Customer Privacy Policy

This privacy policy “Policy” applies to the management of the rented accommodation known as Emilia Apartments in Plakias 74060 – Crete – Greece, and which represents Emilia Apartments in accordance with the Greek law (collectively, “We”, “Our”, “Us”).

We strive to deliver outstanding products, services, and experiences to Our customers (collectively, “You,” or “Your”). We value Your custom and, more importantly, Your loyalty. We recognise that privacy is an important issue. We have developed this Policy to explain Our practices regarding the personal information We collect from You or about You, on this site, via Our apps, through written or verbal communications with Us, when You visit Our property, or from other sources.

By using any of Our products or services and/or by agreeing to this Policy, e.g. in the context of registering for any of Our products or services, You understand and acknowledge that We will collect and use personal information as described in this Policy.

Please note that this Policy does not apply to Our processing of personal information, when We process on behalf of and subject to the instructions of third parties such as car rental companies and other service providers, companies that organise or offer any kind of travel arrangements or Our marketing partners. In the cases within this paragraph, We act only as a Data Processor.

Data Controller and DPO

Conforming with the EU General Data Protection Regulation (GDPR), Regulation (EU) 2016/679 , Rizes Monoprosopi I.K.E. in Plakias 74060 – Crete – Greece, is the Data Controller with respect to the processing of customers’ personal information in connection with the business operations of the aforementioned rented accommodation. Contact details:

  • The Manager
    Emilia Apartments
    Plakias 74060
    Crete, Greece
  •  
  • Tel.: +30 28320 32362
    Email: info@emilia-apartments.com
    Website: www.emilia-apartments.com

As a small business with little data processing and a small collection of personal information We do not employ a Data Protection Officer (DPO).

Information We collect directly or through third parties

In conducting every aspect of Our business (including Our website), We may collect personal information. This personal information may include:

  • Your name,
  • home address,
  • billing address,
  • email address,
  • phone number,
  • personal characteristics,
  • nationality,
  • passport number and/or national ID, date and place of issue,
  • payment information, such as Your payment card number and other card information, as well as authentication information and other billing and account details associated with online billing,
  • guest preferences,
  • marketing and communication preferences,
  • information related to Your reservation, stay or visit to Our property,
  • participation in a membership or loyalty program with Us,
  • participation in a membership or marketing program with third party,
  • information related to the purchase and receipt of products and/or services from Us or a third party during Your stay,
  • information about vehicles You may bring onto Our property,
  • reviews and opinions about Our properties and/or services (if they are identified or associated with You),
  • travel history,
  • other hotels, airline and rental car packages booked,
  • groups with which you are associated for stays at hotels, such as family or club mates,
  • information provided on membership and account applications,
  • and other types of information that You choose to provide to Us or that We may obtain about You.

We may also collect similar information on joint travellers. Furthermore, We may collect information related to conversations, including recording or monitoring calls for quality assurance and training purposes, as well as other communications such as in-app messages and SMS.

We collect additional personal information about You and joint travellers during registration/check-in and check-out at Our property, including such information as may be required by local laws. We may also use closed circuit television and other security measures at Our property that may capture or record images, video and sound of guests and visitors in public areas, as well as information related to Your location while on Our property (via key-cards and other technologies, if available).

Some of the personal information as described above, may collected through third parties including online booking portals, which are lawfully entitled to share Your data with Us.

Sensitive information and children’s PI

The term Sensitive Information refers to information related to Your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, genetic information, criminal background, and any biometric data used for unique identification.

We do not generally collect sensitive information unless it is necessary or volunteered by You or unless We are required to do so, pursuant to applicable laws or regulations. For example, We may use health data provided by You to serve You better and meet Your particular needs (e.g. if You have a nut allergy and We book a table in a restaurant for You, we will let the chef know about Your condition).

We do not knowingly collect personal information from children under 18 years of age. As a parent or legal guardian, please do not to allow Your children to submit personal information without Your permission.

Use of Your personal information

We use Your personal information in several ways, including to:

  • provide and personalize the services, You request and expect from Us,
  • offer You discounts which We believe you are entitled,
  • offer You the expected level of hospitality in-room and throughout Our property,
  • help Us to improve Our services and products,
  • administer the Emilia Apartments Reward program,
  • conduct direct marketing and sales promotions,

and as set forth below in more detail, We will collect Your consent prior to processing Your data where required by applicable law.

We are obligated to collect certain data from You and the joint travellers, including name, address, payment information and travel document information, in order to process your reservation. Failure to provide this information will result in Our inability to process Your reservation.

Customised services to Our guests – We use Your information to administer Our discount policies, to personalise Your experience across Our services and applications and to use Your information to communicate news, promotional, and transactional materials across different services and to personalise advertising and content delivered to You through online, email, mobile, and display advertising, as well as on Our website and applications and in accordance with any communications preferences You have expressed.

Service Administration – We use Your personal information to administer programs in which You participate, including providing You with access to Your account information, such as rewards status, details of previous bookings, collect invoices and offers for which You are eligible; to fulfil services that are part of such program and to enable direct communication between Us and You.

Marketing and Communications – Where permitted we may use Your personal information to provide or offer You newsletters, promotions and featured specials, as well as other marketing messages in accordance with any communications preferences You have expressed. We use Your information to provide in-stay communication, account alerts, reservation confirmations and to send You marketing messages. We may provide these communications via email, postal mail, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app messaging, and other means (including on-property verbal communication). With your consent, We also use user-generated content and media (such as photos) to deliver display advertising or use on Our website and apps.

Service Improvements – We may use Your personal information to improve Our services and to ensure that Our website, products, and services are of interest to You. We also use Your personal information to provide You with the expected level of hospitality in-room and throughout Our property. This may include providing You with the ability to prearrange services and place orders through Our website or apps on Your personal devices.

