CUSTOMER PERSONAL DATA PROTECTION

Valid from: 25.05.2018

OUR COMMITMENT

At STENDOR SA the protection of your personal data is part of our general philosophy to build strong relations of trust and assure the highest possible customer satisfaction.

We appreciate your trust and we make every possible effort to store and process with utmost care the information you share with us.

Therefore, we have compiled this privacy policy which informs you about how we collect, use and share your information. The collection, use and disclosure of your information on our behalf, is based on your consent and the provisions of applicable law.

At STENDOR SA we enhance the protection of your personal data by implementing internal management procedures technical data security measures, as well as physical data protection measures by continuously evolving our systems and procedures.

We thank you for your continued interest and support.

PRIVACY POLICY

  1. Consent

“Personal data” means any information that is collected or recorded in a form that may allow direct (e.g. surname) or indirect (e.g. phone number) your identification as a natural person.

We recommend that you read this text, which describes the privacy policy, before you provide us with this information. This “Customer Personal Data Protection Charter” is a part of the terms and conditions that govern our hotel services. By accepting these terms and conditions, you explicitly accept the provisions of this Charter.

  1. Scope

At STENDOR SA (hereinafter referred to as “STENDOR” or “we”, “us”), we know how important it is to protect the privacy of our customers; we try to be as clear as possible about the way in which we collect, use, share, transfer and store your information. This Privacy Policy gives a summary of the practices we follow with regard to data.

This Privacy Policy applies in all hotels operated by STENDOR SA and applies to this website, to all websites, online applications, and online and offline promotional actions by STENDOR SA, as well as any Service or function provided by us that refers to this Privacy Policy or provides a link hereto (collectively referred to as our “Services”).

Please note that the Privacy Policy applies to your use of our Services. It applies regardless of whether you use a computer, mobile phone, tablet, TV or other device to access our Services. It also applies to Services that are provided without the use of any electronic means.

It is important that you carefully read this Privacy Policy, as with every use of our Services, you agree to the practices described in this Privacy Policy. If you do not agree with the practices described in this Privacy Policy, you should not use our Services.

  1. For what purposes do we collect data?

We collect and use your personal data in order to manage your relation with STENDOR SA and in order to offer our Services to you. Certain personal data are collected to provide you with personalised and improved services. We collect personal data with the following purposes:

  1. Management of reservations and other hospitality services
  • Creation and storage of legal documents in accordance with applicable law
  • We collect data in order to prepare and meet requests relating to your stay (e.g. room preferences)
  1. Management of your stay at the Hotel
  • We manage the access to your room
  • We may monitor the use of services (room telephone, WiFi access etc.)
  • We manage lists with customers’ personal data for operational purposes such as, e.g., daily customer arrival and departure lists and a list with special category customers
  1. Improvement of our hotel services
  • In order to tailor our products and Services to better meet your requirements
  • We process your personal data to better understand your requirements and wishes
  • We provide you with useful information for offers or other promotional messages
  • We inform you about special offers and new Services
  • We provide customised content and suggestions based on previous activities with our Services
  1. Management of our relations with you before, during, and after your stay
  • Management of loyalty programmes
  • Management of customer databases
  • We evaluate and analyse the market, our customers, our products and Services
  • We create statistical data and reports
  • We acquire knowledge and manage the preferences of recurring and new customers
  • In order to send newsletters, promotion offers, or to contact you by telephone
  • We manage requests for deletion from update lists
  • We create and manage questionnaires and statistics
  • We organise lotteries, contests and offers, to the extent allowed by law
  1. Improvement of our Services
  • We conduct market research and analysis of questionnaires and customer comments
  • We manage customers’ claims and complaints
  • We offer loyalty programme privileges
  1. System security
  • We record data to ensure security and to avoid fraud
  1. Compliance with Greek and European law
  2. Safe use of the services of our facilities
  3. What personal data do we collect?

Information provided directly by you

A number of our Services may offer the possibility to provide information directly to us. For example:

  • Several of our Services allow users to create accounts or user profiles. In conjunction with these Services, we may ask you to provide certain details about yourself in order to set up your account or profile, such as your name and email address.
  • When ordering a paid product or service from us, we may ask certain details for the processing of your order, such as your name, room details and billing data.
  • When participating in an online or offline contest or promotional action organised by us, we may ask you for your name, contact details, email address, age and gender, personal and occupational interests, other personal characteristics, and your opinion of our products and/or services.
  • Some of our Services allow you to communicate with other people. This communication will be transmitted through, and stored on our systems.

The information we are obliged to request about you and/or your family members is the following:

  • Contact details (e.g. surname, given name, father’s name, passport number, ID-card details, telephone, home address, email)
  • Personal data (e.g. date of birth, nationality, place of birth)
  • Information on your children (e.g. given name, date of birth, passport number)
  • Billing details (e.g. credit card number, VAT number)
  • Loyalty programme member number (member number for loyalty programmes of STENDOR SA or other parties, such as airline operators)
  • Date of arrival and departure, flight number and room number
  • Preferences and interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests)
  • Questions and comments submitted during or after your stay in one of our Hotels.

