Privacy Policy

Last Updated: June 2026

This Privacy Policy describes how the Spetses Summit organization ("we," "our," or "us") collects, uses, processes, and protects your personal data when you use our web registration portal, request travel documentation, or coordinate accommodations at Yayaki Spetses.

We are committed to safeguarding the privacy of our international delegates, speakers, and medical professionals in accordance with the General Data Protection Regulation (GDPR) and applicable European data protection frameworks.

1. Data We Collect

To deliver a seamless summit experience, we collect and process the following categories of personal data:

• Identity Data: Full name, professional titles, organizational affiliation, medical licenses, and copies of passports/IDs (strictly for generating official Schengen Visa invitation letters).
• Contact Data: Email address, telephone numbers, and business mailing addresses.
• Financial Data: Payment card details and billing records processed securely via our encrypted, PCI-compliant third-party payment gateway.
• Travel & Logistics Data: Arrival/departure times, flight numbers, dietary requirements, and specific room preferences for your stay at Yayaki Spetses.

2. How We Use Your Data

Your personal data is processed strictly under the following lawful bases:

• Contractual Necessity: To manage your summit enrollment, process transaction fees in Euros (€), issue digital badges, and coordinate your exclusive boutique room block.
• Legal Compliance: To generate and verify official visa support documentation for consular border control.
• Legitimate Interest: To distribute vital event updates, maritime ferry schedules, weather notices, and post-summit evaluation materials.

3. Data Sharing and Third-Party Disclosures

We do not sell your personal data. Your information is shared exclusively with necessary service providers to execute the event:

• Hospitality Management: Essential identity and preference data are shared with Yayaki Spetses to guarantee secure room allocations and handle custom dietary/wellness parameters.
• Payment Processing: Financial data is directly managed by our secure payment gateway partner.
• Transportation & Logistics: Basic identity data may be shared with local maritime operators or water taxi networks if you coordinate island transfers through our dashboard.

4. Data Retention & Security

• 4.1 Protection Framework: We implement robust administrative, technical, and physical security measures to protect your data against unauthorized access, loss, or alteration.
• 4.2 Retention Window: Passport copies and sensitive identity details uploaded for visa support are automatically and permanently purged from our servers 30 days after the conclusion of the summit. General registration records are retained only as long as necessary to comply with financial auditing and legal obligations.

5. Your Rights Under GDPR

As a data subject, you maintain the right to access, rectify, restrict, or request the complete erasure of your personal data from our active databases. To exercise these rights, please submit a formal request via the support center on your user dashboard.