2. KEY CONCEPTS REFERRED TO IN THIS CHAPTER
When referring to personal data, we mean any information relating to a specific natural person or person whose identity can be ascertained, i.e. any information relating to an identified or identifiable natural person (‘the data subject’). Identifiable is that natural person whose identity can be ascertained, directly or indirectly, in particular by means of a reference to an identity element such as name, identity number, address, email, location data, online identity identifier or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of the natural person concerned.
When we refer to the processing of your personal data, we mean any act or series of acts that is carried out with or without the use of automated means, in personal data or sets of personal data, i.e. the processing is the collection, registration, organization, structure, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction deletion or destruction.
‘Controller’ means a natural or legal person, public authority, agency or other body which, alone or jointly with other persons or bodies, determines the purposes and means of processing personal data.
‘processor’ means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
‘consent’ of the data subject is any indication of free, specific, explicit and fully informed willingness, whereby the data subject declares that he agrees, by a declaration or by a clear affirmative action, to the processing of personal data concerning him or her.
‘Personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access of personal data transmitted, stored or otherwise processed.
‘Health-related data’ means personal data relating to the physical or mental health of a natural person, including the provision of health-care services, which reveal information about his or her state of health.
“Specific categories of personal data/Sensitive personal data” are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the unequivocal identification of a person, data relating to health or data concerning them. the sexual life of a natural person or sexual orientation.
In order to be transparent the way we collect, use, store, transfer and protect personal data (PII), VANORO HOTEL encourages its website visitors and any interested party to read the present Privacy Statement and Privacy.
We take all the necessary measures and maintain all globally accepted and based on international security standards, so as to protect the personal data of customers processed in such a way as to ensure that the processing of personal data is always carried out in accordance with the obligations set out by the legal framework governing the company itself, as well as third parties who may process personal data on its behalf business.
The following legal framework binds our Company which operates on the basis of current National and Community legislation: the relevant provisions of the National Law on Protection of Personal Data and on the Guarantee of Confidentiality of Communications (we mention N. 2472/1997 on the protection of personal data, N. 3471/2006 for the protection of privacy in the field of electronic communications, as applicable, the regulations of Privacy of Communications of S.A.D.A.E. as published in Government Gazette B’ 2715/17.11.2011 and applicable, the P.D. 47/2005) and the relevant provisions of Community law (European General Data Protection Regulation/GDPR – 2016/679) and Law 4624/2019 (Implementing Measures of the General Regulation on Protection European Parliament Personal Data [2016/679]).
3. LEGAL BASIS FOR PROCESSING PERSONAL DATA
VANORO HOTEL processes your personal data transparently, in accordance with the principles of legality, proportionality, confidentiality and integrity, purpose limitation and accuracy, specific data retention time and data minimization. In conclusion, we will use your personal data only when the law permits.
The lawful basis for processing your personal data can be:
(a) Your consent. Where our legal basis is consent, you have the right to revoke your consent at any time.Actions such as accommodation service, personalized services (about your preferences, needs, etc.), communication with you, including analysis of your travel preferences and accommodation and catering preferences, so that we provide services exclusively for you and/or actions update and send special offers for our services and products, or updates for attentive events or offers, receive information material (newsletter), etc.
b) The necessity of processing your data, in the context of performance of our contractual obligation or in the pre-contractual stage to fulfill our legal obligations. For example, when you book our hotel, this is a contract or when we record identification upon your arrival.
(c) The necessity of processing your data in the context of compliance with a legal or regulatory obligation. For example, keeping records of our sales for tax compliance or facilitation with the payment process.
(d) The necessity of processing your data, in the context of safeguarding our legitimate interests (or those of third parties), as your interests and fundamental rights do not prevail over these interests. For example, when we conduct a fraud check as part of the check-out process or take steps to keep our website safe, to facilitate payments, your accommodation service, stay in compliance with the legal Our obligations, our services improvement, your personal travel preferences and interests, Reservation (Stay and Restaurant) Management, Personalized Services, Marketing, Administrative Process Facilitation etc.
(e)The need to process data to protect vital interests of you or the person you accompany.
(f) The need to extract statistical data.
g) Meeting your requests.
(h) Customer invoicing.
(i) Performing customer receipt updates in the company’s information systems.
