PRIVACY POLICY
Scope
At Verina EE (hereinafter referred to as “Verina Hotels and Villas” or “we”, “us”), we know how important it is to protect the privacy of our customers; we try to be as clear as possible about the way in which we collect, use, share, transfer, and store your information. This Privacy Policy summarises the practices we follow regarding your data.
This Privacy Policy applies to all properties operated by Verina Hotels and Villas. This Privacy Policy also applies to this website, all websites, online applications, and online and offline promotional actions by Verina Hotels and Villas as well as any Service or function provided by us that refers to this Privacy Policy or provides a link hereto (collectively referred to as our “Services”).
Please note that the Privacy Policy applies to your use of our Services, regardless of whether you use a computer, mobile phone, tablet, TV, or other device to access our Services. Additionally, this Privacy Policy applies to Services that are provided without the use of electronic means.
It is important that you carefully read this Privacy Policy because with every use of our Services you agree to the practices described herein. If you do not agree with the practices described in this Privacy Policy, please do not use our Services.
For what purposes we collect data
We collect and use personal data to manage your relation with Verina Hotels and Villas and to offer our Services to you. Certain personal data is collected to provide you with personalised and improved services.
We collect personal data with the following purposes:
a) To manage reservations and other hospitality services
- Create and store legal documents in accordance with applicable law.
- Collect data to meet requests relating to your stay (e.g. room preferences).
b) To manage operational aspects of your hotel stay
- Monitor the use of services (e.g. room telephone, mini bar, room service, etc.).
- Manage lists with customers’ personal data for operational purposes, e.g. daily customer arrival and departure lists and a list of special category customers (e.g. VIP guests, etc.).
c) To improve our hotel services to you
- Tailor products and Services to better meet your requirements.
- Process your personal data using marketing programmes for marketing and promotional purposes.
- Provide you with useful information for offers or other promotional messages.
- Inform you about special offers and new Services.
- Provide customised content and suggestions based on previous activities with our Services.
d) To manage our relations with you before, during, and after your stay
- Manage customer databases.
- Evaluate and analyse the market, our customers, our products, and Services.
- Create statistical data and reports.
- Gain knowledge and manage the preferences of new and recurring customers.
- Send newsletters, promotion products and offers, or to contact you by telephone.
- Manage requests for deletion from update lists.
- Create and manage questionnaires and statistics.
- Organise lotteries, contests and offers to the extent allowed by law.
e) To improve our general services
- Conduct market research/analysis of questionnaires and customer comments.
- Manage customers’ claims and complaints.
f) To improve system security
- Record data to ensure security and to avoid fraud.
g) To comply with the Greek and European law
What personal data we collect
Information provided directly by you
For example:
- When ordering a paid product or service from us, we may ask certain details to process your order, such as your name, room details, and billing data.
- When participating in an online or offline contest or promotional action, we may ask you for your name, contact details, email address, age and gender, personal and occupational interests, other personal characteristics, and your opinion of our products and/or services.
We are obliged to request the following details about you and/or your family members:
- Contact details (e.g. surname, given name, father’s name, passport number, ID-card details, telephone, home address, email)
- Personal data (e.g. date of birth, nationality, place of birth)
- Information on your children (e.g. given name, date of birth, passport number)
- Billing details (e.g. credit card number, VAT number)
- Date of arrival and departure, flight number, and room number
- Preferences and interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests)
- Questions and comments submitted during or after your stay in one of our Hotels.
The data we collect on persons under the age of 16 are restricted to given name, surname, nationality, and date of birth. This data can only be provided by an adult or guardian. We thank you for your efforts to ensure that children do not send us personal data without your consent, especially through the internet. Should any information of this type be sent to us, you can communicate with the Data Privacy Officer (see section “Questions and contact”) to schedule the deletion of such information.
Moreover, information such as your passport number, recreational activities, hobbies, health issues, or whether you are a smoker or not can be described as sensitive. We retain such information only if we are obliged to do so by applicable law or if you have explicitly given us your consent (e.g. to provide you with an appropriate Service, such as a special diet).
Information on your use of our Services
Apart from the information you provide directly, we may collect information on your use of our Services through the software of your device or by other means. For example, we may collect:
- Device information, such as hardware model, International Mobile Equipment Identity (IMEI), and other unique device identity data, MAC address, IP address, operating system issue, and setting of the appliance you use to access our Services.
- Connection information, such as the time and duration of use of the Service, search commands entered in the Services, and information that may be stored in cookies we have placed on your device.
- Location information, such as GPS signal of your appliance or information on WiFi access points that may be transmitted to us when you use our Services (e.g. WiFi).
Information from third parties
We may receive information about you from available public and commercial sources (to the extent permitted by law), which we may combine with other information that we receive directly from you or in relation to you. We may also receive information about you from third party social networking services when you choose to connect to such services.
Other information we collect
We may collect other information about you, your device, or your use of services in manners described at the point of collection or otherwise with your consent.
You may choose not to provide certain types of information, but this may influence the possibility to use certain Services.
