GENERAL DATA PROTECTION
AND PRIVACY REGULATION POLICY
The objective of the private company by the name “DHR SERVICES SINGLE MEMBER PRIVATE COMPANY”, based in Nea Erithrea, Attica, address 154 Eleftheriou Venizelou street, (hereinafter “the company” or “DHR SERVICES” for short) which, inter alia, manages the hotels that are part of the Domotel Hotels and Resorts chain, is to provide the best possible tourist, hotel and travel services to its guests.
As a guest at Domotel hotels, you will enjoy friendly and personalised services, deriving from the thorough knowledge and tourist education of the professionals that comprise our Team. Our culture is built around anthropocentric hospitality and is aimed at caring for you, giving you the sense of “a home away from home”.
If you are a client of the company, you are entitled to the protection of your Personal Data. This data, as analysed below under section4, might be your name, your phone number, your e-mail address, as well as other data, such as your home address, your tax identification number, your ID or passport details and other identification data or special categories of data concerning you, such as your medical history or health record.
In this General Data Protection and Privacy Regulation Policy (hereinafter “this Policy” for short), we describe the type of data we collect, either from you directly or through our dealings with you, how and why we collect your Personal Data, what we do with it, who we share it with, how we protect it, the options you have concerning your Personal Data, the technical and organisational measures we take to keep it safe, and of course your relevant rights.
At the end of this Policy you will find the definitions of some basic concepts used throughout this document and written with a capital first letter (for example, Personal Data, Processing, Data Controller, etc.)
Note that it is important for you to read this Policy carefully. In case you do not agree, you cannot make use of our services, as described below under section 1.
The Company responsible for your Personal Data processing is:
DHR SERVICES SINGLE MEMBER PRIVATE COMPANY.
154 ELEFTHERIOU VENIZELOU STR., NEA ERITHREA, ATTICA, 14671 GREECE
The terms “DOMOTEL”, “(to) us”, “our(s)” or “we” invariably refer to the company.
This Policy is applicable to every hotel that is managed by the company or is a member of the Domotel Hotels & Resorts chain. Such hotels are also obligated to follow the data protection regulations and are responsible for any breach of this Policy or other relevant laws that may at times apply.
This Policy is applicable to every service or operation provided by us and is either expressly mentioned or alludes to this Policy (hereinafter jointly called our “Services”) on this website, on any location on the web or online application, in any Domotel promotion, online and offline, for access to our Services, whether an electronic means or other device is used or not.
Personal Data is any information that concerns an identified or identifiable individual(the “data subject”). An identifiable individual is a person who can be identified, directly or indirectly, especially by reference to an identification particular, such as name, ID card number, geolocation data, an online user ID or to one or more factors that describe the physical, physiological, genetic, psychological, economic, religious, cultural or social identity of the individual in question. Personal data includes information such as email address, home address, mobile phone number, user names, personal preferences and purchasing habits, content created by the user. It is also likely to include unique numerical identifiers, such as your IP address and cookies.
We are particularly sensitive concerning the Personal Data you entrust to us and we undertake to process it in a fair, transparent and secure way. The basic principles of DHR SERVICES are the following:
4.PERSONAL DATA PROCESSING PURPOSES – TYPE OF PERSONAL DATA COLLECTED AND ITS LEGAL BASIS –PERSONAL DATA RETENTION PERIOD
A. Personal Data collection purposes:
The collection of your Personal Data by us is made in order to provide the services you have requested and for the purpose of improving the provision of such services. Namely, we collect data for the following purposes:
B. What Personal Data we collect
Information such as your cultural interests, possible health issues, or whether you are a smoker or not may be considered sensitive. Therefore, we retain this kind of information only when obliged by law or following your explicit consent and only in relation to the provision of our services, e.g. a special diet request.
Information on people under 18 is limited to full name, nationality and date of birth and is provided only by a guardian.
C. Legal Basis for Processing
Depending on the purpose for which your data is used, the legal basis for processing it may be:
In case you provide Personal Data of third parties (your relatives, employees, partners, etc.), you are obliged to ensure that it has been fairly and lawfully collected and that you have the required authorisation to act in their name and on their behalf (including consenting for them), so that further processing of such data by our company is possible.
D. Personal Data retention period
The company, depending on the amount, the nature and the sensitivity of Personal Data, as well as the purposes for which we process it, determines the appropriate data retention period. We will retain your Personal Data only for as long as necessary in order to fulfill the purposes for which it has been collected e.g. the fulfillment of a legal obligation.
