A 360° luxury travel and hospitality ecosystem. Built for those who refuse to accept anything less than extraordinary.

Search Now!
Contact Info
Phone +30 6977661333
Email info@drivetothrive.gr
Location Santaroza 3, Athens
Follow Us
Contact Info
Phone +30 6977661333
Email info@drivetothrive.gr
Location Santaroza 3, Athens
Follow Us

Privacy Policy

Home > Privacy Policy

PRIVACY POLICY

Drive to Thrive

drivetothrive.gr

Last updated: 11 May 2026

This Privacy Policy is drafted in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Greek law (Law 4624/2019). Drive to Thrive operates drivetothrive.gr as a corporate presentation website only. No e-commerce, booking, or transaction functionality is available.

 

 

1. Introduction

Drive to Thrive, operator of drivetothrive.gr (hereinafter the Website), is committed to protecting the privacy of Website visitors and prospective B2B partners. This Privacy Policy explains how we collect, use, store, and protect personal data in connection with the Website.

The Website is a digital corporate presentation platform for a boutique luxury travel and hospitality firm operating across the Mediterranean. It does not offer online bookings, reservations, or any transactional functionality. Data collected is therefore minimal and strictly limited to communication purposes.

 

2. Data Controller

The Data Controller for personal data processed in connection with this Website is:

  • Company: Drive to Thrive
  • Website: www.drivetothrive.gr
  • Phone: +30 6977 661 333

Note: Given the limited scope of data processing on this presentation-only website, Drive to Thrive is not required to appoint a Data Protection Officer (DPO) under Article 37 GDPR. All data-related enquiries should be directed to the contact details above.

 

 

3. What Data We Collect

3.1 Data you provide voluntarily

When you contact us via the contact form or by email, we may collect:

  • Full name: To address you in our response
  • Email address: To respond to your enquiry
  • Phone number: If provided, for follow-up communication
  • Company name / role: To understand your professional context as a potential B2B partner
  • Message content: To understand and respond to your enquiry
3.2 Data collected automatically

When you browse the Website, the following technical data may be collected automatically:

  • IP address: Anonymised before storage (Google Analytics IP anonymisation enabled)
  • Browser and device data: Browser type, operating system, screen resolution
  • Navigation data: Pages visited, time spent, traffic source

This data is collected in aggregate and anonymous form via analytics tools (Google Analytics) and is not used to identify individual users.

3.3 Data we do NOT collect

As a corporate presentation website with no transactional functionality, Drive to Thrive does NOT collect:

  • Financial data (card numbers, bank details, payment information)
  • Special categories of data (health, biometric, political opinions, etc.)
  • Data relating to minors (the Website is intended for business professionals only)
  • Precise geolocation data

 

4. Legal Bases for Processing

All processing activities are based on one of the following legal bases under Article 6 GDPR:

 

Processing Purpose

Legal Basis

GDPR Article

Responding to contact enquiries

Legitimate interest / Contract performance

Art. 6(1)(b)(f)

Website analytics (cookies)

Consent

Art. 6(1)(a)

Preference cookies

Consent

Art. 6(1)(a)

Essential cookies

Legitimate interest

Art. 6(1)(f)

Legal compliance obligations

Legal obligation

Art. 6(1)(c)

 

Drive to Thrive does not engage in automated decision-making or profiling within the meaning of Article 22 GDPR.

 

5. Purposes of Processing

Personal data is processed exclusively for the following purposes:

  • Responding to enquiries: Answering questions and requests from potential B2B partners and hospitality professionals
  • Website improvement: Analysing anonymous traffic statistics to improve content and user experience
  • Technical operation: Ensuring the secure and stable functioning of the Website
  • Legal compliance: Meeting applicable legal and regulatory obligations

Data is not used for marketing, newsletters, or promotional communications without explicit consent.

 

6. Recipients and Data Transfers

6.1 Internal access

Personal data is accessible only to authorised members of the Drive to Thrive team who require access to fulfil their responsibilities, on a strict need-to-know basis.

