Our business is operating in the field of tourism services, hotel services, trade and rejuvenation services. In order to operate successfully we collect exclusively those personal data of the customers that are absolutely necessary in order to provide our customers with the best possible services.
Collection and processing of customer data for booking, for registering reservations ( such as name , surname, birthday, home address, tax number, telephone number, email address ), specil wishes, preferences, medical history ( if necessary ) on electronic systems and file archives, use of pricing data, storage of customer communication data for future professional communication with him, and possible sending of informative content for new services and promotions (email newsletter). Possible future collection and processing of contact information through our website, where an e-mail address entry field is provided for sending a newsletter with a positive action of the visitor. Collect and process personal data of our staff and external partners to fulfill our obligations to ourselves and to our customers. Collection and processing of personal data, that is, contact information, from the suppliers of our business, if we deal with natural persons at this level.
Your Consent is necessary
When you deal with our business and receive our services, you consent that we may collect, process and use your personal data in accordance with the respective legal regulations and the terms and conditions set forth hereinafter. You should read and understand these terms before you deal with us, so we ask that you give us your explicit consent before each transaction to collect, store and use or transmit the information you provide to us that may include your personal data, in order to be able to properly perform the cooperation / transaction between us on the basis of these contractual terms.
What personal information do we collect and how?
In any case, you have the right to refuse to provide your personal data in a partnership / transaction between us, as you can also provide us with the data strictly necessary for the purchase of a service and for you to use the service. The personal data that we may collectively collect from you in our co-operations / transactions may include the following:
(a) Data that you give us directly to our transactions. For example, when you buy or show interest in a service, you voluntarily provide us with your personal information, in particular your name, telephone, email, postal address, birthday, nutrition, special needs, debit or credit card, bank account number in order to provide you with our services. The above either you provide us directly or may be collected by us with your consent. In addition, when you communicate with us, we collect communication or identity data so we can help you. You also provide us with contact information so we can send you a response to your request and / or informative content by email, by your own action, through the appropriate field of our website or by giving us your explicit consent to a relevant form. You will also provide us with information about our payment, ie credit card or securities or third party information, etc. so that we can invoice and pay for our services. The data is also stored in a file archive in order to be able to fulfill the contract between us and to pay the price that you owe us for our services. The payment information is forwarded to a collaborating accountant in order to make the necessary tax records.
(b) Data we collect through email and video cameras. We collect and store the content of the emails you send to us when it is necessary to carry out our collaborations / transactions, the use of our products and their technical support. In addition, we store the content of an instant message (SMS) you can send us through messanger or via google or other webpages. Finally, if you visit our public areas or take part in an event, it may be possible to monitor or capture your image from security cameras.
(c) Data we collect from other sources and third parties. The personal data we collect can be combined with information you publicly publish, such as your contact information that you publicly share through your own websites, social media, newsletters, forms you use in your transactions, your cards and so on. Other third parties who may provide us with your data are social networks, provided you have given our service a right of access to such services, as well as the partner companies that may offer you other services. Finally, we may receive your data from other free databases, such as business and phone directories, to call you for communication.
We use and process the Personal Data that we collect from the above sources, even in combination with each other, in order to:
(a) Fulfill our contracts and provide our services to the customer in an appropriate manner. We use the data you provide us and your consent to execute and complete our transactions with you in order to provide you with our services when required.
(b) Improve our relationship. We use communication files to better understand the issues you are concerned with, and also to diagnose any errors and problems in time and thus improve and strengthen the quality of your cooperation, transactions and relationship with our company.
(c) We will inform you about new services and offers for our presence in exhibitions, conferences and events. Our company only uses your e-mail address to send information material and does not use your email content, conversations, etc. for advertising purposes at all.
(d) We process our payments and our obligations. We use pricing, credit / debit cards, securities and payments only to receive from you the cost of our services through a collaborative account office that is bound by confidentiality (e) We use data to protect our customers’ safety and protection, and to identify and prevent fraudulent actions, as well as to resolve disputes in the event of an abnormal development of our contracts.
(f) Contact with you. We use the data we collect to communicate with you through personal contact, telephone, e-mail, letter, SMS and other social media to let you know about any outstanding issues or to request additional information about a request to you invite you to our events to provide you with information about new services and offers.
Limitation of Liability
The company has no responsibility if any employee or a partner of the company uploads photographs taken by the client on social networking pages and made them available to the staff. Also, the company can freely use, republish, post on its website or on social networking pages public photos or videos of clients already publicly registered by themselves on their social networking pages or on the website.
