WEBSITE PRIVACY AND COOKIES POLICY

WEBSITE PRIVACY AND COOKIES POLICY

Privacy Policy (2016/679 )

Privacy Policy includes the means and procedures that our property manages your personal information. Its application is mandatory in order to collect your personal data. 

In the course of our business activity and the operation of our business we collect and process personal data from visitors, prospective visitors, associates, staff and others in order to be able, on the one hand, to provide excellent services to our guests and, on the other, to fulfil the obligations derived from our contracts and the law.

Our Privacy Policy follows the requirements of the General Data Protection Regulation (GDPR)

 

Personal Data Collection

Our property collects and process personal data from visitors, associates and staff during our business activity and the operation of our hotel, in order to provide excellent services to our guests and to fulfil the obligations derived from our contracts and the law.

The purpose of our property  is the process of the less possible personal data for the less possible time.

 

GDPR Basic Concepts (2016/679)

  • Data Controller : The person (natural / legal) that determines the means and purpose of personal data processing.
  • Data Processor : The person who processes data on behalf of a data controller. A data controller decides the manner and purpose to be followed in order to to process the data, while data processors hold and process data, without having any responsibility or control over that data.
  • Data Protection Officer : The person that ensures, in an independent manner, that an organization applies the laws protecting individuals' personal data.
  • Data subject : A person whose personal data is being collected, held or processed.
  • Processing Purposes : The process of a subject's personal data in order to provide them with all the services and achieving the business purpose with security for their privacy.
  • GDPR Consent : Any freely given, specific, informed and unambiguous indication of the data subject's wishes by which they signify agreement to the processing of personal data relating to them.



Reservations

You can make a room reservation for our property by phone, by email, via our website or through our partner. 

In any of these cases we collect the following data:

  • Name and Surname
  • ID or Passport Number
  • Date of birth
  • Arrival and departure date
  • Type of accommodation
  • Address, country and zip code
  • Nationality
  • E-mail address
  • Credit card details
  • Special requirements

The purpose of data processing is to identify our visitors, keep and prepare the appropriate space and preferences so that we are able to deliver the corresponding conveniences.

In order to collect the remuneration of the reservation, we need to collect credit or debit card details, according to the terms of the agreement in the event that our guest makes or cancels a room reservation, or even does not check in at our property. 

In order to inform you about booking changes or about our services, we need to use your email address.

In order to provide you the comfort of our services and to justify the charge and the benefits requested, we maintain the data about your special preferences.

The legal basis for the processing is the booking agreement between us and the protection our legitimate interests, namely maintaining a high quality of service. 

In case of not providing all the above, we will either not be able to make your room reservation or we will not be able to provide you with the services you are requesting or we will not be able to contact you if there is an update or a problem.

Our property keeps the registration for the name and the check - in date depending on the retention period about your stay and preferences for special services.

In case you give your consent to process the address data for future communication, it is retained for as long as you have consented. 

You may withdraw your consent at any time, considering this will not affect the legitimacy of consent-based use before it is withdrawn.

The law requires the retention of data due to receipts and invoices issues, tax audits and municipal or police provisions, at least for 90 days. The data retention due to the legitimate interest of our property for two years.

 

Credit & Debit Cards 

In order to make a room reservation, you are kindly asked to provide us some credit or debit

card details such as :

  • The credit or debit card type
  • The cardholders name
  • The credit or debit card's number
  • The expiration date
  • The CVV number

 

The purpose of data processing is to provide your reservation and charge the total amount, 

the advance payment or a part of it. The legal basis of data processing is the execution of the contract concluded for your room reservation. The provision of data is mandatory as well as the requirement to provide the service and the security of the payment.

Regarding your room reservation, if you acknowledge your specific consent for your credit or debit card data to be retained for other transactions as well, the legal basis for our processing your data will be your consent for this processing.

You may withdraw your consent at any time, considering this will not affect the legitimacy of consent-based use before it is withdrawn. 

