PRIVACY POLICY AND TERMS OF USE OF THE RENTAL ROOMS WEBSITES

Our business operates in accordance with Regulation 679/2016/E.U. "On the protection of personal data" and other international and Greek legislation and has taken all necessary measures to ensure the privacy, confidentiality and security of your data, which is a non-negotiable priority for it.

With this document we would like to inform you about the Privacy Policy and Terms of Use of our Website https://elenaluxuryliving.com/ and we ask you to read them carefully before using any of our websites and/or our electronic services, as their use indicates your unreserved acceptance of these terms and your awareness of our processing of your personal data in the manner detailed below.

This Policy applies to your use of our services at any of our hotels and relates to the data processing that takes place, either during your physical presence or in the context of our communication with you by electronic means. Any reference of this Policy to our website or websites is understood as a reference to any of our websites mentioned in the previous paragraph.

I. PRIVACY POLICY:

1. Data Controller: The business and its responsible person is Papageorgiou Eleni Contact Tel. +306987914888 and e-mail: info@elena-appartments.gr

2. Categories of your data that we collect and process:

a) When completing your e-mail in the relevant section of our website for the purpose of sending you a "newsletter": We collect exclusively and only your email address. The security of the information you provide on our websites is ensured by the Secure Socket Layer ("SSL") encryption technology software.

b) During your simple visit to our websites: we collect exclusively your "I.P." addresses and thus your Internet Service Provider (ISP) is identified, exclusively and only for the extraction of visitation statistics. If you choose through direct access contained in our Websites to be redirected to other electronic websites or addresses, such as e.g. to the third-party provider "WebHotelier", to make an online reservation through its website, then you are automatically redirected at your own exclusive responsibility to these websites of third parties (who constitute "Data Controllers" according to the legislation and are responsible for the lawful processing of "personal data"), from whom you are informed about the Privacy Policy applicable in these cases.

Cookie Policy:

• Our websites use the technology with the international term "cookie". "Cookies" are an encrypted text sequence that the Website places on the user's computer. They are usually used so that the server hosting the website can recognize visitors when they return to the same website. Also, cookies are used to measure the use of the various pages of our website and help us shape it according to your access needs.

• Cookies are simple text files so that you can open and read their content. The data inside them is often encrypted or displays a numeric code corresponding to internet browsing. Thus they often have no meaning other than the information of the website that wrote it.

• The cookies we use are divided into two categories: Temporary "session" cookies and permanent "persistent" cookies. Temporary (session) cookies are stored temporarily as files on your computer but are automatically deleted when you close the browser or leave our websites. Permanent (persistent) cookies are stored as files on your computer and remain there if you close the browser, unless you delete them. We do not use cookies to extract information about your visitation to other websites, or to verify personal information. Cookies do not corrupt or harm your computer, programs or computer files.

• Web analytics cookies, from our partners Google, allow us to monitor customer interaction within the site. These give us valuable information that allows us to improve the website. These cookies do not store personal information as other websites do and rely exclusively on browsing history.

• All internet browsers allow you to restrict the circulation of cookies or disable cookies through your browser settings or options. The steps you need to follow to do this are different for each browser. Through the browser, you can also see the cookies that exist on your computer, delete individual ones, or clear all of them.

c) In case you use wireless internet access services ("WiFi") at our hotels during your stay: we collect exclusively and only certain technical identifiers of the device you use for your internet browsing.

d) During the time period from your first contact (in person or electronic) with us until your departure:

i) Data provided by applicable legislation and/or necessary for the use of our services such as: your name, your passport/identity card number, your address (postal and electronic), your electronic (e-mail) and telephone contact details, your arrival and departure dates, the number of persons who will stay at our hotel, information on whether children are included among the visitors, their names and dates of birth, room/rooms number, reservation number, details of the travel agency/reservation system (with which you may have contracted), information on whether you are a repeat visitor or visitor of a special category (e.g. timeshare beneficiary), your nationality/language of communication with you, the agreed accommodation package (price, additional services it may include such as e.g. breakfast, half board), special preferences (e.g. room/bed type, preferred floor) and your requests, the method of payment (bank payment or advance payment receipts), any consumptions beyond the package (e.g. restaurants-bars, telephone)

ii) Data required for the issuance of legal documents, such as your tax registration number and your Tax Office (in case of invoice issuance), the legal documents issued in your name (Receipts or Service Invoices),

iii) your medical data that are either required for the use of specific services of ours, or you notify us on your own initiative for reasons related to your stay and/or the facilitation of providing our services (e.g. allergies, mobility problems, special dietary habits for religious reasons) provided that you give your consent or even without it, in specific cases such as e.g. for the protection of your vital interests (e.g. in case of accident).

iv) the correspondence between us related to your reservation and stay (e.g. inquiries, comments, satisfaction questionnaire, complaints) and your contact details with us.

v) image data that may be collected through a closed circuit optical recording system in areas aimed at controlling incoming-outgoing persons, where there is special signage (such as e.g. the entrances of our hotels), in the context of protecting the life and property of all persons present in our facilities and their goods and the property of our Company

vi) any other data (simple or sensitive), you may notify us on your own initiative for a specific purpose related to your stay.

