TYPE OF INFORMATION WE COLLECT
- We collect only as much information as is necessary at a time to be able to provide services that meet your needs. Typically this information includes:
- contact information (name, email address, postal address of home and work, landline and mobile phone number),
- credit card details (card type, credit card number, name on the card, expiry date and security code),
- information that helps us serve you better (arrival and departure dates, date of birth, gender, names and ages of your spouses and children, room preferences, dietary preferences, leisure activities, etc.),
- “special categories (sensitive) data” (allergies and other health problems that require special handling on our part
We will always ask for your consent when we are going to use your personal data for purposes other than those related to the actual provision of our services, such as e.g. for direct marketing purposes such as sending informative emails and newsletters. We also ask for your consent for the “sensitive” personal data you entrust to us such as your ethnic origin and health status.
You should know that you can withdraw your consent at any time by contacting us by phone and email. In particular, with regard to promotional messages and newsletters you receive from us, you can always opt-out by clicking on the UNSUBSCRIBE link included in such communications.
TRANSFER OF YOUR INFORMATION
We will never give your information to third parties unless:
- you have given us relevant express consent,
- it is necessary to provide you a service you have requested from us (e.g. your transfer from the airport / port or other point of arrival to our hotel),
- when companies or service providers performing business on our behalf need such information in order to perform the tasks set out in their agreements with us (eg credit card processing, customer support services, market research or database management services);
- required by law by court order or at the request of any other competent governmental, judicial, police, administrative or regulatory authority, upon lawful request and in accordance with relevant laws;
- in the event of an emergency, such as safeguarding a person’s life, health or property. When information is transferred to third parties as mentioned above, we take care to minimize the information provided to the extent necessary to achieve the specific purpose. Unless otherwise prohibited by legal process, third parties are required and bound to us to protect your personal data in accordance with our policy and to comply with applicable privacy laws and regulations.
RETENTION & DELETION OF YOUR PERSONAL DATA
We keep your personal data, in a way that allows your identification, only as long as required by the relevant purpose of collection and processing. In addition, the retention time for some of your personal data may depend on the current relevant legislation as well as our own relevant policies regarding the resolution of disputes, the handling of complaints, the prevention of fraud and other illegal activities.
After the end of the retention period, your personal data is destroyed, deleted or anonymized.
You should be aware that under European data protection law, you have a number of rights in relation to your personal data held by us. In particular, you can ask us:
- give you a copy of your data;
- correct your data if you believe it is inaccurate;
- to delete your data, if there are specific reasons,
- to limit the processing we carry out on your data,
- give you your data in an appropriate format as well as transfer it to another company,
- to stop processing any data you have given us through consent and in particular the data we use to send promotional messages and newsletters.
To ask us to do any of the above, you can contact us by phone or email. We will promptly examine your request in relation to the relevant provisions of the current legislation on personal data and we will respond to you at the latest within thirty days of receiving your request.
If, due to the complexity of the request or the number of requests, we are unable to respond to you in time, we will inform you within those thirty days of any delay, which in no case may exceed two months from the end of the thirty-day period. We may ask you for some identification (eg a copy of your ID or passport) in order to prevent unauthorized disclosure of your personal data.
To ensure that your personal data is accurate and up-to-date, we recommend that you update us regularly about your information as appropriate (eg if your home address or email address changes).
If for some reason you feel that your rights regarding your personal data have been violated, you always reserve the right to submit a complaint to the competent Supervisory Authority for Personal Data Protection: http://www.dpa.gr, Kifissias 1-3, T. K. 115 23, Athens, tel. 210 6475600, email: email@example.com. In this case, we would greatly appreciate it if you contacted our hotel beforehand.
We recognize the importance of information security and are in a continuous process of reviewing and improving the technical and organizational measures we take. Both for our website and for our servers and other information infrastructure, we have established and implement appropriate security measures to protect your data from misuse, unauthorized access or disclosure, loss, alteration or destruction.
Although there is no “guaranteed security” either on or off the Internet, we protect your information using appropriate administrative, procedural and technical safeguards, including controlled access, fire walls and the use of encryption.
PERSONAL DATA OF MINORS
It is our practice not to knowingly acquire and/or retain information about persons under the age of sixteen (16) except that which is given to us by their companions (parents, guardians) and is absolutely necessary for the provision of our services (e.g. placing a cot in a room).
DISCLAIMER FOR THIRD PARTY WEBSITES
Although the website may contain links to third-party websites, it is not responsible for the privacy practices or content of those websites and expressly disclaims any responsibility for any loss or damage that may arise from the use of said links. We do not monitor the privacy practices or content of these websites. If you have any questions about another website’s privacy practices, you should contact that website’s appropriate privacy officer.
We wish and seek for you to contact us about matters related to your personal data and the protection of your privacy, such as for example:
- updating your details,
- changing how you want us to communicate,
- the cessation of sending informational and promotional messages by us,