This Personal Data Protection Policy (here in after referred to as "the Policy") concerns the manner in which the company " ZAMPATIS S.A." based at Vasiliko, Zakynthos, contact firstname.lastname@example.org, +30 26950 44682-3 (here in after referred to as "YriaHotel"), collects, stores, uses and generally processes personal data of visitors to the website www.yriahotels.gr.
What is personal data?
The term "personal data" refers to information of individuals, such as name, postal address, email address, contact telephone, etc., which identify or may identify you, hereinafter referred to as "Personal Data".
What is Personal Data Processing?
Any operation or sequence of operations performed with or without the use of automated means, on personal data or on personal data sets, such as collection, registration, organization, structure, storage, adaptation or modification, retrieval , the search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
What Data does the "Yria Hotel" collect? and for what purposes?
Our company collects the following data:
1) name, surname
3) telephone number,
4) date of arrival,
5) date of departure,
6) customer reviews that contain any personal data
7) credit / debit card details
9) purpose of travel
The above Data is collected for the purpose of
a.) The Booking (via the booking form) and
b.) The Communication (via the contact form).
What is the legal basis for processing the Data of the subjects?
We collect Visitors Data only if there is a legitimate reason for processing it.
In any case, the processing will be based on one of the following legal bases:
a) your consent, where required. You can withdraw your consent at any time.
b) in the legal interest of the Yria Hotel
c) the legal obligations of the Yria Hotel
d) the contractual relationship between us or the taking of measures at the pre-contractual stage.
Who are the recipients of the Data?
Access to Customer Data is provided by the absolutely necessary staff of the Company, which is committed to maintaining confidentiality.
Your Data is not transmitted to third parties except to our IT partner who manages the website and the external associate accountant who has undertaken to perform the accounting and tax obligations of the company.
How does Yria Hotel ensure that its partners respect your Data?
The partners of Yria Hotel have agreed and committed:
to keep confidential, not to send to third parties Yria Hote’sl customer data without its permission, to take appropriate technical and organizational security measures, to comply with the legal framework for the protection of personal data and in particular Regulation 979/2016 / EU (otherwise GDPR).
Does Yria Hotel send the data of the subjects outside the EU?
Your Data are not sent outside the EU, as they are processed only within Greece.
When does the Yria Hotel delete the Data of the subjects?
The Data is retained for as long as necessary in order to fulfill the purpose for which it was collected, unless an extension of such time is required due to legal claims or legal obligations of the Yria Hotel.
Is the Data of the subjects safe?
Recognizing the importance of the security of your Personal Data, Yria HoteL has taken all appropriate organizational and technical measures to secure and protect the Data from any unauthorized access, misuse, alteration, prohibition, disclosure, disclosure, loss or accidental / unfair destruction and any other form of unfair treatment. These measures shall be reviewed and amended as necessary.
What are the rights of Data subjects?
They have the right to access their Data.
This means that they have the right to be informed by the Yria Hotel how and what Data is processed. They can ask to be informed about the purpose of the processing, the type of their Data that it keeps, to whom it transmits it, how long it stores it, if an automated decision is made.
Do they have the right to correct inaccurate data?
If they find that there is an error in their Data they can apply for the correction of inaccuracies and the completion of their incomplete Data, so that it is complete and accurate.
They have the right to delete.
They may request the Yria Hotel to delete their Data, if it is no longer necessary for the above mentioned processing purposes.
They may request that the Data they have provided be made legible or that the Yria Hotel request that it be forwarded to another processor.
They have the right to restrict processing.
They can request the Yria Hotel to restrict the processing of their Data for as long as the processing of their objections to the processing is pending.
They have the right to revoke / object to the processing of their Data.
They may at any time object to the processing of their Data or withdraw their consent, where required and the Yria Hotel will stop the processing of their Data unless there are other compelling and lawful reasons prevailing over their right or if they do not are now necessary for the above mentioned processing purposes.
How can Data subjects exercise their rights?
The exercise of the rights is done by submitting an application to the e-mail address email@example.com.
Yria Hotel responds to Requests without delay, and in any case within one (1) month from the time it receives each Request. However, if the Request is complex or there is a large number of Requests, it informs the data subject within the month in the case it needs to receive an extension of another two (2) months, within which he will respond.
In case the data subject does not receive an answer within the above deadline or the answer he receives is unsatisfactory or the issue has not been resolved, the subject can contact the Personal Data Protection Authority (www.dpa.gr).
What is the applicable law when we process your Data?
Applicable Law is the Greek Law, as formulated in accordance with the General Regulation for the Protection of Personal Data 2016/679 / EU, and in general the current national and European legislative and regulatory framework for the protection of personal data. Competent courts for any emerging disputes related to the Data of the subjects are the Courts of Athens.
How will you be notified of any changes to this Policy?
This Policy is updated whenever necessary. If there are significant changes in the Policy or the way in which the Data of the subjects are processed, an update of this will be posted on the website of the Yria Hotel, from which the data subjects will be able to be informed about it.