GDPR Privacy Statement


MYRTOA S.A. Agricultural Development & Tourism Enterprises with the distinctive title “MONTOFOLI ESTATE” (here in after “MONTOFOLI ESTATE”) acknowledges the importance of confidentiality of data that is entrusted within its scope of activities and therefore complies with EU General Data Protection Regulation concerning all persons (visitors, partners, and suppliers) interacting with the company.
The present Statement regarding our Privacy Policy and Personal Data Protection Policy (here in after “the Statement”) informs you about the type of data we collect via this website and the way we use said data, either through the internet, either through our provision of services, either through our communication and/or collaboration with third parties. We would like to inform you that, upon request, you may at any time revoke your consent to the processing of your personal information.

In general, you can visit MONTOFOLI ESTATE’s Web site on the Internet without telling us who you are and without giving any personal information about yourself. There are times, however, when you willingly hand over your personal data to us such as your name, telephone number, postal code, or e-mail address, so that we can provide you with information and specific services.
The purpose of this statement is to inform you about the way that we collect, store, use, transmit and protect information / personal data that we receive, if you expressly consent to it. By navigating through our website, you will be given the option to tell us that you do not want us to use this information to make further contact with you beyond fulfilling your requests. In this case, we will respect your wishes.
The following paragraphs describe in more detail how ‘‘MONTOFOLI ESTATE’’ may use your personal information and with whom we may share it.


  • Personal information that you provide us with, such as name, email address, home address, telephone number or internet telephony, or instant messaging info as well as additional personal information that you provide us with to purchase our products and/or services, such as billing address, delivery address and contact details.
  • Personal information you provide us with during your stay in our business accommodation, such as name, identity or passport details, date of arrival and departure, contact details (address, phone, e-mail).
  • Data for invoicing needs, such as name, company name, address, VAT number.
  • Data necessary for financial transactions such as bank account details (IBAN) or credit card.
  • Website user data includes data on how you use our website and any of our online services. The data of internet activity appear during your visit to our website, such as IP address, operating system, browsing history which are automatically collected using cookies.
  • Data from social networking services or your posts through a platform such as Google, Instagram, and Facebook.
  • We do not collect sensitive personal information about you, and we do not perform any kind of automated data processing or user profiling.
  • We do not collect and retain personal data belonging to a person younger than the age of 16.


  • Identification when entering our website
    In case you have already created a personal account during your former visits, we will be processing your data as soon as you access it.
  • Financial Balance check
    Data that has been supplied to us during a transaction may be used for verifying the fulfillment of your financial obligations towards us.
  • Fulfilling your transaction request, services invoicing
    If you request something from MONTOFOLI ESTATE ‘s Web site, we will use the information you provide to fulfill your request.
  • Marketing Use
    The information you provide to MONTOFOLI ESTATE on our Web site may also be used by us and selected third parties for marketing purposes. Before we use it, however, we will request your formal consent.
  • Handling of claims
    We may use your data during the examination of your claims regarding customer care or when you are exercising legal rights.
  • Network Security
    Your IP address is a number that is rendered to your computer each time you access the internet. It enables personal computers to be recognized and interact with servers. IP addresses that appear to belong to visitors may be recorded for safety reasons and systems diagnosis. Said data may also be used in a collective format for us to examine and assess the website’s efficiency.

“MONTOFOLI ESTATE” does not share personal data with third parties that are not connected with us, with the exception if and when this is necessary regarding our professional scope and needs or it is required by law. Indicative, but not restrictive:
“MONTOFOLI ESTATE” may reveal personal data when needed for the fulfillment of the legal obligation, as well as, when it is necessary for public interest purposes such as health security purposes. We may also reveal personal data when needed to respond to claims made by the Law enforcing Agencies or in case that such action is required by law or by a Court’s ruling.
“MONTOFOLI ESTATE” cooperates with several third parties, such as IT and Systems Management Services companies, Professional consultants, Lawyers, Banks, Tax and Accounting offices, Auditing authorities and Insurance companies. These third parties may access your personal data when needed to fulfill our professional scope and needs strictly within the above explicit and legal causes.

