PRIVACY POLICY
This Privacy Policy governs the use of the websites and services of the “Spyrou Group of Companies”, whose members include:
BLUE GREEN BAY SKOPELOS, Panormos, 37003 Skopelos
PANTELIS ROOMS, Skopelos Town, 37003 Skopelos
BEST SHOP SKOPELOS, Skopelos Town, 37003 Skopelos
RIGAS HOTEL ARACHOVA, Arachova, 32004 Arachova
LAGANAS HOLIDAYS HOTEL, Laganas, 29092 Zakynthos
LAGANAS BEACH HOTEL, Laganas, 29092 Zakynthos
ANIMA DELUXE SUITES NAFPLIO, 25 Martiou Street, Evangelistria, 21100 Nafplio
AIANTEION BAY HOTEL SALAMINA, 8 Angelou Sikelianou Street, Aiantio, 18903 Salamina
VESPERA PRIVATE LUXURY SUITES, Akrotiri, 84700 Santorini
ANNY STUDIOS & ROOMS, Perissa Beach, 84703 Santorini
and other business activities based in Greece. This Privacy Policy is binding on each company of the Group separately.
At the Spyrou Group of Companies, we respect your privacy and are committed to safeguarding the security and confidentiality of the personal data you provide to us.
By accepting this Privacy Policy and the applicable terms and conditions, you acknowledge that you have read, understood and agreed to this Privacy Policy.
These terms may be changed, updated or otherwise amended, in whole or in part, at any time. However, the version in force at any given time will always be available on the websites of the Group’s businesses.
The optional and mandatory personal data that you are required to provide when accessing a website or registering for various applications connected with services and products offered by the Spyrou Group of Companies, together with any additional personal data requested at a later stage, are collected, processed, transferred, stored and used by the Spyrou Group of Companies in its capacity as data controller, for the benefit of the Group’s members, their hotels and partners, as well as by service providers, including the data processors and service providers described below.
This Privacy Policy describes how your personal data are collected and processed, the purposes and characteristics of such processing, and your related rights.
We undertake responsibility for processing and protecting your personal data in accordance with this Privacy Policy and the applicable legislation. All hotels and accommodation establishments within our Group follow the requirements of this Policy and ensure that the protection of your privacy remains a priority.
CATEGORIES OF DATA WE COLLECT
The Spyrou Group of Companies may process the following categories of your personal data:
- Identification details: first name, surname, identity card or passport number, gender, date of birth and nationality.
- Contact details: telephone number, email address, fax number and social media account details.
- Payment details: credit or debit card information.
- Information relating to your participation in our loyalty programme.
- Information relating to your stay: arrival and departure dates, goods and services selected, participation in a customer group, and information connected with ferry tickets issued through our office.
- Information relating to your participation in our competitions and prize draws.
- Your reviews and assessment of the quality of your stay and our services.
- Information you provide so that we can fulfil special requests and preferences during your stay.
- Any other personal data you choose to share with us for the purpose of receiving better service.
HOW WE COLLECT YOUR DATA
The Spyrou Group of Companies collects your personal data from information provided directly by you, including:
- When you request information by telephone or in person concerning our services, offers and availability, and provide us with your email address.
- When you take steps to make accommodation reservations at our hotels or at any other establishments through which we provide accommodation.
- When you choose to receive news and offers from the Spyrou Group of Companies or use applications connected with our websites, reservation centres, call centres or social media channels; when you voluntarily provide information to us, including in connection with our loyalty programme; and when information is provided by members of the Spyrou Group of Companies or other third parties.
- When you register for or use our websites and/or an application. In such cases, you may be required to provide certain personal data, such as your first name, surname, email address and password, by completing the fields marked as mandatory on a registration form, login page or document.
- When your details are recorded at the reception desk of one of our hotels upon your arrival.
- When you provide information to our employees during your stay at our premises so that we can serve you more effectively.
- Contact details such as your name, postal address, email address, fax number and telephone number.
- Credit card details or another payment account number, billing address and other payment and billing information (“Payment Information”).
- Records and copies of your correspondence when you contact us.
- Information necessary to fulfil special requests, such as health-related requirements that call for particular accommodation arrangements.
- Through travel agents with which the Spyrou Group of Companies cooperates.
- Through online platforms that you use to contact us or make reservations.
- Through the issuance of documents relating to deposits, payments and settlement of balances.
Under no circumstances do we collect or process personal data that have not been provided with your consent.
WHY WE COLLECT YOUR DATA
We collect, process, use and store your personal data solely for the following purposes:
- To fulfil our contractual obligations towards you and provide you with the best possible service and the accommodation promised to you.
- To comply with obligations imposed on us by legislation, judicial or supervisory authorities and applicable law.
- For informational, research or advertising purposes, only where we have obtained your express consent.
- To authenticate you when you log in to our websites, our application and our Wi-Fi network.
- To fulfil reservation or information requests and remember your preferences and registration information.
- To administer loyalty programmes.
- To measure and obtain data for administrative and other communication purposes, and to operate and improve the effectiveness of our services, websites, programmes and applications connected with the operations of the Spyrou Group of Companies.
