Personal Data Protection Policy
Valid from: 20.05.2018
The processing of the personal data of our customers is regulated by the following terms, by the relevant provisions of the personal data legislation each time in force (EU Regulation 2016/679 of the European Parliament and the European Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC [«General Data Protection Regulation»], Law 3471/2006, as each time in force etc.), as well as by the relevant decisions, directives and regulatory acts of the Hellenic Data Protection Authority.
This Personal Data Protection Policy applies to the use of all our services, regardless of whether you use a computer, mobile phone, tablet, TV or any other device to access our website, as well as to services that are provided without the use of electronic means.
- Data Controller: Data Controller of your personal data collected by us is the company under the name «ATHINAIS S.A HOTEL AND TOURIST ENTERPRISES», tel. no. 210 6431133, email address [email protected], having its registered seat in Athens, Vassilissis Sofias Ave. No. 99 (hereinafter “our Company”).
- Personal Data collected by our Company: The personal data collected by our Company directly by you or by tourist agencies, tourist offices, GDS reservation systems and online reservation systems when you use our services are the following:
(a) mandatory information: name and surname, identification card/passport details, email address, telephone number, country, credit/debit card information and other billing details (e.g. Tax Identification Number), information regarding your children (name and surname, age, passport/identification card details), date of arrival and departure from our hotel and
(b) optional information: address, flight number-airport of arrival-time of arrival, preferences and interests (e.g. non – smoking room, preferred floor, diet peculiarities etc.), member number for loyalty programmes of our Company or third parties such as airline operators.
Furthermore, apart from the personal data you provide directly, we also collect personal data on your use of this website and in particular: (a) device information (hardware model, International Mobile Equipment Identity (IMEI) and other unique device identity data, IP address, operating system issue and setting of the appliance you use to access our website, (b) connection information (such as the time and duration of use of this website, search commands entered in the website, as well as information that may be stored in cookies we have placed on your device and (c) location information (such as GPS signal of your appliance or information on WiFi access points that may be transmitted to us when you use our website).
You may choose not to provide certain types of personal data, but this may limit your access to certain services.
- Scopes of processing:
3.1. Scopes of the processing of your personal data, which we collect are the following:
(b) the safety of our systems and facilities to prevent of fraud against our Company;
(c) the execution of the relevant services agreement that you conclude with our Company and our compliance with our legal obligations arising from the applicable legislation· in this framework we process your personal data for the following particular purposes:
- (i) processing, registration, management and execution of room reservation requests and other hospitality services· in this context we collect data in order to prepare ourselves and satisfy your requests related to your hotel stay (e.g. room preferences, dates and duration of stay, special diet menu etc.)
- (ii) management of your stay in our Company’s hotel· in this context we manage your access to your room, process lists with customers’ personal data for operational purposes, e.g. daily customer arrival and departure lists and lists of special category customers (e.g. VIP etc.) and we monitor the use of our services (e.g. room telephone, mini bar, online room service, Wi – Fi access etc.)
- (iii) improvement of our services, in order to tailor our services to your needs and requests and
- (iv) calculation of the services’ cost that we provided you during your hotel stay and billing
and (d) the management of our relations with you before, during and after your stay (e.g. evaluation and analysis of the market, of our customers and our services, creation of statistical data and reports, creation and management of market studies, management of customers’ claims and complaints).
3.2. Furthermore, if you provide your consent to that, our Company processes your personal data for the scopes of: (a) development and management of loyalty programmes and (b) management of our new and recurring customers’ preferences for your future information for our news (offers, seminars, new services, lotteries, contests, newsletters etc.).
- Cases when we collect your personal data
We collect your personal data in various cases, such as:
(a) Participation in Hotel Activities
- Room reservation
- Check – in and payment
- Reservation of seat and/or use of hotel services, such as catering and recreational services
- Various requests, complaints and/or disputes
(b) Participation in marketing programmes or events
- Registration in loyalty programmes
- Participation in online and offline surveys (e.g. customer satisfaction survey)
- Participation in contests and games
- Subscription to mailing lists in order to receive offers and other promotions by email
(c) Transmission from information from other parties
- Tourist agencies, tourist offices, GDS reservation systems, online reservation systems (e.g. booking.com, expedia.com etc.) and other reservations systems
(d) Actions through electronic devices
- Login on our website
- Connection to our WiFi network of our hotel
Completion of online forms (e.g. reservation forms, precheck – in forms, satisfaction survey forms etc.).
- Recipients of your Personal Data: Recipients of your personal data collected are: (a) the authorized personnel of our Company, (b) third data processors who process your personal data on behalf of our company, such as IT contractors, bulk mailers, banks, credit card institutions, law firms, mail service companies, printing services companies etc., (c) other third parties in relation to corporate transactions: we may share your information with third parties within the context of a merger or transfer, or in the event of bankruptcy or in case we cease being managers or beneficiaries of our hotel, (d) our business associates in order to provide you with services you have requested, make provisions related to your interests and offer you promotions, advertisements and other material and (e) public, administrative police and judicial authorities of any nature, to whom our Company is obliged to reveal your personal data according to the Greek or European Union legislation in force or to defend our legal rights.
Our Company will not reveal, sale, exchange, assign or provide in any way your personal data to any third physical or legal entity without your prior consent, except for the cases mentioned above.
In any case your personal data shall not be transmitted to any global organization or country which is not a member of the European Union or the European Economic Area, unless otherwise provided for in the Greek or European Union legislation. Our Company shall inform you before any such transmission, unless that law prohibits such information on important grounds of public interest.
- Duration of processing: We will keep your personal data for as long as it is required for the completion of the above mentioned scopes, as well as for as long as such storage is required by a contract or the applicable legislation.
- Rights of the data subjects: During the processing, you have the following rights: (a) right to submit a request to our Company for access to your personal data, (b) right to submit a request to our Company for correction of your personal data, (c) right to submit a request to our Company for deletion of your personal data, (d) right to submit a request to our Company for restriction of processing related to you, (e) right to object to the processing, (f) right to transfer for personal data, (g) right to revoke your consent at any time, (h) right to submit complaints to the Hellenic Data Protection Authority ([email protected], www.dpa.gr , Kifisias Avenue 1 – 3, 115 23 Athens, fax: +30 210 6475628). You can exercise the aforementioned rights by sending a relevant email to: [email protected].
- Security of the Personal Data
The security of your personal data is a first priority for us. For this purpose, we implement all current and appropriate to the processing technical and organizational measures, the effectiveness of which is checked on a regular basis in order to ensure (a) the ongoing confidentiality, integrity, availability and resilience of processing systems and services, (b) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident, (c) the regular testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing and (d) the protection of the personal data against risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.
- Cookies can remember your login credentials so you do not have to enter them again each time you connect to a service;
- Cookies help us understand the most popular parts of our website; they help us see which pages and features are used are visited by the users and how much time is spent on each. By studying this kind of information, we can customize our Services and provide you with a better experience;
- Cookies help us and third parties to understand which advertisements you have reviewed so you do not receive the same advertisement each time you access our website;
- Cookies help us provide you with relevant content and advertisements by collecting information about your use of our services.
- Amendment of these terms: Our Company is entitled to proceed at any time to amendment of these terms of personal data protection, in the context of the legislation in force and each amendment shall come into force from its upload in this website.
I declare that I consent to the processing of my personal data for the above under 3.2 scopes.