AUROREAN
EN / EL
Get a quote
Home/Privacy Policy
Legal

Privacy Policy

Last updated: 25 June 2026

This policy explains how Aurorean handles personal data in connection with this website. We have written it to be honest about what the site actually does: it is a static marketing site, and the only point at which it collects personal data is when you choose to send us an enquiry through the contact form. We process personal data in line with the EU General Data Protection Regulation (GDPR) and applicable Greek data-protection law.

1. Who we are

Aurorean is the data controller responsible for the personal data described in this policy. The full legal entity name, registered address and company/VAT registration number of the controller will be added here once finalised. Until then, you can reach us using the contact details in the “Contact for data requests” section below.

2. What data we collect

We do not ask you to create an account, and the site sets no tracking identifiers of its own. We collect personal data only in these limited situations:

  • Contact form. When you choose to submit the contact form, we collect the information you enter — typically your name, email address, your hotel or company, the topic you select under “Interested in”, and the content of your message. You decide what to put in the message field.
  • Server / hosting logs. Like virtually all websites, our hosting and content-delivery provider may automatically record technical information when pages are served — for example your IP address, browser type and the time of the request. This is standard infrastructure logging used to operate and secure the site; we do not use it to build a profile of you.

3. How we use your data

We use the personal data you send through the contact form to:

  • read and respond to your enquiry; and
  • follow up about the products and services you asked about.

Our legal basis under the GDPR is your consent — you choose to contact us and decide what to tell us — and our legitimate interest in responding to enquiries and running our business. Technical hosting logs are processed on the basis of our legitimate interest in operating and securing the website. We do not sell your data, and we do not use it for automated decision-making or profiling.

4. Who processes your data

To run the website and handle enquiries we rely on a small number of third-party service providers (“processors”), who act on our instructions:

  • Web3Forms. Our contact form is delivered through Web3Forms, a third-party form-processing service. When you submit the form, the information you entered is transmitted to Web3Forms, which forwards it to us by email so we can reply. Web3Forms processes the form data solely to deliver your message to us.
  • Hosting & content delivery. The website is served by a hosting / content-delivery provider, which processes the technical log data described above as part of serving the site. The specific provider will be named here once finalised.

Some of these providers may process data outside the European Economic Area. Where that is the case, such transfers are made under the safeguards required by the GDPR (for example, the European Commission’s Standard Contractual Clauses).

5. Cookies & analytics

The site does not currently set analytics or marketing cookies, and we do not use third-party analytics, advertising pixels or cross-site tracking. Because we do not set such cookies, there is currently no cookie-consent banner. If we add analytics or any non-essential cookies in future, we will update this section and put appropriate consent controls in place before doing so.

6. Data retention

We keep enquiry correspondence only for as long as needed to handle your request and for a reasonable period afterwards in case you follow up or to meet our legal and accounting obligations. When it is no longer needed, we delete it. Technical hosting logs are retained for a limited period by our hosting provider in line with their standard log-retention practices.

7. Your rights under the GDPR

If your personal data is processed by us, you have the following rights under the GDPR and Greek data-protection law:

  • Access — to ask whether we hold data about you and to receive a copy of it.
  • Rectification — to have inaccurate or incomplete data corrected.
  • Erasure — to ask us to delete your data (the “right to be forgotten”), where applicable.
  • Restriction — to ask us to limit how we process your data in certain circumstances.
  • Objection — to object to processing based on our legitimate interests.
  • Portability — to receive the data you provided in a structured, commonly used, machine-readable format.
  • Withdraw consent — where we rely on your consent, to withdraw it at any time, without affecting processing already carried out.
  • Complaint — to lodge a complaint with the supervisory authority. In Greece this is the Hellenic Data Protection Authority (HDPA / Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα), www.dpa.gr.

To exercise any of these rights, contact us using the details below.

8. Contact for data requests

For any privacy question or to exercise your rights, please get in touch at hello@aurorean.io (a dedicated data-request address will be confirmed here), or use our contact form. We will respond within the timeframes required by the GDPR.

9. Changes to this policy

We may update this policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. The version shown here was last updated on 25 June 2026.