When we consider legitimate interests, before processing your personal data for our legitimate interests, we take care to take into account your rights to balance any possible impact on you (both positive and negative). We do not use your personal data for activities, where our interests override the impact of this processing on you (unless we have your consent or otherwise required or permitted by law).
4. METHOD OF COLLECTING AND USING PERSONAL DATA
The personal data are collected, following express consent of the subjects, which is given either by the latter before any processing or collection of their personal data takes place, or by the company itself when they visit our website, where we may collect data from them.
The aforementioned consent clearly informs the data subjects, in accordance with the provisions of the current Personal Data Protection Legislation that they are to collect and process the personal data required to fulfill the intended purpose and are informed of all the recognized rights, which they can exercise.
We also collect and analyze the data you enter by using digital media (on our website and hotel applications), device data, connectivity and configuration, your arrival process and convenience, including the protocol address (IP) used to connect your computer or device to the internet, such as when registering, accessing the account or Your profile for executing payment orders accounts, updating your details online, reporting failures on the network, submitting applications etc.
We may collect or receive data in many different ways. Below we list the main ways in which we do this:
➢ may collect Personal Data, during your stay at our premises, asking you to fill in certain documents/forms in relation to the total stay, for example when you check-in and check-out, use our accommodation, facilities and services, use our concierge services, track our events, participate in a contest, promotion or research, fill out a search contact information card and/or you provide us with your business card. We also collect Personal Data when you book by phone, contact us, by email or by means of online conversations, or by contacting customer service. These communications can be recorded for quality assurance and training purposes.
➢ We collect Personal Data when you contact us, through this website or otherwise connect with us by mail, phone or email or by chat or social media or post on social media pages or subscribe to a newsletter or participate in a survey, contest or promotional offer. Investigations and questionnaires: We may also collect further demographic data or other personal data through surveys and questionnaires.
For example, when: sign up to receive our newsletter or other direct advertising/marketing item, when you ask questions or request information or contact us in general, when you create an account on our website, for booking accommodation, information about hospitality, room services, booking our restaurant, when you contact us on social media, participate in a competition, promotion or research and leave you register for some of our business services.
➢ We may receive some data automatically when you interact with us on this site or other media. For example, this may be data about your preferences, browsing or how you use this website. We may also collect data when you click on one of our ads (including those you view on third-party websites or social media). The systems we use to manage visitors can also collect data automatically to help create a guest profile, which in turn gives us a better understanding of how we can improve your experience with us. We may receive some data from third parties as part of the booking process for our stay, hospitality, needs, care, catering or services at our hotel.We can provide you with our services.
➢ you are planning an event with us, or you are attending an event as a guest, we may collect your personal data about the subject and date of the event, statistics and other personal information of the guests who are attending the event. We may share personal information about you with event developers or third party service providers or vice versa.
➢ may also collect information about you from third parties (such as airlines, travel agents and travel agencies and other business partners), as well as from other sources that share your data with us in accordance with legal or contractual obligations. We may also further use and share this information for the same purposes. For example, from technology partners who help us to manage our website and mailing list entries, from payment and fraud prevention service providers, analytic data providers, advertising networks and search information providers, data partners, publicly available sources, social media, where the privacy settings are set for the public by third parties to whom you have authorized to share your data with us and/or by third parties authorized by law to share your personal data with us.
VANORO HOTEL collects personal data and automatically stores information about you, through the use of online technologies (e.g. cookies) and similar monitoring technologies when receiving reports of errors or usage data from software applications on your OnLine or via WiFi communications in the company’s offices. If you use a mobile device, we may also collect data that identifies your device, settings and location.
The personal data entered by the user are stored in the database of VANORO HOTELA. By registering and/or submitting your personal data to our website, you consent at the same time to the use of this data in accordance with this Privacy Statement.
5. PERSONAL DATA PROCESSING OBJECTS OF OUR CUSTOMERS
5.1. VANORO HOTEL respects your privacy and protects your personal data. The way of collecting data above explained the different ways in which we can receive or receive data. Some of this data may be personal data, so read below to understand the different types we may be collecting from you.
