Privacy Policy for MaGea Creative Residence

Last updated: January 2026

MaGea Creative Residence (“MaGea”, “we”, “us”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, and protect personal data when you visit our website mageacrete.com, contact us, or subscribe to updates.

1. Data Controller

The data controller responsible for the processing of your personal data is:

MaGea Creative Residence
Mouri, Polemarchi
Chania 73002
Crete, Greece

Email: magea.cr@gmail.com
Phone: +30 698 489 3804

MaGea Creative Residence operates as a business entity providing retreat accommodation, long-term stays, and related services.

2. Personal Data We Collect

We collect only personal data that is necessary for communication and service-related purposes.

a) Data you provide directly

  • Name

  • Email address

  • Message content (via contact form or email)

  • Contact details you voluntarily include in correspondence

b) Data collected automatically

  • Basic usage data via cookies (e.g. pages visited, browser type)

  • IP address (anonymised where possible)

  • This data is used only for basic website analytics and security purposes.

We do not intentionally collect special categories of personal data (such as health or religious data).

3. Purpose of Processing

We process personal data solely for the following purposes:

  • Responding to enquiries about retreats, events, accommodation, or long-term stays

  • Providing availability, practical information, or follow-up communication you request

  • Maintaining and improving the clarity and functionality of our website

  • Sending occasional updates or newsletters only where you have explicitly opted in

We do not sell, rent, or trade personal data.

4. Legal Basis for Processing (GDPR Art. 6)

We process personal data based on the following legal grounds:

  • Legitimate interest – to respond to enquiries and manage communication related to our services

  • Consent – for newsletter subscriptions or optional updates

  • Legal obligation – where required for accounting or tax purposes

You may withdraw your consent at any time without affecting prior lawful processing.

5. Data Sharing & Third-Party Processors

We share personal data only with trusted third-party service providers where strictly necessary, such as:

  • Email communication or newsletter platforms (e.g. Mailchimp), only if you subscribe

Some third-party providers may be located outside the European Union (e.g. United States).
Where this occurs, data transfers are safeguarded using approved mechanisms such as Standard Contractual Clauses (SCCs) or participation in the EU–US Data Privacy Framework, where applicable.

We do not share personal data with advertisers or unrelated third parties.

6. Data Retention

  • Enquiry-related data is retained only as long as necessary to respond and manage follow-up communication

  • Newsletter subscription data is stored until you unsubscribe

  • Accounting or legal records are retained as required by applicable law

You may request deletion of your personal data at any time, subject to legal obligations.

7. Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Request correction of inaccurate or incomplete data

  • Request deletion of your personal data

  • Request restriction of processing

  • Object to processing based on legitimate interest

  • Request data portability, where applicable

  • Withdraw consent at any time

You also have the right to lodge a complaint with your local supervisory authority.
In Greece, this is the Hellenic Data Protection Authority (HDPA).

To exercise your rights, please contact us at:
📧 magea.cr@gmail.com

8. Cookies

Our website uses cookies to ensure proper functionality and to collect basic, anonymised analytics information.

Non-essential cookies are used only where consent is provided.
You can manage or withdraw your cookie preferences at any time through your browser settings.

9. Data Security

We apply reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

Please note that no method of transmission over the internet is completely secure.

10. Children’s Privacy

Our website and services are not intended for individuals under the age of 16.
We do not knowingly collect personal data from children.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal or operational changes.
Any updates will be published on this page with a revised date.

12. Contact

If you have questions about this Privacy Policy or how your personal data is handled, please contact:

📧 magea.cr@gmail.com
📞 +30 698 489 3804