Greek Island Buses

Privacy Policy

Last updated: July 21, 2025

Table of Contents

🇪🇺 GDPR Compliance Notice

This policy complies with the General Data Protection Regulation (GDPR) and ensures your privacy rights are protected when using Greek Island Buses services.

1. Information We Collect

Personal Information:

  • Name and email address (when you create an account)
  • Location data (with your permission, for route planning)
  • Payment information (processed securely through Stripe)
  • Communication preferences and language settings

Technical Information:

  • Device information and browser type
  • IP address and usage analytics (via Google Analytics)
  • Cookie data for functionality and personalization

2. How We Use Your Data

We use your information to:

  • Provide Services: Display bus routes, schedules, and nearby attractions
  • Process Transactions: Handle ticket purchases and refunds
  • Personalization: Remember your language preferences and saved routes
  • Communication: Send important updates about routes and services
  • Analytics: Improve our platform based on usage patterns
  • Legal Compliance: Meet regulatory requirements in Greece and EU

3. Data Sharing and Disclosure

We do not sell your personal data. We may share data with:

  • Service Providers: Stripe (payments), Google (analytics), SendGrid (emails)
  • Bus Companies: Only necessary information for ticket validation
  • Legal Authorities: When required by law or court order
  • Business Transfers: In case of merger or acquisition (with notice)

4. Your Rights Under GDPR

As a data subject, you have the right to:

  • Access: Request copies of your data
  • Rectification: Correct inaccurate information
  • Erasure: Delete your personal data
  • Restriction: Limit data processing
  • Portability: Transfer data to another service
  • Object: Opt-out of data processing
  • Withdraw Consent: Revoke permissions
  • Complain: File complaints with authorities

Contact us at: privacy@greekislandbuses.com to exercise these rights.

5. Data Security

We protect your data using:

  • SSL/TLS encryption for all data transmission
  • Secure database storage with access controls
  • Regular security audits and monitoring
  • PCI DSS compliance for payment processing
  • Staff training on data protection protocols

6. Data Retention

  • Account Data: Retained while account is active + 2 years
  • Transaction Records: 7 years for tax and legal requirements
  • Analytics Data: 26 months (Google Analytics default)
  • Communication Logs: 3 years for customer service

7. Cookies and Tracking

We use cookies for:

  • Essential: Login sessions, security, language preferences
  • Analytics: Google Analytics (anonymized data)
  • Advertising: Google AdSense (personalized ads)
  • Functional: Remember your settings and preferences

You can manage cookie preferences in your browser settings.

8. Contact Information

Data Controller Information

Company: Greek Island Buses

Privacy Officer: privacy@greekislandbuses.com

General Contact: support@greekislandbuses.com

Response Time: Within 30 days (GDPR requirement)

EU Data Protection Authority

If unsatisfied with our response, you may file a complaint with your local data protection authority.

This Privacy Policy is effective as of July 21, 2025, and will remain in effect except with respect to any changes in its provisions in the future.