WHICH PERSONAL DATA WE USE
A. In case you are a guest, we collect and process your personal data to the extent which is necessary for our activities. In particular Agios Germanos Hotel may collect and process the following data:
Your identity (name, surname, birth date, ID card no/passport), b) Contact details (contact tel. number, email address, postal address of your headquarters), c) Tax information (competent tax office, Tax Reg. number), d) Banking information (credit/debit card number, security code, expiry date, IBAN).
In case you are a supplier of Agios Germanos Hotel, we collect and process your personal data to the extent which is necessary for our activities. May collect and process the following data:
a) Your identity (name, surname), b) Contact details (telephone number, email address), c) Tax information (competent tax office, Tax Reg. number), d) information relevant to your professional status, e) banking information (IBAN)
The above mentioned personal data are provided to Agios Germanos Hotel directly from you: a) when you visit our hotel, b) when you call us, c) when you visit our website and fill in our brochure, d) via our Facebook page, e) via tour operators, f) from publications available from official authorities.
At Agios Germanos Hotel, we never process sensitive personal data related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, data concerning your health and genetic data, biometric data for the purpose of uniquely identifying you, data concerning your sex life or sexual orientation.
WHY WE COLLECT AND PROCESS YOUR PERSONAL DATA
We collect your data because this is necessary to perform our contract with you or to act upon your request prior to the conclusion of a contract or during the performance of the contract and for purposes that serve the legitimate interests of Agios Germanos Hotel as a data controller.
SHARING YOUR PERSONAL DATA
In order to fulfill the abovementioned purposes, we share your personal data only with the following persons and only to the extent which is necessary to fulfill our obligations:
• Companies and competent employees of Agios Germanos Hotel and its affiliated companies
• Service providers who perform services on our behalf.
• Independent agents, intermediaries or brokers, banking and commercial partners with whom we have an ongoing cooperation
• Financial or judicial authorities, government agencies or public authorities, upon request and to the extent which is required by law.
• Certain approved professionals / partners such as lawyers, notaries or auditors.
TRANSFER OF PERSONAL DATA OUTSIDE THE EEA
In the case of international transport from the European Economic Area (EEA), where the European Commission has recognized that a non-EEA country provides an adequate level of data protection, your personal data may be transferred on this basis.
For transfers to non-EEA countries whose level of protection has not been recognized by the European Commission, we will either rely on a derogation applicable to that situation (for example, if the shipment is necessary to carry out our contract with you, international payment) or we will apply one of the following safeguards in order to ensure the protection of your personal data:
• Standard contract terms approved by the European Commission or
• Binding corporate rules, if any.
To obtain a copy of these safeguards or details of where they are available, you can send a written application as defined in Article 7.
HOW LONG WE WILL KEEP YOUR PERSONAL DATA
We will keep your personal data for the longest period of time which is required so as to comply with the applicable laws and regulations or with any other period regarding our business requirements, such as proper account maintenance, customer relationship management and compliance with our legal or regulatory requirements.
For example, most customer information is kept for the duration of the contractual relationship and after termination of this contractual relationship, for the time required in order to ensure the exercise or defense of our legal rights.
WHICH ARE YOUR RIGHTS AND HOW YOU CAN EXERCISE THEM
You have the following rights:
• To access: you can obtain information relating to the processing of your personal data, and a copy of such personal data.
• To rectify: where you consider that your personal data are inaccurate or incomplete, you can require that such personal data be modified accordingly.
• To erase: you can require the deletion of your personal data, to the extent permitted by law.
• To restrict: you can request the restriction of the processing of your personal data.
• To object: you can object to the processing of your personal data, on grounds relating to your particular situation. You have the absolute right to object to the processing of your personal data for direct marketing purposes.
• To withdraw your consent: where you have given your consent for the processing of your personal data, you have the right to withdraw your consent at any time.
• To data portability: where legally applicable, you have the right to have the personal data you have provided to us be returned to you or, where technically feasible, transferred to a third party.
If you wish to exercise the rights mentioned above, please send us an email at firstname.lastname@example.org
Under the current regulation, in addition to your above rights, you are also entitled to file a complaint with the competent supervisory authority
CHANGES TO THIS PRIVACY NOTICE
In a world of contiguous technological change, we may need to update this Privacy Notice regularly. We invite you to review the latest version of this Privacy Notice online and we will notify you of any major changes through our website.
HOW TO CONTACT US
If you have questions about the use of your personal data by virtue of this Privacy Notice, please email us at email@example.com