More particularly, the present document constitutes an information source regarding the way in which we receive and handle the information in question, its possible sharing with third parties, as well as the rights you have regarding this information.
Controller for data processing
The Controller the personal data you share with us is the company “Aiolos Studios” with the following contact information:
Naousa Paros, 84401
Tourist Business Register. No: 1175K123K0890800
Tel: +30 2284052436, +30 697 2019511
Aiolos Studios determine the way and purposes for which the personal data you share with us are collected and used, either by contacting us about a question or accepting our service provision.
Type and way of personal data collection.
We collect your personal data which you provide voluntarily when you contact us through our site or telephone asking for financial offers or checking the availability or our services, including our services provided when you visit our accommodation. Your personal data may be forwarded to us by third parties, when for example you submit a question for our services through sites with which we cooperate.
The data we collect may, on occasion, include the following:
If you contact us through the Contact Form of our site or sending an electronic mail directly to us, we will collect the content of your messages, your electronic mail address, your name, any other contact information (should they are included), as well as our reply to you.
The correspondence though electronic mail or any other form of contacting us constitutes a commercial relationship and includes the client’s consent for us to contact them regarding our services. None of the data you provide will be stored in this site or forwarded to any third party.
If you agree to use our services we will collect your full name, address, electronic mail address, telephone numbers through which we can contact you, nationality as well as any financial information, including your bank account information or your credit card data or other payment data. We may also receive details of contracts you have drawn with third parties, in order for us to provide you with services, such as passport details or other identification documents and any other information is necessary to process so as to provide you with our services.
When you visit our site, the browser provides you with information such as your IP address, the browser type or the time and duration of access, mainly for statistical purposes. In most cases, this information is impersonal and cannot lead to the identification of any user.
Purpose of Private Data Collection
We use the personal data provided by you only when we have a legal reason to do so. More specifically:
- To offer you our services within our obligations from a contract
- To abide by our legal obligations, for example keeping our accounting books, visitors’ book, etc.
- To reply to your requests about price information and room availability, when you provide your consent to do so, for example via contacting our site.
- When we have a legal interest to do so, for example to improve our service quality, to inform you about our products and services you have requested or may be interested in (as long as you have given us your consent to contact you for promotion purposes), to inform you about the changes in our services or to forestall any illegal action and to ensure your security during the provision of our services.
Protection of your personal data
We take all the necessary measures so that your personal data to be safe. We have put in effect procedures for the physical and electronic protection of your data, as well as in managing procedures designed to prevent unauthorized access, loss or misuse of the data we keep.
Browsing our site as well as using the contact form is conducted through a secure SSL connection, which ensures the encryption of all exchangeable data between your browser and our site.
Your personal data are stored within the European Financial Area (E.F.A.) and will never be sent outside E.F.A, without abiding by the data disclosure provisions outside E.F.A, are stipulated by the European General Regulation.
Access to your personal data is strictly limited so as to avoid any unauthorized access, alteration or misuse. Your personal data are accessible only by the business owners and any specially authorized personnel. We never share your personal data with third parties without your consent and when this is done we demand from the third parties who handle or process your personal data to the same TOO.
Duration of data retaining
We retain and process your personal data exclusively and only during our contract, for as long as it is necessary for us, so as to provide you with the services requested.
Our business has adopted and follows a deletion of your personal data 12 months after the completion of the contract drawn between us, except the data we are obliged to retain in order to abide by our legal obligations, for example financial data, receipts or invoices for accounting and taxation purposes for 10 years after the completion of the contract, data included in the Entrance Log, which all touristic businesses are required to keep for 5 years after the completion of the contract, etc.
After the period during which we are obliged to keep your data in order to abide by our legal obligation, all your personal data are permanently deleted.
Whom your data are shared with
Aiolos Studios will never share, transmit or disclose your personal data to third parties without your expressed consent.
In exceptional cases we may share personal information with third party collaborators to offer you integrated services, for example bank services for payment through credit cards. Especially for the credit card information, we inform you that it is never stored in our database but is transmitted to our delegated collaborators for payment processing. We never permanently store your credit card information.
Your rights regarding your personal data
For as long as we retain and process your personal data you have the following rights:
- Access right: you have the right to know which data we keep for you as well as ask for a copy of this information.
- Correction right: you have the right to ask for your data correction when they have changed or are inaccurate.
- Deletion right: you have the right to ask for your data deletion, under specific statutory conditions.
- Objection right: you have the right to object to your data processing for specific purposes.
- Processing limitation right: you have the right to ask for the limitation of the purposes for which we process your data, under specific statutory conditions.
- Transmission right: you have the right to ask us to transmit all data we keep electronically for you to any third-party organization.
- Consent withdrawal right: you have the right to revoke your consent for the occasions that your data processing is conducted by us due to the legal basis of the consent.
- Reporting to the Authorities right: you have the right to address the Greek Data Protection Authority or to the authority of your permanent residence regarding the data processing by our business.
The cookies we use can be deactivated or/and deleted from your computer. Please, refer to the manual of the browser you use for more information or alternatively you can visit our site using the anonymous browsing option of your browser.
Links to third-party sites
Our site is hosted in the servers of the company TopHost, which is aligned at a great extend with the new GDPR regulation and its datacenter is located in Greece.
Data breach management
In case any breach or breaching attempt of the personal data we retain, we will take all the necessary technical and organizational measure to manage the breach, always in accordance with the extent and risk that such a breach may constitute. Among others, our business will take all the necessary measures to retrieve the data, minimize the risk from the breach, inform the relevant authority, whenever this is required, but also inform the data subjects based on the European General Regulation.
version 1.1 (June 2018)