Privacy Policy

Agapi Beach Resort (referred to as ‘we’, ‘us’, ‘our’, ‘Agapi’) is committed to protecting your privacy and handling your data in an open and transparent manner. Agapi recognizes that privacy is important to you and wants you to be familiar with how we collect, use, and disclose your personal data.

For the purposes of this Policy, personal data shall mean any information relating to you which identifies or may identify you and which includes, for example, your name, address, identification number etc.

This Policy describes the privacy practices of Agapi Beach Resort as a data controller and is compliant with the General Data Protection Regulation EU 2016/679 and national law 4624/19 as well as the guidelines of the Hellenic Data Protection Authority. It explains what information we collect about you when you visit our site and/or when you make a reservation with us and how we handle your information to ensure that your rights are always respected.

Who we are

Agapi Beach Resort offers premium all-inclusive package showcases all of the modern perks you’d expect from a four-star hotel destination – complemented by an inspiring sense of tradition and community that will have you planning your next holiday here ​before your first visit has ended

Head Office

Address: 76, Andrea Papandreou Str, Ammoudara, 71414 Gazi Heraklion, Crete

Tel: +302810250502

Data Protection Officer:


When you directly register to make a reservation or use our services and upon your check-in at our hotel we may ask you to provide certain personal information including your full name, identity card, passport, physical and email address, credit card number, telephone number, registration, payment details etc.

When you visit our websites, we may also collect information on an ongoing basis through Google Analytics about what pages you access or visit, and information about your use of our site, for example the pages viewed, the website from which you came to visit our site, changes you make to information you provided to us and your transactions including by use of cookies.


Our website is not intended for children under 15 years of age but we may allow children, with their parents’ or legal guardian’s consent, to become recipients of our services as guests at our hotel.


We process your personal data in accordance with the EU Regulations for one or more of the following reasons:

  1. Necessary for the performance of a contract
  • To carry out our obligations with respect to any contractual agreements between us with respect to information and services that you may request from us
  • To process a hotel reservation
  • To process your check-in
  • To process your payment
  • To take your reservation for events
  • To facilitate your participation in tours
  1. Necessary for Agapi to comply with a legal obligation

To fulfil our tax, accounting, and reporting obligations

  1. To serve our (and third party) legitimate business interests

Legitimate interest is when we have a business or commercial reason to use your information. But even then, such use is consistent with the fundamental rights of individuals, for example:

  • To provide you with effective customer service and support
  • To respond to your requests
  • To improve the security and usability of our website and services
  • To perform customer satisfaction surveys
  • To execute business transactions with you
  • To keep you updated on our new services and offers
  • To operate CCTV systems to prevent illegal actions, to protect you and our staff and our property

4. You have given us your consent.

Subject to a valid consent you have freely provided the lawfulness of such processing is based on that consent.


In the course of the performance of our contractual and legal obligations your personal data may be provided to various service providers and suppliers. Those service providers and suppliers are bound by Data Processing Agreements, and they are obliged to safeguard confidentiality and data protection according to the data protection regulation.
Such service providers and suppliers may be:

  • External legal consultants
  • Information technology companies
  • Financial and business advisors
  • Cloud providers
  • External auditors and accountants
  • Marketing Companies
  • Outsourcing services companies
  • Law enforcement agencies
  • Third parties you have used to contact us
  • Card payment companies
  • Travel Agencies


Your personal data may be transferred to third countries in order to fulfil a legal or contractual obligation or because you have given us your consent. Processors in third countries are obligated to comply with the European data protection regulations and to provide appropriate safeguards in relation to the transfer of your data in accordance with GDPR Article 46.


We will process and store your Personal Data for the duration of our relationship with you, and as long as necessary to fulfill our contractual and legal obligations.

We will delete your data:

  • When it is no longer necessary for the purposes for which that information was collected and processed
  • Upon your request or objection, provided there are no overriding legal grounds requiring Agapi Beach Resort to maintain that information
  • When necessary to comply with our legal obligations and
  • If our collection of information was based on your consent, upon the withdrawal of your consent


In executing our business activities, we do not use any automated decision-making. We may from time to time process some aspects of your data automatically, in order to enter into a business relationship with you.


  • We may process your personal data to tell you about products, services and offers that may be of interest to you or your business. The personal data that we process for this purpose consists of information you provide to us and data we collect when you use our products.
  • We can only use your personal data to promote our products and services to you if we have your consent to do so or if we consider that it is in our legitimate interest to do so
  • You have the right to object at any time to the processing of your personal data for marketing purposes, which includes profiling


You have the following rights in terms of your personal data:

