Privacy Policy

Privacy policy

The main activity of the company under the company name “DIONYSIOS PAPATHEODOROU NIKOLAOS DIONYSOPOULOS OE ” (hereinafter, the “Company”) is the exploitation of hotel establishments and the provision of tourism hospitality services to customers staying at its hotels, as well as several other tourist services offered to the visitors of its hotels. 

The Company, acting in the capacity of controller and in accordance with Regulation (EU) 2016/679 and the provisions of Greek laws on the protection of personal data, informs any natural person entering into transactions with the Company (hereinafter the “Customer”) that the Company and/or third parties acting at the direction and on behalf of the Company will process personal data relating to him or her. Such processing will be always performed in the context of a transaction relationship for services provided by the Company (tourism hospitality services, etc.) during the period of stay of the Customer, according to the above. 

Reasons why personal data are collected

The Company collects and process personal data, where necessary, a) due to the legal relationship between the Customer and the Company for the performance of a contract regarding the provision of tourism hospitality services to the Customer, and b) due to the Company’ legal obligation to identify the Customer/guest/visitor who plans to stay at the hotel.

How and when personal data is collected

The Company informs the Customer that during his/her request for a room  reservation/booking at one of our properties , made either through the Company’s electronic booking platform or through other distant communication means (i.e. e-mail ), or by the Customer himself/herself, the Company will require from the Customer to fill out his/her personal data, as well as other data concerning payment methods (like, in an indicatively manner, his/her credit card details), which are required as a minimum and are absolutely necessary for the provision of the agreed hospitality services. Such data is required by the company for the purposes of a) recognizing/identifying each data subject whenever a room reservation is made or upon arrival at a Company hotel, b) safeguarding the Company’s financial interests with regard to indemnification/payment for the provision of services, and c) issuing any legally required financial/tax document and proof of payment/invoice, upon payment for the provision of hospitality services to customers staying at a Company’s properties .

Specification of personal data collected

In particular, the Customer either upon his/her arrival at a Company hotel or through a safe online booking platform, or through any other distant communication means (like, in an indicative manner, facsimile/fax), and in any case the Customer himself/herself will complete the following identification details:

Surname, name, father’s and mother’s name, date and place of birth, national identity card or passport number, home address, city of residence, country, profession, telephone number, nationality, Tax Identification Number, electronic address (e-mail), contact phone number, date of arrival, check-in and check-out dates, number of rooms, number of persons etc .

In addition to the above, in case the Customer wishes to receive communications about Company hotels and gives his/her consent to that respect, the Company may send such communications to his/her electronic address or social media.

Use and retention of personal data

The Company will make use of Customer’s identification and recognition data for the purposes, on one hand, of issuing taxation documents (i.e. payment receipts or invoices for provision of services) and, on the other hand, of updating company records/books, the keeping of which in printed or electronic form is required by law (like, in an indicative manner, pursuant to article 10 of Presidential Decree 186/92), such as, in an indicative manner: a) The Hotel Reception Book, intended for inspection by the Police, and b) the Hotel Reception Book, intended for inspection by the competent Public Fiscal Service.

Records of such taxation documents (payment receipts for provision of services, invoices), which include data of the data subjects, are kept by the Company in printed and electronic form for twenty five years, as the competent Public Fiscal Service is entitled to carry out inspections throughout this period on the Company’s accounting books and documents.

Apart from the above taxation documents, the Company does not keep records of any other type regarding registered personal data of customers who stay at Company’s properties , and neither wishes nor has the legal right to keep such information.

Access to such records is limited to the Company’s financial/accounting department, acting in the capacity of processor.  

With regards to the acceptance of payments through credit or debit cards, Company hotels are using a secure bank gateway provided via Pireaus Bank (https://www.winbank.gr/en/), hence, the management of payments through credit/debit cards and the storage or management, whatsoever, of credit card data may be registered/stored by a provider that is complied with the highest security standards.

Data Subject/Customer rights

The Customer has the right: a) To know which personal data concerning him/her are kept and processed by the Company, as well as the origin of such data (right of access); b) To request -and this is also an obligation for him/her- that his/her data are rectified or completed in order for them to be complete and accurate, by submitting all necessary documents proving the necessity for the completion or rectification (right to rectification); c) To request the restriction of processing of his/her data (right to restriction of processing); d) To refuse and/or object to any further processing of data kept by the Company (right to object); e) To request the erasure of his/her data from the Company records (“right to be forgotten”); f) To request from the Company to transmit data provided to said Company to any other controller (right to data portability). 

It should be noted that satisfying requests based on points c, d and e above, where they concern data that are necessary for entering into or maintaining a legal relationship/contract with the Customer and regardless of whether they have been provided by the Customer or not, may result to the automatic -on behalf of the Customer- termination of the relevant contract or contracts, according to the terms contained therein, or failure to examine the data subject’s request.   

In any case, the Company has the right to reject the request to restriction of processing or erasure of the Customer’s data, whenever processing or keeping of data is necessary for the establishment, exercise or defence of Company’s legal claims or for the compliance with Company’s legal obligations . 

The exercise of the right to data portability (point f above) does not cause the erasure of data from Company records, which is subject to the terms of the immediately previous paragraph.   

