Privacy Policy

This Privacy Policy describes how Go Local G.P. ("GoLocal", "we", "us", or "our") collects, uses, and protects your personal data when you visit our website at golocaltransfer.com, make a booking, or otherwise interact with our services. We are committed to protecting your privacy in full compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Greek Law 4624/2019.

It should be read alongside our Terms of Use, which govern the use of our website and services.

Data Controller:

Go Local G.P.
Mithymna, Lesvos 81108, Greece
VAT No.: 803198748
Email: info@golocaltransfer.com

By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with its terms, please do not use our website or services.

This Policy may be updated periodically. We will indicate the date of the latest revision at the top of this page. Continued use of our website following any changes constitutes your acceptance of the updated Policy.

Under the GDPR, we are required to identify a legal basis for each type of personal data we process. We process your data on the basis of performance of a contract (Article 6(1)(b)) when handling your booking and managing your transfer or tour service.

When retaining passenger and transaction records as required by Greek tax law, we do so on the basis of a legal obligation (Article 6(1)(c)).

For responding to general enquiries and improving our website through analytics, we rely on our legitimate interests (Article 6(1)(f)).

Finally, where you have opted in to marketing communications or consented to non-essential cookies, we process your data on the basis of your consent (Article 6(1)(a)).

Where we rely on your consent as the legal basis, you have the right to withdraw it at any time without affecting the lawfulness of any processing carried out prior to that withdrawal.

We work with a number of trusted third-party service providers who may process your personal data on our behalf. We ensure that all third parties we engage with are GDPR-compliant and process your data only for the purposes described in this Policy.

Our website uses cookies — small text files placed on your device — to ensure the proper functioning of our website and to help us understand how visitors interact with it.

Under the GDPR, you have the following rights regarding your personal data:

Right of access: You have the right to request a copy of the personal data we hold about you.

Right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

Right to erasure: You have the right to request that we delete your personal data, where we are not legally required to retain it.

Right to restriction of processing: You have the right to request that we limit the way we use your personal data in certain circumstances.

Right to data portability: You have the right to request that we transfer your personal data to you or to a third party in a commonly used, machine-readable format.

Right to object: You have the right to object to the processing of your personal data where we rely on legitimate interests as our legal basis, or where we process your data for direct marketing purposes.

Right to withdraw consent: Where we process your data on the basis of your consent, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise any of the above rights, please contact us at info@golocaltransfer.com. We will respond to your request within 30 days.

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

Booking & passenger records are retained for a minimum of five (5) years following the date of service, in accordance with Greek tax law and accounting obligations.

Enquiry & contact data (name, email, phone number): Where you have an existing customer relationship with us or have consented to receive marketing communications, we may retain your contact details for this purpose until you opt out or withdraw your consent.

Analytics data collected via Google Analytics is retained in anonymised, aggregated form and is subject to Google's own retention policies.

Payment data is not retained by us at any point. All payment records are managed exclusively by our payment provider.

When personal data is no longer required, it is securely deleted or anonymised.

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, or disclosure.

• All data transmitted between your browser and our website is encrypted via HTTPS/SSL.
• Access to customer records is restricted to authorised personnel only.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Hellenic Data Protection Authority (HDPA) within 72 hours of becoming aware of the breach, as required by Article 33 of the GDPR. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

If you have any questions about this Privacy Policy or wish to exercise any of your rights as described in Section 7, please contact us at:

Go Local G.P.
Mithymna, Lesvos 81108, Greece
WhatsApp: +30 698 580 0976 / +30 698 223 5449
Email: info@golocaltransfer.com

If you believe that we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA):

Hellenic Data Protection Authority
(ΑΡΧΗ ΠΡΟΣΤΑΣΙΑΣ ΔΕΔΟΜΕΝΩΝ ΠΡΟΣΩΠΙΚΟΥ ΧΑΡΑΚΤΗΡΑ)
1–3 Kifissias Avenue, Athens 115 23
Tel: +30 210 6475600
Website: www.dpa.gr