Personal Data Protection Policy.
Kinsterna Hotel (hereinafter called “the Hotel”), considers the protection of personal data it processes a matter of first priority. For this reason, it collects and processes data according to the principles included in EC Regulation 2016/679 of the European Parliament on the protection of natural persons against the processing of personal data and on the free circulation of these data (hereinafter called “the General Regulation on the Protection of Data “ or “GDPR”) and according to the applicable national and European legislation on personal data protection. It also takes all the necessary technical and organizational measures required for the protection of the personal data it collects and processes within the framework of its commercial activities.
We urge you to read carefully the present personal data protection policy of our Hotel, aiming at informing you on the terms and conditions governing the processing of personal data by the Hotel within the framework of exercising our commercial activities and the services we offer you in any way, as well as on the rights you have on the basis of the applicable legislation.
The Hotel reserves the right to modify, update, review or otherwise change the present Personal Data Protection Policy at intervals, if necessary, without previous notification, according to the legislation in force. For this reason, we call upon you to check the present policy at regular intervals in order to be informed on the existence of any modified editions.
For the purposes of the present protection policy “personal data” are considered the following: any information concerning an identified or identifiable natural person (“subject of the data”). The identifiable natural person is the person whose identity can be verified, directly or indirectly, especially through reference to an identifier datum, such as name, identity card number, data on position, online identifier or one or several factors specific to the bodily, physiological, genetic, psychological, economic, cultural or social identity of the natural person concerned.
“processing”: any action or series of actions which are carried out with or without the use of automated means, on personal data or groups of personal data, such as the collection, entering, organization, structure, storage, adaptation or change, the retrieval, the search of information, the use, the disclosure by transmission , the dissemination or any other form of provision, the correlation or the combination, restriction, erasure or destruction ,“responsible for processing”: the natural or legal person, the public authority, the service or any other authority which alone or together with others, determine the purposes and the way personal data are processed.
When the purposes and the way of this processing is determined by the legislation of the European Union or the legislation of a member state, the responsible of the processing or the special criteria for his appointment can be foreseen by the legislation of the European Union or the legislation of a member state,“recipient”: the natural or legal person, the public authority, the service or other body to which the personal data are transmitted, whether it concerns a third party or not. However, the public agencies which may receive personal data within the framework of a specific study according to the legislation of the European Union or of a member state are not considered recipients. The processing of these data from the public agencies in question is carried out according to the rules in force on the protection of data in accordance with the purposes of the processing,“third party”: any natural or legal person, public authority, service or body, except the subject of the data, the responsible for processing, the person carrying out the processing and the persons who under the direct supervision of the responsible of processing or the person carrying out the processing, are authorized to process personal data, “you or “you” or “visitor”: any natural person, who uses the services of the Hotel or visits the present website of the Hotel or whose personal data we are processing according to the provisions of the present Data Protection Policy.
GENERAL INFORMATION AND RESPONSIBLE FOR PROCESSING
The company “AIGHIS-LIMITED BUILDING-HOUSING- TOURISTIC AND AGRICULTURAL COMPANY”, which has its seat at 13 Alexandras Avenue and 13 Katsantoni St., in the Municipality of Athens, TN 999632095, is the responsible for the processing, the collection, the storage and the processing in general of your personal data which are described in the present Personal Data Protection Policy.
WHAT PERSONAL DATA WE PROCESS AND HOW
The Hotel is fully committed to the safeguarding of your private life and the personal information you entrust us. We collect and process usually the following personal data:
Full name, nationality, identity card/passport number, date of birth, profession, address, vehicle license plate number, telephone number and e-mail
Information on your payment, credit or debit card information, remittance number and bank account number
Vehicle license plate number (yours or rented)
Stay data (arrival-departure, number of persons, total number of overnight stays)
Visitor profile (special preferences, record of previous visits, information on the health of the visitor, allergies, eating habits, personal interests, brochures)
Contact information (i.e. e-mail) where the visitor agrees to receive information and advertising material by the Hotel
Images from the surveillance video system operating in the Hotel premises for the security of persons and goods
Information we may receive during the visitor’s connection to the Hotel WIFI and which are necessary for the visitor’s optimum experience while using the internet (type of device you are using, location, ip/mac address, operating system, cookies, etc.)
