We have as our primary priority, the protection of your personal data, which we are constantly processing and complying with the applicable Personal Data Protection Legislation.
General information and the processing manager
The company M. Tsimidopoulos S.A. (Herodion Hotel), headquartered in Rovertou Galli 4, P.C. 11742, in Athens, with VAT number: 094041239, is responsible for processing, collecting, storing and in general processing the personal data of the users of this website as collected and stored through it, as well as the social networking pages associated with the website. This company will be referred henceforth as the "Company".
What personal data do we collect and how?
We collect and process your personal data as follows:
- Information when you process with a direct booking
If you would like to book a room online via our website, you will be asked to provide your name, e-mail address, telephone number and credit card details through which your reservation will be made. We will only use this information to process your request. All information will be retained for .... after the completion of the reservation.
- Information when you join the members club
If you want to become a member of the members’ club, your connection will be made either through social media or by e-mail. In the first case you will be asked to provide us with your name and e-mail address. In the second case we will only keep your e-mail address. We will use this information to issue your card and to send you our newsletter. This information will be maintained as long as you are a member of the members’ club.
- Information when you contact us
If you visit our website and you have a question or a comment, you can submit it to our Company by filling the contact form available on the website. You will be asked to provide us with your name, email address and telephone number, as well as information regarding your request / question / remark. We will only use this information to answer your question / remark. We will store your requests, your questions / comments and our responses, and any other actions to handle your request / communication. All information will be retained for 6 months after processing your question / request.
- Information regarding your visit and use of the website
We collect certain information when you visit our website, such as your IP address, which websites you visit, the device category, the browser and web browser type, the clicks, and the views. Information regarding the use of our website and services by you, allows us to make categorizations, that is to form groups of the website’s visitors or customers with certain common features such as age group, gender or region. It is likely that you will be added to one of our categories. We use the categories to personalize the website and, for example, to change the order of the search results or the space of placement of certain offers, so you are more likely to see them. We may also use the categories to display online ads that we believe are relevant to you and to provide with you with commercial messages. We use this personal data as required in our legitimate interests in order to promote our products and services to the consumers and visitors of our website, to be able to attract more consumers, and to improve the sales of our products and services. We store the personal data for a maximum of 14 months.
In some cases, we combine information related to your online searches (clicks and views), your settings on our website, your customer service requests, and your contact history. This information allows us to use different channels to manage relationships and the marketing of our products and services to you via email, direct mail, social media, telephone or digital advertising, which may include the personalization of the content and the website’s offers, to adjust to your preferences. You may opt out of our newsletter, direct mail advertising, social media and phone calls, and you may object to the use of your personal data for direct marketing by us (for more information about this process, please read the following paragraphs of this policy). We use this personal data as required within our legitimate interests, in order to be able to promote our products and services to the customers and visitors of our website, to be able to attract more customers and improve our selling our products. We retain personal data as determined in accordance with the purposes for which personal data has been collected (for example, when you contact us, when you visit our website, for your participation in competitions). Personal data are deleted or become anonymous usually within a maximum of 14 months.
- Maintenance and optimization of our website
Your personal data is also used to maintain and analyze our website in order to resolve issues of performance, improve user availability and experience. We record every use of our website. The use of your personal data for these purposes is necessary within our legitimate interests and the information is retained for a maximum of 14 months. The logs of the use of our website will be deleted within 14 months of their creation.
a. Information systems support / Improvement of provided services: We use your personal information in order to detect problems on the server and ensure the proper function of our website. The Company uses the personal data of the users it collects through the website, in order to offer new services through the website or to improve the services already provided.
Legal basis of processing: the Company's legitimate interest in ensuring the unobstructed operation of its website and improving the services provided by it.
b. Compliance with our legal obligations: When we accept court or public authority orders, we process your personal data in order to respond to these requests.
Legal basis of processing: Compliance with our legal obligations.
c. Handling a members’ club request: We process personal data you submit through the website and its associated social media for the members club.
Legal basis of the processing: Execution of contract (by submitting the application you accept the conditions of the card possession and you enter into a contract with the Company).
d. Handling a room reservation request: We process the personal data you submit through the online form to process your request.
Legal basis of processing: the execution of the hotel service contract you have submitted.
e. Promotion of Company Services: Information on the use of our website and services enables us to create clusters that group visitors to our website and consumers with common features such as age, gender and region. The clusters are then used to customize our website and change e.g. the order of your search results, or show you an ad that we believe is interesting to you.
