Privacy, Cookies &
Data Protection Policy

1. Introduction

This Privacy, Cookies and Data Protection Policy (the "Policy") explains how Rothkia's Home (the "Guesthouse", "we", "our", "us") collects, uses, processes, and protects your personal data when you use our website (the "Website"), make a booking, or stay with us.

We are committed to protecting your privacy and handling your personal data transparently and securely, in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Cyprus Processing of Personal Data Law.

This Policy should be read together with our Terms and Conditions.

2. Data Controller

For the purposes of applicable data protection laws, Rothkia's Home acts as the data controller, meaning we determine how and why your personal data is processed.

Contact details are provided at the end of this Policy.

3. Personal Data We Collect

We may collect and process personal data depending on how you interact with us, including:

a) Information you provide directly

When you make a reservation, contact us, or submit a request, this may include:

  • Name and surname
  • Contact details (email, phone number)
  • Address / Country of residence
  • Booking details (dates, preferences, number of guests)
  • Payment-related information (processed securely via providers)

b) Information collected automatically

When you use the Website:

  • IP Address
  • Browser type and device information
  • Usage data through cookies and analytics

c) Information from third parties

Where applicable, we may receive your data from:

  • Booking platforms (e.g. Booking.com, Airbnb)
  • Payment providers

4. How We Use Your Data

We process your personal data for the following purposes:

  • To manage and confirm bookings
  • To provide accommodation and related services
  • To communicate with you before, during, and after your stay
  • To comply with legal and regulatory obligations
  • To improve our Website and services
  • To respond to enquiries or requests

5. Legal Basis for Processing

Under the GDPR, personal data must be processed on a lawful basis. We rely on the following:

  • Performance of a contract – to manage your booking and stay
  • Legal obligations – e.g. record-keeping requirements
  • Legitimate interests – improving services, security, communication
  • Consent – where required (e.g. cookies or marketing, if applicable)

6. Sharing of Personal Data

We may share your personal data only where necessary, including with:

  • Payment Service Providers
  • IT and website service providers
  • Booking platforms and channel managers
  • Professional advisers (e.g. legal, accounting)
  • Authorities where required by law

All such parties are required to process data securely and only for specified purposes. We do not sell your personal data.

7. International Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, in accordance with GDPR requirements.

8. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including to:

  • Fulfil bookings and contractual obligations
  • Comply with legal, tax, and regulatory requirements

Retention periods may vary depending on the nature of the data and applicable legal obligations.

9. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure.

However, no method of transmission over the internet is entirely secure, and we cannot guarantee absolute security.

10. Your Rights

Under the GDPR, you have the following rights:

  • To access your personal data
  • To correct inaccurate data
  • To request deletion of your data
  • To restrict processing
  • To object to processing
  • To data portability
  • To withdraw consent (where applicable)

You may exercise these rights by contacting us using the details below.

11. Cookies

The Website uses cookies and similar technologies to improve functionality and user experience. Cookies may include:

  • Essential cookies (required for website operation)
  • Analytics cookies (to understand usage)
  • Functionality cookies

You can control or disable cookies through your browser settings. Please note that disabling cookies may affect the functionality of the Website.

12. Third-Party Links

The Website may contain links to third-party websites. We are not responsible for the content or privacy practices of such websites.

13. Updates to this Policy

We may update this Policy from time to time. Any changes will be published on the Website, and the updated version will take effect upon publication.