Technical data, we collect, when you are using the Hotel website (cookies)
Your personal data are collected by the Hotel when you personally book on-line or by telephone or through a third party or through our website or through a third party’s platform (type booking, expedia) or when you make a payment to the Hotel for the purchase of services in any way or when you check in the Hotel or during your stay in the Hotel or when you participate in an event which takes place in the Hotel or when information is passed on by third parties (for example tourist agencies, on-line booking systems) or when you connect through an electronic device to our website or the Hotel’s WIFI or when you fill in on-line booking forms or customer satisfaction forms or when you fill in the relative contact form in the Hotel’s website.
LAWFULNESS OF PROCESSING
The Hotel processes your personal data exclusively and only after you have given your written consent to this end, which you offer when you make a booking in our website or when you check in at our Hotel. For persons under fifteen years of age (15), consent is offered by his legal representative.
The Hotel processes your personal data in a legal and legitimate way. In no case it collects or processes a greater number of information or data than the one required for fulfilling the purpose of the processing. Your data is safely stored. Their collection and processing are carried out exclusively for the above-mentioned purposes of processing and use. Your data are not used for the creation of a profile.
PURPOSE OF PROCESSING
The Hotel collects and processes your personal data, exclusively for the purposes of offering personalized and continuously improved services to you. For example:
During the handling of a room reservation and other host services
During the handling of your stay in the Hotel or during the offering of catering services
For the improvement of our hotel services
For the handling of our relations with the customer before, during and after his stay
For the security of the Hotel and our systems
For our observance of Greek and European legislation
For quality assurance and the optimizing of our services
For the satisfaction of our visitors and Hotel policy concerning direct marketing and the promotion of our sales.
TRANSFER OF PERSONAL DATA TO THIRD PARTIES
In order to offer you the best possible services, we provide access to your personal data or to special categories of them, to specific and expressly authorized personnel of our Hotel. For example:
To the Reservations Department
To the IT Department
To the Marketing Department
To the Legal Department if necessary
To our Accounting Office
The Hotel will disclose your personal data if this is required by the law, by a judicial or regulatory decision or in order to exercise its legal rights.
These third parties may be found in Greece or in countries within the European Union or anywhere in the world. When personal data are stored by us we demand from the service providers to utilize suitable measures for the protection of the confidentiality and security of personal data. If we are going to transfer your personal data to a third country outside the EU or to an international organization, you will be notified in advance according to the provisions of article 13 par. 1 (στ) GDPR.
PERSONAL DATA RETENTION PERIOD
Your personal data are kept exclusively and only for the time interval required for fulfilling the above-mentioned purpose for which they were collected, in compliance with the legislation in force. When the purpose of the processing of your personal data is fulfilled, they are deleted.
COOKIES, BEACONS AND SIMILAR TECHNOLOGIES
We may use advertising companies of third parties for the display of Advertisements concerning goods and services which may interest you, when you have access and use electronic services, other websites or online services. For the display of such advertisements these companies place or recognize a unique cookie in the browser (including the use of pixel tags). If you want more information concerning this practice and the choices you have in relation to it, please visit http://www.networkadvertising.org/managing/opt_out.asp and
Cookies: Cookies are small files, which store information on your electronic device and are used: a) for your convenience, so you won’t have to enter the same credentials every time you connect to a service b) from the Hotel or third parties, in order to understand what advertisements you have seen, so you do not receive the same advertisement c) from the Hotel or third parties, in order to examine
which of our web pages or parts of them are the most popular, in order to improve our services d) from the Hotel or third parties, in order to collect information and content concerning the use by you of our services and of other sites.
When you use a browser you can make the relevant arrangements concerning the acceptance, control, objection to or rejection of cookies or to be notified when cookies are being sent.
Which cookies we use for example: Necessary Cookies: they are essential for the proper functioning of our website, they allow you to navigate it and utilize its function.
These cookies do not recognize your individual identity. Without these cookies we cannot offer an efficient functioning of our website.