  • Receive access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • The right to have your Personal Data corrected or rectified. This enables you to have any incomplete or inaccurate data we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to erase your personal data [known as the ‘right to be forgotten’] where there is no legitimate reason for us to continue to process it.
  • The right to object to the processing of your Personal Data, where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. If you lodge an objection, we will no longer process your personal data unless we can demonstrate the legitimate grounds for the processing which override your interests.
  • The right to restrict the processing of your Personal Data, this enables you to ask us to restrict the processing of your personal data if any of the following is valid:
    • it is not accurate,
    • it has been used unlawfully but you do not wish for us to delete it,
    • it is not relevant anymore, but you want us to keep it for use in possible legal claims,
    • you have already asked us to stop using your personal data, but you are waiting us to confirm if we have legitimate grounds to use your data
  • The right to data portability, i.e., request to receive a copy of the personal data concerning you in a format that is structured and commonly used and transmit such data to other organizations.
  • The right to withdraw your consent, any withdrawal of consent shall not affect the lawfulness of processing based on consent before it was withdrawn by you

To exercise any of your rights, or if you have any other questions about our use of your personal data, please contact us in person or by letter/email. You can also contact our Data Protection Officer at

We are committed to address all of your requests promptly.


You have the right to lodge a complaint with the supervisory authority ( If you have exercised any of your data protection rights and still feel that your concerns about how we use your personal data have not been adequately addressed by us.


This Privacy policy was published on April 30, 2022. We reserve the right to modify this Privacy Policy and related business practices at any time. We will notify you appropriately when we make changes to this privacy Policy, and we will amend the revision date.


Our website uses small files known as cookies to enhance user experience and for functionality reasons. To find out more about how we use cookies please see below our cookie policy. Like many other websites, our Sites may use “Cookies” or “Other Technologies” (such as “pixel tags,” “web beacons,” “clear GIFs”, links in emails, JavaScript, device IDs assigned by Google or Apple, or similar technologies). Cookies and Other Technologies allow us and third parties to obtain information about your visits to the Site, including to analyze your visiting patterns.

Cookies are small text files that are stored on your computer or mobile device (“device”) when you visit a website. Cookies alone cannot be used to disclose your individual identity to us, though in some cases we may tie Agapi Beach Resort or third-party Cookies to personal information you have provided to us or that we have otherwise obtained about you. Cookies may be used on the Site in order to improve your experience. For example we will use Cookies to:

  • Remember your language and other preferences
  • Ensure you obtain all requested information
  • Provide a safe and secure service for online transactions
  • Track your response to advertisements and website or app content for analysis and the number of times we send you the same advertisement
  • Measure how many people use the Site, and how they use it, so that we may keep it running quickly and efficiently

Below we explain the different types of Cookies that may be used on the Site.

Essential Cookies: These are necessary for the Site to work, and enable you to move around it and use its services and features. Disabling these Cookies may make the services and features unavailable.

Functional Cookies: These are used to save your settings on the Site—settings such as your language preference, or booking information you have previously used when booking a hotel with us.

Session Cookies. These types of Cookies are stored only temporarily during a browsing session, and are deleted from your device when you close the browser. We use Session Cookies to support the functionality of the Site and to understand your use of the Site—that is, which pages you visit, which links you use and how long you stay on each page.

Persistent Cookies: These types of Cookies are not deleted when you close your browser, but are saved on your device for a fixed period of time or until you delete them. Each time you visit the Site, the server that set the Cookie will recognize the persistent Cookie saved on your device. We and others use persistent Cookies to store your preferences, so that they are available for your next visit, to keep a more accurate account of how often you visit the Site, how often you return, how your use of the Site may vary over time and the effectiveness of advertising efforts.

As noted below, some Analytics Cookies and Other Technologies are used in part to facilitate advertising.

Advertising Cookies also include Social Plug-In Cookies. Social Plug-In Cookies are used to share content from the Site with members and non-members of social media networks such as Facebook, Twitter, YouTube, and Pinterest. These Cookies are usually set by the social networking provider, enabling such sharing to be smooth and seamless.

Analytics Cookies collect information about your use of the Site and enable us to improve the way it works. These Cookies give us aggregated information that we use to monitor site performance, count page visits, spot technical errors, see how users reach the Site, and measure the effectiveness of advertising (including emails we send to you).

Other Technologies may be used for the same purposes as our Cookies, to allow us and third parties to know when you visit the Site, and to understand how you interact with emails or advertisements. Through Other Technologies, non-personal information (e.g., your operating system, your browser version, and the URL you came from) or aggregate information may be obtained and used to enhance your experience and understand traffic patterns.
Note that, to the extent that information collected through Cookies and Other Technologies constitutes personal information, the provisions in the Privacy Policy apply and complement this Policy.


If you want to remove or block Cookies from your device at any time, you can update your browser settings (consult your browser’s “help” menu to learn how to remove or block Cookies). Agapi Beach Resort is not responsible for your browser settings. You can find good and simple instructions on how to manage Cookies on the different types of web browsers at

Please be aware that rejecting Cookies may affect your ability to perform certain transactions on the Site, and our ability to recognize your browser from one visit to the next.
You can also control tracking Cookies by installing browser extensions like Ghostery:
If you want to clean out all of the Cookies left behind by the websites you have visited, here are links where you can download programs that clean out tracking Cookies:

You can learn more about interest-based advertising and opt out of our vendors’ and other advertisers’ use of Cookies to tailor content or advertising to you by visiting and​

An den Anfang scrollen