The processing period of your credit or debit card data are solely for transaction purposes and only to authorized persons. Upon your departure from our property, these data are not disclosed, and access to these data is avoided.Your credit or debit card data are deleted within twelve months of the transaction and if it is completed. In cases of your consent, your data are retained for as long as your credit card is valid

Registration Card

Our property keeps a customer database. Each individual tab concerning a single customer. Personal data are recorded in this tab such as:

  • Name, Surname
  • Address, city, country and zip code
  • Nationality
  • ID or Passport Number
  • Date of birth
  • Phone, e mail

Purpose : The registration card serves to manage customers' personal information, to prepare the appropriate space and preferences so that we are able to deliver the corresponding conveniences on time.

Legal basis : 

  • The law requires the retention of data due to receipts and invoices issues, tax audits and municipal or police provisions.
  • The legitimate interest of the company.
  • Customer contracts for the provision of hotel services to allow invoicing, bank payments and justification of charges in cases of dispute. 

Customers' data are entered on the tab in order to ease future bookings and services, without the need of data re-entrance.

You may withdraw your consent at any time, considering this will not affect the legitimacy of consent-based use before it is withdrawn.

Social Media

Our hotel may communicate with you through social media, such as Facebook or Instagram. By clicking the "Like" and "Follow" buttons, Facebook users can subscribe to our Official Facebook page. By clicking again the "Like" button they can be deleted.

Our property may have access to your registered user profiles, however, it does not record or process them in its system.

Purpose : The purpose is to share and promote the property content through our page with them. Our property and the registered Facebook users share latest news, offers and media content such as photos or videos, in order to make our hotel familiar to the public and to promote our services.

Legal basis : Processing personal data relies upon the consent of the subject. Consent can be revoked by unsubscribing at any time.

Withdrawal of consent does not affect the legitimate processing that took place before the revocation. If the consent is revoked, the user will no longer receive notifications.The processing period applies as long as the consent exists and is interrupted when it is revoked. No personal data are stored or processed.


Our website uses cookies to guarantee the correct operation of the procedures, improving the use of browsing experience and collecting the necessary information.

HOW WE USE COOKIES?

Some of the pages on our site use cookies to keep information such as:

  • Name, Date of Birth, Age
  • Preferences on functional topics such as display, membership entry password (only if this feature is selected), if you agree to use cookies in our website.
  • Demographic data, unique identifiers such as phone number, mobile identification data, GPS (Global Positioning System) data.
  • We do not collect sensitive personal information, without your consent. 
  • Education Information for job application purposes.

 

THIRD PARTY COOKIES

Some of our external links may use different cookies from the above. In this case, you will find details of cookies on the relevant information page. You may be asked to agree to the storage of these cookies. Some of these cookies may be placed on your computer and be used by third parties for marketing purposes. This is the case when the website you visit includes content that is viewed by a third party or when you click on the share button on our website and your computer receives cookies from that third party. These include social networking providers such as Google, Facebook, YouTube, Instagram, Twitter, that provide services to both our website users and to us.

Note: We cannot control cookies of third parties and therefore we do not take any responsibility.

 

HOW TO CONTROL COOKIES?

You can control and / or delete cookies according to your wishes.

  • Details can be found here: aboutcookies.org. You can delete all the existed cookies on your computer, by selecting the setup settings of your browser, so it does not allow cookies to be installed.
  • However, in this case, you may need to customize certain preferences each time you visit a website.
  • Note that in this case some services of the site may not work properly.

 

WEBSITE SECURITY

  • Privacy: To ensure the confidentiality of data transmission.
  • Secure Access: Access to our website is controlled by firewall that allows the use of certain services, while prohibiting access to systems and databases containing confidential information of the company.

Encryption: Our database systems decrypt the information they receive with the same key and then they process it. After this procedure, you will receive information by following the same encryption process. Every form of our website you enter your personal data is encrypted.