Of course, the types of personal data we collect depend on how you interact with us. Your personal data are not used for other purposes than those intended by our business and subjects (e.g. requests by visitors of its websites), who expressly consent to the collection and processing of their data, unless we receive your permission, or unless required or permitted by law or by professional standards. For any matter related to present, you can contact the following email address: email@example.com. or on the contact phone: 2310553283.
With this policy we aim to inform you about the personal data we collect and process during our operation. Personal data relating to you shall be collected and retained for the necessarily necessary time, for specified, explicit and legitimate purposes described in detail, lawfully and fairly processed in a transparent manner, in accordance with the applicable legal framework and in a manner that guarantees their integrity and confidentiality. This data is appropriate, relevant, appropriate and no more than is necessary in view of the above purposes, and is accurate and, if necessary, updated and updated. Where additional, optional information is required or in the event of further processing of your data, we will inform you accordingly and request your prior consent for this new processing, if required at the time of thecollection data.
VANORO HOTEL ensures that the Personal Data processed are:
・ They are processed, which is legal and fair in relation to the data subject.
・ Collected for defined explicit and legitimate purposes.
・ They are appropriate, relevant and limited to what is necessary for the purposes for which they are processed for.
・ It is accurate and up to date.
・ They shall be processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures.
・ They are only kept for the period required for the purposes of processing Personal Data. In some cases they may be kept for a longer period, especially if the processing of these data is necessary for:
The observance of a legal obligation imposed by a provision elsewhere in the law.
The performance of our company’s duty to perform a public interest purpose.
Archiving for public interest purposes, scientific or historical research.
For statistical purposes.
To establish, refute, exercise or support legal claims.
5.2. VANORO HOTEL, in accordance with the law, collects and processes Personal Data. When you sign up directly to make a reservation or use our services, as well as when you check-in at our hotel, we may ask you to provide certain personal information, such as:
➢ identity data, which include the title, sex, first name, maiden name, surname, nationality, place and date of birth, marital status. If you interact with us, through social media, this can include the user name of your social media, as well as information about your image (there can be a record from security cameras located within the hotel, etc.).
➢ Information related to your stay and focus (length of stay, information about the consumption of products, etc.)
➢ contact information including billing address, delivery address, email address and phone numbers.
➢ financial data including payment card and bank account data.
➢ Travel data: credit and debit card number or other payment data, financial information in limited extent, travel itinerary, group of travelers or activity data.
➢ transaction data include details about payments to and from you and other details of the products and services you have purchased from us.
➢ profile data includes your username and password, purchases or orders made by us, your interests, preferences, comments and survey responses, as well as any data we’ve added (for example, using analytics and profiles), social media account identifier, photo,profiles, and other data available to the public or data available by connecting them social media.
➢ technical data includes internet protocol (IP) address, connection data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
➢ Usage data includes information about how you use the website, products and services.
➢ Tracking data includes information we or others collect about you from cookies and similar tracking technologies, such as web signals, pixels, and mobile identifiers.
➢ Marketing and communications data includes your preferences for receiving direct marketing from us and from our third parties and your communication preferences.
➢ data collected and processed from images and videos through the video surveillance system (CCTV, hereinafter CCTV) where it is installed, for security reasons, employees, customers, premises and equipment, in accordance with the requirements and standards set by national and Union legislation on data processing, audio and video and data from reports (e.g. the Security Code). incident reports, lost items reports, Safe list, etc.). Such reports may contain personal information, such as name, room number and recorded for security and protection reasons based on our legitimate interest.
➢ Aggregated Data such as statistics or demographic data for any purpose. The aggregated data may originate from your personal data, but are not considered to be legally personal data, as this data does not disclose directly or indirectly your identity.
➢ Communication data, e. home or work postal address, work and staff email address, phone number (home/work/mobile) and fax numbers.
➢ Family data: data on family members and partners, such as names and ages of children.
➢ Social Media Data & Lifestyle Data: Guest preferences and personalized data, such as previous stays or guest interactions, purchased goods and services, interests, activities, hobbies, food and drink options, services and amenities that you advise us about or learn about during your visit.
➢ health data, e.g. as required for participation in certain activities, the use of services and specific service and benefits and your nutritional preferences (eg any allergies, intolerances, etc.).