More specifically, we retain your Personal Data for ten (10) years from its collection date so that we can provide the above mentioned services. The only exceptions to the time length stated above are cases where:
In addition, our company reserves the right to anonymise your Personal Data so that it cannot be traced back to you in order to use this information indefinitely for research or statistical purposes without further notice to you being needed.
A basic principle of ours is that we will not share your information with third parties for their own independent business or promotional purposes without your consent.
Aiming at providing you with the best possible services, we grant access to your personal data, or to part of it, to certain authorised members of our staff, namely to:
a) Our company’s employees: authorised members of our staff only
b) Business partners:
c) Other third parties:
Please keep in mind that the third party recipients mentioned in points b) and c) above –especially service providers that may provide products and services through the use of services or applications of DHR SERVICES or via their own commercial channels– may collect Personal Data from you separately. In this case, the afore-mentioned third parties shall be entirely responsible for the control and management of this Personal Data and any business you carry out with them shall be in accordance with their own terms and conditions.
Your Personal Data may be transferred to recipients outside the EEA and be processed by both us and the recipients in question. For any transfer of your Personal Data to countries outside the EEA that do not normally have the same level of data protection as the EEA, DHR SERVICES will take the appropriate special measures to ensure an adequate level of protection for your Personal Data. Such measures may, for example, consist in an agreement with the recipients concerning binding contractual clauses that guarantee such an adequate level of protection.
You will be clearly advised every time your Personal Data is to be transferred outside the EEA. Such information will be provided through a separate privacy notice, which will be included, for example, in certain services (including communication services), electronic newsletters, reminders, offers, invitations to events, etc.
We respect your right to privacy. Your rights to control your personal data are as follows:
In order to handle your requests according to the above, we may ask you to verify your identity.
For any queries, questions, concerns or complaints regarding the implementation of this Policy and the exercise of your rights, described in this Policy under section 7 above, contact the company by email at [email protected] or send a letter to the following address:
DHR SERVICES SINGLE MEMBER PRIVATE COMPANY
Address: 154 EL. VENIZELOU STREET. N. ERITHREA, ATTICA. P.C. 14671, GREECE
(tel. no.: 0030 210 3507330)
We have implemented a series of technical and organisational security measures to protect your Personal Data against unlawful or unauthorised access or use, as well as from accidental loss or damage to its integrity. These measures have been designed taking into consideration our IT infrastructure, the possible impact on your privacy and the relevant costs, as well as in accordance to the existing standards and practices on the market.
Your Personal Data will be processed by a third party Processor only if they agree to comply with these particular technical and organisational data security measures.
Maintenance of data security means protecting the confidentiality, integrity and availability of your Personal Data:
Our data security procedures include: safe access, backup systems, monitoring, review and maintenance, security incident and business continuity management, etc.
The conditions contained in this Policy supplement but do not supplant any conditions existing under the current legal framework for data protection. In case of contradiction between what is mentioned in this Policy and the conditions set out by the current legal framework for data protection, the latter will prevail.
Our company reserves the right to amend this Policy at any time. When this happens, you will be notified of any changes made and will subsequently be asked to read the most recent version of our Policy.
In this Policy the following terms are interpreted as follows:
For further information concerning when the processing is based on consent and when on other legitimate reasons, see above, section “LEGAL BASIS FOR PROCESSING”.
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Our primary concern is the protection of your privacy. Therefore, we encourage you to take the time and read this policy so that you can understand the type of cookies we use, the type of information we collect through cookies and how we use such information. By visiting our company’s website, you state that you agree to grant us consent to monitor your activity on it as well as your use of the services and functions therein through cookies or whatever similar technologies may be developed in the future.
Cookies are small files carrying information that a website stores on a user’s computer (usually on a web browser like Chrome, Opera, Mozilla Firefox, Edge, etc.) so that every time a user visits this website, it will be able to recover said information and provide the user with services that are relevant to it. A typical example of such information is a user’s preferences on a website as these are made known through the user’s choices on the particular website (e.g. specific “buttons” clicked, searches performed, etc.).
B.TYPES OF COOKIES
There are four types of cookies depending on their function and the purpose for which they are used.
C. COOKIES USEDBY THE COMPANY
Our company classifies cookies in 4 different categories:
These are optional cookies and require your explicit consent. To accept them, you can use the displayed “cookies banner” or the “cookies settings” at the top of this page.
During your visit to our company’s website, third parties may initiate and access the same behaviour analysis technologies, and, when you use our website, they may have access to information about you and your online activities over an extended period of time and across different websites or applications. The use of such technologies on their part is beyond our control and is subject to their own data protection policies.
D. DISABLING COOKIES