Privacy Policy regarding the use of the Website:
Terms and Conditions
1. These terms of use determine how to use the service named www.estialuxurysuites.gr (hereinafter “the service”), which takes the privacy of users very seriously and undertakes to fully comply with the applicable law (regulation (EU) 2016/679 – hereinafter the “GDPR” regulation.
This document (“Privacy Policy”) provides information on how to process personal data collected by the Company through this website (“Website”) and constitutes an informative notice to data subjects, in accordance with Article 13 of the Regulation GDPR. Specific informational notices regarding the privacy of information are usually published in the sections of the Website where users’ personal data are collected and in any case supplemented by this Privacy Policy.
2. Responsible for data processing and DPO
The Data Controller is Eleni Skoubourdi (“Data Controller”).
You can contact the Data Protection Officer (“DPO”) at the following address: SKALIA 85200 KALYMNOS, or at the email: info@estialuxurysuites.gr
3. The Data we process
The following data may be processed:
the usual personal data that you may provide when using the features of the Website, including browser data or requests to use the services offered on the Website, as well as data collected by cookies as specified in the Cookies Policy;
4. Why and how we process your personal data
With your consent, the Company may process your usual personal data to ensure that you can benefit from the available services and functions and to optimize their performance, to collect statistics on their use, to manage the requests and reports received through the Website and to manage your registration in any restricted access areas and initiatives that may exist on the Website in accordance with Article 6.1.a of the GDPR. The Company may also process your personal data to fulfill obligations arising from laws, regulations and European Union law: the legal basis for processing for this purpose is Article 6 paragraph 1 letter c) of the GDPR regulation.
In addition, with your optional consent, your usual personal data may also be used in the company’s official publications or in advertising activities (marketing), i.e. in the context of sending advertising material and/or commercial communications concerning the Company’s services in the contact details reported using traditional methods and/or communication methods (e.g. mail, telephone, etc.) or automatic means (e.g. Internet communications, fax, e-mail, text messages, mobile applications such as smartphones and tablets, social media accounts, e.g. Facebook or Twitter, etc.). The legal basis of the processing for this purpose is Article 6(1)(a) GDPR.
The personal information of users who wish to be included in the company’s database with businesses and professionals will be processed (indicative and not limited to collected, registered, organized, stored) for the purpose of providing the service, as well as promoting services and products of the company and in accordance with the personal data protection legislation. The use of the service by these users implies their consent to the company for the processing of their data in the context of providing the service.
Finally, the Company may process your routine and sensitive personal data to protect its rights in legal proceedings.
All your data is processed using automatic and electronic tools that are suitable to fully ensure security and confidentiality.
5. Necessary Processing and Optional Processing
The forms to be filled out on this Website require you to provide the personal data that is absolutely necessary to process your messages and requests. These data are marked with an asterisk [*]. If you do not wish to provide them, we will not be able to process your messages / requests.
Conversely, some forms may provide the possibility to provide personal data that is not absolutely necessary to process your requests: providing such data is optional and not providing it has no consequences.
6. Data browsing
If you simply visit the Website (i.e. without sending any message or using any of the available services/functions), the processing of your data is limited to browsing data, i.e. the data which is necessary to be sent to the Website for the operation of computers on which the Website operates and Internet communication protocols. This category includes, for example, IP addresses or computer domains used to visit the Website and other parameters related to the operating system used to connect to the Website. The Company collects this and other data (such as the number of visits and the time spent on the Website) only for statistical purposes and in anonymous form, in order to monitor the operation of the Website and improve its performance. This data is not collected to be linked to other information about users or to identify users. However, this information, by its nature, may allow the Company to identify users through processing and linking to data held by third parties. Browsing data is usually deleted after being processed in anonymous form, but may be stored and used by the Company to trace and identify the perpetrators of any computer crimes committed against or through the Website. Subject to this feature and the provisions of the Cookies Policy, the browsing data described above is only stored temporarily, in accordance with the law.
