Your privacy, plainly explained

Welcome to Athens Blue Tours ("we," "us," or "our"). We are committed to handling personal information transparently and in a manner consistent with applicable Greek and European data-protection law.

This website is not only a public marketing site. It is also a channel through which you may contact us about availability, pricing, private arrangements, and direct bookings. This Privacy Policy explains how we handle information collected through the website, contact form, email, phone, WhatsApp, direct-booking administration, and limited booking data we receive from third-party booking platforms.

If you interact with a third-party service such as Web3Forms, Stripe, GetYourGuide, Viator, Airbnb Experiences, Bokun, WhatsApp, or another provider, that service applies its own privacy notice and terms in addition to this Policy.

We may collect information that you choose to provide when you contact us by form, email, phone, or WhatsApp. This may include your name, email address, phone number, preferred dates, group size, ages of children in your party, itinerary preferences, dietary requirements, accessibility needs, and any other information you decide to share with us in connection with an inquiry or booking request.

If you proceed with a direct booking, we may also collect or generate booking-administration information such as guest names, scheduling details, invoice details, payment status, refund status, SEPA transfer reference information, and communications needed to confirm, amend, or cancel the booking.

When you use the website, certain technical and usage information may also be collected through hosting, security, and analytics tooling, including IP address, browser and device data, pages viewed, referral source, approximate location derived from IP, and the date and time of access.

Some tours require us to assess whether a route is suitable or to communicate practical limitations to you in advance. If you voluntarily provide information about severe allergies, mobility restrictions, pregnancy, heat sensitivity, or another medical consideration relevant to participation, we may use that information to assess suitability, plan logistics, and where necessary communicate essential details to guides or independent food venues.

Please do not send unnecessary sensitive information. Athens Blue Tours does not ask for full medical records and only needs the minimum information reasonably required to respond to your inquiry, assess participation, or deliver the service safely.

We use information to respond to inquiries, prepare quotations, administer direct bookings, communicate meeting details, assess route suitability, arrange rescheduling or refunds, comply with tax and accounting obligations, maintain business records, and protect our business against fraud, misuse, chargebacks, and legal claims.

Our legal bases under the GDPR generally include: taking steps at your request before entering into a contract; performing a contract with you; complying with legal obligations; pursuing our legitimate interests in operating, securing, and defending our business; and, where you voluntarily provide health or dietary information, your consent or another lawful basis available under applicable law.

We do not sell personal information. We do not use inquiry or booking data for third-party advertising, data brokerage, or behavioral profiling.

For direct bookings arranged with Athens Blue Tours, payment may be requested by SEPA / IBAN bank transfer or by Stripe payment link. If you pay by bank transfer, we will necessarily see limited information associated with the transfer, such as payer name, remitting bank, reference, amount, and date received. If you pay by Stripe link, Athens Blue Tours receives transaction-status and reconciliation information needed to administer the booking, but does not receive or store your full card details.

The contact form on this website is submitted through Web3Forms, a third-party form processing service. If you contact us through WhatsApp, your communication is also processed by WhatsApp / Meta under that provider's own terms. Email, phone, hosting, analytics, and payment providers may likewise process data on our behalf or as independent controllers, depending on the service used.

Some providers may process information outside Greece or outside the European Economic Area. Where that occurs, the relevant provider's own international-transfer safeguards and contractual mechanisms will apply in addition to our own reasonable steps.

If you book through GetYourGuide, Viator, Airbnb Experiences, Bokun, or another booking marketplace, that platform collects and processes booking and payment information under its own privacy notice and terms. Athens Blue Tours may receive limited booking information from the platform that is necessary to deliver the tour, such as guest name, participant count, date and time, contact details, special requests, and payment or payout status.

Athens Blue Tours is not responsible for the independent privacy, security, retention, cookie, advertising, or account-management practices of those platforms. You should review the privacy notice of the platform you choose before completing a reservation.

This website may use cookies or similar technologies for core functionality, security, and basic measurement of site usage. We do not use athensblue.com to run behavioral advertising based on your browsing activity on this website.

You can control cookies through your browser settings. Blocking some cookies may affect how parts of the site function.

We take reasonable technical and organisational measures to protect information against unauthorised access, disclosure, alteration, or destruction. No online system is perfectly secure, and we cannot guarantee absolute security.

Inquiry messages and related correspondence are kept only for as long as reasonably necessary to respond to you, follow up on your request, maintain business records, and protect our legitimate interests. If an inquiry does not become a booking, we may delete or anonymize it after a reasonable retention period.

If you make a booking, we may retain booking, payment, refund, and related correspondence records for as long as required by applicable tax, accounting, consumer-protection, insurance, fraud-prevention, and legal-claims requirements. Technical logs are retained for operational, analytics, and security purposes only for as long as reasonably necessary and then deleted or anonymized where appropriate.

If you are located in the European Economic Area, you may have the right to request access to personal data we hold about you, rectification of inaccurate data, erasure, restriction of processing, data portability, and objection to certain processing activities.

To exercise any of these rights, contact us at info@athensblue.com. Where your data is held primarily by a third-party platform or processor that you used directly, you may also need to exercise your rights with that provider.

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at dpa.gr if you believe your data-protection rights have been infringed.

Athens Blue Tours does not knowingly collect personal information directly from children acting on their own behalf. Any information relating to a child or minor must be provided by a parent, legal guardian, or another adult with authority to do so in connection with an inquiry or booking.

If you believe information about a child has been provided to us improperly, contact us and we will review the matter and, where appropriate, delete or restrict that information.

The data controller for information handled directly by Athens Blue Tours is Athens Blue Tours. If you have questions, concerns, or requests relating to this Privacy Policy, contact us at info@athensblue.com or +30 6970610771.

Legal name: ΚΑΡΑΜΠΑΣ ΜΙΧΑΗΛ ΑΠΟΣΤΟΛΟΣ

Registered address: Παπαρρηγοπούλου 37, 153 43 Αγία Παρασκευή, Greece

VAT number: EL158530115 — GEMI: 178220603000

This Privacy Policy is governed by the laws of Greece, subject to any mandatory rights you may have under applicable data-protection law. Last Updated: April 2, 2026.