Privacy policy
General
With the present document we would like to inform you about the way in which Aiolos Studios generally collect, store and process your personal data, as well as the way in which our guests’ privacy is protected. The present privacy policy covers both the way your personal data are handled through your accessing and using our site via any device and your personal data which you provide during receiving our services.
More particularly, the present document constitutes an information source regarding the way in which we receive and handle the information in question, its possible sharing with third parties, as well as the rights you have regarding this information.
The present privacy policy concerns exclusively the use of our site, not the use of other sites to which you may be redirected through ours. We ask from our guests, who are under 18 years old, to read the following privacy policy with a parent or guardian present and NOT send any personal information without their consent.
The terms used in the present privacy policy should be interpreted according to the European General Data Protection Regulation (GDPR).
Controller for data processing
The Controller the personal data you share with us is the company “Aiolos Studios” with the following contact information:
Aiolos Studios
Naousa Paros, 84401
Kyclades, Greece
Tourist Business Register. No: 1175K123K0890800
Tel: +30 2284052436, +30 697 2019511
E-mail: aiolos_paros@yahoo.gr
Aiolos Studios determine the way and purposes for which the personal data you share with us are collected and used, either by contacting us about a question or accepting our service provision.
Type and way of personal data collection.
We collect your personal data which you provide voluntarily when you contact us through our site or telephone asking for financial offers or checking the availability or our services, including our services provided when you visit our accommodation. Your personal data may be forwarded to us by third parties, when for example you submit a question for our services through sites with which we cooperate.
The data we collect may, on occasion, include the following:
If you contact us through the Contact Form of our site or sending an electronic mail directly to us, we will collect the content of your messages, your electronic mail address, your name, any other contact information (should they are included), as well as our reply to you.
The correspondence though electronic mail or any other form of contacting us constitutes a commercial relationship and includes the client’s consent for us to contact them regarding our services. None of the data you provide will be stored in this site or forwarded to any third party.
If you agree to use our services we will collect your full name, address, electronic mail address, telephone numbers through which we can contact you, nationality as well as any financial information, including your bank account information or your credit card data or other payment data. We may also receive details of contracts you have drawn with third parties, in order for us to provide you with services, such as passport details or other identification documents and any other information is necessary to process so as to provide you with our services.
When you visit our site, the browser provides you with information such as your IP address, the browser type or the time and duration of access, mainly for statistical purposes. In most cases, this information is impersonal and cannot lead to the identification of any user.
Purpose of Private Data Collection
We use the personal data provided by you only when we have a legal reason to do so. More specifically:
- To offer you our services within our obligations from a contract
- To abide by our legal obligations, for example keeping our accounting books, visitors’ book, etc.
- To reply to your requests about price information and room availability, when you provide your consent to do so, for example via contacting our site.
- When we have a legal interest to do so, for example to improve our service quality, to inform you about our products and services you have requested or may be interested in (as long as you have given us your consent to contact you for promotion purposes), to inform you about the changes in our services or to forestall any illegal action and to ensure your security during the provision of our services.
Protection of your personal data
We take all the necessary measures so that your personal data to be safe. We have put in effect procedures for the physical and electronic protection of your data, as well as in managing procedures designed to prevent unauthorized access, loss or misuse of the data we keep.
Browsing our site as well as using the contact form is conducted through a secure SSL connection, which ensures the encryption of all exchangeable data between your browser and our site.
Your personal data are stored within the European Financial Area (E.F.A.) and will never be sent outside E.F.A, without abiding by the data disclosure provisions outside E.F.A, are stipulated by the European General Regulation.
Access to your personal data is strictly limited so as to avoid any unauthorized access, alteration or misuse. Your personal data are accessible only by the business owners and any specially authorized personnel. We never share your personal data with third parties without your consent and when this is done we demand from the third parties who handle or process your personal data to the same TOO.
Duration of data retaining
We retain and process your personal data exclusively and only during our contract, for as long as it is necessary for us, so as to provide you with the services requested.
Our business has adopted and follows a deletion of your personal data 12 months after the completion of the contract drawn between us, except the data we are obliged to retain in order to abide by our legal obligations, for example financial data, receipts or invoices for accounting and taxation purposes for 10 years after the completion of the contract, data included in the Entrance Log, which all touristic businesses are required to keep for 5 years after the completion of the contract, etc.
After the period during which we are obliged to keep your data in order to abide by our legal obligation, all your personal data are permanently deleted.
Whom your data are shared with
Aiolos Studios will never share, transmit or disclose your personal data to third parties without your expressed consent.
In exceptional cases we may share personal information with third party collaborators to offer you integrated services, for example bank services for payment through credit cards. Especially for the credit card information, we inform you that it is never stored in our database but is transmitted to our delegated collaborators for payment processing. We never permanently store your credit card information.
