Data Protection Policy
The ATHENA HOTEL acknowledges the importance of the security of your personal data, as well as of your electronic transactions and takes all the necessary steps, using the most modern and advanced methods, to protect your data from unauthorized access, disclosure, modification or deletion.
- The Controller of your data is the limited company with the name «AVETE K.KOSTARIDIS», address G. Leontos 27, Rhodes GR85100, telephone number +302241022631.
- The legal representative of the Company is: Konstantinos Kostaridis, telephone number +302241022631-3.
- Data Protection Officer: Aikaterini-IoannaKostaridi, address G. Leontos 27, telephone number +302241022631-3, E-mail: firstname.lastname@example.org
The security of the online store of ATHENA HOTEL is achieved with the cooperation of the Company with WebHotelier.
This security policy explains our practices regarding the personal information we collect from you or with reference to you on this website or via the travel agencies or online booking platforms and at the reception upon your arrival at our hotel. In addition, the policy explains the purposes for which we collect your personal data and the methods we use when collecting
If you make a room booking in any way at our hotel you agree to the terms of this data protection policy and you declare that you are at least 16 years of age.
DATA WE COLLECT
When booking a room at our hotel either through our current website or otherwise, and upon arrival at our hotel, you may be asked for the following personal information:
- first name – last name
- e-mail address
- telephone number,
- passport or ID number
- date of birth-age
- place of birth
- booking reference
- flight number
- your credit card number, and optionally
We do not knowingly collect personal data from individuals under the age of 16.
As a parent or guardian, you should not allow the submission of personal data on our website by your children.
Free wireless network (WiFi) is available on site. When you subscribe to this, the MAC address of your connected device is collected, which is deleted immediately after you have disconnected from the network. Parents or guardians of persons under the age of 16 are responsible to consent for the connection of these persons to the network. We cannot identify you when you connect to the wireless network.
The above personal data are necessary and are intended solely for:
- your room reservation
- your check-in and check out
- registering your preferences and fulfilling them during your stay
- the provision of hotel services to you
- ensuring our payment of your stay
- confirmation of a credit card transaction with credit institutions
- the repudiation of legal claims by customers and corporate partners
- support our legal claims
- safeguarding of our legitimate interests
- our compliance with applicable Greek and European legislation.
The provision of your personal data is mandatory for the conclusion of the contract of room rental and provision of hotel services with you, for the fulfilment of the brokerage contract with electronic booking platforms, the contracts with our corporate partners.
Failure to provide such information would result in the failure or incomplete fulfilment of the above contracts, our inability to comply with Greek and European legislation and possible sanctions against us.
TIME PERIOD OF PROCESSING
- We retain your personal information for as long as necessary for the fulfillment of the aforementioned purposes.
- The personal data you provide when booking a room through a online booking channel ( such as Booking com, Expedia and others) is also stored in the clouds of Webhotelier and Primal-res, both using Amazon Web Services,in N. Virginia, USA and in Frankfurt, Germany
- The personal data you provide when booking a room through this website is also stored in the cloud of Webhotelier.
- Both Web-hotelier and Primal-Res are required by PCI-DDS to preserve your data for at least 12 months .
PEOPLE TO WHOM WE TRANSFER DATA
We do not transfer your personal data to third parties, apart from the following specific reasons:
- To travel agencies through which you have booked a room to our hotel, to fulfill the hotel contract
- To our corporate partners and service providers. In this case, we always require from our partners to provide us guarantees for processing your data lawfully and only within the scope of the purpose for which they were forwarded.
- To police, tax and other administrative authorities in accordance with the current applicable laws.
INTERNATIONAL TRANSFER OF YOUR PERSONAL DATA (OUTSIDE EU)
- We may transfer specific pieces of your personal data to travel agencies with which we cooperate in countries outside the EU, if you made a reservation to our hotel through them, for the purpose of implementing the hotel contract and always in accordance with the provisions of the GDPR. By submitting your personal data to them or to us upon your arrival to our hotel, you agree to the aforementioned transfer.
- The data collected through online booking channels is also stored in the clouds of Webhotelier and Primal- Res, both using Amazon Web Services in N. Virgina USA , and in Frankfurt Germany.
- Your data collected through this website is also stored in in the cloud of Webhotelier.
- Amazon Web Services is certified under the EU-US Privacy Shield
RIGHTS OF THE SUBJECTS OF PERSONAL DATA
Α. Right to access your data
- You have the right to access with absolute security the data you have provided us through our website by entering the passwords used for your identification: your Access Password (e-mail or username) and the Personal Security Password (password).
- You have the right, at any time, to request that we inform you of the personal data we hold for you. Your requests must be submitted in writing to the hotel reception , by e-mail to: email@example.com or by registered mail or courier at ATHENA HOTEL, address G. Leontos 27, GR85100 RODOS, GREECE. We are required to respond to your requests within one month.
B. To correct, limit the processing, right of portability and of deletion of your data
You are entitled to request, at any time:
- To correct or limit the processing of your data, when possible.
- To delete your data if this is not contrary to our legal obligation under National and / or European law, to the fulfillment of our duty in the public interest or to reasons of public interest in the field of public health, to the foundation, exercising and support of our legal claims, and more generally, if this is not contrary to paragraph 3 article 17 and to other provisions of GDPR 679/2016.
- you have the right to object to the processing of personal data
- as well as the right to receive your data in a structured, commonly used format and the right to forward them to another controller, without our objection.
Your requests must be submitted in writing to the hotel reception, by e-mail to: firstname.lastname@example.org or by registered mail or courier at ATHENA HOTEL, address G. Leontos 27, GR85100 RODOS, GREECE. We are required to respond to your requests within one month.
FILE A COMPLAINT
You have the right to file a complaint at the competent supervising authority at www.dpa.gr.
Last updated date: 10/07/2018