Strike 01/05/2026 | Itineraries Modifications.

Update available for:

Strike 01/05/2026. Get informed >>>
Web Check-in
Booking
ΕΛ
Sign up / Sign in

Sign up

Upon your registration to the unified digital environment Attica Group and its companies Blue Star Ferries, Hellenic seaways, Anek Lines, Superfast Ferries, as well as Seasmiles and seamore app you can enjoy more benefits!

  • Using the same credentials (email & password), you can access your profile across all the above websites and the seamore app.
  • Your personal details, your co-travellers, your vehicle and pet if you have one, are automatically filled in when you make your booking, so it's quicker and easier to complete.
  • All your trips, including both upcoming plans and completed journeys, are neatly organized in one convenient location.
  • And don't forget to join the Seasmiles Loyalty Programme to earn redemptions for free tickets and discounts up to 30% on ferry tickets and up to 35% on 350+ partners in Greece.
Sign Up

Member Sign in

You can log in if you have already registered via Blue Star Ferries, Hellenic Seaways, Anek Lines, Superfast Ferries websites and the seamore app or if you are already a member of SeaSmiles logo

Sign In
Web Check-in Booking

Privacy Policy - ΑΙ VoiceBot

Privacy policy on the processing of personal data through the call center and the operation of ΑΙ VoiceBot

This Privacy Policy concerns the processing of personal data carried out in the context of customer service, either through telephone channels or via the automated artificial intelligence voice system (AI VoiceBot) used by the Attica Group (hereinafter the “Company”).

The Company places particular importance on the protection of privacy and personal data and ensures that such processing is carried out with transparency, security, and in accordance with the applicable regulatory framework.

 

Information on the Use of Artificial Intelligence in Telephone Communications

Attica Group informs customers and prospective customers contacting its call center that services may be provided either by authorized representatives or through the AI VoiceBot.

The AI VoiceBot is an automated artificial intelligence voice assistant that answers incoming calls, understands requests through natural language processing, and either resolves the request automatically or routes the call to the appropriate representative.

In this context, telephone conversations may be recorded and/or transcribed (speech-to-text) for the purposes of serving passengers, managing requests, and improving the quality of services. A verbal notification will be provided at the beginning of the call.

At the start of the call, callers are informed that they may interact with an artificial intelligence system, in compliance with applicable transparency obligations.

The AI VoiceBot system may provide automated responses based on the content of requests, without constituting automated decision-making producing legal effects within the meaning of applicable legislation.

Callers may, at any time, request to be transferred to a customer service representative without delay.

 

Data Controller

The Data Controller is Attica Group. Contact details are available on its official website.

For data protection matters, you may contact the Data Protection Officer (DPO) at: dpo@attica-group.com

 

Purposes of Processing

Personal data are processed for the following purposes:

  • customer service provision
  • identity verification and fraud prevention
  • management and routing of requests
  • improvement of service quality
  • technical support and system security

 

Categories of Personal Data

Within the framework of call center operations and AI VoiceBot services, the Company may process the following categories of personal data:

  • identification data (e.g. full name)
  • contact details (e.g. phone number, email address)
  • service-related data (e.g. travel information, port of departure/destination, travel date)
  • communication content, including voice data (call recordings) and transcripts
  • call metadata (e.g. date, time, duration, request category)
  • data relating to service requests and technical usage data

Processing is limited to data strictly necessary for the above purposes.

As a rule, the Company does not collect data concerning private life or special categories of data under Article 9 GDPR.

 

Legal Basis for Processing

Processing is based on:

  • performance of a contract or pre-contractual measures
  • the Company’s legitimate interest in organizing and improving customer service
  • compliance with legal obligations
  • Processing within telephone communications is carried out in accordance with the General Data Protection Regulation (GDPR) and Greek Law 3471/2006.

 

Processors and Data Recipients

For the provision of call center services and operation of the AI VoiceBot, the Company cooperates with third-party providers acting as data processors on its behalf and processing personal data strictly in accordance with its instructions.

Recipients of data may include:

  • providers of AI and voice processing technologies
  • call center service providers
  • IT infrastructure providers (including cloud and hosting services)
  • subcontractors of the above providers, subject to applicable law
  • Additionally, data may be disclosed to public authorities, judicial authorities, or other competent bodies where required by law or upon lawful request.

The Company ensures that all partners are bound by appropriate contractual obligations regarding confidentiality and data protection.

 

Data Retention Period

Personal data collected through telephone communications and AI VoiceBot services are retained only for as long as necessary to fulfill the purposes of processing, in accordance with the storage limitation principle (Article 5(1)(e) GDPR).

By exception, data may be retained for longer periods where necessary for the establishment, exercise, or defense of legal claims or for internal investigations.

Specifically:

  • call recordings and transcripts are retained for a maximum period of one (1) year, unless otherwise required by law
  • in exceptional cases, and following a request by a competent authority, retention may be extended up to five (5) years

After the expiration of these periods, data is securely deleted or anonymized.

 

Access to Personal Data

Access to recorded data is strictly controlled and limited to authorized personnel within the Company and authorized personnel of external partners responsible for call center operations.

Access is role-based and granted strictly on a “need-to-know” basis, without unrestricted or uncontrolled access.

 

Automated Decision-Making

Processing personal data through the call center and AI VoiceBot does not involve decisions based solely on automated processing that produce legal effects or similarly significantly affect individuals, within the meaning of Article 22 GDPR.

 

Data Security

The Company implements appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of personal data, and to protect them against unauthorized access, loss, alteration, or unlawful processing.

Such measures include, indicatively:

  • access controls
  • encryption
  • information security procedures
  • incident management policies

The Company ensures that its partners and service providers apply equivalent security measures and comply with applicable standards and regulatory requirements (such as PCI DSS).

 

Data Transfers Outside the EEA

As a rule, personal data are not transferred outside the European Economic Area (EEA).

Where such transfers are necessary, the Company ensures compliance with applicable legal requirements and the implementation of appropriate safeguards, such as:

  • adequacy decisions of the European Commission
  • Standard Contractual Clauses (SCCs)
  • or other lawful transfer mechanisms

 

Data Subject Rights

In accordance with the GDPR, you have the rights provided under applicable law, including:

  • right of access
  • right to rectification
  • right to erasure
  • right to restriction of processing
  • right to object
  • right to data portability (where applicable)

Specifically, within the context of telephone services, you have the right to access recorded conversations and request a copy thereof, subject to applicable legal conditions.

To exercise your rights, you may contact the Company’s DPO at: dpo@attica-group.com

You also have the right to lodge a complaint with the Hellenic Data Protection Authority via its online portal or website.

 

Amendments to this Policy

We reserve the right to amend or update this Policy where necessary due to changes in processing activities, applicable legislation, or business operations.

Last updated: April 2026



Email Verification

Please type the passcode that you received in the email: {{otpSentTo}}
In case you did not receive the passcode, please click below to resend it.
{{otpRemaingTimeFormatted}}
Resend passcode
CLOSE CONFIRM
Newsletter Subscription
Newsletter subscription was successful.
Subscribe