Elia Restaurant (hereinafter referred to as restaurant) considers the protection of your personal data as a high priority.

This Personal Data Protection Statement describes the personal data the Restaurant collects about you, how we use and protect your personal data, the options you have about the way we use this data.

The use of the Internet pages of the Restaurant is possible without any indication of personal data; On this website, the Restaurant has integrated the component of Google Analytics with the application of Anonymizer function. Google Analytics is a web analytics service that places a cookie on the information technology system of the data subject for the collection, gathering and analysis of data about the behavior of visitors to websites. By means of this Anonymizer application the IP address of the Internet connection of the data subject is abridged by Google and anonymized when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area. Cookies already in use by Google Analytics may be deleted at any time by the data subject.

However, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.


  1. Which personal data we collect about you


1.1 Surveys: We may be asking for demographic data or other personal data for the customer surveys we conduct

1.4 Personal data we collect from third parties. It is also possible to collect data about you from third parties, including data from our partners in card payments and from other partners, including social networking according to your settings in these services, as well as from other third party sources who have the legal right to share your data with us.

We use this data for the purposes described in this Statement.


  1. How we process your personal data

2.1 Service Management: We use your personal data for table reservation and other associated services such as requests related to booking, etc.)

2.2 Promotional Activities: We may use your personal data to send you a “Thank You” letter via your e-mail. You may choose to opt in/out of this service.

2.3 Improving the quality of service: We may use your personal data to improve the quality of the Restaurant’s services and to ensure that our products and services are of interest to you.

2.4 Personalization of the Service: We may use your personal data to make your experiences with us more personal and more social aiming at offering you diversified services.


  1. What is the Legal Basis for the Processing

Depending on the purpose for which data is used, the legal basis for processing your data may be:

3.1 Your consent

3.2 Our legitimate interest, and in particular:

  1. How we protect your data

We use reasonable physical, electronic, and administrative safeguards to protect your Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data and the risks involved in processing that information. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.

Among other things, we have implemented the following technical and organizational measures:


  1. Rights of the Data Subject

7.1 Right to receive transparent information: Each data subject shall have the right granted by the European legislator to obtain from the hotel the confirmation as to whether or not personal data concerning him or her are being processed.

7.2 Right of Access: Each data subject shall have the right granted by the European legislator to be aware of and to verify the legitimacy of the processing.

7.3 Right of Rectification: Each data subject shall have the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.

7.3 Right of Deletion: You have the right to request a deletion of your personal data when:
a) your data is no longer necessary in relation to the purposes it was initially processed for
b) you withdraw your consent
c) data has been processed illegally
d) The data must be deleted by law

In all other cases, this right is subject to specific restrictions or does not exist as the case may be.

7.4 Right to limit processing: You have the right to request a limitation to the processing of your personal data in the following cases:

  1. a) when the accuracy of personal data is questioned
    b) when you oppose the deletion of personal data and request instead the limitation of its use
    c) when personal data is not needed for the initial purpose, yet it is necessary for the establishment, exercise, support of legal claims
  2. d) when you object to the processing and until it is verified that there are legitimate reasons that concern us and prevail over the reasons for which you are opposed to the processing.

7.5 Right to object to processing: At any time, you have the right to object to the processing of your personal data for the cases where, as described above, it is necessary for the purposes of legitimate interests we seek as processors, as well as for the processing for direct marketing purposes and consumer profiling.

7.6 Right to Data Portability: You have the right to receive your personal data free of charge in a format that allows you to access it, use it, and process it with commonly-used processing methods. You also have the right to ask from us, if technically feasible, to transfer the data directly to another processor. Your right to do so exists for the data you have provided to us and the processing is carried out by automated means based on your consent or on the execution of pertinent contract.

7.7 Right to file complaint to the DPA. You have the right to file a complaint with the Personal Data Protection Authority (www.dpa.gr): Telephone Center: +30 210 6475600, Fax: +30 210 6475628, E-mail: [email protected]

  1. Transmission of personal data outside the EU

The personal data we collect from you is not transmitted or processed outside of the European Union.

  1. Data processing period


  1. How to contact us


Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

High Beach S.A.

Malia, 70007 Crete, Greece

Phone: +30 2897032783

Email: [email protected]

Website: https://elia.restaurant



The Data Protection Officer of the controller is:

Chrisoula Chatzidaki

Data Protection Officer

Ethnikis Antistasseos 122, 71306, Crete, Greece

Phone: +30 2810301745

Email: [email protected]

Website: https://elia.restaurant

Any data subject may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.


  1. Update to this Privacy Policy

This Statement was last updated on May 23, 2024.

We reserve the right to modify and update this Statement at any time, for any reason, without notice to you, other than posting the updated Statement on our website.