5.3. For specific cases, we collect and process the following data with the following explanation of the legal basis:
A. Employees / External partners: name, surname, maiden name, surname, year of birth, place of birth, sex, nationality, address, e-mail address, salary data, insurance data, data relating to the family situation, education and training of the worker/partner, his/her service record, CV, work permit, diploma, disease forms, the details of the ID card, IBAN of the bank account, photographs, AAM, IKA registry data, IKA contribution note, telephone and mobile phone numbers, home address, tax information, tax number, tax office, tax office, information contained in a curriculum vitae, e-mail addresses, recruitment documents and termination documents of the employment contract, retirement decisions, booklet health index, medical record with medical history and examinations, certificates of fitness, assessments/ratings, performance data, curriculum vitae, working hours.
The management of the employment relationship between us and the employee/external partner, as well as the processing of these data is considered to be necessary for the performance of the contract of employment. The fulfillment of the employer’s obligations of VANORO HOTEL and the processing of data is necessary for its compliance with its legal obligations.
B. Prospective Employees: first name, last name, contact details, education, work experience, email, citizenship, marital status. VANORO HOTEL collects and processes personal data of candidates for vacant jobs. This data shall be collected by the applicant upon submission of a request. In the event of non-recruitment, the applicant’s resume shall be maintained for a period of six months to cover any future jobs. The assessment of the suitability of the applicant to fill a specific job position. The legitimate basis of processing is the legitimate interest of VANORO HOTEL and the consent of the candidate worker.
C. Participants, speakers and guests at scientific conferences, actions and events: (a) Name, postal address, function, profession, email. (b) Image data (photographic/video). In the context of the implementation of the actions of VANORO HOTEL it is possible to download pictures and/or video of the various events, conferences or workshops that our company organizes. These data are likely to be posted on the site or on the Social Media that is managed by our hotel. The aim is to successfully organize. The processing of personal data is considered necessary for the successful management and organization of actions and their purposes.
D. Residents / Guests at the Hotel: name, identification document details (passport, identity card, etc.), birth date, contact address, credit card number, duration of stay, email, home address, telephone, billing information. Performance of a contract the subject of which is a contracting party. Consent of the subject. Compliance with a legal obligation of VANORO HOTEL.
E. Vendors: name, TIN, IBAN, contact phone, address, business headquarters, email, contact details. Execution of a contract the subject of which is a contracting party. Compliance with legal obligations under contract. Satisfaction of the contractual interests of VANORO HOTEL.
5.4. Special Categories of Personal Data
A. VANORO HOTEL collects “sensitive” personal data only when those individuals provide us with such data or when such data is required or permitted to be collected by law or professional standards. Sensitive personal data includes personal data about a person’s race, ethnic origin, political beliefs, trade union membership, religious or similar beliefs, physical or mental health, sex life or criminal record.
Please use your discretion when you provide sensitive personal data, and do not provide in any case sensitive personal data, unless you hereby consent to use this data for its legitimate business purposes and consent to the transfer and maintenance of these data from and to the records kept in our hotel.
B. For the category of Employees: VANORO HOTEL may collect and process data belonging to specific categories of personal data (“sensitive data”), such as data concerning the health of its employees, in order to fulfill ́its insurance obligations. Similarly, in exceptional cases, when required by current legislation, VANORO HOTEL may collect and process data relating to criminal convictions or offenses, such as copies of a criminal record, while respecting the principle of proportionality.
C. Residents / Visitors / Participants in conferences: VANORO HOTEL can process data belonging to specific categories of personal data (“sensitive data”), such as data concerning eating habits, allergies, religious preferences, diseases, etc.
The performance of the obligations and exercise of specific rights of VANORO HOTEL or the data subject in the field of labor law, social security and social protection law.
The protection of the vital interests of the data subject.
If you have questions about whether the provision of sensitive personal data to VANORO HOTEL could be necessary or appropriate for certain purposes, please contact firstname.lastname@example.org.
