PRIVACY AND PERSONAL DATA PROTECTION STATEMENT
BEACH HOUSE ANTIPAROS SINGLE-MEMBER PRIVATE COMPANY (“the Company”, “we”, “us”) acknowledges that the protection and safety of your personal data is extremely important and is committed to showing respect to your privacy and to the protection of these data.
This Privacy and Personal Data Protection Statement (“Statement”) presents the way the Company uses your personal data, as well as the measures taken to protect and safely maintain these data. The Statement applies for you, if you receive hospitality services by us, if you participate in our events or promotions or if you interact in any other way with us, among others, by using any website or communicating with us through social media.
Take a moment to examine in detail this Statement. If you are already our customer or partner, further details regarding the way we use your personal data may be mentioned in the contract between us. More information pointing out further use of your personal data, as well as your right to object, may also be provided during the collection of your personal data.
- Who we are
The Company specializes in customized and exclusive hospitality services and is located on Antiparos Island, Greece. The Company, with VAT number 800491996, has its registered office in Apantima, Antiparos, 84007, Greece and is supervised by the Personal Data Protection Authority (PDPA).
- Collected data and their use
We collect and use personal data to enable us to manage your relationship with the Company and to offer you our Services. Certain personal data are collected to offer you personalized and improved services.We collect personal data with a view to:
- Manage the room reservation and other hospitality services
- Create and store legal documents according to applicable law
- Collect information in order to prepare and satisfy requests related to your accommodation (e.g. room preferences)
- Manage your accommodation at the Hotel
- Monitor the use of services (Room telephone, mini bar, Wi-Fi access etc.)
- Manage lists with our customers’ personal data for operational reasons, such as the customers with current arrivals, departures or list with qualified customers
- Improve our hotel services
- Adapt our products and Services in order to better meet your requirements
- Provide you useful information regarding offers or other promotions
- Inform you about special offers and new Services
- Manage our relationship with you before, during and after your accommodation
- Manage the customers’ database
- Get to know and manage the preferences of new and repeat customers
- Send newsletters, promote products and offers or contact you by phone
- Manage requests for removal from update lists
- Create and manage questionnaires and their statistics
- Conduct prize drawings, contests or offers, in accordance with the provisions of the law
- Improve our Services
- Manage customers’ claims and complaints
- Offer you the advantages of loyalty programs
- Systems Security
- We record data to guarantee your safety and the prevention of fraud
- Compliance with Greek and European law
- Conduct market researches, customer satisfaction and quality assurance surveys
- What Personal Data do we collect?
Information directly provided to us
Some of our Services, enable you to provide information directly to us. For instance:
- Several of our Services enable users to create accounts or profiles. Along with these Services, we may ask you to supply some information about you to subscribe to the service. For instance, you may submit some information about you, such as your name and e-mail address, during your subscription to our newsletter.
- If you order a paid product or a service by us, we may ask your name, your room number and the billing information to process the order.
- If you participate in any on-line or off-line competition or promotion we organize, we may ask your name, contact information, e-mail address, your age and gender, your personal or professional interests, other identifying information and your opinion about our products and/or services.The information we must ask from you and/ or your family members are the following:
- Contact Information(e.g. family name, name, father’s name, passport number, identity card details, telephone, home address, e-mail address)
- Personal Information(e.g. date of birth, nationality, place of birth)
- Invoicing information(e.g. credit card number, VAT number)
- Loyalty Program Membership Number(the membership number for the loyalty program of our Company or any third-party program, such as of an airline)
- Data of arrival and departure, flight number and room number
- Preferences and interests(e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests)
- Medical datarelating to your health, such as, among others, medical opinions and reports, results of medical tests, data related to pathological conditions etc.
- Questions and comments made during or after your stay at our Hotel.The information we collect in relation to individuals aged under 16 is limited to Name, Family Name, Nationality and Date of Birth and they may be granted only by an adult/ guardian. We are grateful for any action that ensures that your children do not send personal data without your consent (especially through the Internet). Nevertheless, if any such information is sent, you may contact us at email@example.com or at our mailing address Apantima, Antiparos 84007, Greece in order to arrange the deletion of such information.
Furthermore, information such as your passport number, your recreational activities, your hobbies, any health problems you may have or whether you smoke or not, may be classified as sensitive. We retain such information only if required by applicable law or if you have explicitly given your consent (e.g. in order to provide you the appropriate Service, such as a special diet)
Information regarding the use of Services by you
Apart from the information directly provided, we may also collect information regarding your use of Services through your device’s software, as well as through other means. For instance, we may collect:
- Device information– such as hardware model, mobile telephone identification number (IMEI number) and other unique device identifiers, MAC address, IP address, operating system version and setting of the device you use to access the Services.
- Connection information– such as time and duration of use of the Service, search queries entered in the Services and any information stored in cookies installed in your device.
- Location information– such as information about Wi-Fi access points that may be transmitted to us when you use the Services (e.g. Wi-Fi).