VIDEO SURVEILLANCE TECHNICAL SYSTEMS

To ensure the safety of both customers and their personal belongings during their stay at the hotels, the Company makes use of suitable and legal video surveillance technical systems.

Monitoring through video surveillance for the protection of natural persons and goods is limited to a)Εntry/exit of persons (like, for example, through video surveillance at the main entrance, reception, lift and staircase entrance/exit), b) Areas where the electrical/mechanical installations of the Company hotels are found (i.e. laundry, food storage refrigerators areas).

The video surveillance system used by the Company will solely and exclusively record image and, by no means, sound; also, torsion or zoom is not enabled in said system. Access to video surveillance system is limited to the data Processor and the Hotel Manager. Collected data will be erased within 365 days, at the latest, from the date they were collected/recorded. In case there is an incident, data can be extracted from the system and be kept in a separate record for a reasonable amount of time .    

The data subject has the right to object to the processing of his/her image from the video surveillance system and request the locking of data. If the processor ascertains that the data subject’s request for the erasure or locking of data is legal, he/she should immediately proceed to the erasure or locking of data and make adjustments to the operation of the system, so as to avoid illegal processing of data in the future. In any case, the data subject has the right to lodge a complaint with the supervisory authority for the protection of personal data, which is the “HELLENIC DATA PROTECTION AUTHORITY” (www.dpa.gr).

NEWSLETTERS

In order to sign up for Company newsletters and be able to receive updates and/or offers and/or other promotional material, you must provide your electronic address (e-mail) either upon your arrival by completing the Registration Card  or by completing the online platform of our website.

Upon signing up for our newsletters and personalized communications, you explicitly grant us your consent to receive all updates and/or offers and/or other promotional material through electronic and text messages or instant messaging, as provided by relevant services (i.e. through SMS, Viber, Push Notifications, etc.)

COMPANY WEB PAGE NAVIGATION / COOKIES:

When navigating the web page, the Company may use Cookies that help our website collect and store information about your visit and preferences, which are related exclusively to your navigation of the Company web page and are not transmitted to other web pages that you may visit. 

A cookie is a small piece of text that is sent to your web browser by a website you visit; this helps our website to store information and make your experience more easy and useful next time you visit our website. 

Cookies (such as, for example, remarketing tag, Doubleclick cookies, remarketing pixels) are used for getting an easier and faster connection to our website each time you visit it in the future, or for search preferences, so as the advertisements you see are more relevant to you, or for calculating the number of website visits, or for helping you to sign up to our services and protect your data. 

Cookies of the Company’s website are absolutely safe for your files since they cannot read information from your device. 

The Company’s website may use a remarketing tag/sign for advertising purposes. Remarketing means that third parties/providers may display the Company’s advertisement on websites through the internet. The above-mentioned providers may use cookies to deliver advertisements based on your previous visit at the Company’s website. Remarketing tag/sign may be installed on your device; if you wish to opt out from cookies used by Google, you can visit the Ads Preferences Manager of the Company at http://www.google.com/ads/preferences/. Alternatively, you can opt out from cookies used by third party providers, by visiting the Network Advertising Initiative opt out website at: http://www.networkadvertising.org/managing/opt_out.asp 

In addition, our website may use Double Click remarketing pixel. If you wish to opt out from the use of Double Click cookies, you can visit the DoubleClick opt out settings at the following link: http://www.google.com/settings/ads/onweb#dislplay optout. Alternatively, you can opt out from cookies used by third party providers, by visiting the website of the Network Advertising Initiative opt out website at: http://www.networkadvertising.org/managing/opt_out.asp 

By using this website and by choosing the possibility to opt out, you understand and agree to the collection of data, so that we can display advertisements that are relevant to your interests. 

PERSONAL DATA SAFETY

The confidentiality of data that are processed by the Company, such as customers, providers or employees data, is safeguarded, since access to such data is limited to authorized persons, like -in an indicative manner- hotel managers, who use access password to confirm reservations made by customers or carry out reservations made by customers or manage transactions with providers or employees, as well as to generally have access to files with data subjects information. Furthermore, the Company keeps back-up files for all information that may be processed, thus ensuring that: a) information is always available; b) information that has been managed and processed is accurate and complete; c) access to information that has been processed is possible at all times, and d) in case of a natural or technical incident, it will be possible to restore, make available and have access to processed data in a timely manner. In any case, the Company protects all data that may have been recorded, by using natural safety measures as well as other measures against unauthorized access to the Company’s systems, websites and servers.  For example, the Company protects your information by using access password controls and ‘firewalls”.

CONTACT – INFORMATION – COMPLAINTS

The Customer, as well as any other data subject, can update the information entered into the Company database, and change his/her preferences and contact details. The Customer can also contact the Company by sending an e-mail at: info@helianthusdreamhomes.gr, so as to inform that he/she does not wish to receive communications related to the Company and its hotels, as well as to make comments or ask questions about the Company’s Personal Data Protection Policy.

In addition, the data subject has the right to lodge a complaint with the supervisory authority for the protection of personal data, which is the “HELLENIC DATA PROTECTION AUTHORITY”, at the following link: www.dpa.gr