6. USE – COMMUNICATION OF PERSONAL DATA
6.1. In accordance with the applicable legal framework, at VANORO HOTEL we collect a variety of personal information about our guests, customers and visitors of our website and we fully commit to providing information about the collection and use of your personal data during your visit to our premises, using our websites, products and services. only to the extent that we do or intend to use them for the following purposes:
a) in order to fulfill our legal contractual obligations (to process and complete your booking details, promotion and provision of rooms, hospitality, reservation of rooms, restaurant or other premises and provision of the relevant services, provision of additional services, intermediation / support for the use of transport, planning and organization of events, charging for services and consumptions and processing; payments, transactions or services you request, registration as a new visitor or as a visitor of the website, etc.). We use personal data to provide services you request, such as: to facilitate bookings, payment, receive administrative information, confirmations or messages before arrival, assist you with meetings and events, and to provide you with other information about the area and the property you are about to visit.
(b) For advertising and communication purposes in relation to our products and services, marketing partners and other trusted third parties based on your consent. In this case you may receive personalized offers and benefits, invitations to events, newsletters and optional participation in surveys based on your preferences and interests. For your convenience in future reservation / stay at the hotel, for sending updates in the form of emails/sms/newsletter/letters, for your information about plans/offers/discounts and/or other promotional actions of the hotel, for sending messages/forms within the framework of customer satisfaction research, etc. In any case, you have the right to revoke your consent at any time and/or object to this processing of your personal data, without any negative consequence to you.
c) Our legitimate interest, as shown by actions such as improving our services, facilitating administrative procedures, providing special offers and benefits, managing your reservations from the call center, providing personalized services and direct marketing services, assessing applications and CVs of prospective employees and managing the business/contractual relationship with partners or suppliers us.
d) To conduct market research, through surveys to better serve your needs and improve your experience at VANORO HOTEL, improve the effectiveness of our websites and various means of communication, facilitate our advertising campaigns and/or advertising activities, based on our legitimate business interest.
(e) For financial transactions, management of charges, fees, fees, VAT and recovery of financial debts on the basis of our legitimate interest.
f) In order to serve our legitimate business interests (our and third parties). For example to operate CCTV system in order to avoid illegal actions and protect you, our staff and our property.
(g) In order to comply with our legal obligation and resolve or regulate legal claims that may arise in the relationship between us.
(h) For the prevention and detection of illegal acts. Necessary for our legitimate interests (to protect our business and our visitors and visitors of the website through monitoring of the fraud and suspicious transaction monitoring).
i) If you have given us your consent for the processing.
6.2. We may also use the information we have available for you in the following ways and for the following purposes:
・ providing, maintaining, improving and developing relevant characteristics, content and services offered,
・ identifying and protecting you from fraudulent, abusive or illegal activity and maintaining the security of the website,
・ management of our website and business,
・ activate the use of our available services, send movements, invoices and payment reminders to you, as well as collect payments from you,
・ send email notifications of your requests to our website,
・ management of requests and complaints submitted by yourself or related to our website,
・ maintaining website security and preventing any fraud,
・ for legal purposes: (i) legal proceedings, requests by legal and state authorities, (ii) claims for violation of rights of third parties by any content, (iii) protection of rights, property or personal security, users or the public, (iv) establishment or exercise of our legal rights or defense against legal claims or (v) as otherwise required by law.
6.3. We may, however, share your information with the following bodies:
・ Business partners. We may also share your information with trusted business partners. These partners may use your information to provide you with services you have requested and to provide you with promotional materials, advertisements and other materials if you have given your consent.
・ Service providers and/or any third party that performs the processing on our behalf. We may also share your information with companies that provide services on our behalf or on our behalf, such as IT subcontractors, companies that send bulk emails on our behalf, banks, credit card issuers, law firms, services companies of mail, printing services companies, etc.
・ Credit Approval: When you submit a credit request, your personal information is used and disclosed to appropriate third parties in accordance with applicable law to decide to grant and maintain a credit limit for you.
We use your Personal Data to respond to your requests. The User’s Personal Data is not published, sold or disclosed. VANORO HOTEL is part of our philosophy and our basic principle that we will not disclose your information to third parties for their own independent business purposes or marketing purposes without your consent, as access to the records which include the data of the data subjects it is limited solely to authorized individuals who have taken on the role of processors. When the information is transmitted in accordance with the above, we limit the range of information communicated to the strictly necessary for the attainment of that purpose.
