Privacy Policy

Effective date: January 29, 2026

1. Overview

At neexoras, the protection of personal information is taken seriously. This Privacy Policy outlines what data we collect, how and why it is used, how long it is retained, and the rights available to individuals whose data we process.

2. Data Controller

The entity responsible for the processing of personal data is neexoras, operating within Greece and adhering to applicable European Union data protection regulations.

Contact email: contact@neexoras.com

3. Categories of Personal Data

Depending on how you interact with our website or services, we may process the following types of information:

  • Personal identification details (such as name and surname)
  • Contact information (including email address and phone number)
  • Details related to reservations, event planning, or service requests
  • Information voluntarily submitted via forms, emails, or other communications
  • Technical and usage data (such as IP address and cookie-related data; see our Cookie Policy for details)

4. Purpose of Processing and Legal Grounds

Personal data is processed only for defined purposes and in accordance with Article 6 of the GDPR:

  • Service provision and reservation management — Legal basis: performance of a contract (Art. 6(1)(b) GDPR)
  • Handling inquiries and providing customer assistance — Legal basis: legitimate interest (Art. 6(1)(f) GDPR)
  • Providing information about services or offers — Legal basis: legitimate interest (Art. 6(1)(f) GDPR)
  • Compliance with legal and regulatory requirements — Legal basis: legal obligation (Art. 6(1)(c) GDPR)
  • Distribution of newsletters or informational updates — Legal basis: consent (Art. 6(1)(a) GDPR)

5. Retention Period

Personal data is stored only for as long as necessary for its intended purpose:

  • For the duration required to deliver services and address potential claims
  • For statutory retention periods mandated by law (e.g. accounting or tax obligations, typically up to five years)
  • Until consent is withdrawn, where processing is consent-based
  • Until an objection is submitted, in cases of direct marketing

6. Data Disclosure

Personal information may be shared solely with reliable third parties involved in service delivery, such as:

  • IT infrastructure and hosting providers
  • Accounting and legal advisors
  • Payment processing providers
  • Public authorities, where disclosure is legally required

Note: Personal data is not transferred outside the European Economic Area (EEA).

7. Your Rights

Under the GDPR, you are entitled to:

  • Access your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion of your data (“right to be forgotten”)
  • Restrict data processing
  • Receive your data in a structured, portable format
  • Object to the processing of your data
  • Withdraw consent at any time
  • File a complaint with a relevant supervisory authority

8. Data Protection Measures

We apply appropriate technical and organizational safeguards to protect personal data, including SSL encryption, secure server environments, and restricted access controls aimed at preventing unauthorized access, loss, or misuse.

9. Privacy Contact

For questions or requests related to data protection or this Privacy Policy, please contact:

Email: privacy@neexoras.com

10. Policy Updates

This Privacy Policy may be revised to reflect legal, technical, or operational changes. Any updated version will be published on this page. Users are encouraged to review the policy periodically.