- To support our information technology objectives.
MEASURES AND SAFEGUARDS FOR THE SECURITY OF YOUR DATA
We implement appropriate and suitable technical and organisational measures to protect the personal data we process.
We prevent unauthorised access to your data, and all members of our staff are required to preserve the confidentiality of your personal data.
We do not disclose or transfer your data to third parties except within the framework of our contractual relationships with our partners and for the fulfilment of specific purposes connected with providing you with better service.
In every case, we take steps to ensure that all our partners comply with applicable data protection legislation and, in turn, implement all necessary safeguards to preserve the confidentiality, integrity and availability of any data they receive.
WHO WE SHARE YOUR DATA WITH
Privacy and Data Processing
Your personal data are collected, recorded and processed by the Spyrou Group of Companies exclusively for the purpose of providing our services to you in accordance with applicable laws. By accepting these terms, you provide your express consent for the Spyrou Group of Companies to transfer your personal data to its partners, namely third-party natural or legal persons that provide services to you in conjunction with, or in addition to, its own services. These services may include, in particular, transfers, excursions, indoor or outdoor activities, visits to places of interest, product warranty services and similar services, where such transfer is connected with improving the services provided to you by the Spyrou Group of Companies.
We will share your information with third parties only as described in this Privacy Policy. We may share personal information about you outside the Spyrou Group of Companies where:
(a) this is required or permitted by law;
(b) it is necessary, and only to the extent necessary, to provide services you have requested, in which case you will be deemed to have given your consent, for example for car rental, restaurant reservations, issuance of ferry tickets, loyalty programmes, tours, visit arrangements or ticket purchases;
(c) your stay has been paid for by a third party, in which case we will provide billing information to the paying party; or
(d) you have failed to pay amounts that are due.
We may share information with government or law-enforcement authorities where required by applicable law, in order to comply with a court order or other legal obligation, or to respond to a governmental request.
We may also disclose information where we believe in good faith that disclosure is necessary to protect our rights or property, protect your safety or the safety of others, or investigate theft or fraud.
We share information with service providers and data processors that we use to perform and improve our services and support our business operations.
We may also share information for the purposes of special programmes, offers, prize draws and competitions, in accordance with their more specific terms and conditions, where and when you choose to participate.
We may share information with our suppliers and other third parties in order to deliver our goods and services to you, store and process data, or send emails. These third parties are required to protect your personal information by applying reasonable security measures and to restrict its use to the purposes for which it was disclosed to them. This Privacy Policy does not describe the collection, use or disclosure of information by third parties that you contact for services related to our own. You should review the privacy policies of those third parties.
Our websites may contain links to third-party websites operated by parties outside the Spyrou Group of Companies. Such linked websites are not under the control of the Spyrou Group of Companies, and the Spyrou Group of Companies is not responsible for the operation, content, privacy practices or security of any such linked website, or of any link contained within a linked website. You are responsible for reading and complying with the privacy statements and terms of use published on those third-party websites.
HOW LONG WE RETAIN YOUR DATA
We retain Usage Data for as long as you use our websites and/or our application, and for a reasonable period thereafter, in order to fulfil the purposes described above, comply with applicable laws or limitation periods, and enforce the terms of this Policy.
Automatically collected information will be retained for up to twenty-four (24) months and will subsequently be stored in an aggregated form that does not identify you.
In every case, we will permanently and completely erase your data from our physical and electronic records within thirty (30) days after receiving a relevant request from you.
COOKIE POLICY
Please refer to the relevant section.
YOUR RIGHTS
You have the following rights in relation to the personal data we process. You may:
- Withdraw your consent at any time regarding the use of your data for advertising or informational purposes.
- Request information about the type of processing carried out by us and obtain access to your data.
- Request the correction or updating of your data where they are inaccurate or incomplete.
- Request the complete and permanent deletion of your data from our records.
- Request restriction of the processing of your data, provided that the conditions established by applicable legislation are met.
- Request a copy of all or part of your data in a commonly used and machine-readable format.
We undertake to respond to your requests free of charge as soon as possible and, in every case, within thirty (30) days of their submission. This period may be extended by a further sixty (60) days, depending on the complexity and number of requests.
You may also address complaints and concerns regarding the use and protection of your personal data to the competent Hellenic Data Protection Authority.
CONTACT
To exercise any of the rights listed above, submit a question or complaint, or provide feedback on this Privacy Policy, you may contact the Data Protection Officer, Mr Vasileios Spyrou, at bookings[at]spyrouhospitality.gr, or send your request by post to:
Spyrou Group of Companies
48 Aftokratoros Irakleiou Street
Marousi 15122
Greece
CHANGES TO THIS PRIVACY POLICY
This Privacy Policy may be amended in the future. Any change or addition will be posted on our website so that you remain informed about the way in which we process and protect your personal data. No amendment to this Policy will take effect before it has been posted and you have been informed accordingly.
JURISDICTION
It is expressly agreed that the courts of Athens, applying Greek law, shall have exclusive jurisdiction over the resolution of any dispute, claim, question of interpretation or controversy arising from or relating to the terms of this Privacy Policy.