Such revelations may also be required when we have your prior consent, when sharing or disclosure of your information is required, in order to offer you products or services (e.g. reservations), for Privacy Controls or security controls and/or to investigate or respond to complaints or threats to security and for our business purposes, in order to respond to your requests when third parties or service providers and suppliers (for example outsourcing service companies, companies managing payments made with cards, travel agencies, etc.) acting on behalf of VANORO HOTEL require such information, when it is necessary to comply with contractual obligations and in case of emergency, such as the protection of a person’s life, health or property. In all of the above cases, we will try to limit the scope of personal information disclosed in the amount of information required to perform the specified function. Unless otherwise ruled out by law, we require that third parties protect your personal data and comply with applicable privacy laws and regulations.
Service providers and suppliers are bound by data processing agreements and are obliged to ensure the confidentiality and protection of data in accordance with the Regulation on the Protection of Personal Data. The entire workforce employed at VANORO HOTEL and processed your Personal Data is contractually bound by confidentiality, confidentiality and privacy clauses of your data.
VANORO HOTEL may also disclose Personal Data about the sale, assignment or other transfer of the business of the website to which the data relates. In these cases, VANORO HOTEL remains responsible for the processing of your Personal Data and defines the individual elements of the processing, and signs a special contract (DPA) with the third parties to whom it entrusts processing activities, in order to ensure that the processing is carried out, in accordance with the applicable legal framework, and that any natural person can freely and unimpeded exercise the rights conferred on it by the applicable legal framework.
VANORO HOTEL understands the importance of protecting minors’ personal data, especially in an online environment. You must be at least 18 years old to make reservations and/or submit personal information on our website. If VANORO HOTEL obtains unintentional personal information or other data from users under 18 years of age, we will not knowingly provide such data to third parties for any purpose and any subsequent disclosure will be due to the fact that the user under 18 years of age used the website and submitted personal information without asking permission of VANORO HOTEL.
On the contrary, if necessary, we seek to collect the data of minors from their parents or their legal guardians and where necessary to obtain the relevant consent. As it is not always possible to determine the age of persons accessing and using our websites, however, we advise parents or legal guardians to contact us in case they observe the unauthorized transfer of data from minors, so that they can exercise their rights accordingly, such as the deletion of their data.
7. HOW WE STORE AND SECURE THE INFORMATION WE COLLECT – DATA RETENTION
The period of storage of the data shall be decided on the basis of the following specific criteria depending on the case:
・ When processing is imposed as an obligation by provisions of the applicable legal framework, your Personal Data will be stored for as long as the relevant provisions impose on them. Also, when it is necessary to comply with our legal or regulatory obligations, resolve various or strengthen the terms and conditions of use, we can retain some of your data as required, even if the account has been closed or there is no longer a need to provide our services to you.
・ When processing is performed on a contract basis, your personal data is stored for as long as is necessary for the performance of the contract and for the establishment, exercise, and/or support of any legal claims under the contract. In any case, your personal data is limited to what is strictly necessary for the achievement of these purposes, is accurate and kept for a period determined by the processing purposes, protected by adequate security measures, having already taken all the necessary technical and organizational measures to this end and not transmitted to third parties, but to authorized employees per service of the enterprise for the sole purpose of providing the service.
We will also keep your account data for as long as you keep it and have not requested its deletion. Your data, which you give us in order to provide you with services, will be kept for as long as necessary, so we can continue to provide you with these services. If it is reasonably necessary or required for the fulfillment of legal or regulatory requirements, the resolution of disputes, the prevention of fraud and abuse or the enforcement of terms and conditions, we may retain some of your information, as required, even after your account expires or if you no longer need to provide our services to you. After the above intervals, the personal data of the subjects will be destroyed and can not be used for any purpose and in any way.
8. WHAT ARE YOUR PRIVACY RIGHTS
The user has the ability at any time to update, change or delete any item registered with a simple notice/request via the e-mail, which he declared when registering. Any request of the person/subject is submitted to VANOROHOTEL at: email@example.com.
VANORO HOTEL will reply free of charge to your request, without delay and in any case within one month of receipt of the request, except in exceptional cases, in which case the above deadline may be extended by another two months, if required, taking into account the complexity of the request and the number of requests. VANORO HOTEL will inform you of any extension within one month of receipt of the request, as well as of the reasons for the delay. In case your request is impossible, VANORO HOTEL will inform you within one month of receipt
the request, for the relevant reasons and for the possibility to submit a complaint to the Data Protection Authority, as well as for your right to appeal to the competent judicial authorities. If your request is deemed by VANORO HOTEL to be manifestly unfounded or excessive, it may impose a reasonable and proportionate fee, taking into account the administrative costs for its satisfaction or refuse to grant your request.