3. Purposes and legal bases of collection and processing: We collect your personal data for the following purposes:

a) The provision of hotel services you requested from us (reservation, confirmation, accommodation, services during stay, payment processing), the management of your reservation and stay at our hotel and the fulfillment of our obligations to you to provide you with our hotel services. Legal basis of processing in this case is our compliance with our obligations according to applicable Greek legislation (and especially hotel-tourism legislation) as well as the execution of the contract between us.

b) The organization, coordination of our activities, our communication on issues related to our services to you (e.g. suggestions, comments, special requests, customer satisfaction, questionnaires). Legal basis in this case is the execution of the contract between us and the legitimate interest of our Company to inform you about its services, to respond to any suggestions/requests you may have and to improve its services.

c) The calculation of the use of our services, the issuance of legal tax documents, their submission to the competent authorities and our compliance with any inspections/audits by the competent authorities. Legal basis of processing in this case is the execution of the contract between us in terms of collecting the fee for our services and our compliance with our obligations according to applicable Greek legislation and especially tax legislation.

d) Ensuring the life, safety, health and property of all persons located in our facilities (customers, employees, our partners), and at the same time public health and the protection of the property and reputation of the Company. Legal basis of processing in this case is our compliance with our legal obligations towards third parties, the legitimate interest of our Company to ensure the protection of the aforementioned persons and goods (its own and third parties') and to safeguard its reputation as a safe place of stay and service provision and on a case-by-case basis your vital interest.

e) Informing you about our activities, e.g. with newsletters via email or postal letters or through social networks. Legal basis of processing in this case is your consent, which you have the right to freely withdraw.

f) The legal support of the Company and/or its representatives for the satisfaction of all kinds of rights and claims (including the collection of its fee for its services) and its defense against any third party and authority and its insurance coverage. Legal basis of processing in this case is the legitimate interest of the Company for its legal protection, the establishment, exercise and support of legal claims until the final judicial or extrajudicial resolution of disputes, its insurance coverage and the defense of its rights before the competent authorities.

g) The protection of the stability, functionality and security of our website. Legal basis in this case is the legitimate interest of our Company to ensure the quality and effectiveness of its services and its reputation as a safe place for providing services.

4. Sources and recipients of data:

• We receive the above data directly from you or possibly from third parties (e.g. travel agencies or reservation systems) through which you may have made the reservation at our hotel. We also receive from the Bank we cooperate with, to whose website you may be transferred for the registration of your card details, the necessary information to confirm that payment has been made or a guarantee has been provided for the fee for our services.

• Your data is collected and processed by our authorized and trusted personnel, who have committed to us to maintain confidentiality and especially the reservations, sales, reception, accounting, IT, catering (restaurants-bars), housekeeping, maintenance, goods sales shops within the hotel departments etc. in accordance with national and international legislation.

• Our business does not engage in automated data processing, nor in profiling.

• It is a fundamental principle, philosophy and commitment of ours that we do not transmit your information to third parties for their own independent purposes, business or otherwise. However, we may transmit your data, if and to the extent required under the circumstances and observing the principle of proportionality to: a) businesses or professionals with whom we cooperate, who constitute independently "data controllers" and are responsible for the lawful processing of "personal data", according to what they state in their respective own notifications, such as e.g. to the travel agency/reservation system through which you may have made the reservation (e.g. for checking charges, confirming reservations), to the cooperating security services company that has undertaken the guarding of our hotel facilities for your and our safety (e.g. confirmation of arrival of a person who has a scheduled reservation), to courier companies, providers-supporters of technological-electronic services, to the cooperating exchange company in the case of timeshares, to legal services-lawyers in case of extrajudicial or judicial claims, in which case your data may be used before a court for the establishment, exercise or support of legal claims, to the cooperating insurance company exclusively and only in case of insurance risk occurrence, to auditors, to our suppliers (e.g. in case any issue arises related to our products/services), b) to Banks we cooperate with if required under the circumstances or legislation (e.g. random transaction check, credit application, case of money refund), c) to healthcare providers (doctors, hospitals, health centers etc.), if required for the protection of your vital interests, i.e. your life and health or for ensuring public health, d) any public authority or any legal entity/body supervised by it that may be required by lawful procedure for our compliance with obligations by law or for the protection of lawful rights or for reasons of public interest, including the police authority, EODY, the Economic Crime Prosecution Service, the Ombudsman, the Consumer Ombudsman, the Personal Data Protection Authority, judicial and/or prosecutorial authorities. The above mentioned (persons, bodies) may on a case-by-case basis have access to your data, to the extent and degree that may be required under the circumstances, either for the exercise of their duties or the mandate assigned to them by us, or by law requirement and are bound by confidentiality agreements with us and/or by professional secrecy under legislation due to their capacity.

• Specifically, the video surveillance system material is not transmitted to third parties except in the following cases: a) to the competent judicial, prosecutorial and police authorities when it includes elements necessary for the investigation of a criminal act, which concerns persons or goods of the data controller or when these authorities request data lawfully in the exercise of their duties or b) to the victim or the perpetrator of a criminal act, when it concerns data that may constitute evidence of the act.