Function Cookies (of preferences):These cookies allow the website to remember the choices of the user such as the name of the user, the language or area, so it can offer improved and personalized functions. They can also be used for rendering services demanded by the user, such as the projection of videos or the use of Social networks. The information collected by these cookies can become anonymous and they are unable to follow the navigational activity in other sites. If you do not accept these Cookies, the functioning of the website can be affected and your access to its content can be limited.
Performance Cookies (statistical): These cookies collect information concerning the way visitors use our website. For example, which pages they use more frequently and if they receive error messages from websites. These cookies collect aggregated anonymous information which do not identify a visitor. They are used exclusively for the improvement of the website’s performance.
Marketing Cookies: These cookies are used for the provision of content, which best suits you and your interests. They can be used for forwarding targeted advertisements/offers, the limiting of advertising display or for measuring the effectiveness of an advertising campaign. These cookies can be used to remind us of the websites you have visited, so we can establish which electronic marketing channels are most effective and allow us to reward external webpages and collaborators who forwarded you to us.
Uncategorized Cookies: Uncategorized are the cookies which are at the categorization stage together with the providers of individual cookies.
Beacons: The Hotel as well as some third parties, may use modern technologies called beacons (or pixel) and forward information from your device to the server. Beacons can be incorporated into the internet content, videos and e-mails and allow the server to read certain kinds of information from your device, to know when you have projected certain content or a specific e-mail message, determine the time and the date you projected the beacon and the IP address of your device. The Hotel as well as certain third parties, use beacons for various reasons, such as analyzing the use of our Services and (in combination with cookies) providing you with even more relevant content and advertisements.
When you access our website and use our services, you agree to the storage of cookies, other technologies, beacons and other information into your devices. You also agree to the access by us and by third parties to the above-mentioned cookies, other technologies, beacons and information for the purposes analyzed above.
IX. YOUR RIGHTS CONCERNING YOUR PERSONAL DATA
Every natural person whose personal rights constitute the object of processing, has the following rights:
The right to be updated and have access: You have the right to be updated and have access to the data kept by us and to receive additional information concerning their processing.
The right to correction: You have the right to ask for the correction, modification, supplementation and updating of your data kept by us.
The right to erasure: You have the right to ask for the erasure of your personal data when we process them on the basis of your consent or in order to protect our legal interests.
The right to the limitation of processing: You have the right to ask for the limitation of processing of your personal data when: (a) the accuracy of your personal data kept is in dispute and until a verification is carried out, (b) the processing is illegal and you ask instead of erasure for the limitation of the use of your personal data, (c) your personal data are not needed for the purposes of processing, they are however necessary to you for the establishment, exercise, defense of legal claims and (d) you oppose to the processing and until it is verified that there are legal reasons which concern us and prevail over the reasons for which you are opposed to the processing.
The right to oppose to the processing: You have the right to oppose at any time to the processing of your personal data when there is no overriding and legal reason for us to continue the processing.
The right to portability: You have the right to receive free of charge your personal data in a form which allows you to have access to them, to use them and process them as well as ask, if it is technically possible, for the transfer of your data directly to another responsible for processing. The above right is valid for data you have provided to us and whose processing is carried out through automated means on the basis of your consent or in execution of a contract between us.
The right to the withdrawal of consent: You have the right at any time to withdraw your consent, to the extent it was received for the intended processing.
In order to exercise any of your rights, you can send a message to the following e-mail address: firstname.lastname@example.org
Or you can contact us at the following address:
AIGHIS S.A. Care of Mrs. Lisa Zonoudaki
13 Alexandras Avenue and !3 Katsantoni St.,
PC 114 73, Athens, Greece
Telephone: +30 210 6447320
The right to complain to the APPD: You have the right to submit a complaint to the Authority for the Protection of Personal Data (www.dpa.gr):
Switchboard: +30 210 6475600, Fax: +30 210 6475628, e-mail: email@example.com.
X. SECURITY OF PERSONAL DATA
The Hotel assures you that it has taken and applies all suitable technical and organizational measures aiming at the safe processing of your personal data and the prevention of their accidental or unfair loss or destruction or distortion and the unauthorized and/or illegal access to them, their use, alteration or revelation and sees to the legality of the collection, processing and safe storage of personal data, according to the provisions of national, European and International Law on the protection of an individual from the processing of personal data and especially having regard to the provisions of the General Regulation on the Protection of Data.