Date of effect: May 2020
This Privacy Policy applies to www.osirishotel.gr which is owned and operated by Osiris. This Privacy Policy describes how we collect and use information, which may include personal data you provide on our website: www.osirishotel.gr. It also describes your options regarding the use of your personal data and how you can view and update this data.
Data collection
The types of personal data we collect include:
-
Your name, surname, e-mail address, phone number,
-
Information you provide about ads, preferences when you participate in surveys, competitions and promotions.
You can always choose what kind of personal information you wish to provide (if you wish so). However, if you choose not to provide us with some information, this may affect some of your transactions.
Automatically collected data
When you use our website, we also collect information automatically, some of which may be personal data. These include details like language settings, IP address, location, device settings, device operating system, activity log, usage time, URL redirect, status report, user information (browser version information), operating system, browsing result (visitor or visitor who booked), browsing history, and the type of data you viewed. We may also collect data through cookies. For more information about cookies, click here.
Purposes of data processing
We use your personal data for the following purposes:
A. Customer reviews: We may use your contact information to send you an e-mail invitation to write a review after your stay. In this way you can help other travelers choose the accommodation that suits them best. If you post a review, your review may be posted on our website.
B. Marketing purposes: We may also use your information for marketing purposes as permitted by law. In cases in which we use your personal information for direct marketing purposes, such as promotional newsletters and promotional communication for new products and services or other offers that we believe may be of interest to you, we also include a unsubscribe link that you can use if you do not wish to receive such messages from us in the future.
C. Other communication: There may be times that we may contact you by e-mail, post, phone or text message, depending on the contact information you have shared with us. This might be for a variety of reasons:
-
We may need to respond to and manage requests you have submitted.
F. Analytical data, improvements and research: we use personal data for research and analytical purposes. We may instruct a third party to do so on our behalf. We may notify or disclose the research results, among others, to third parties, in general and anonymous form. We also use your personal data for analysis purposes in order to further improve our services and user experience as well as to improve the functionality and quality of the online travel services we offer.
G. Security, Trace and Fraud Prevention: We use the information, which may include personal data, to prevent fraud and other illegal activities. We also use this information to investigate and detect fraud. We can also use personal data for risk assessment and security purposes, including user authentication. For these purposes, personal data may be shared with third parties, such as law enforcement authorities, as permitted by applicable law, and external consultants.
H. Legal procedures and compliance: In some cases, we need to use the information provided, which may include personal data, for managing and resolving legal disputes or complaints, for regulatory inquiries and compliance, or for the implementation of the agreement(s) or to comply with legitimate requests from law enforcement authorities to the extent required by law.
If we use automated means of processing personal data that have legal effects or that have a significant effect on you, we will take appropriate steps to protect your rights and freedoms, including the right to human intervention.
Legal Basis
-
For purposes A and B, we rely on the performance of a contract: the use of your data may be necessary to carry out the agreement between us. For example, if you use our services to make an online booking, we will use your data to fulfill our obligation to complete and provide the reservation, as part of the agreement between us.
-
With regard to C-H purposes, we rely on our legitimate interests: we use the data for our legitimate interests, such as providing you with the best and most appropriate content for the website, e-mail and newsletters to improve and promote our products and services, the content of our website, as well as for purposes of managing, detecting fraud and other legal purposes. When we use personal data to serve our legitimate interests, we always give priority to your rights and interests in protecting your data against our rights and interests.
-
Regarding purpose H, we also rely, where applicable, on our obligation to comply with current legislation.
-
Where required by applicable law, we will ask for your consent before we process your personal data for direct marketing purposes.
If required by applicable law, we will ask for your consent. You may withdraw your consent any time by contacting us at any of the addresses provided at the end of this Privacy Policy.
If you would like to opt out of the data processing referred to in terms C-F and you do not have direct access to an opt-out mechanism (for example, not in your account settings), please contact info@osirishotel.gr .
Data sharing
-
Third Party Service Providers: We use service providers to process your personal data strictly on our behalf. This processing is for the purposes included in this Privacy Policy, such as facilitating booking payments, sending marketing material or supporting analysis services. These service providers are bound by confidentiality and may not use your personal data for their own purposes or for any other purpose.
-
Competent authorities: We disclose personal information to law enforcement authorities and other government authorities to the extent required by law or when it is absolutely necessary in order to prevent, detect or prosecute criminal offenses and fraud.
International Data Transfer
The transfer of personal data as described in this Privacy Policy may involve the transfer of personal data abroad to countries in which personal data protection legislation is not as comprehensive as that of the countries of the European Union. Where required by European law, we will transfer personal data only to recipients offering an adequate level of data protection. In such cases, we will make the necessary contractual arrangements to ensure that your personal data is still protected in accordance with European standards. You can request a copy of these terms using the contact details below.
Data retention
We retain your information, which may include personal data for as long as we deem it necessary to provide you with our services, comply with applicable law, resolve disputes with different parties and whatever reason makes it necessary for the purposes of our business activity, including the detection and prevention of fraud or other illegal activities. All personal data we hold is subject to this Privacy Policy. If you have questions about a particular retention period for certain types of personal data, please contact us with the contact details below.
Your options and rights
We want you to know how we use your personal data. This can be done in the following ways:
-
You may request a copy of your data that we maintain,
-
You can notify us of any changes to your personal information or you may ask us to correct any of your information,
-
In some cases, you may ask us to delete, prevent or restrict the processing of your personal data that we maintain or disagree to specific ways of using your personal data, and
-
In some cases you may also ask us to forward the personal data you have given us to a third party.
In cases where we use your personal data following your consent, you have the right to withdraw your consent at any time, in accordance with applicable law. In addition, in cases where we process your personal data on a legitimate interest or in the public interest, you have the right to express your disagreement at any time regarding this use of your personal data in accordance with applicable law.
We rely on you to ensure that your personal information is complete, correct and up-to-date. Please let us know in advance of any changes or inaccuracies in your personal information by contacting info@osirishotel.gr . We will handle your request according to all applicable laws.
Questions / Complaints
If you have any questions or concerns regarding the processing of your personal data by us or if you wish to exercise your rights under this policy, you may contact us at info@osirishotel.gr . You can also contact your local data protection authority for any questions and complaints.
Policy Changes
As our business is constantly changing, this Privacy Policy may change. If you want to see changes made to this Privacy Policy occasionally for the use of Cookies, please visit our Privacy Policy to view them. If we make any substantial changes or changes affecting you (for example, if we start processing your personal data for purposes other than those listed above), we will contact you prior to processing.