The data we collect on persons under the age of 18 are restricted to given name, surname, nationality, and date of birth, and can be provided only by an adult / guardian. We thank you for your efforts to ensure that children do not send us personal data without your consent (especially through the internet). Should any information of this type be sent to us, you can communicate with the Data Privacy department (see section “Questions and contact”) to schedule the deletion of such information.

Moreover, information such as your passport number, your recreational activities, your hobbies, any health issues that you may have, or whether you are a smoker or not, can possibly be described as sensitive. We retain such information only if we are obliged to do so by applicable law or if you have explicitly given us your consent (e.g. in order to provide you with an appropriate Service, such as a special diet)

Information on your use of our Services

Apart from the information provided directly by you, we may also collect information on your use of our Services through the software of your device, or by other means. For example, we may collect:

  • Device information – such as hardware model, International Mobile Equipment Identity (IMEI) and other unique device identity data, MAC address, IP address, operating system issue, and setting of the appliance you use to access our Services.
  • Connection information – such as the time and duration of use of the Service, search commands entered in the Services, and information that may be stored in cookies we have placed on your device.
  • Location information – such as GPS signal of your appliance, or information on WiFi access points that may be transmitted to us when you use our Services (e.g. WiFi, Guestportal, Mobile Apps).
  • Audiovisual information – such as recordings we make of your voice (and which may be stored on our servers) when you use voice commands to use a Service, or audiovisual information collected through closed circuit tv circuits (CCTV) for security reasons.
  • Other information that relates to your use of our Services, such as the applications that you use, the websites that you visit, and the way in which you interact with content offered through a Service.

Information from third parties

We may receive information about you from available public and commercial sources (to the extent permitted by law), which we may combine with other information that we receive directly from you, or in relation to you. We may also receive information about you from third party social networking services when you choose to connect to such services.

Other information we collect

We may also collect other information about you, your device or your use of services in manners described at the point of collection, or otherwise with your consent.

You may choose not to provide certain types of information, but this may influence the possibility to use certain Services.

  1. When do we collect personal data?

We may collect personal data in various cases, such as:

  1. Hotel activities:
  • Room reservation
  • Check-in and payment
  • Reservation of seat and/or use of hotel services, such as catering and recreational services
  • Various requests, complaints and/or disputes
  1. Participation in marketing programmes or events:
  • Registration in loyalty programmes (e.g. Privilege)
  • Participation in online and offline surveys (for example, Customer Satisfaction Survey)
  • Participation in contests and games
  • Subscription to mailing lists, in order to receive offers and other promotions by email
  1. Transmission of information from third parties:
  • Tourist agencies, tourist offices, GDS reservation systems, online reservation systems (such as e.g. booking.com, expedia.com, etc.) and other reservation systems
  1. Actions through electronic devices
  • Login on our websites
  • Connection to the WiFi network of our hotels
  • Completion of online forms (e.g. reservation forms, precheck-in forms, satisfaction survey forms, etc.)
  1. Third party access terms to your personal data

At STENDOR SA, it is part of our philosophy and basic principles to not disclose your information with third parties for their unrelated business or marketing purposes, without your consent. However, we may disclose your information to the following entities.

  • Business associates. We may also share your information with trusted business partners. These entities may use your information in order to provide you with services you have requested, to make provisions relating to your interests, and possibly to provide you with promotions, advertisements and other material.
  • Service providers and/or any third parties that may process information on our behalf. We may also share your information with companies that provide services on our account or behalf, such as IT contractors, bulk mailers, banks, credit card institutions, law firms, mail service companies, printing services companies, etc.
  • Other third parties, if so required by law or in order to protect our Services. Situations may arise in which we share your information with other third parties:

– in order to comply with the law or in order to comply with a mandatory legal procedure (such as search warrants or other court orders),

– in order to confirm or implement our compliance with the policies governing our Services; and

– in order to protect the rights, ownership or security of STENDOR SA, business partners or customers.

  • Other third parties in relation to corporate transactions. We may share your information with third parties within the context of a merger or transfer, or in the event of bankruptcy.
  • Other third parties with your consent or at your command. In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties if you give your consent or if you request us to do so.

In order to provide you the best possible service, we allow access to your personal data or to certain categories thereof to competent, authorised members of our personnel. This includes:

  • Hotel staff
  • Reservations departments
  • IT department
  • Marketing/Guest Relations department
  • Legal Services department, if and when required
  • Medical Services, if and when required
  1. Protection of personal data during international transfer

For the purposes set out in Article 3 of this Charter, we may transfer your personal data to internal or external recipients who may be located in countries that offer different levels of protection for personal data. Kindly note that data protection and other laws in the countries to which your information may be transferred may not be equally protective as in your country. The transfer will take place according to the legislation on the processing of personal data, in order to ensure sufficient protection of your personal data.