7. Links to Other Sites
This Privacy Policy applies only to the Website defined above. Although the Website may contain links to other websites (known as third-party websites), please be advised that the Company does not have access to or use cookie tracking systems, web beacons or other user tracking technologies that may be active on third-party websites. , the content and material published on them or the methods of processing your personal data. Links are provided for the convenience of users and do not imply that the company endorses these websites or accepts their content. In the event that the user chooses to use these links, he should be aware that he is leaving the company’s website and that the company has no control over third-party websites. For this reason, the Company expressly declines any responsibility for such matters. Therefore, in no case is the company responsible for the content of the websites to which the links refer, for the protection of the privacy of the information that the user provides when visiting third-party websites, nor for any financial or other kind of loss or damage any suffered. These terms do not apply to third party websites. The user should act with care and be informed about the privacy policy of the websites they visit.
8. How we store data and for how long
Pursuant to Article 5(1)(c) of the GDPR, the computers and programs used by the Company are created in such a way as to minimize the use of personal and identifying information. This data is processed only to the extent necessary to achieve the purposes stated in this Policy and will be stored for as long as is absolutely necessary to achieve the specific intended purposes. In any case, the criterion used to determine the storage period is based on compliance with the deadlines permitted by law and the principles of data minimization, storage limitation or rational management of our records.
9. How we ensure the security and quality of your personal data
The Company undertakes to ensure the security of the user’s personal data and to comply with the security provisions provided by law to avoid data loss, illegal or irregular use of data or unauthorized access to data, with particular but not exclusive reference to articles 25-32 of the GDPR. The Company uses many types of advanced technologies and security procedures to protect the user’s personal data. For example, personal data is stored on secure servers located in facilities with protected and controlled access. The user can help the Company to update and to correct his personal data, announcing any change of address, educational qualifications, contact details, etc.
10. Persons who have access to the data
Persons belonging to the following categories are authorized to process user data: technical and administrative staff, IT staff, product managers, as well as other staff members who need to process data for the performance of their duties.
The Data may also be disclosed to third countries: i) to institutions, authorities, public bodies for institutional purposes; ii) to professionals, independent consultants – whether working individually or collectively – and other third parties and providers who provide the Company with commercial, professional or technical services required for the operation of the Website (e.g. provision of IT and Cloud Computing services) for the purposes mentioned above and to support the Company in providing the services you have requested; iii) to third parties in the event of mergers , acquisitions, transfers of businesses or their branches, audits or other extraordinary acts. The mentioned recipients receive only the data necessary for their respective functions and duly undertake their processing only for the purposes stated above and in accordance with data protection laws. The Data may also be shared with the other legal recipients identified from time to time by applicable laws. With the exception of the above, the Data will not be communicated to third parties, natural or legal persons, who do not perform tasks of a commercial, professional or technical nature for the Controller and will not be disseminated. The parties receiving the Data process as Data Controllers, Processors or persons authorized to process the personal data, as the case may be, for the purposes stated above and in accordance with applicable data protection legislation.
Regarding the transfer of data outside the EU, even in countries whose laws do not guarantee the same level of protection of the privacy of personal data as that provided by EU law, the Controller informs that the transfer will in any case take place in accordance with with the methods permitted by the GDPR, such as for example based on the user’s consent, based on the standard contractual clauses approved by the European Commission, selecting parties participating in international programs for the free movement of data (e.g. . EU-US Privacy Shield) or implemented in countries considered safe by the European Commission.
11. Specifically, through the service the user is provided with the possibility
a) to search from the company’s database for a business or a professional natural person using as keywords the name of the business or the name of the professional or the type and headquarters of the business or professional by typing the prefecture or the region or the street of the headquarters.
b) locate on the geographical map available on the website exactly the location of the headquarters of the company or professional he is looking for, the way to get there, as well as points of interest near the headquarters of the company or professional
c) to forward to the company his own details (in particular brand or name, type and seat of business) in order to be included among the businesses and professionals included in the company’s database. For this purpose, the user fills in the “Free Registration” form. It is clarified that this form is completed only by the person who wishes to be registered on www.estialuxurysuites.gr, and the registration of his details by a third party afterwards or without compensation is expressly prohibited.
12. For the convenience of the users of the service and based on the category of business or professional natural persons, on the home page of the website there are the most popular categories of businesses and professionals, so by choosing one of them and specifying the place of interest, the user can quickly find the information they are looking for. The Company designed the website www.estialuxurysuites.gr so that its users can visit it without having to reveal their identity unless they wish to do so. The users of the website are asked to provide information about their personal data only if they want to order products, register on the website and/or send an email to info@estialuxurysuites.gr
13. The service provided on this website, as well as the content published on it, including maps, photos or video may be used for personal, non-professional use only. Commercial use of the website is prohibited. Every order execution and delivery of the products requires the necessary collection of personal information. Any supporting document and document that certifies and declares the identity of the customer remains strictly confidential and is checked only by the responsible department of the Company. On behalf of the user, the presentation and display of his personal data means that he consents to this data being used by the Company for the above reasons. Therefore, the user’s ordering of products through the website www.estialuxurysuites.gr and the acceptance of this transaction, means the user’s acceptance for the reception and processing for the above reasons and within the above frameworks by the company of the personal data provided by the user.
14. The user is responsible for accessing this website and the service and is obliged to use the website for legal purposes and in accordance with good manners. It is expressly agreed that users of the service are prohibited from using technical means to access the website database. For example, you may not use software for automated data extraction for personal or professional use.
15. This website is the property of the company. The service and content (indicative: data, databases, software, photos, videos, information, logos, distinguishing features) that appear or are available to visitors on the website, are intended for strictly personal use, are protected by intellectual property rights and the trademark laws. Their appearance on the website does not constitute a transfer or assignment of their license to use. Any copying, reproduction, presentation, adaptation, modification, publication, distribution of the service and/or the content of the website in any way, in whole or in part, whether the content belongs to the company or to a third party, is prohibited. In addition, it is prohibited to modify and/or delete the copyrights, trademarks or photographs that may appear on the website or the relevant maps. In particular, with regard to the photos of regions of Greece sent by users upon acceptance of these terms of use, users grant www.estialuxurysuites.gr a simple license to use and specifically to post the photos on the above website. The users who send the photos declare that they are their own work or that they have received the consent of their legal owner for posting them on www.estialuxurysuites.gr and that no intellectual property rights have been infringed on the photos. The company is in no way responsible for any infringement of rights on the above photos, responsibility which is taken exclusively by the user who sent the photo.
16. Cookies. Cookies are small files (text files), which are sent and stored on the user’s computer, allowing websites such as www.estialuxurysuites.gr to operate smoothly and without technical anomalies, to collect multiple user options, to recognize frequent users users, to facilitate their access to it, and to collect data to improve the content of the website. Cookies do not cause damage to users’ computers or to the files stored on them. They are used to provide information and to process orders, while each time the user exits the website, they are automatically deleted. Cookies are absolutely necessary in order for the www.estialuxurysuites.gr website to function properly and seamlessly. The user has the possibility to set the server (browser) in such a way that it is either warned about the use of cookies in specific services of www.estialuxurysuites.gr, or does not allow the acceptance of the use of cookies under any circumstances. In the event that he does not wish to use cookies for his identification, he cannot have further access to the services.
17. The content and service are provided “as is”. The company is not responsible for the availability, completeness, validity, completeness of the information. The implementation of address-to-address or point-of-interest routing is the result of an algorithm and may not be the shortest possible. The company is not responsible for decisions of users based on information contained in or available through this website. Each user is solely responsible for protecting their personal equipment and software from viruses.