We retain the data we collect for as long as necessary to fulfill our contractual obligations to you and comply with our other legitimate obligations, such as tax legislation, national security , police instructions, latest until the expire of the legal limitation period claims. If these are sensitive data, we keep them in each case for the shortest possible period. In general, we will keep your data for as long as you maintain a contractual relationship with us both in hard copy and in electronic form and, if for any reason it is interrupted, we will keep it for as long as it is required until the limitation period claims. We will also keep them for an indefinite period of time in cases where we are bound by law, such as when they are related to a public prosecution or judicial process, for tax purposes.
In general, you should be aware that we do not send your data to anyone for promotions or promotional purposes or purposes other than our contractual relationships or for what purposes you have given us consent. You should also be aware that some of our services include third-party links without our own intermediation (travel agencies), so the registration of your personal data with them is governed by the privacy statements of those third parties and not by ours . Also, when third-party installations (such as Booking.com, expedia.com, etc.) have been installed and interconnected, you should contact them for their data protection policy. As far as our data concerns, we make the best possible effort to secure them, keep them safe and remain with our company. With your consent, of course, we may pass it on to third party partners to provide you with the services you have requested, and in particular:
(a) We may transmit your personal data to complete a transaction between us or to provide any service you have requested from us or third parties. More specifically, we may pass on your name, address, and phone number that you have provided us to third partner companies to provide specific services provided by them (e.g., transport service, restaurant reservation, medical appointment etc.)
(b) We will also share your payment data (IBAN accounts, payee names, etc.) with our payment service providers ( credit / debit cards, banks etc ) as well as with third- party affiliates, such as accountants who process the financial information of our transactions with confidentiality and confidentiality.
(d) Finally, we may transmit data where and when required and, as the case may be, to the police and other authorities such as the Ministry of Tourism (eg Monthly Release Incoming Tourism Bulletin), to comply with applicable law or to protect our mutual rights and in particular in case of malicious action against us.
(e) Change of Control – Ownership. We may share your data with another company in the event of a takeover or merger with it. In such a case, we will make every effort to pursue this protection policy by the new entity with full respect for your privacy. If these data are going to be used for a different purpose, we will suggest that you will be aware of this release on time in order to exercise of your rights.
Control and Access
In terms of controlling and accessing your personal data, you can update, correct, verify, and delete them whenever you want. You can also choose which data we can collect from you and how we will use them. When your data is retained by us, you have full and immediate access to it and we will respond to your requests for access or deletion within 30 days after our request is delivered to us. Your requests can be submitted by email (firstname.lastname@example.org) or postal letter to our address Dedalou str 1. Hersonissos 70014, Greece, or the contact form on our site, etc. For your convenience, please update the data when they change or when they are inaccurate. You can also choose whether you want to receive nesletter from our company via email, SMS, mail or telephony. If you receive such a message from us without your wish, you can delete your address from the recipient list either by sending your request to us by e-mail, letter, contact form on our site, etc. In any case, please contact us in order to provide more infromation or to assist you.
Insofar as we process your personal data based on your consent, you are entitled to revoke your consent towards us at any time, Art. 7 Sec. 3 EU-GDPR.Upon request, you are entitled to the right to request from us access to and rectification or erasure of your personal data, or to the restriction of processing concerning the data subject or to object to processing, as well as the right to data portability. Deletion may be barred by statutory regulations, especially where required for settling, accounting or taxation purposes. These rights are exercised at no cost to you by sending a relevant letter or by e-mail to our contact details. If you exercise any of your rights, we will take all reasonable measures to satisfy your request within thirty (30) days after the receipt of your request, meanwhile we will keep you informed about your request in any case of acceptance or decline. In addition, you may at any time oppose the processing of your data for commercial or advertising purposes by withdrawing your consent whenever you wish. However, if you generally withdraw your consent, we might not be able to provide our services to you, because our mutual agreement for services is based on your consent in our customer data processing policy. For further clarifications regarding your rights and how to exercise them, please contact us in the following details.
Processing your data always requires a legal basis. In most cases where we provide our services to you, the legal basis is the fulfillment of our contractual obligations to you, so in order to proceed you must first provide us , your personal details such as your full name, shipping address and contact number. with your consent in processing those data. Where necessary, our legal basis will be to comply with legal obligations, as well as our need to serve your vital interests or the legitimate interests of our company with respect of fundamental human freedoms and rights. In very special cases, the legal basis will be the necessity of processing for reasons of public interest. Your consent may be revoked at any time by notifying it to us as stated above.
For any matter concerning the processing of your data, you can contact our telephone number +30 2897022144, or send a letter to oue address, Albatros SA Dedalou str. 1 Hersonissos Crete 70014 Greece or send a message to our email address: email@example.com .