies (such as IP address, web content viewed etc.). All web traffic (file transfer) between this site and your browser is encrypted and transferred via the HTTPS protocol using Secure Sockets Layer (SSL).

For more detailed information on the use of cookies on this website, please refer to the Cookie Policy.

3. How and why does Diodati process your personal data?

Diodati will process the personal information that you provide in the context of the Services and depending on the case, under the following lawful grounds and purposes:


To provide the Services to you and specifically in order to enable you to book a villa for your accommodation, online or via phone. In this case, Diodati acts because of the contractual relationship by which you will be granted access to and use its offered services and Diodati will accommodate any related request you may have.

Legitimate interest

It is in Diodati’s legitimate interests to process personal data of the bookings. Moreover, Diodati processes personal data in order to ensure website and transactional security and proper operation, to back-up data and to safeguard business continuity. It is also in Diodati’s legitimate interests to process your personal data to develop and optimise its services, by contacting you to conduct surveys on your feedback for its services.


In case you need to disclose to Diodati some health condition such as allergy, disability etc., as necessary in the context of your accommodation in its villas, Diodati will request your explicit consent (Art. 9.2.a GDPR) for doing so. You may withdraw such consent by contacting Diodati.

Following your specific consent as a plain website visitor by clicking at the respective option on the website or as a social media follower by enabling the respective functionality, Diodati can enlist you in its newsletter subscribers list, should you wish so. Diodati will maintain your basic contact details (email address, social media profile) in order to send you information on its services which you may be interested in. You may withdraw such consent at any time by clicking “unsubscribe” at the bottom of each communication received or by disabling the relevant social media feature.

Following your specific consent and in accordance with your selection of choices while entering this website, Diodati will process your personal data collected through cookies and similar technologies, in order to improve your experience on this website, to analyse website use and to pursue advertisement activities. You may withdraw such consent and find more detailed information on the use of cookies on this website, in the Cookie Policy.

4. How long will Diodati keep your information?

Diodati will keep the information that you provide only for the time necessary for it to achieve the above purposes or for as long as it is required by law. Such time may differ depending on the particular use e.g. your email that you gave in order to receive newsletters from Diodati will be kept until you submit an opt out or consent withdrawal request and provided that Diodati is not required to keep it for any other purpose.

5. Who has access to your data and how is this access secured?

Any information processed in the context of the Services will be kept by Diodati’s authorised personnel.

Moreover, in order to ensure optimum provision of services and operations and in accordance with the applicable legislation on the protection of personal data, the recipients of your personal data may be the following: Dioni Kalogeropoulou

Any administrative, judicial or public authority or generally any legal or natural person to whom, by law or court decision, Diodati may be obliged or has a right to disclose such data.
Please refer to the Cookie Policy for a complete list of all companies that may have access to data collected through cookies while browsing the website.

The safety of your information is of utmost importance to Diodati. Diodati tries to be always up-to-date in respect of digital transformations and adopts technical and organizational measures that ensure, to the extent possible, the smooth operation of this website and the protection of the integrity, confidentiality and availability of any information transmitted through this channel. Nonetheless, Diodati encourages you to review the website Terms and Conditions referring to the matters over which Diodati does not have control and cannot guarantee, such as, the way you enter and use the website.

6. What rights do you have?

You are entitled to the following rights in relation to your personal data:

The right to request access to your data that Diodati keeps and receive a copy of your data
The right to request rectification of inaccurate or incomplete data that Diodati maintains related to you
The right to request the erasure of your data that Diodati is no longer entitled to keep
The right to object to the processing of your data that is based on Diodati’s legitimate interest
The right to request the restriction of processing
The right to data portability, i.e. to request that Diodati, or another controller, provides you with your personal data in a structured, easily readable format (e.g. USB)
The right to revoke your previously given consent, where the processing is based on your consent

If you exercise any such right, Diodati will undertake all necessary measures to address the request within 1 month or up to 2 additional months if the perplexity of request or total number of requests received so requires. You will be notified in writing of the satisfaction of the request, or alternatively of the reasons that prevent Diodati from satisfying such request. Please keep in mind that the exercise of the above rights is subject to certain requirements and limitations set by law e.g. Diodati may not be able to address a request if it doesn’t receive identification details necessary to protect your data and confirm that it’s you who makes a request, or delete information that Diodati may be obligated to keep in order to comply with an obligation or to pursue its legitimate interest.

7. Contact

To exercise your above-mentioned rights regarding the processing of your data in the context of the Services, please send an e-mail to Diodati’s Data Protection Officer at the following email address: [email protected].

Lastly, in case you feel your personal data protection has been violated in any way, you are entitled to file a complaint with the Greek Data Protection Authority, by using the following contact details: | 1-3 Kifissias Ave., Athens 115 23 | +30 210 6475600 | Fax: +30 210 6475628 | [email protected]