Ember & TideBack to home

Privacy Policy

Last updated: 1 June 2026

This Privacy Policy explains how Ember & Tide(“we”, “us”, “our”) collects, uses, and protects your personal data when you visit our website or book a stay. We are committed to handling your data in accordance with the EU General Data Protection Regulation (GDPR) and the Cyprus Law providing for the Protection of Natural Persons with regard to the Processing of Personal Data (Law 125(I)/2018).

1. Data Controller

The data controller responsible for your personal data is:
Tom Levin
BLUE ELECTRA COMPLEX, BLOCK A, APT 202 Kapparis, Cyprus, Kapparis, Cyprus
Email: hello@emberandtide.com

2. What Data We Collect

  • Booking & guest data — name, contact details, stay dates, guest numbers, and payment information you provide through our booking provider (Hospitable) when you make a reservation.
  • Communications — any information you send us by email or messaging when you contact us with an enquiry.
  • Technical data — limited cookie/preference data (see our Cookie Policy). We do not run advertising or analytics trackers by default.

3. How and Why We Use Your Data

  • To process and manage your booking and provide the accommodation (legal basis: performance of a contract).
  • To respond to enquiries and provide customer support (legal basis: legitimate interests).
  • To remember your cookie preference (legal basis: consent).
  • To comply with legal, tax, and accounting obligations (legal basis: legal obligation).

4. Third Parties and Processors

We share data only as necessary with trusted service providers acting on our behalf, including:

  • Hospitable— our booking engine, which processes reservation and payment details. The booking widget loads on our site only after you grant cookie consent. See Hospitable’s own privacy terms for details of their processing.
  • Our hosting provider — for serving this website.

We do not sell your personal data. Where data is transferred outside the European Economic Area, we rely on appropriate safeguards such as Standard Contractual Clauses.

5. Data Retention

We keep booking-related data for as long as necessary to fulfil the stay and to meet legal and tax obligations (typically up to 7 years), after which it is securely deleted or anonymised.

6. Your Rights

Under the GDPR you have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate data;
  • request erasure (“right to be forgotten”);
  • restrict or object to processing;
  • data portability;
  • withdraw consent at any time, without affecting prior processing.

To exercise any of these rights, contact us at hello@emberandtide.com. You also have the right to lodge a complaint with the Cyprus supervisory authority, the Office of the Commissioner for Personal Data Protection.

7. Changes to This Policy

We may update this Privacy Policy from time to time. The “last updated” date above reflects the latest revision.

8. Contact

For any privacy questions, please email hello@emberandtide.com.