Data Correctness and Analytics – We may aggregate Your personal information with data from third-party sources for purposes of keeping information up to date and analytics. We also rely on information from third parties to provide better, more personalised service. For example, if you connect Your social media services or other accounts to Our services, We may use this information to make Your experiences with Us more personal and social, or share and use it as described elsewhere in this Policy.

Legal basis for processing

The legal bases for Our processing activities include processing such information as necessary to comply with our competition law obligations, our contractual obligations, compliance with our legal obligations, protecting the safety of our employees, guests and others, for our legitimate business interests, and pursuant to Your consent.

Personal information We share

We never sell Your personal information and usually, We do not share with third parties any data, except when a third party provides services and/or products to You, and We are involved with one way or another and You consented explicitly verbally or in writing. These cases detailed below.

We may partner with other companies to provide You with products, services, or offers based upon Your experiences at Our properties, in these cases We may share Your information with Our business partners accordingly. For example, We may help to arrange rental cars or book a table in a restaurant for You.

When We rely on third parties to offer services and products on Our behalf such as online reservation platforms, then We may share Your personal information with them as appropriate. Generally, Our service providers are obligated to protect Your personal information and may not otherwise use or share Your personal information, except as may be required by law.

As We develop Our business, We might restructure or reorganise businesses or assets, or cease being the manager of Emilia Apartments. In such circumstances, We may transfer, sell (as an exception to the general rule) or assign information collected, including, without limitation, any information and personal information, to the new management. To the extent that local laws require it, we will provide notice of Our intent to transfer personal data to a third party for this purpose and explain how You can object to such transfer.

When You visit and interact with Our website and apps in it, third parties such as social media platforms, Google, Facebook and Twitter may collect information about You for their own marketing purposes. They do so by using what is called ‘cookies’. On Our website We provide mechanism to halt such assortment if needed. For more information about Our cookies management system please see further below.

In addition, We may disclose personal information in order to: (i) comply with applicable laws, (ii) respond to governmental inquiries or requests from public authorities, (iii) comply with valid legal process, (iv) protect Our rights, privacy, safety and/or property of Emilia Apartments, visitors, guests, employees or the public, (v) permit Us to pursue available remedies or limit the damages that We may sustain, (vi) enforce Our websites’ terms and conditions, and (vii) respond to an emergency.

Protecting personal information

We will take reasonable measures to: (a) protect personal information from unauthorised access, disclosure, alteration or destruction, and (b) keep personal information accurate and up-to-date as appropriate. We employ dedicated and experienced IT security professionals who are responsible for creating and managing Our IT security system, as well as maintaining a robust backup system. For online transactions, We use reasonable technological measures to protect the personal information that You transmit to Us via Our website. In the event of a security incident, We will notify regulators and/or customers as required by applicable laws and regulations.

We also seek to require Our affiliates and service providers with whom We share personal information to exercise reasonable efforts to maintain the confidentiality of personal information about You.

International data transfers

We may transfer reluctantly the personal information We collect about You, pursuant to the purposes described in this Policy to countries that have not been found by the European Commission to provide adequate protection, that is the United States (US). Some of the social media platforms with applications on Our website such as Google and Twitter, may transfer data to US servers. Similarly, information exchanged with Booking.com and other reservation portals, may be transferred and stored on US servers by them.

Retention of personal information

We retain personal information about You for the period necessary to accomplish the purposes for which such information was collected, usually for the duration of any contractual relationship and for any period thereafter as legally required or permitted by applicable law. We retain personal information collected to fulfil guest reservations for five years after the stay is completed. We retain other personal information for shorter periods of time if possible and if permitted by law.

We will destroy Your personal information as early as practical is and in a way that the information may not be restored or reconstructed. Our retention policies reflect applicable statute of limitation periods and legal requirements.

Profiling and automated decision making

We do not profile Our customers or clients in any way, We do not “group” them together in segments for any reason, including to create demographics and We do not use automated decision making of any kind for any purpose whatsoever. However, the social media platforms who use apps on our website such as Google and Twitter may do.

European Economic Area (EEA) residents’ basic rights

Clients who are also residents of the EEA have the following rights:

  • Ask Us to confirm whether We are processing Your personal information,
  • receive information on how Your data is processed,
  • obtain a copy of Your personal information,
  • request that We update or correct Your personal information,
  • request that We delete personal information in certain circumstances,
    (in some circumstances We have the right to decline a request for erasure and when We have a legitimate basis to do so, We will inform You the reasons for rejecting),
  • request that We cease processing of Your personal information for marketing and/or statistical purposes,
  • in certain circumstances to request that We cease processing completely Your personal information for all purposes but no delete it,
    (if We cease processing of your personal information following Your request, We will inform You prior to re-engaging in such processing).

Right to withdraw consent

You have the right to withdraw Your consent to any processing that We conduct solely based on Your consent (such as sending direct marketing materials to Your personal email account). You may withdraw Your consent to marketing activities by, following the instructions on any marketing materials or contacting info@emilia-apartments.com. For any other activities for which You have previously consented, You may also contact the above email address to withdraw such consent.

Right to lodge a complaint

If for any reason related to Your personal information, You are not satisfied with Our procedures and/or with Our response to Your requests, or You believe that We have not complied with the GDPR, Regulation (EU) 2016/679, You are entitled to complain to Us.

If You still not satisfied You have the right to lodge a complaint with the Hellenic Data Protection Authority (DPA).

 

We are governed by the Greek law and regulated by the Greek National Tourism Organisation (GNTO aka EOT).

End of document.

 
 

  Cookies Management System