“MONTOFOLI ESTATE” may transmit personal data beyond geographic borders to our Agents or collaborators legally seated outside Greece. “MONTOFOLI ESTATE” may also store personal data in a different jurisdiction than the one you belong to.
Businesses /Institutions based in the European Economic Area as well as in the USA provide an equivalent level of protection for personal data. If we transfer your data to third parties outside the EU – USA, we will ask for guarantees to provide a similar degree of security for your personal data. We use all the appropriate safeguards, such as the European Commission’s standard data protection clauses.

Cookies are small data files that are stored on the user’s electronic device every time he visits a website. Each cookie is unique and contains anonymous information solely to the extent necessary to provide a functional website and to improve services.
We use the term “Cookies” in this Policy to cover all similar recording technologies and web analytic tools such as web beacons, SDK, clear GIFs, logs (log files), pixel tags.
The cookies themselves cannot search or process information or search your computer or store personal data about your online presence. For this purpose, we inform you about the use of cookies from our website and we assure you that we try to be as safe as possible with the least possible interference on your privacy. Also, while browsing our website, the visitor’s consent is requested for the processing of personal data. Finally, our company does not sell or market any data collected in this way.

During your first log in to our website (, you are aware of a relevant note on the use of cookies on our part, which refers to the company Cookies policy with the relevant information.
You can allow the use of cookies while browsing our website by clicking “Accept” in the relevant box or personalize the settings regarding the use of cookies by selecting “Cookie Settings” in the corresponding box.

“MONTOFOLI ESTATE” implements appropriate (technical, electronic, and organizational) measures and processes to help us to keep your information secure and to maintain its quality.
“MONTOFOLI ESTATE” takes appropriate security measures (physical, technical, and electronic) to protect your personal data, from unauthorized access, revelation, alteration or destruction., and has procedures to ensure that data is processed in accordance with the privacy policy. In particular (indicative and not restrictive):
Personal data is stored in structured files which are protected to ensure privacy.
The processing of digital files containing personal data (client tabs, text files, spreadsheets, contacts on portable “smart” devices, files in cloud files services) is protected by modern techniques such as: strong passwords, software security (antivirus and firewall), malware detection and removal (spyware), use of SSL protocol, digital user authentication, regular updating of the operating system and computer applications, modern and updated web browsers, website that uses new data security technologies.
The web traffic (file transfer) between our site and your browser is encrypted and transferred via HTTPS using SSL (Secure Sockets Layer).
The files in printed form (transaction documents, customer file, contracts) are kept safe and locked in the headquarters of our company.
The company applies methods to restrict access to cardholder’s data. Employees are also informed about how to create strong passwords and know how to properly dispose of documents containing personal data. The above is ensured by raising awareness of privacy issues and staff training.
All aforementioned processes are handled by specific specially authorized personnel, who are contractually obliged to follow all requirements related to data protection by law. Consequently, access to your data is only allowed to employees or suppliers that are fully aware of their responsibility to handle and protect your data with care, or severe legal (civil and criminal) charges shall be pressed upon them in case of fault.
The company is obliged to inform the Personal Data Protection Authority within 72 hours in case of data breach from the moment it became aware of this breach.

You have the right, by contacting us, to request information or exercise your rights deriving from articles 12-22 of the GDPR, free of charge (unless the request is beyond reason):
The right of access.
The right to be informed.
The right of access.
The right to rectification.
The right to erasure.
The right to restrict processing.
The right to data portability.
The right to object.
Rights in relation to automated decision making and profiling.
You can exercise the aforementioned rights by submitting your request to our Security Officer (see Contact section).
We have the obligation to answer your request within one month of its reception. If the request is too complicated or there are too many requests to handle, this deadline shall be extended by one month. Any information you request from us is provided free of charge, provided that the request is not submitted repeatedly or excessively.
You may also submit complaint to the Greek Data Protection Authority:
Address: Kifissias 1-3 Ave., Athens, 115 23, Greece
Telephone number: (0030) 210 6475600, Ε-mail:

This Privacy and Privacy Statement is effective from January 18th, 2021 and will remain in effect except for any changes to its forecasts in the future, which will take effect immediately upon posting on our website.
We reserve the right to update or change our Privacy Policy at any time and you should periodically review our company Privacy Policy. Whenever this Statement is substantially modified, there will be a notice on the home page of our website for a period of 30 days.

For any clarification or information regarding the above, please contact us. Data Protection Officer for the company: Nikolaos Chairetakis. Contact details, Telephone: +30 22240 23951, E-mail: