E.Evangelou Hotels & Ltd (together referred to as ‘we‘, ‘us‘, ‘our‘) are registered data controllers under the terms of the General Data Protection Regulation (GDPR).[Our Data Protection Officer can be found in firstname.lastname@example.org]
What information do we collect?
When you register to access and use our site or/and services, we may ask you to provide certain personal information(hereinafter referred as “Personal Data”).
Personal data which we may collect, store and use in the context of your interaction with us includes, without limitation:
- Addresses (Email, Physical)
- Contact Numbers
- Date of Birth
- Payment Details
- Information related to your membership in one of our services or programs (room preferences, requests to the hotel, etc).
What do we use your Personal Data for?
We may use your information for the following purposes:
- To allow us to manage your reservation on the basis that processing is necessary in order to perform our contract with you to provide our services
- In the normal course of our business, to allow us to register you to use our services and to provide you with our services on the basis that processing is necessary in order to perform our contract with you to provide our services
- To allow us to analyze your personal preferences and personalize our services to you;
- To store your data to pre-populate fields to make it easier for you to provide information when you return to our sites;
- To communicate with you (including sending you information about products and services which we think may be of interest to you).
- To validate your information (in some cases, match it against information that has been collected by a third party), to check that the data we hold about our customers/users is precise, consistent and up to date
- In pursuit of our legitimate interests, to record CCTV footage to ensure the safety and security of our premises, staff and customers
- To comply with any legal obligations to which we are subject
- For internal analysis purposes
- For marketing purposes, we may use your personal data for the purposes of providing you with email newsletters, surveys, any other communication for the purposes of advertising and marketing of our services as well as providing you with targeted advertisements on our or third-party websites
- For maintaining legal records and accounts for the time periods required by European/Cyprus law or where we need to comply with a legal or regulatory obligation;
We shall periodically check that the personal data we store for you is accurate. If you would like to update the personal data we hold about you, please contact us on email@example.com with your request.
The provision of certain personal information is mandatory if you are going to use our services. If you fail to provide such data, we will be unable to provide our services.
Who do we share your Personal Data with?
- As part of using our services, you consent to us sharing your personal information with the following parties:
- Our agents, other service providers and third party partners, who process and store data on our behalf
- Professional advisors;
- Law enforcement agencies
- Trusted third parties whose products, services and other offers we believe may be of interest to you.
- Any member of our group and other companies which may be added to our group from time to time.
- We may also share your personal information with third parties:
- In the event that we, our business, or substantially all of its assets are acquired by a third party (in which case personal information about customers will be one of the transferred assets)
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any contract with you; or to protect our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
- We may transfer your personal data outside of the European Economic Area (EEA). We shall ensure that any such transfers are lawful and that your information is kept secure in accordance with the GDPR.
We will only send you marketing emails where you have agreed to this. You can opt out of our advertising and marketing communications at any time by any of the following methods:
- Selecting the UNSUBSCRIBE link included in our emails.
- Editing your account in our website.
- Contacting our Marketing Team at firstname.lastname@example.org
A data processor is a person who processes data on behalf of a data controller. A data controller decides the purpose and manner to be followed to process the data, while data processors hold and process data, but do not have any responsibility or control over that data.
Our Hotel Data Processors
Survey: TRIP ADVISOR
Online reservations system: Debliteck Services Ltd
Hotel Management System: ORACLE SWEET 8, MATERIAL CONTROL, MICROS, ESOFT
Newsletter service: N/A
Mobile Application: N/A
How long do we store your Personal Data for?
We only store your personal information for as long as necessary for the purposes listed beforehand (satisfying any legal, accounting, reporting requirements).
What are your rights?
Access to your personal data: You may request access to a copy of your personal data.
Right to withdraw: Where you have given your consent for us to use your personal data, you may withdraw your consent at any time. Please contact us using the details located at this policy if you would like to withdraw your consent and we will delete your data in line with your right to erasure.
Rectification: You may ask us to rectify inaccurate information held about you. If you would like to update the data we hold about you, please contact us using the details below and provide the updated information.
Erasure: You may ask us to delete your personal data. If you would like us to delete the personal data we hold about you, please contact us using the details below, specifying why you would like us to delete your personal data.
Portability: You may ask us to provide you with the personal information that we hold about you in a structured, commonly used, machine readable form, or ask for us to send such personal data to another data controller.
Make a complaint: You may make a complaint about our data processing activities to a supervisory authority. For Cyprus this is the Commissioner for Personal Data Protection, at http://www.dataprotection.gov.cy .