In some cases, a third party collaborator may directly collect your information from you on our behalf or they may be an intermediary so as for you to have an easier access to our services, when for example you make a booking in our hotel through third-party sites (Booking.com, etc). in all these cases we have taken beforehand, in collaboration with any thierd-party collaborators, all necessary measures to protect your personal data both during their collection and during transmission/disclosure and their further processing through special contracts about the protection of personal data and in any case acting by abiding by the applicable data protection laws. However, we are not responsible for any additional information you directly provide to the third-party collaborators, except those required to provide you with our services, as mentioned above, therefore we recommend that you be informed about the practices the third-party collaborators apply and the way in which they handle your personal data, before disclosing any of your personal information directly to them. You can find more information concerning the Privacy Policy that Booking.com applies here.
Your rights regarding your personal data
For as long as we retain and process your personal data you have the following rights:
- Access right: you have the right to know which data we keep for you as well as ask for a copy of this information.
- Correction right: you have the right to ask for your data correction when they have changed or are inaccurate.
- Deletion right: you have the right to ask for your data deletion, under specific statutory conditions.
- Objection right: you have the right to object to your data processing for specific purposes.
- Processing limitation right: you have the right to ask for the limitation of the purposes for which we process your data, under specific statutory conditions.
- Transmission right: you have the right to ask us to transmit all data we keep electronically for you to any third-party organization.
- Consent withdrawal right: you have the right to revoke your consent for the occasions that your data processing is conducted by us due to the legal basis of the consent.
- Reporting to the Authorities right: you have the right to address the Greek Data Protection Authority or to the authority of your permanent residence regarding the data processing by our business.
For any question you may have regarding your rights or if you wish to exercise any of your rights, you can communicate directly with us through our contact information mentioned at the beginning of this Privacy Policy.
Cookies
Our site uses cookies and related technologies, as analytically described below. Cookies are small data files sent to your browser and place in your computer’s hard drive when you visit a site. Cookies store your preferences and other information in your computer.
The cookies stored by our site are, among others, your language preference while browsing, as well as the statement of information and acceptance of the cookies and privacy policy of our site. Moreover, we use the cookies of Google Analytics to collect information regarding the way you use our site, your time spent on each sub-page, your vistitation frequency of our site and sub pages and other statistical data. This information helps us improve the presentation and usage of our site by its users, as well as to generally provide you with better services. All the above information is anonymous and are retained in Google Analytics. All this information as well as your computer’s IP address constitute personal data and can indicate the geographical area of the visitor. However, under no circumstances is this information provided to our webmaster or anyone else. Due to the pseudonymisation of the aforementioned data through Google Analytics, the visitor’s identification is not possible. The data collected by Google Analytics are retained for a period of 26 months and then erased. Google Analytics may use third-party cookies. More information about the cookies related to advertisements can be found here.
The cookies we use can be deactivated or/and deleted from your computer. Please, refer to the manual of the browser you use for more information or alternatively you can visit our site using the anonymous browsing option of your browser.
Links to third-party sites
Our site may occasionally contain links to and from other sites. If you follow one of these links, please take into account that these sites have their own privacy policies and that we do not take any responsibility for these practices. We advise you to check the privacy policy adopted by each third-party site before you submit any data to them.
Site’s server
Our site is hosted in the servers of the company TopHost, which is aligned at a great extend with the new GDPR regulation and its datacenter is located in Greece.
Social media
Our hotel has pages in the social media, through with you can share information or data with your friends or the general public depending on the settings you have in your personal profile. Please, refer to the privacy policy of the social media pages in question for more information about the way in which the handle your information. Our hotel will never share/forward your personal data to any social media platform.
Data breach management
In case any breach or breaching attempt of the personal data we retain, we will take all the necessary technical and organizational measure to manage the breach, always in accordance with the extent and risk that such a breach may constitute. Among others, our business will take all the necessary measures to retrieve the data, minimize the risk from the breach, inform the relevant authority, whenever this is required, but also inform the data subjects based on the European General Regulation.
Applicable Law
The present privacy policy is governed by the Greek Law, the European Law as well as the relevant international conventions. If any information mentioned above becomes inconsistent with the applicable legislation, it will be removed without affecting the validity of the rest information.
Privacy Policy Modification
Aiolos Studios retain the right to partly modify or renew the present privacy policy, without prior warning, informing the visitors through posting the renewed privacy policy in the present site. We advise you to refer to the present page so as to always be informed regarding the privacy policy we apply. In case of a substantial modification in this Privacy Policy we ensure that we will inform you about it by directly contacting you.
If you have any questions regarding the Privacy Policy we apply, please contact us.
version 1.1 (June 2018)
With regard,
Aiolos Studios