The privacy and security of your information is very important to us. When you book a room, we want you to be sure that the information you have provided to us is managed by us and protected in accordance with applicable law.

This Privacy Policy provides you with clarifications about who we are and how we collect and manage your information.

Who we are

This Privacy Policy provides a general overview of the basic principles that govern the processing of personal data in our company, their security and protection as they meet the requirements of the legislation, both at European and national level and also the needs of the staff of the company, its customers and partners.

Information we collect, how we process and share it

We collect and process personal information in the event that you make a reservation through our reservation system and/or stay in the Blue Coast branded rental apartments. We generally collect this information directly from you, but in some cases we may collect your information from other sources. We also collect information through the use of third-party service provider technologies, such as through pixels, web beacons, tracking tools and similar technologies.

It is not necessary to provide us with your information although in some cases, failure to do so may mean that you will not be able to use our services. For example, we may not be able to complete any booking you wish to make.

To learn more about how we collect, process and share your information, please select the relevant section below.

If you book on the Blue Coast

Information we collect: We collect your information when you make a reservation through our reservation system or stay at the hotel. Information collected during your booking and stay may include:

• Your name, email address, home and work address, telephone number, nationality and payment card information,
• Information related to your subscription to one of our services.
• Information such as accommodation and room preferences declared as part of your booking, such as your preferred room type and special requests to the hotel.

This information may be provided to us directly when making the reservation through one of our international reservation agencies, through our websites, directly at the hotel or through our mobile applications. In some cases we receive this information from third parties, such as when you make a booking through an online travel agency.

How we process your information: We process the information we collect from you primarily to complete the reservation you have made. Prior to your stay this may include sending your information to the relevant hotel or sending you pre-stay messages. After your stay, we may also send you messages and satisfaction surveys to get feedback on your experience.

In some cases, where we have your consent or are permitted under applicable law, we may send you marketing messages (which may include text messages or telephone conversations conducted using autodialer technology) about products and services that we think may be relevant to you.

Who we share your information with: We share your information with the hotel you will be staying at to complete your reservation. We may also share your information with third party service providers to provide services related to our business, as well as to help improve our products and services.

The legal basis for processing your personal data
We are committed to collecting and processing your information in accordance with applicable data protection laws.

We will only collect, process and share your information where we are confident that we have an appropriate legal basis to do so. This may be because:

• you have provided us with your consent to use personal information,
• our use of your information is necessary to perform the contract with you, for example by making and managing your booking,
• our use of your information is necessary to meet our obligations to our regulators, tax officials, law enforcement authorities, or otherwise to meet our legal obligations,
• our use of your information is based on our legitimate interest as a business, for example to operate and improve our services and inform the public about our products and services (including for purposes of profiling and targeting advertising) – in these cases, we will always process your information in a way that is proportionate to and respects your privacy rights and you will have the right to object to processing as explained in the section ‘Objecting to how your information is used by us”.

If you would like to know more about the legal basis on which we process personal information please contact our communications offices (information can be found in the “How to contact us” section). If you have given your consent for us to process your information you can withdraw your consent at any time by contacting the Company’s Data Protection Coordinator (DPC) (information can be found under “How to contact us”) .

Transmission of Data

As we also operate through an international network of corporate offices, reservation and service centers, data centers and hotels, it may be necessary to transfer your information to a country other than the country where it was originally collected or outside your country of residence or nationality. The information you provide us during a reservation or through the provision of any other services may be transmitted to any legal entity or hotel owned by the company for the purposes of carrying out or performing those services.

Where we transfer information originating from the European Union (“EU”) to a country outside the EU (eg USA), we will take steps to ensure that such transfers are carefully managed to protect your privacy rights:

• where we transfer your data outside the company including other companies that provide their services to us, we will take contractual commitments and assurances from them to protect your information. Some of these assurances are well-recognized certification schemes such as Standing Contractual Clauses and the EU-US Protection Shield for the protection of personal data transferred from the EU to the United States of America,
• we will only transfer personal information to countries which are recognized as providing an adequate level of legal protection or where we can be assured that alternative arrangements exist to protect your privacy rights and
• any request for information we receive from law enforcement or regulatory authorities will be reviewed before sharing personal information.

Use of WI–FI services

When you use the WI-FI services within our complex we may collect and process certain additional information.

What Information We Collect

• Registration and User Provided Information: When you register to use the band link we may collect personal information about you. You may also provide us with personal information about you in a variety of ways when you use the complex login, for example, when you send us requests related to customer service.

How We Process the Information We Collect

We process personal information only for the purposes described in this Policy, unless otherwise communicated to you at the time the data is collected or otherwise authorized by law or by you.

We process personal information we collect through your Hotel Login to operate, maintain, improve and provide all features of the service, in order to provide services and information you request, respond to comments and questions and provide user support.

We process personal information we collect through your Hotel Connection to understand and analyze usage trends and preferences of our users, improve the Hotel Connection service, and develop new products, services, features, and functionality. Please see the “Managing your preferences and information” section below.

How we protect your information

We are committed to protecting the confidentiality and security of the information you provide to us. To do so, we have installed technical, physical, and organizational security measures to protect against any unauthorized access, disclosure, damage, or loss or loss of your information. We can never guarantee that the collection, transmission and storage of information will be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.

Managing your preferences and information

We want to ensure that you have the necessary tools to control the information you provide to us, including how to contact you. It is also important that you contact us to update your information if any of it is inaccurate or has changed. Please select the relevant section below to learn more about how to control how we communicate with you and how to update, amend and delete your information.

Managing your communication preferences

Through the provision of the services described above, we, and in some cases third party partners and service providers, may communicate with you about your booking, via online digital services (eg online advertising, social media chats), or to support some of the other services we provide.

In some cases, you can go to your account, sign in and select the “Communication Preferences” section to correct your communication preferences. Additionally, your opt-out from marketing communications will be included within the same communication. In all other cases, or if you have difficulties unsubscribing from any special communication, please contact the hotel.
Please note that removing yourself from one category of communication may not remove you from another category. Similarly, unsubscribing from our communications may not unsubscribe from certain communications conducted independently by third parties

Managing Your Information

In the event that any information you provide to us is inaccurate, changes or you wish to be deleted, your information can be updated by contacting the hotel. In some cases, you can update certain items of your personal information by logging into your account, logging in and selecting the “Personal Information” section to update and modify your personal information. For all other cases, please contact the company.

We will respond to your request within the deadlines set by law.

Links to Other Pages

Our websites and applications include links to websites maintained and/or controlled by third parties, as well as to social media (facebook, twitter, instagram, pinterest). In some cases these websites may be co-branded and carry our logo or other marks. You can always tell if you are on one of our websites by checking the URL on the page you are visiting. We encourage you to review the privacy policies of third party websites as their privacy practices may differ from ours.

Children

Our websites are not intended for children and we do not knowingly solicit or collect personal information from persons under the age of 18. If we become aware of or otherwise discover that a minor’s personal information has been improperly collected, we will take all commercially reasonable steps to delete that information. In limited circumstances, we may run a campaign or program aimed at children. In these cases, information practices information will be presented within the terms and conditions of the program or campaign.

Maintaining your information on our systems

We generally only keep your information for as long as is reasonably necessary for the reasons explained in this privacy policy. In some cases we keep transaction records (which may include your information) for longer periods of time if necessary to meet legal, regulatory, tax or audit needs. We will also retain information if we reasonably believe there is a prospect of litigation.

We maintain a data retention policy which we apply to the files we retain.

How to contact us

For any questions or concerns about this Privacy Policy or our data privacy practices, please contact us:

• By email: info@galaziakti.gr
• Post: Galazia Akti rental complex, Ag Beach. Nikolaou, Edipsos
• Telephone: (+30) 2226 024873 – 4, (+30) 210 6081063 a

You can also use the contact details above to request access to any of your personal information held by us.

You have the right to lodge a complaint with your local data protection supervisory authority at any time. However, we ask that you first try to resolve any issue with us before submitting your complaint to the supervisory authority.

Changes to this Privacy Policy
In some cases, we may change, correct or modify this Privacy Policy in order to comply with the evolving regulatory environment or with the needs of our business. In accordance with any applicable legal requirement to provide additional information, any changes to this Privacy Policy will be made known through our website and mobile applications. However, if changes are made regarding the use of your personal information in a way other than that set out at the time of collection we will take appropriate steps to notify you, such as by posting an update on our website 30 days prior to the date effective date of the changes or by sending you an email.

Your rights under EU data protection law

You have legal rights in relation to your personal information under EU data protection law.

• Access to personal information

You can ask us to confirm whether or not we hold and process your personal information as well as a copy of your information.

• Correction / deletion of personal information

You can ask us to correct any information about you that is incorrect. We will be happy to correct such information but will need to confirm the accuracy of the information first.

You can request that we delete your information if you believe that we no longer need to process it for the purpose for which we collected it from you. You can also request the deletion of your information if you have either withdrawn your consent to us processing your information (if we initially asked for your consent to process your information), or have exercised the right to object to further lawful processing of the information you, or where we have processed it unlawfully, or where we are required by law to delete your personal information.

We may not always be able to comply with your request, for example where we need to continue to process your information to comply with a legal obligation or where we need to use your information to establish, exercise or defend legal claims.

Restricting how personal information is processed

You can request that we restrict our use of your information in certain circumstances, for example:

• where you believe the information is inaccurate and we need to confirm it,
• where our processing of your information is not lawful but you do not wish us to delete it,
• where the information is no longer required for the purposes for which it was collected but we process it to establish, exercise or defend legal claims, or
• where you have objected to our use of your personal information but we still need to confirm whether we have overriding reasons for processing it.

We may continue to process your information upon request to restrict where we have your consent to use it, or we need to process it to establish, exercise or defend legal claims, or we need to process it to protect the rights of others, or company.

• Objecting to the way your information is used

You can object to any processing of your information that we have justified on the basis of our legitimate interest if you consider that your fundamental rights and freedoms for data protection outweigh our legitimate interest in using the information. If you object, we may continue to process your information if we can demonstrate that we have compelling legitimate interests to process the information.
You can also ask us to stop processing your data for direct marketing purposes.

• Request to transfer your information to another

You can request that we provide you with your personal information in a structured, commonly used and machine-readable format, or you can request that it be transmitted directly to another data controller (eg another company).

You can only exercise this right where we process your information for the purpose of performing a contract with you, or where we ask for your consent to use your information. This right does not apply to any information we hold or process that is not held in digital form.

• Right to Obtain a Copy of Applicable Personal Information Safeguards for Transfers Outside Your Jurisdiction

You can request a copy of, or a reference to, the safeguards under which your personal information is transferred outside the European Union.

We may enter into data transfer agreements to protect commercial terms.

We may ask you for proof of your identity when you make a request to exercise any of these rights. We do this to ensure we only pass on information where we know it’s the right person.

We will not charge you unless we believe your request is unreasonable, repetitive or excessive. Where a charge is necessary, we will let you know before we proceed with your request.

We aim to respond to all valid requests within one month. However, we may need more time if the request is particularly complex or you have submitted several requests. We will let you know if we think a response will take longer than a month. To help us respond more quickly, we may ask you to provide us with more information about what you wish to receive or what concerns you.

We may not always be able to do what you have asked, for example if it would affect our duty of confidentiality to others, or if we otherwise have the legal right to handle your request differently.