For any request related to the processing of your personal data, as above, please contact VANORO HOTEL’s Data Protection Officer by e-mail at the e-mail address firstname.lastname@example.org.
Any natural person whose data is processed by VANORO HOTEL enjoys the following rights, according to the Rules, related to your personal data that we have stored at any time, in accordance with applicable law and without any charge:
(A) Right to transparent information on the exercise of your rights (Articles 12, 13, 14 GDPR). You have the right to be informed of the existence of the processing operation and its purposes, and of any further information necessary to ensure fair and transparent processing, taking into account the specific circumstances and the context in which the processing of personal data takes place.
B) Right of access (Article 15 GDPR). You have the right to be aware and verify the legality of processing. You therefore have the right to have access to the data and to receive additional information about the processing of the data. You have the right to know and confirm that the processing of your data is done in a legal manner. If you have submitted personal data to our company, in most cases you have the right to reasonably access this data in order to correct any inaccuracies. You may also request the modification or removal of information relating to you, by contacting VANORO HOTEL and we will make all reasonable and practical efforts to satisfy your request, if this is in accordance with applicable Law and professional standards.
C) Right of rectification (Article 16 GDPR). You have the right to correct, update or modify your personal data, either by contacting the above contact information email@example.com, of VANORO HOTEL.
(D) Right of erasure (Article 17 GDPR). You have the right to submit a request for the deletion of your personal data in any case but we note that this right is subject to specific restrictions. You can do this in order to protect your legitimate interests or even without justification. In cases such as, for example, where there is a contract, an obligation to process personal data imposed by law, a public interest, etc., that right is subject to specific restrictions or does not exist on a case-by-case basis.
(E) Right to restriction of processing (Article 18 GDPR). You have the right to request restriction of the processing of your personal data in the following cases: (a) when you question the accuracy of personal data and until verification is made, (b) when you object to the deletion of personal data and request instead of deletion the restriction of use of them, (c) when personal data is not needed for processing purposes, you are, however, necessary for the foundation, exercise, support legal claims, and (d) when you object to processing and until verification is made that there are legitimate reasons that concern us and prevail over the reasons why you object to processing.
(f) Right to object to processing (Article 21 GDPR). You have the right to object at any time to the processing of your personal data in cases where, as described above, this is necessary for purposes of legitimate interests we seek as controllers, as well as to processing for the purpose of direct marketing and consumer profile marketing and training.
G) Right to Portability (Article 20 GDPR). You have the right to receive your personal data free of charge in a format that allows you to access, use and process them with the commonly used processing methods. You can also use and process your personal data in a format that allows you to access them, use them and process them using the most widely used processing methods.
Also, you have the right to ask us, if technically feasible, to transmit the data and directly to another controller. This right exists for the data you have provided to us and their processing is carried out by automated means based on your consent or by performance of a relevant contract.
H) Right to withdraw your consent (Article 7 GDPR). Right to withdraw your consent already given, i.e. to withdraw your consent freely at any time. The lawfulness of processing your data is not affected by withdrawal of consent until the time you requested revocation. To revoke your consent, please contact email firstname.lastname@example.org.
I) Right to complain. If it is proven that your personal data has been leaked from VANORO HOTEL resulting in material or non-material damage, you have the right to complain to the competent supervisory authority (Data Protection Authority, www.dpa.gr, Kifissias Avenue 1-3, T.E Mr. 115 23, Athens, +30 210 6475600, +30 210 6475628, email@example.com)
9. SECURITY AND INTEGRITY OF PERSONAL DATA
VANORO HOTEL is in continuous harmonization and compliance with the terms of General Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of data and is constantly making every possible effort to comply with it. We want to keep your personal data secure, so we have implemented the appropriate security measures to prevent accidental loss, use or access in an unauthorized manner, modification or sharing, using procedural and technical safeguards, including password controls and the “firewall”. We also ensure that only business-related individuals can access your data, including employees, agents, suppliers and other third parties. They will process your personal data only in accordance with our instructions and subject to a duty of confidentiality. It shall also take all necessary technical and organizational measures appropriate to the security and integrity of personal data to ensure an adequate and adequate level of security appropriate to address the risks of preventing accidental loss, misuse or destruction and unauthorized and/or unlawful access to, disclosure, use, modification or disclosure and to provide the best possible protection of data storing and preventing maliciousinterception and leaks.