STENDOR SA implements suitable measures in order to ensure safe transfer of your personal data to an external recipient located in a country that offers a different level of privacy than the one proposed by the country where the personal data are collected.

  1. What we do to keep your information safe

We have taken reasonable organisational and technical measures in order to protect the information we collect in relation to our Services, especially with regard to any sensitive personal data that happen to be collected. Our IT department implements the international standards and practices in order to ensure the safety of the networks and the encryption of the data. However, you should bear in mind that despite the reasonable measures that we take for the protection of your information, no website, internet transmission, computer system or wireless connection is ever completely safe.

  1. Data storage

We take reasonable measures in order to ensure that the information concerning you will be stored no longer than needed for the purpose for which it has been collected and no longer than required by the contract or the applicable legislation.

  1. Cookies, beacons and similar technologies

We and certain third parties who provide content, advertisements or other features for our Services, may use cookies, beacons and other technologies in certain parts of our Services.

Cookies

Cookies are small files that store information on your computer, mobile phone, or other device. They allow the entity who places these files on your device to identify you across different websites, services, devices and/or browsing times. Cookies serve a range of useful purposes. For example:

  • Cookies can remember your login credentials, so you do not have to enter them again each time you connect to a service.
  • Cookies help us and third parties to understand what parts of our Services are the most popular; they help us see which pages and features are visited by the users, and how much time is spent on each. By studying this kind of information, we can better customise our Services and provide you with better experience.
  • Cookies help us and third parties to understand which advertisements you have viewed, so that you do not receive the same advertisement each time you access the Service.
  • Cookies help us and third parties to provide you with relevant content and advertisements by collecting information about your use of our Services and other websites and applications.

When you use a web browser in order to access our Services, you can make settings in your browser to accept all cookies, to reject all cookies, or to notify you when cookies are sent. Each browser is different. Refer to the “Help” menu of your browser in order to find out how you can change your cookie preferences. The operating system of your device may offer more control settings for cookies. However, please note that certain Services may have been designed in order to work with cookies and that deactivating cookies may affect your ability to use these Services or a specific part thereof.

Other local storage

We, as well as certain third parties, may also use other kinds of local storage technologies, such as Local Shared Objects (commonly called “Flash cookies”) and local HTML5 storage (HTML5 Web Storage) in conjunction with our Services. These technologies are similar to the aforementioned cookies, in the sense that they employ storage on your device and can be used to store information concerning your activities and preferences. However, these technologies may use different parts of your device than typical cookies, and therefore may not be controlled with the standard tools and browser settings.

Beacons

We, and certain third parties, may also use technologies called “beacons” (or “pixels”) that send information from your device to a server. Beacons can be incorporated in internet content, videos and emails, and allow a server to read certain types of information from your device, to know when you have viewed specific content or a specific email message, to determine the time and date on the beacon was viewed, and IP direction of your device. We and certain third parties may use beacons for a variety of purposes, such as to analyse the use of our Services and (in combination with cookies) to offer you more relevant content and advertisements.

By accessing and using our Services, you agree to the storage of cookies, other local storage technologies, beacons, and other information on your devices. You also allow us and the aforementioned third parties to access these cookies, local storage technologies, beacons and information.

  1. Access and correction of your data – Right to erasure (‘right to be forgotten’)

According to the legislation in certain jurisdictions, you may be entitled to request details on the information that we collect and to correct any inaccuracies that may be contained in such information. All other lawful user rights remain unaffected. If permitted by law, we may charge you a small fee for the provision of this possibility. We may refuse to handle requests that are repeated to an unreasonable degree, require disproportional technical effort, jeopardise the privacy protection of others, are extremely unpractical, or involve access that is not otherwise required by domestic law. If you wish to submit a request for access to your data, please contact the Data Privacy department (see section “Questions and contact”).

Υου have the right to obtain from the controller the erasure of your personal data.

  1. Updates

This policy may be amended from time to time; in order to be sure that you are aware of any changes, please check this policy on a regular base and especially before submitting a reservation request with one of our Hotels. By accessing or using our Services after we have posted an updated version of the Privacy Policy, you agree with the new practices contained in the update. The most recent version of the privacy policy will always be available at the address http://http://www.mare-vista.com/privacy-policy.html. You can check the “valid from” date at the top in order to find out when the Privacy Policy was last changed.

A printed version of this Privacy Policy can be found at the reception of our Hotels, or can be sent to you by contacting the Data Privacy department (see section below “Questions and contact”).

  1. Questions and contact

If you have any questions with regard to this policy or the protection and safety of data at STENDOR SA, please contact the Data Privacy Department at the following address:

STENDOR SA

Data Privacy Department – Attn. Mr. D. Tsimis

108, Archimidous Str. , PO BOX 222 – 19400 Koropi, Greece

Telephone: +30 210 6022247 / +30 22820 41177

Fax: +30 210 6022247 / +30 22820 41681

Email: ddtsimis@gmail.com