- Image information– such as video recordings from closed-circuit surveillance camera (CCTV) for security reasons.
- Other informationregarding the use of the Services by you, such as the applications you use, the websites you visit and the way you interact with the contents offered through a Service.Other information we collect
We may also collect other information about you, your device or your use of the services in the ways described in the collection point or otherwise with your consent.
You may choose not to provide us certain types of information, but this may affect your ability to use some Services.
- When do we Collect Personal Data?
We collect personal data in several cases, such as:
- Hotel Operations:
- Room reservation
- Check-in and payment
- Reservation and/or use of hotel services, such as food services
- Various requests, complaints and/or disputes
- Participation in marketing programs or events:
- Participation in on-line and off-line surveys (for instance Customer Satisfaction Survey)
- Participation in competitions and games
- Subscription in mailing lists in order to receive offers and other promotions by e-mail
- Transmission of information by third parties:
- Tour operators, tourist agencies, GDS reservation systems, On-line reservation systems (such as booking.com, webhotelier.net etc.) and other reservation systems
- Actions via electronic devices
- Connection to our websites
- Connection to our hotels Wi-Fi network
- Filling out on-line forms (e.g. booking form, precheck-in form, satisfaction survey form etc.)
In any case, we inform you about the processing purposes before the data collection and all information collected are specified in this Privacy and Personal Data Protection Statement.
- Transmission and disclosure of your personal data
We do not trade and transmit your personal data to third parties, except as provided in this Privacy Statement, as well as under legal requirements. In particular, in order to provide our services, we may disclose your personal data to some other companies, acting on our behalf (as processors) with a view to provide best possible service to you (such as transport companies, communication and marketing service providers, accounting firms, businesses providing consulting or auditing services etc.). The Company guarantees the processing of your personal data by its partners – other companies under contractual terms regarding the processing and maintenance purpose in accordance with the technical and organizational measures of GDPR for the correct and safe processing of your personal data.We do not transmit your personal data to third countries and/ or non-EU countries.
The Company shall use the e-mail contact information and the name of the User/ Customer or other information in order to inform the users regarding the state of test applications, as well as to serve similar purposes, unless the User/ Customer inform the company at firstname.lastname@example.org or its mailing address Apantima, Antiparos 84007, Greece, that they do not consent to the collection and use of their electronic information for those purposes.
The access to personal data is strictly limited to the Company’s staff, which applies appropriate technical and organizational measures in order to ensure their appropriate security level and only for the achievement of the intended purpose.
- Protective measures
The Company takes all necessary information protection and security measures. In particular, we have developed and applied optimal technical and organizational security and information protection mechanisms in order to protect their integrity, availability and confidentiality.
- Duration of data retention
We collect and retain your personal data for as long as it is required under the law in the context of our contractual relationship with you.If you consent to use your data for marketing activities, we retain your data until you request otherwise or you withdraw your consent.
- Your rights
The Company acknowledges and safeguard your following rights:
- Right of transparent information to exercise your rights (article 12, 13, 14 GDPR),
- Right of access (article 15 GDPR) to the personal data collected by you
- Right to rectification (article 16 GDPR) of inaccurate personal data concerning you
- Right to erasure (“right to be forgotten”) (article 17 GDPR) of a Member – User account and the information about you. We shall note that the exercise of the right to erasure of an active subscriber entails the inability to continue to provide the services you may have requested
- Right to restriction of processing of your personal data (article 18 GDPR) where possible
- Right to object (article 21 GDPR) to the processing of your personal data
- Right to revoke your already granted consent (article 7 GDPR), namely, to withdraw your consent at any time for any processing made based on consent. The lawfulness of processing of your data shall not be affected by the withdrawal of your consent until you requested the withdrawal.
- Right to lodge a complaint before the competent supervisory authority, Personal Data Protection Authority, (1-3, Kifisias Avenue, Athens, P.C. 115 23, +30 210 6475600, email@example.com)You are entitled to exercise your rights by sending e-mail to the Legal Department of the Company (firstname.lastname@example.org) or by letter sent to our address (Apantima, Antiparos, 84007, Greece). You are kindly requested to accompany your relevant requests with the appropriate proof of identification, with the express reservation of the Company to ask the provision of additional information in order to identity and confirm your data.
- Submission of requests and/ or complaints
The Company collects and processes personal data, in compliance with the provisions of this Statement and the applicable law. However, if you still believe that the respective processing is not lawful, you are entitled to lodge a complaint before the competent and independent Personal Data Protection Authority (PDPA).
USEFUL CONTACT INFORMATION
BEACH HOUSE ANTIPAROS SINGLE-MEMBER PRIVATE COMPANY
Apantima, Antiparos 84007, Greece
For customer care
BEACH HOUSE ANTIPAROS SINGLE-MEMBER PRIVATE COMPANY
Apantima, Antiparos 84007, Greece
Personal Data Protection Authority (PDPA)
1-3, Kifisias Avenue, P.C. 115 23, Athens