18. The company cannot guarantee that the service will be available at all times without interruptions as well as that it will function without errors and interruptions. Due to technical conditions beyond the control of the company, interruptions may occur, especially in the case of unavailability of the Internet or the website, as well as a temporary interruption of the service. This also applies to maintenance and update measures. The user declares that he is in compliance with such measures, which are carried out as far as possible outside normal working hours and are declared in a timely manner and with the associated negative effects to a reasonable extent. Such temporary unavailability of the service does not constitute a defect. The company is not responsible for any form of damage suffered by the user due to the use and / or unavailability of the use of the service, the information on this website.
19. Your Rights
You can exercise at any time the rights provided by Articles 15-22 of the GDPR, including the right to confirm the existence of personal data relating to you, to check their content, their origin, their correctness, their location ( also in relation to any Third Countries), request a copy, request correction and in cases provided by law, request the limitation of their processing, their deletion, object to direct communication activities, object to direct marketing activities (which are also limited to specific means of communication). Likewise, you can always withdraw your consent and/or make comments on specific issues regarding the processing of your personal data that you consider incorrect or unjustified in the context of your relationship with the Company or file a complaint with the Personal Data Protection Authority . You may contact the Controller and/or the DPO at the addresses shown above to make any requests regarding the Company’s processing of personal data, exercise your legal rights and obtain an updated list of parties who have access to your data.
20. Users can contact the company via the number +30 6943160199 or by sending an email to the email address info@estialuxurysuites.gr. Through the above methods of communication, the user can also confirm his personal data that the company maintains in its information systems, request their correction, change or deletion. In the event that the user wishes to be deleted from the database maintained by the company, he should send a signed statement of deletion from the company’s information system to the email address info@estialuxurysuites.gr. Otherwise, i.e. where the company does not receive the user’s signed statement to delete it from its information system, it reserves the right to retain the user’s personal data in the context of providing the service and sending promotional messages.
21. The company (itself and/or in collaboration with third-party companies specialized for this purpose) collects information on the movement of this website in order to count visitors, extract statistics and improve its functionality, indicatively through the use of cookies , web beacons, etc. During any visit to the website, the pages the user visits, together with the cookies they may contain, may be “loaded” on the user’s computer. Cookies are text-files through which the server recognizes the computer of the website visitor. These cookies are stored on the user’s computer only in order to carry out or facilitate the transmission of communication through the electronic communications network or when this is necessary for the provision of a service that the user has requested. The user of the service can set his browser in such a way that it either warns him about the use of cookies in specific services of the website www.estialuxurysuites.gr or does not allow the acceptance of the use of cookies under any circumstances.
22. Security of Transactions
The Company is committed to ensuring the security and integrity of the data it collects about the users of its website and for this reason takes the necessary measures to protect the personal data that the users provide in any way. These procedures protect user data from any unauthorized access or disclosure, loss or misuse, and alteration or destruction. www.estialuxurysuites.gr uses the SSL protocol, with 128-bit (the most powerful today), for secure online trading. This encrypts all of the user’s personal information, including their credit card number, name and address, so that they cannot be read or modified in transit over the Internet. The SSL (Secure Sockets Layer) protocol is today the global standard on the internet for certifying websites to web users and for encrypting information between web users and web servers. An encrypted SSL communication requires that all information sent between a client and a server be encrypted by the sending software and decrypted by the receiving software, thus protecting personal information in transit. In addition, all information sent with the SSL protocol is protected by a mechanism that automatically checks if the data has been modified in transit. In the event that the user chooses to pay by credit card, credit card transactions are made with the Bank’s security system under the name “Ethniki Bank”.
All payments made using a card are processed through the National Bank’s electronic payment platform and uses TLS 1.2 encryption with a 128-bit encryption protocol (Secure Sockets Layer – SSL). Encryption is a way of encoding information until it reaches its intended recipient, who will be able to decode it using the appropriate key.
23. The company has the right to modify or supplement the service, as well as the present terms of use of the website. Any modification will be announced on the website www.estialuxurysuites.gr.
24. The use of the service requires the unconditional acceptance of these terms of use.
24. These terms of use are governed by Greek law. In case of resolution of a dispute that arises in relation to these terms, the courts of Kalymnos are designated as competent.