GDPR Toggle

Data Protection Policy

The ATHINEON HOTEL acknowledges the importance of the security of your personal data, as well as of your electronic transactions and takes all the necessary steps, using the most modern and advanced methods, to protect your data from unauthorized access, disclosure, modification or deletion.

  • The Controller of your data is the limited company with the name «AVETE K.KOSTARIDIS», address 17th Vironos street , Rhodes GR85100, telephone number +302241026112.
  • The legal representative of the Company is: Mr Konstantinos Kostaridis, telephone number +302241026112 .
  • Data Protection Officer: Mrs Aikaterini-Ioanna Kostaridi, address 17th Vironos street , telephone number +302241026112, E-mail: dpo@athineonhotel.gr

The security of the online store of ATHINEON HOTEL is achieved with the cooperation of the Company with WebHotelier.

This security policy explains our practices regarding the personal information we collect from you or with reference to you, on this website, or via the travel agencies, or online booking platforms and at the reception upon your arrival at our hotel. In addition, the policy explains the purposes for which we collect your personal data and the methods we use when collecting

If you make a room booking in any way at our hotel, you agree to the terms of this data protection policy and you declare that you are at least 16 years of age.

DATA WE COLLECT

When booking a room at our hotel either through our current website or otherwise, and upon arrival at our hotel, you may be asked for the following personal information:

  • first name – last name
  • gender
  • e-mail address
  • telephone number,
  • passport or ID number
  • date of birth-age
  • place of birth
  • nationality
  • booking reference
  • flight number
  • your credit card number, and optionally
  • address

We do not knowingly collect personal data from individuals under the age of 16.

As a parent or guardian, you should not allow the submission of personal data on our website by your children.

Free wireless network (WiFi) is available on site. When you subscribe to this, the MAC address of your connected device is collected, which is deleted immediately after you have disconnected from the network. Parents or guardians of persons under the age of 16 are responsible to consent for the connection of these persons to the network. We cannot identify you when you connect to the wireless network.

PURPOSE

The above personal data are necessary and are intended solely for:

  • your room reservation
  • your check-in and check out
  • registering your preferences and fulfilling them during your stay
  • the provision of hotel services to you
  • ensuring our payment of your stay
  • confirmation of a credit card transaction with credit institutions
  • the repudiation of legal claims by customers and corporate partners
  • support our legal claims
  • safeguarding of our legitimate interests
  • our compliance with applicable Greek and European legislation.

The provision of your personal data is mandatory for the conclusion of the contract of room rental and provision of hotel services with you, for the fulfillment of the brokerage contract with electronic booking platforms, the contracts with our corporate partners.

Failure to provide such information would result in the failure or incomplete fulfillment of the above contracts, our inability to comply with Greek and European legislation and possible sanctions against us.

 TIME PERIOD OF PROCESSING

  • We retain your personal information for as long as necessary for the fulfillment of the aforementioned purposes.
  • The personal data you provide when booking a room through a booking channel ( such as Booking com, Expedia and others) is also stored in the clouds of Webhotelier and Primal-Res.
  • The personal data you provide when booking a room through our website is also stored in the cloud of Webhotelier.
  • Web-hotelier and Primal-Res are required by PCI-DDS to preserve your data for at least 12 months

PEOPLE TO WHOM WE TRANSFER DATA

We do not transfer your personal data to third parties, apart from the following specific reasons:

  • To travel agencies through which you have booked a room to our hotel, to fulfill the hotel contract
  • To our corporate partners and service providers. In this case, we always require from our partners to provide us guarantees for processing your data lawfully and only within the scope of the purpose for which they were forwarded.
  • To police, tax and other administrative authorities in accordance with the current applicable laws.

INTERNATIONAL TRANSFER OF YOUR PERSONAL DATA (OUTSIDE EU)

  • We may transfer specific pieces of your personal data to travel agencies with which we cooperate in countries outside the EU, if you made a reservation to our hotel through them, for the purpose of implementing the hotel contract and always in accordance with the provisions of the GDPR. By submitting your personal data to them or to us upon your arrival to our hotel, you agree to the aforementioned transfer.
  • The data collected through online booking channels is also stored in the clouds of Webhotelier and Primal- Res, both using Amazon Web Services in N. Virginia USA , and in Frankfurt Germany.
  • Your data collected through this website is also stored in in the cloud of Webhotelier.
  • Amazon Web Services is certified under the EU-US Privacy Shield

RIGHTS OF THE SUBJECTS OF PERSONAL DATA

ΑRight to access your data

  • You have the right to access with absolute security the data you have provided us through our website by entering the passwords used for your identification: your Access Password (e-mail or username) and the Personal Security Password (password).
  • You have the right, at any time, to request that we inform you of the personal data we hold for you. Your requests must be submitted in writing to the hotel reception , by e-mail to: dpo@athineonhotel.gr  or by registered mail or courier at ATHINEON HOTEL, address 17th Vironos street , GR85100 RODOS, GREECE. We are required to respond to your requests within one month.

B.   To correct, limit the processing, right of portability and of deletion of your data

You are entitled to request, at any time:

  • To correct or limit the processing of your data, when possible.
  • To delete your data if this is not contrary to our legal obligation under National and / or European law, to the fulfillment of our duty in the public interest or to reasons of public interest in the field of public health, to the foundation, exercising and support of our legal claims, and more generally, if this is not contrary to paragraph 3 article 17 and to other provisions of GDPR 679/2016.

In addition,

  • You have the right to object to the processing of personal data as well as
  • The right to receive your data in a structured, commonly used format and the right to forward them to another controller, without our objection.

Your requests must be submitted in writing to the hotel reception, by e-mail to:  dpo@athineonhotel.gr  or by registered mail or courier at ATHINEON HOTEL, address 17th Vironos street , GR85100 RODOS, GREECE. We are required to respond to your requests within one month.

FILE A COMPLAINT

You have the right to file a complaint at the competent supervising authority at www.dpa.gr.

PRIVACY POLICY CHANGES

Although most changes are likely to be minor, ATHINEON HOTEL may change its Data Protection Policy from time to time. If we do, we will post the revised version here and change the “last updated date” at the end of the statement. ATHINEON HOTEL encourages you to frequently check this page for any changes to its Data Protection Policy. Your continued engagement with our services after any change in this  Policy will constitute your consent to such change.

 

Last updated date: 10/07/2018