6.2 Data Processors (Article 28 GDPR)

We may share data with the following third-party service providers acting as data processors:

  • Hosting provider: For Website infrastructure and storage
  • Google LLC (Google Analytics): For anonymous website traffic analysis

All data processors are engaged under appropriate Data Processing Agreements (DPAs) in accordance with Article 28 GDPR.

6.3 International Transfers

Google LLC is based in the United States. Data transfers to Google are conducted under the Standard Contractual Clauses (SCCs) adopted by the European Commission, ensuring an adequate level of data protection in accordance with Article 46 GDPR.

6.4 Disclosure to Authorities

We may disclose personal data to judicial or governmental authorities where required by law or court order. We do not sell, rent, or trade personal data for commercial purposes.

 

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, in accordance with the storage limitation principle (Article 5(1)(e) GDPR):

  • Contact form / email data: Up to 3 years from last communication
  • Server logs: Up to 90 days
  • Google Analytics data: Up to 26 months (GA4 default setting)
  • Cookie consent records: Up to 12 months

After the applicable retention period, data is securely deleted or permanently anonymised.

 

8. Your Rights as a Data Subject

Under GDPR, you have the following rights regarding your personal data:

 

Right

Description

Response Deadline

Right of Access (Art. 15)

Receive a copy of your data and information on its processing

Within 30 days

Right to Rectification (Art. 16)

Request correction of inaccurate or incomplete data

Within 30 days

Right to Erasure (Art. 17)

Request deletion of your data where no legal basis remains

Within 30 days

Right to Restriction (Art. 18)

Request limitation of processing under certain conditions

Within 30 days

Right to Portability (Art. 20)

Receive your data in a structured, machine-readable format

Within 30 days

Right to Object (Art. 21)

Object to processing based on legitimate interests

Immediately

Withdrawal of Consent (Art. 7)

Withdraw consent at any time without affecting prior processing

Immediately

 

8.1 How to Exercise Your Rights

To exercise any of the above rights, please send a written request to: drivetothrive@gmail.com

Please include your full name, the specific right you wish to exercise, and contact details for our response. We will respond within 30 calendar days. For complex or multiple requests, this period may be extended by a further 60 days with prior notification.

 

9. Cookies

The Website uses cookies to ensure its proper functioning and to collect anonymous traffic statistics. On your first visit, a cookie banner will request your consent for non-essential cookies.

You may manage your cookie preferences at any time via the Cookie Settings link in the Website footer, or through your browser settings. For full details on the cookies used, their purpose, and duration, please refer to our Cookie Policy.

 

10. Data Security

Drive to Thrive implements appropriate technical and organisational measures to protect personal data from unauthorised access, loss, destruction, or disclosure, including:

  • SSL/TLS encryption for all data transmissions (HTTPS)
  • IP anonymisation in Google Analytics
  • Regular software and security updates
  • Role-based access controls for internal systems

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the Hellenic Data Protection Authority (HDPA) within 72 hours and inform affected individuals without undue delay where the risk is high, in accordance with Articles 33-34 GDPR.

 

11. Right to Lodge a Complaint

If you believe that our processing of your personal data violates GDPR or your rights, you have the right to lodge a complaint with the competent supervisory authority. In Greece, this is:

Hellenic Data Protection Authority (HDPA)

  • Address: 1-3 Kifissias Ave., 115 23 Athens, Greece
  • Phone: +30 210 6475 600
  • Email: contact@dpa.gr
  • Website: www.dpa.gr

We encourage you to contact us first so that we may resolve any concern directly before submitting a formal complaint to the HDPA.

 

12. Updates to This Policy

This Privacy Policy may be revised periodically to reflect changes in our data processing practices or applicable law. The date of the last revision is displayed at the top of this document. Material changes will be communicated prominently on the Website.

 

13. Contact

For any questions or requests regarding this Privacy Policy or the processing of your personal data:

  • Website: www.drivetothrive.gr
  • Phone: +30 6977 661 333

 

Subscribe to Our Newsletter.

A 360° luxury travel and hospitality ecosystem. Built for those who refuse to accept anything less than extraordinary.

Services
Contact us
Santaroza 3, Athens
P: +30 6977 66 1333 M: info@drivetothrive.gr

© 2026 Sparky | Artt.com All right reserved