• Our Company does not transfer your data to countries outside the EEA. If exceptionally it needs to do so (e.g. case of reservation through a travel agency or other body outside the EEA), any transfer will take place only if there are adequate guarantees for the level of protection from the third country according to international legislation.

5. Data retention time: We retain your data for as long as required for each of them according to our legislation, as well as for as long as required for the execution of the contract and the establishment, exercise and/or support of legal claims. In the latter case, your data will be retained by us until the final resolution of disputes. Specifically, the data we are required to collect by law are kept for as long as required by the relevant provisions and specifically the data imposed by hotel legislation are kept for ten years, while your billing data for the hotel services we provide you are stored for as long as specified by the applicable tax legislation, so that we are able to meet our obligations arising from it. Personal data that is necessary for the conclusion or execution of the contract between us is kept throughout the duration of the contract and for a period of five years after its expiration. In case of raising claims, this data is kept until the issuance of a final decision and/or in case of settlement resolution, for twenty years from the execution of the terms of the settlement, if there is an unfulfilled provision. Image data collected through closed circuit television (CCTV) is automatically deleted after 7 days from recording, unless during this period an incident is detected, in which case it is kept for up to one more month in order to investigate the incident and initiate legal procedures for the defense of our legal interests, while if the incident concerns a third party we will keep the video for up to three (3) more months. All the aforementioned retention times may be changed following amendments to the applicable legislation and as specifically determined by the Personal Data Protection Authority, in which case this Privacy Policy will be revised.

6. Your rights as data subject:

• You have the right to obtain knowledge of your data, requesting in particular to be informed about your personal data we keep, to receive copies of them and to be informed about how we process them.

• You have the right to submit to us a request for correction and/or completion of any inaccurate/erroneous data of yours.

• You have the right to submit a request for portability of your data that we process on the basis of the contract, in order for us to transmit your data directly to another Data Controller, if this is technically feasible.

• You have the right to request the deletion of your data, provided that the retention of the data is not done for the fulfillment of our legal and/or contractual obligations and/or for reasons of public interest.

• You have the right to request the restriction of processing of your data, for data you have requested us to delete or correct, as well as in the case where our Company must delete your data, but you want us to keep them exclusively and only for your own account for a specific reason.

• You have the right to object to the processing of your data, unless there are compelling and lawful reasons for processing that override your rights or if processing is necessary for the establishment, exercise, support of legal claims judicially or extrajudicially, in which case our legitimate interest for processing prevails and your data can be transmitted to third parties for judicial use. You have the right to object to receiving updates you may receive via regular mail, e-mail or sms, by sending a relevant electronic letter to our email address: info@elena-appartments.gr or by calling the contact phones +306987914888. In this case we will stop sending updates to you.

• You have the right to freely withdraw at any time your given consent for the processing of personal data, in which case the processing of those that have your consent as legal basis will cease. In this case, the processing that took place before the withdrawal of consent is not affected.

• You have the right to appeal to the Personal Data Protection Authority (www.dpa.gr) according to legislation if you believe that your rights are being violated. However, we would be happy if you give us the opportunity to resolve any complaint as soon as possible before you appeal to the Authority.

7. Contact details-Information: For any question regarding this Policy or generally the protection and security of your data or for the exercise of your lawful rights you can contact us at our email address: info@elena-appartments.gr or by calling the contact phones +306987914888

II: WEBSITE TERMS OF USE:

1.1. Ownership Rights

All logos, copyrights, database rights and other intellectual property rights of the Website material (as well as their structure and design) together with their source code, belong exclusively to the entitled-creator of the Website and/or the legally indicated partners, unless expressly stated otherwise. Without the prior written permission of our business, partial or complete copying, modification, alteration, publication, broadcast, distribution, sale or transfer anywhere of material from these Websites or their source code is not permitted. However, the contents of these Websites may be downloaded to a computer, printed or copied for your personal non-commercial use.

2.1 Acceptable Use

You may use these Websites if you agree with these Terms of Use and, in any case, for lawful and legitimate purposes. This includes compliance with all applicable laws, regulations and codes of the Greek state or any other jurisdiction during your access and stay on these Websites.

Specifically, you agree that you will not:

• post, transmit or disseminate on or through these Websites any information, which may be harmful, indecent, defamatory or for any other reason illegal;

• use these Websites in a manner causing or capable of causing violation of the rights of others;

• use any software, formula or device to interfere or attempt to interfere electronically or manually with the organization or functionality of these Websites. This includes but is not limited to providing files containing corrupted information or viruses, in any way;

• destroy, alter or interfere with the final form of these Websites or their source code;

• act in a way that will impose excessive or disproportionately large burden on these Websites or their related infrastructure;

• obtain or attempt to obtain unauthorized access, in any way, to any of our Networks.

2.2 Changes to these Websites

We may make improvements or changes to the information, services, products and other material of these Websites, or terminate these Websites, at any time without notice.

Book Now
Book Now