When we collect personal data
We collect personal data in various cases, such as:
a) Hotel activities
- Room reservation
- Check-in and payment
- Reservation of seat and/or use of hotel services, such as catering and recreational services
- Various requests, complaints, and/or disputes
b) Participation in marketing programmes or events
- Participation in online and offline surveys (for example, customer satisfaction survey)
- Participation in contests and games
- Subscription to mailing lists in order to receive offers and other promotions by email
c) Transmission of information from third parties
- Online booking engine operated by WebHotelier Technologies Limited.
- Tourist agencies, tourist offices, GDS reservation systems, online reservation systems (e.g. booking.com, expedia.com, etc.), and other reservation systems.
d) Actions through electronic devices
- Connection to our WiFi network of our hotels
- Completion of online forms (e.g. reservation forms, pre-check-in forms, satisfaction survey forms, etc.)
Third party access terms to your personal data
Verina Hotels and Villas do not disclose your information with third parties for their unrelated business or marketing purposes without your consent.
However, we may disclose your information to the following entities:
- Business associates. We may also share your information with trusted business partners. These entities may use your information to provide you with services you have requested, make provisions relating to your interests, and offer you promotions, advertisements, and other material. You authorize us to disclose any such information in those circumstances.
- Service providers and/or any third parties that may process information on our behalf. We may also share your information with companies that provide services on our account or behalf, such as IT contractors, bulk mailers, banks, credit card institutions, law firms, mail service companies, printing services companies, etc.
- Other third parties, if so required by law or in order to protect our Services. Situations may arise in which we share your information with other third parties:
- To comply with the law or mandatory legal procedure (such as search warrants or other court orders)
- To confirm or implement our compliance with the policies governing our Services
- To protect the rights, ownership or security of Verina Hotels and Villas or any of our business partners, or customers
- Other third parties in relation to corporate transactions. We may share your information with third parties within the context of a merger or transfer, or in the event of bankruptcy.
- Other third parties with your consent or at your command. In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties if you give your consent or if you request us to do so.
To provide you the best possible service, we allow access to your personal data or to certain categories to competent, authorised members of our personnel. This includes:
- Hotel staff
- Legal Services, if and when required
- Medical Services, if and when required
Protection of personal data during international transfer
For the purposes set out in paragraph “For what purposes we collect data” hereabove, we may transfer your personal data to internal or external recipients who may be located in countries that offer different levels of protection for personal data.
Please note that data protection and other laws in the countries where your information may be transferred may not be as protective as in your country. To protect your privacy, the transfer will take place according to the legislation on the processing of personal data.
Verina Hotels and Villas applies suitable measures to safely transfer personal data to an external recipient in a country that offers a different level of privacy than the country where the personal data is collected.
What we do to keep your information safe
We have taken organisational and technical measures to protect the information that we collect in relation to our Services, especially regarding sensitive personal data. Our IT department implements international standards and practices to ensure the safety of networks and the encryption of data, where applicable.
However, please bear in mind that despite the reasonable measures that we take to protect your information, no website, internet transmission, computer system or wireless connection is ever completely safe.
Data storage
We take reasonable measures to ensure that your personal information will be stored no longer than needed for the purpose which it has been collected and no longer than required by the contract or the applicable legislation.
Cookies, beacons and similar technologies
We and certain third parties who provide content, advertisements, or other features for our Services may use cookies, beacons, and other technologies in certain parts of our Services.
By accessing and using our Services, you agree to the storage of cookies, other local storage technologies, beacons, and other information on your devices. You also allow us and the aforementioned third parties to access these cookies, local storage technologies, beacons, and information.
For analytical information see our cookies policy.
Access and correction of your data – the right to erasure (‘right to be forgotten’)
According to the legislation in certain jurisdictions, you may be entitled to request details on the information that we collect and to correct any inaccuracies that may be contained in such information. All other lawful user rights remain unaffected. If permitted by law, we may charge you a small fee for the provision of this possibility. We may refuse to handle requests that are repeated to an unreasonable degree, require disproportional technical effort, jeopardise the privacy protection of others, are extremely unpractical, or involve access that is not otherwise required by domestic law. If you wish to submit a request for access to your data, please contact the Data Privacy Officer (see section “Questions and contact”).
Υου have the right to obtain the erasure of your personal data from the controller.
Updates
This Privacy Policy may be amended from time to time; to ensure that you are aware of any changes, please check this Policy on a regular basis, especially before submitting a reservation request with one of our hotels. By accessing or using our Services after we have posted an updated version of the Privacy Policy, you agree with the new practices contained in the update. The most recent version of the Privacy Policy will always be available on our website. You can check the “Latest Update” date at the bottom to find out when the Privacy Policy was last changed.
A printed version of this Privacy Policy can be found at the reception of our hotels, or you can request a copy by contacting the Data Privacy Officer (see section “Questions and contact”).
Questions and contact
If you have any questions regarding this policy or the protection of your personal information at Verina Hotels and Villas, please contact us at the following address:
Verina Hotels and Villas
Platys Gialos
840 03 Sifnos
Greece
Telephone: +30 6976 867641
Email: info@verina.gr
For further information and/or queries regarding personal data protection and your rights under the relevant law (GDPR), you can contact the Hellenic Data Protection Authority (HDPA) at:
Kifissias 1-3
115 23 Athens
Greece
Call Centre: +30-210 6475600
Fax: +30-210 6475628
E-mail: contact@dpa.gr
Latest update: 31/5/2018