To this end all electronic monetary transactions that are carried out on our website are protected by encryption technology. We store all the personal data you provide to secure (password and firewall protected) servers but, although we will do our best to protect your personal data, we cannot guarantee the absolute security of the data that is handled via the internet and for this you are responsible to keep your password confidential. Moreover, our company will never ask for your password disclosure (except when you log in to our website). Moreover, within our capabilities, access to your personal data is limited to those who are in need of acquiring knowledge of them. Those individuals who have access to the data are obliged to maintain the confidentiality of those data.
To this end, if any visitor/user becomes aware of any illegal, malicious, inappropriate or improper use of personal data, he undertakes to communicate the fact directly to the company.
9.1. DATA RETENTION TIME
We will only retain your personal data for as long as we have to fulfill the purposes for which we collected it, including satisfying any legal, accounting or reporting needs. We take reasonable steps to ensure that your personal data is kept only for as long as necessary and for the purpose for which they were collected or for as long as required under contract or under the applicable legislation. Your personal data will be processed and stored during the course of our relationship with you and if necessary for the fulfillment of our contractual and legal obligations. To decide how long we should retain your personal data, we take into account the quantity, nature and sensitivity of your personal data, the potential risk of damage from unauthorized use or sharing of your personal data data, the purposes for which we process your personal data and whether we can achieve those purposes by other means and applicable legal requirements. Only the initial collection and processing purposes, the archiving purposes, the public interest, for scientific or historical research purposes or for statistical purposes shall be taken into account for the period of retention, and where the appropriate technical and organizational measures required by the Act are applied. If the data collection was based on your consent, they may delete at any time after the withdrawal of your consent.
Your data may also delete in one of the following situations:
・ where they are no longer necessary for the purposes collected,
・ when deletion is necessary in order to comply with our legal obligations; and
・ at your request, provided that there are no compelling legal reasons requiring its maintenance.
CVs collected by the responsible Human Resources Department are kept for six months and then destroyed. Tax data shall be retained in accordance with tax legislation.
Please refer to regular periods of time in this Policy in order to check the implementation date of this Policy in order to be informed about how VANORO HOTEL protects your data. Any review will take effect as soon as we post the revised Policy. If we make substantial changes to this Policy that extend our rights to Use Personal Data, which we have already collected from you, we will inform you and provide you with a choice on the future use of this Data. If we want to use your Personal Data in a way we have not previously specified and for a different purpose, we will contact you for information about how the law allows us to do this and, if necessary, we will request your consent. The revised Privacy Statement will enter into force from the date of its publication/posting on the website of our business.
11. LINKS TO THIRD-PARTY WEBSITES
Our website may contain links to allow you to easily visit other online sites of interest and to allow third parties to collect or share data about you. However, once you use these links to leave our website, we recommend that you read the privacy notice of any website you visit. We recommend that you read the privacy notice of any website you visit. We may provide links to a number of other sites that we believe may offer you useful information and services. These sites may, however, not follow the same privacy policies. Therefore, we are not responsible for third party privacy policies or actions, and you should know that we do not have any control over this other website that you will go to. Therefore, we cannot be responsible for the protection and privacy of the information you provide when visiting such websites and such websites are not governed by this Website privacy statement. You should be careful and review the Privacy Statement that applies to the website.
If you have questions or recommendations regarding this Policy or comments or a matter related to the management or protection by the company of your personal data, or if you wish to modify your personal data or exercise any right of you as a data subject, please contact the following e-mail address: firstname.lastname@example.org or contact phone: 2310553283.
13. RIGHT OF COMPLAINT TO THE DATA PROTECTION AUTHORITY
Further, we know that you have the right to refer to the Data Protection Authority for issues concerning the processing of your personal data. For the Authority’s competence and the way in which you submit a complaint, you can visit its website (www.dpa.gr).