The Company «Kalypso Hotel & Apartments.» with trading name «Kalypso Paros» (hereinafter “the Company”, “Data Controller”, “we”) fully shares your concern regarding your personal data in accordance to the enhanced requirements of Regulation (EU) 2016/679 (hereinafter “GDPR”), law 4624/2019 and, the relevant legislation about the protection of Personal Data, as the Data Controller, informs the natural persons (hereinafter “Data Subjects”, “you”) about the processing of their personal data through this Privacy Notice.
Ι . What personal data we collect, for which purposes and which are the legal bases
|PURPOSE||PERSONAL DATA COLLECTED||LEGAL BASIS|
|1. Contact, Managing Reservations (Contact Form, Telephone, Fax, Email message)||Name, email, date of arrival and departure, number of visitors (adults and children), personal data, including special category data, that may be included in the relevant field by the user. Optionally, we collect: telephone/ fax number, full postal address, and villa of interest.||Article 6(1)(b) GDPR: processing is required in order to satisfy user’s request prior to entering into a contract|
- How long your personal data is retained for
Personal data shall be retained for as long as necessary for data collection purposes, as specified in section I, unless otherwise specified by law.
If retaining your data is not needed for an explicitly described and legal purpose, we safely delete and/or destroy them in accordance to our “Policy for Keeping and Deleting Personal Data”.
ΙΙΙ.To whom your personal data are disclosed and/or transmitted
Our company shall disclose your personal data to authorized employees of our Company.
Furthermore, we may disclose personal data collected through this website to:
- a) Entities entrusted with the execution of specific tasks such as, but not limited to, lawyers, product suppliers and/or IT service providers and/or support service providers of all kinds of computer-based information systems or electronic systems and networks, logistics companies, marketing companies, business consulting firms. Those entities offer adequate assurance for the implementation of necessary technical and organizational measures, so that data processing is conducted in accordance to GDPR and other relevant legislation for data protection.
- b) Third parties cooperating with or rendering services to our Company, including, but not limited to, reservation management companies, companies that manage transfer, travel agencies.
- c) Supervisory, independent, judicial, prosecuting, public and/or other authorities, bodies or parties assigned to control/monitor the Company’s activities within the scope of their responsibilities.
ΙV. Rights of the data subject
The General Data Protection Regulation provides you with rights and options that we are committed to satisfying. Thus, you may:
- request information about your stored personal data and the way it is processed. If you so wish, we shall provide a copy of your personal data undergoing processing, free of charge (Right of Access).
- request rectification of inaccuracies or errors, correction of incomplete data or an update of your data (Right to rectification).
- request erasure of personal data, if no longer retained for specific, legal or stated purposes (Right to erasure or Right to be forgotten).
- request restriction of processing a) when the accuracy of the personal data is contested, b) when the processing is unlawful (but you oppose the erasure of the data), c) when the data is no longer needed for the purposes of the processing, and d) for as long as the verification whether the legitimate grounds of the controller override those of the data subject are still pending.
- object on grounds relating to your particular situation, at any time, to processing of personal data, especially when this data is processed for direct marketing purposes or profiling. More specifically, you may object to a decision based solely on automated processing. In such a case, you may exercise your right of intervention (Right to object – Automated individual decision-making).
- receive your personal data in a structured, commonly used and machine-readable format or transmit this data to another controller at your behest, where technically feasible and at all times under the specific conditions of the law (Right to data portability).
- Revoke your once granted consent for your data processing at any time. As a result, we will not be allowed to continue the data processing based on this consent in the future.
You may address your requests via email to the address: email@example.com
Our Company shall fulfill all your requests within one (1) month. In the extremely rare cases that such a fulfillment is proven unfeasible, we shall immediately inform you explaining the reasons in detail.
If you believe that the provisions for personal data are being violated, you may file a complaint to the Hellenic Data Protection Authority (www.dpa.gr).
- Contact Information
|Kalypso Hotel & Apartments|
|Agioi Anargyroi Beach
PC 84401, Naoussa
Paros Island, Greece
|+30 22840 51488|
- Effective date – Amendments
Version 1.0, Posted on 14/04/2020 date of posting