Skip to main content
All Day Cruise ADC logo
Athens, GreeceAll Day Cruise
HomeCruisesBookContact

Legal

Privacy Policy

Last updated · 10 April 2026

This Privacy Policy describes how All Day Cruise("we", "us", "our") collects, uses and protects your personal data when you visit https://alldaycruise.net, book a cruise, submit an enquiry, or interact with our services. We process personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679 — GDPR) and applicable Greek data protection law.

1. Data controller

The data controller is All Day Cruise, operating from Marina Zeas, Piraeus, Athens, Greece. You can contact us at info@alldaycruise.net or +30 211 4139 743 for any question related to this policy or your personal data.

2. What data we collect

We collect only the data needed to deliver our services and operate our website:

  • Booking data: name, email address, phone number, booking date, number of guests, tour selection, pickup address, special requests, and payment confirmation from Stripe.
  • Contact & enquiry data: name, email, phone number, and the content of any message you send us via our contact form, charter enquiry form, WhatsApp or email.
  • Usage & analytics data: pages viewed, interactions, approximate location (city/country level), device type, browser, referrer, campaign source, and anonymized identifiers — only if you grant cookie consent.
  • Technical data: IP address, user-agent and request headers, collected in server logs for security, abuse prevention and debugging purposes.

3. Legal bases for processing

We rely on the following GDPR legal bases:

  • Contract (Art. 6(1)(b)): to fulfill your booking, process payments, send confirmation emails, and provide customer service.
  • Legal obligation (Art. 6(1)(c)): to comply with Greek tax, accounting and tourism regulations, including retention of invoicing records.
  • Consent (Art. 6(1)(a)): for analytics cookies, marketing communications, and any advertising or profiling activity. You can withdraw consent at any time.
  • Legitimate interests (Art. 6(1)(f)): for website security, fraud prevention, internal quality reviews, and responding to enquiries you initiate.

4. How we use your data

  • Process bookings, payments (via Stripe) and issue booking confirmations.
  • Communicate with you about your booking, schedule changes, or charter arrangements.
  • Respond to contact form submissions, WhatsApp messages and email enquiries.
  • Improve our website, measure campaign performance and prevent fraud or abuse.
  • Meet our legal, tax and accounting obligations.

5. Who we share data with

We never sell your personal data. We share it only with the trusted processors required to run our services:

  • Stripe (payment processing) — Ireland/United States. GDPR Standard Contractual Clauses in place.
  • Bokun (availability and booking platform) — Iceland/EEA.
  • Resend (transactional email) — United States.
  • Google (Google Analytics, Google Ads) — United States. Only with cookie consent.
  • Meta Platforms (Facebook/Instagram Pixel for campaign measurement) — United States. Only with cookie consent.
  • Vercel / hosting provider (website hosting and server logs) — EEA region.
  • Greek tax and regulatory authorities — where required by law.

6. International transfers

Some processors are located outside the European Economic Area. When we transfer your data to these providers, we rely on the European Commission's Standard Contractual Clauses or an adequacy decision to ensure your data receives equivalent protection.

7. Data retention

  • Booking records: retained for up to 10 years to meet Greek accounting and tax obligations.
  • Contact and charter enquiries: retained for up to 24 months unless they lead to a booking, then aligned with the booking retention period.
  • Marketing data: retained until you withdraw consent or 24 months of inactivity.
  • Server logs: retained for up to 90 days for security and troubleshooting.

8. Your rights under GDPR

You have the right to request access to, correction of, deletion of, restriction of, or portability of your personal data, as well as to object to processing based on legitimate interests and to withdraw consent at any time. To exercise any of these rights, contact us at info@alldaycruise.net. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr).

9. Cookies

Our website uses cookies for essential functionality, analytics and advertising. See our Cookie Policy for full details, and use our consent banner to accept or reject non-essential cookies.

10. Data security

We take appropriate technical and organizational measures to protect your data: HTTPS encryption in transit, encrypted storage at rest with our processors, restricted admin access, and regular review of our security posture. Payments are handled directly by Stripe and we never store full card numbers on our systems.

11. Children

Our services are intended for adults booking tours for themselves and their travel parties. We do not knowingly collect personal data from children under 16 without parental consent.

12. Changes to this policy

We may update this Privacy Policy to reflect changes in our services or legal requirements. The "last updated" date at the top of this page indicates when it was last revised. Material changes will be communicated via a notice on the website.

13. Contact us

For any question about this Privacy Policy or your personal data, contact us at info@alldaycruise.net or +30 211 4139 743.