We also have the ability to process the data you have posted on social media (for example, if you participate in a corporate social networking competition) if you have given the social networking provider permission to share it with us.
Finally, we process your data to send you our informative e-mails / newsletter, when you have given your consent.
Legal basis of processing: legitimate interests of the Company / your consent in the case of your registration to receive informative e-mails / newsletter.
Legal basis of processing: the legitimate interests of the Company.
To ensure the proper functioning of the sites, we sometimes place small data files on your device, called cookies.
What cookies are?
Cookies are small text files that a site saves on your computer or mobile device when you visit it. Projected site cookies are cookies that are placed by the site you are visiting. They can only be read from this site. In addition, the site may possibly use external services, which also place their own cookies, so-called third-party cookies. Permanent cookies are cookies that are stored on your computer and are not automatically deleted once you close your browser, unlike session cookies, which are deleted once you close your browser. Each time you visit our sites, you will be prompted to accept or reject cookies. This is to allow the site to remember your preferences (such as username, language, etc.) for a certain period of time. So you don't have to re-enter them when you browse the site during the same visit. Cookies can also be used to collect anonymous statistics about our browsing experience on our sites.
Our sites mostly use site-based cookies. These are cookies that are placed and controlled by us and not by an outside organization. However, in order to run certain of our websites, you must accept cookies from outside organizations.
The 3 types of website cookies we use are designed to:
1. save visitor preferences
2. improve the functionality of our websites
3. collect analytical data (on user behavior).
How to manage cookies?
You can manage / delete cookies at any time. More details can be found here: http://aboutcookies.org
Rights to access, correct, delete, limit processing and data portability
You have the right to request a review of your personal data processed by us or on our behalf. You have the right to correct, delete or restrict the processing (if applicable) of your personal data. You can exercise this right by contacting us and submitting a relevant request.
Keep in mind that requests that do not meet the requirements set by law or the Company's guidelines, may be required to be redrafted or rejected and that certain personal data may be exempted from such requests for access, correction and deletion, in accordance with the applicable data protection laws and other laws and regulations.
You have the right to receive the personal data you have provided to us in a structured, commonly used and machine readable format, and in some cases we will pass on your data to another controller, upon request, if this is technically feasible.
Right to raise objections
You also have the right, in some cases, to demand that we stop processing your personal data, but if there are compelling legitimate reasons, we will continue to process your personal data. In any case, you have the right to oppose the use of your personal data for direct marketing purposes by us, including profiling, and if you do so, we will fulfil your request.
If you have consented to the use of your personal data by us, you have the right to withdraw your consent without affecting the lawfulness of our processing of such data before withdrawing your consent.
User requests, for the exercise of the rights mentioned above, may be sent to the Company's Data Protection Officer ("DPO") at the email address firstname.lastname@example.org
Preservation of personal data
The user's personal data is maintained only for the time required to fulfill the purpose for which it was collected, in full compliance with the applicable law. When the purpose of processing your personal data is completed, then these are deleted. The specific retention periods for each of the relevant processing purposes are listed above.
How and with whom we share your personal data (recipients of personal data)
We may need to share your personal data with third parties to help us provide you with services and products and to manage our website. Such third parties are:
• service providers, when required, to provide us with a service and to provide data analysis services,
• service providers that help us organize campaigns and promotion activities,
• first and third party advertising agencies,
• media agencies for marketing promotion and research purposes,
• online reservation service providers, some of which are based in the European Union or other countries of the European Economic Area or elsewhere in the world. When we store personal data outside the E.E.A., we ensure an appropriate level of protection of the transferred data.
We require service providers to take appropriate measures to protect the confidentiality and security of personal data.
We may also need to provide personal data to law enforcement carriers, in order to comply with a legal obligation or a court order.
The Company assures the users that all the appropriate technical and organizational measures to ensure the security of their personal data are taken, to ensure the confidentiality of their processing and to protect them from accidental or unlawful destruction / loss / alteration, unauthorized disclosure or access and any other form of illicit processing.
While every effort is being made to protect your personal data, the Company cannot guarantee the security of the data transmitted on its website, as the transmission of information over the Internet can never be completely secure.
Child Personal Data Protection
Our website is not intended for use by people under the age of 18. To determine your age, we ask you a question about your birthday. Please do not give us any personal information if you are under 18.
Any dispute arising out of the use of this website will be the sole jurisdiction of the Greek courts.
Data Protection Officer
You may contact the Data Protection Officer of the Company for matters concerning the processing of your personal data at the e-mail address email@example.com