We take your privacy seriously and want to be transparent with the processing of your personal data. For this reason, we have a policy that sets out how we process and protect your personal data. We respect your privacy rights and recognise the importance of protecting your information. Whenever you provide us with your personal data, we will use it in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws and for the purposes set out in this policy, in the registration forms you have completed and in all relevant terms and conditions of use.
- Who collects your personal data?
The Greek company Agorastou Zacharoula (Efrosini Hotel Apartments & Studios), is the controller of the personal data you provide to us and is responsible for the security of your data under the Data Protection Act.
2. Why do we use your personal data?
We use your personal data:
To manage your stay, i.e. to process reservations and cancellations through our website and to send you notifications about the status of your reservation in case of any problems up to the date of your stay.
To process your payments.
To manage complaints about our services.
To offer you different payment alternatives.
To identify you and verify that you are over 17 years old.
To improve your stay experience and our services.
To send promotional emails about our new services, special offers, our news or other information that we believe you may find useful, using the email addresses you have provided to us.
3. What personal data do we collect?
Contact details such as name, surname, address, email address, telephone number, postal code.
Tenant information such as name, surname, address, email address, telephone number, postal code, date of birth, gender, city, country.
Payment information and history
Residence history
IP address
4. What is the legal basis for processing your data?
We process your personal data because it is necessary for:
The performance of the service sales contract
Our compliance with our legal obligations
The pursuit of our legitimate interests
In general, we rely on your consent as a legal basis only for processing related to sending direct marketing messages via email. You have the right to withdraw your consent at any time. Where your consent is the only legal basis for processing, we will stop processing your data after its withdrawal.
5.How long do we keep your data?
We do not retain your data for longer than is necessary for the purposes set out in this Policy. Different retention periods apply to different types of data, however the longest period we retain your personal data is 10 years.
6. Who has access to your personal data?
We will never transfer, sell, rent or exchange our customers’ data to other organisations for marketing purposes. Access to your personal data is only available to our reception staff and the business owner. We may share your data with government organisations, regulators, law enforcement agencies, courts, banking institutions and insurers, where we are required to do so:
To comply with our legal obligations.
To exercise our legal rights.
To prevent, detect, investigate crime or prosecute offenders.
To protect our employees and customers.
7. Do we transfer your data outside the European Union?
In order to provide you with our products and services, it is sometimes necessary for us to transfer your data outside the European Union. This usually happens when our service providers are located outside the European Union or if you are located outside the Union. Such transfers are subject to special rules under data protection laws. If this happens, we ensure that the transfer complies with data protection laws and that all your personal data is secure. Our usual practice is to use “standard data protection clauses” which have been approved by the European Commission for such transfers.
8. How do we protect your data?
We implement appropriate technical and organizational measures to ensure that your personal data is always protected and secure. Our security measures include data encryption, regular cybersecurity assessments of all service providers that may handle your personal data, security controls that protect our entire technological infrastructure from external attack and unauthorized access, and internal policies that define how we ensure the protection of your data and the training of our employees.
9. What are your rights?
Right of access: you have the right to request information about the personal data we process at any time. You can contact us and we are happy to provide you with your personal data by email.
Right of rectification: you have the right to request the correction of your personal data if it is incorrect.
Right to erasure (“right to be forgotten”): You have the right to request that personal data processed by our company be deleted at any time, unless there is a pending order that has not yet been shipped or you have a debt to us.
Right to restriction of processing: You have the right to request that we restrict processing when there is a specific reason for this (e.g. if you object to our legitimate interest or if your personal data is incorrect or if you believe that the processing is unlawful or if we no longer need it).
Right to portability: Whenever our company processes your personal data, you have the right to receive a copy of it in a structured, commonly used and machine-readable format, as well as to request that it be transmitted to another party. This only includes personal data that you have provided to us.
Right to object to processing based on legitimate interest: You have the right to object to the processing of your personal data based on our legitimate interest. We will not continue to process your personal data unless we can demonstrate legitimate grounds for the processing that override your interests and rights or we have legitimate claims.
Right to object to direct marketing: You have the right to object to direct marketing, including profiling for direct marketing purposes. You have the option to opt out of direct marketing.
10. How can you exercise your rights?
If you wish to exercise any of the above rights, please contact us using our contact details or go to your personal account where you can change your data or delete yourself. If you believe that our company is processing your personal data incorrectly, please contact us.
11. Do we use cookies?
Our website uses cookies to collect information. The information includes data about browsing and purchasing behavior. More information is provided in the Cookie Policy.
12. Can we modify the privacy policy?
We reserve the right to update or change the Privacy Policy at any time. You should check this Policy periodically. The latest version of the Privacy Policy is always available on our website. We will notify you of any material changes to the Privacy Policy, for example if they relate to the purpose for which we use your personal data, the identity of the controller or your rights.
Contact information
If you have any questions about how we use your personal data that are not answered here or if you would like to exercise your rights regarding your personal data, please send us an e-mail at info@pavane.gr.
COOKIES POLICY
- What are cookies?
We use cookies to collect information. A cookie is a small text file sent by a website and stored on your computer by your browser while you are browsing the Internet. By using our services, you consent to the use of cookies. Cookies help us remember who you are and other information about your visits. Cookies are necessary for the effective operation of our website and to help you with your online shopping.
2. What types of cookies do we use and for what purpose?
We use necessary first-party cookies (such as session, permanent and traffic log cookies). These cookies collect information about your browsing and purchasing behavior when you access this website through your computer or other device. The information collected is related to the pages you viewed, your favorite products or products you purchased and your navigation on our website. In addition to first-party cookies, we also use third-party cookies to collect statistics and user data, in aggregate and individual form, through analysis tools to optimize our website and present you with relevant promotional material.
- What personal data do cookies record?
Cookie ID
IP address
Browsing history
Purchasing behavior
If you have an account, we can also link your cookie ID to the personal data you submitted to us when creating your account
4. How long do we store your personal data?
We do not retain your data longer than necessary for the purposes specified in this Policy. Data recorded by first-party cookies is only kept for 30 days. In addition, data from third-party cookies is retained for 26 months.
5. Who has access to your personal data?
The data transmitted to third parties (such as Google Analytics) is only used to provide the above services and to collect statistical data through analysis tools to optimize our website and present you with relevant promotional material.
6. What is the legal basis for the use of cookies?
The use of cookies is based only on your explicit consent. You have the right to withdraw your consent at any time. Please note that if you withdraw your consent, you will not be able to access certain areas or features of our website.
7. How can you disable cookies?
You can easily disable cookies using your browser. If you would like to manage and delete cookies, please refer to the “help” and “support” section of your browser for instructions. You can choose to disable cookies or receive a notification each time a new cookie is sent to your computer. Please note that by deleting cookies or disabling future cookies, you may not be able to access certain areas or features of our website.