The Travel Cube
Accommodation Rentals Transfers Tours Dining Beaches Villages Monuments Blog
Privacy Policy

Privacy Policy

Last updated: April 17, 2026

1. Who We Are

TheTravelCube ("we", "our", "us") operates thecube.travel. We are the data controller for the personal information described in this policy. You can reach us at hello@thetravelcube.com.

2. What We Collect

We collect the following categories of personal data:

  • Information you provide directly: name, email address, phone number, inquiry or message content, and newsletter preferences.
  • Technical data: IP address (anonymized where feasible), browser type and version, device type, operating system, language preference, referring URL, and timestamps of visits.
  • Usage data: pages viewed, interactions with site features (e.g., destination selection, language switcher), search queries, and click-through behavior on internal links.
  • Cookies and similar technologies: see our Cookies Policy for details.

3. How We Use Your Data

We process personal data for the following purposes:

  • To provide the Service — render content in your preferred language and destination, respond to contact inquiries, deliver newsletters you have subscribed to.
  • To improve the Service — analyze aggregated usage patterns, diagnose technical issues, optimize performance.
  • To communicate with you — reply to inquiries, send service announcements, and (with your consent) send marketing content from which you can unsubscribe at any time.
  • To comply with legal obligations — retain information where required by applicable law, respond to lawful requests by public authorities.

4. Legal Bases (EU/EEA/UK)

If you are in the EU, EEA, or UK, we rely on the following legal bases under the General Data Protection Regulation (GDPR):

  • Consent — for newsletter subscriptions, optional cookies, and other opt-in features. You can withdraw consent at any time.
  • Legitimate interest — for ensuring the security of our systems, understanding aggregate usage, and preventing abuse. Our interests do not override your rights and freedoms.
  • Legal obligation — where we must retain or disclose data to comply with applicable law.
  • Contract — where processing is necessary to perform a service you have requested (e.g., responding to a contact form).

5. How We Share Your Data

We do not sell your personal data. We share data only with:

  • Service providers who assist us in operating the Service (e.g., hosting, email delivery, analytics) under contractual confidentiality and data-processing obligations.
  • Law enforcement or regulators when required by law or to protect legal rights.
  • Business transfers — in the event of a merger, acquisition, or sale of assets, personal data may be transferred, subject to the terms of this policy.

6. International Transfers

Some of our service providers are based outside the EU/EEA. Where personal data is transferred to such countries, we rely on safeguards approved under the GDPR (such as Standard Contractual Clauses or an adequacy decision by the European Commission).

7. Retention

We keep personal data only for as long as necessary for the purposes described in this policy or as required by law. Contact inquiries are typically retained for up to 24 months; newsletter records are kept until you unsubscribe; technical logs are rotated on a rolling basis, typically within 30 to 180 days.

8. Your Rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion ("right to be forgotten") where legal conditions are met.
  • Restrict or object to processing based on legitimate interests or direct marketing.
  • Request data portability in a commonly used electronic format.
  • Withdraw consent at any time for consent-based processing.
  • Lodge a complaint with your local supervisory authority — in Greece, the Hellenic Data Protection Authority (dpa.gr).

See our GDPR page for details on how to exercise these rights.

9. Security

We implement reasonable technical and organizational measures — including encryption in transit, access controls, and periodic review — to protect personal data against unauthorized access, disclosure, alteration, or destruction. No method of transmission over the internet is completely secure, however, and we cannot guarantee absolute security.

10. Children

The Service is not directed at children under 16, and we do not knowingly collect personal data from them. If you believe we have collected such data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy periodically. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated through the Service or by other reasonable means before they take effect.

12. Contact

For privacy questions or to exercise your rights, email hello@thetravelcube.com.

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. Learn more