PRIVACY & COOKIES POLICY
At IKOS HOTEL MANAGEMENT S.A., we guarantee our commitment to respecting and protecting your privacy, as well as safeguarding your personal data, both online as well as in our premises. Our vision and goal is to provide you with products and services that exceed your best expectations. Therefore, IKOS HOTEL MANAGEMENT S.A., with respect to the applicable national and European legal framework data protection, especially the new European General Data Protection Regulation (EU) 2016/679 (GDPR) hereby provides you with a lawful, fair and transparent policy in order to inform you about the personal data we collect, how we use it, and how the use of this information can benefit your experience while visiting our premises and/or our online platforms (websites and mobile application).
Information We Collect
The data we collect about you (directly or not), may include any kind of information that may identify you as an individual. That kind of information may include: Personal details (i.e. your full name, ID/Passport information, car plate information), contact information (i.e. postal address, e-mail addresses, telephone numbers), demographic information (i.e. date of birth, nationality, gender), information on your family status (i.e. names and ages of children), payment details (i.e. credit card information as well as consumption data, personal preferences and lifestyle information based on your previous stays at the Hotel or your communications with us. Furthermore, in the scope of standing up to your personalized requests and needs in the scope of provision of certain services and activities, we may collect any other necessary information related to your health condition and/or allergies. We may also collect information on the frequency of your web visits to our website and our social media platforms, as well as on your actual visits to our hotels, your travel habits and preferences, and any other important information to make your visits memorable.
How we collect your Personal Data
IKOS HOTEL MANAGEMENT S.A. uses multiple physical and/or digital communication channels in order to collect your personal data. Such communication channels may include:
- Communication at our premises: We may collect your personal data through hardcopy documents used in our premises and/or via digital forms available online, reservations being made over the phone, or/and via email/fax, or documents completed before third parties interrelating with us in order to serve you. Those documents may contain information in relation to your overall accommodation, check-in, concierge services, spa treatments and/or fitness activities, restaurants, child care services and boat/car rental and marina services.
- Surveys and questionnaires: We may also use surveys and questionnaires in order to collect further demographic data or other dedicated information about you.
- Website/social media/ Online platforms: Another, source of collection is our Mobile Application, through which you provide us personal information in order to offer you services such us, restaurant booking, spa & fitness, child care, etc. However, registration to the Mobile Application is optional, but when you register and use the Application, you generally provide first name, last name, email address, age, password and other registration information, transaction-related information and information you provide us when you contact us for help, as well as credit card information for reservations and use of the Application.
In addition, the Application may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application.
Event planning and organization:, when planning an event with us or when you just attend one as a guest, we may collect personal information about you, which may be shared with event planners or third-party service providers. In any case. However, you will always be provided with an option to deny any further process of your personal information.
Job applications: In case you choose to apply online for a job position, IKOS HOTEL MANAGEMENT S.A. shall collect only the relevant and necessary information, which shall allow us to appreciate your talents and the suitability to our requirements. Due to our business type, IKOS HOTEL MANAGEMENT S.A may also collect information about you from multiple third parties, such as airline companies, travel agents and operators, and other partners involved in activities concerning tourism in general.
Special Categories of Personal Data – Sensitive Personal Data
When referring to the notions of “special categories of personal data” or “sensitive personal data”, we identify any kind of personal information which may reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and genetic data, biometric data which allows to uniquely identify a natural person, health data and/or data regarding sexual orientation. At IKOS HOTEL MANAGEMENT S.A., we do not collect sensitive personal data, unless you provide us them along with an explicit consent for every related purpose of processing. Such a case may occur when you wish to participate in certain activities, use of services (i.e. restaurants) and amenity requests
At IKOS HOTEL MANAGEMENT S.A., it is not part of our policy to seek or obtain personal data directly from minors (i.e. under the age of 18) without their parental or legal guardian’s consent. However, as it is impossible to always determine the age of persons who access and use our websites, we encourage parents or guardians to contact us if they notice any case of unauthorized data provision by minors in order to exercise accordingly their rights such as deletion of their data.
Purposes of Processing
IKOS HOTEL MANAGEMENT S.A. collects your personal data in accordance to the provisions of the General Data Protection Regulation, the ePrivacy Directive, and the respective national legislation on data protection, in order to provide you with a high-level hosting experience. We need your personal data for different purposes such as:
- Process a transaction (i.e. completing a reservation, responding to a request for information, making booking confirmations, etc.), based on our contractual obligations;
- Comply with legal obligations;
- Improve our services as well as perform researches via surveys and questionnaires in order to provide you personalized offers about our products and services;
- Improve the efficiency of our websites and our various means of communications, facilitate our advertising campaigns, and/or promotional activities based on our legitimate interest as a business.
- Offer you personalized information and offers and facilitate your stay with us (i.e. provision of information on the area, pre-arrival messages, provision of information on the events organization). In such case, upon your prior consent, we may send you newsletters, personalized offers and invitations. You may withdraw your consent at any time, without any negative consequences for you.
- Facilitate administration and marketing purposes including analyzing your travel and accommodation preferences, as well as communication purposes in relation to our products and services our strategic marketing partners, and other trusted third parties;
- Promote our special offers and goods, services, forthcoming events or promotions which may interest you;
We take all the necessary precautions, security measures as well as the relevant technical and organizational measures to ensure the confidentiality of the provided personal data. We always base the processing of your personal data to a valid legal basis such as law, contact your explicit consent etc.
Data Sharing (transfer or access)
The personal information you provide us is being kept secured and safeguarded in our database. We may share your information within our group – companies and public services for the above described purposes. Furthermore, we may disclose your personal data to third parties in Greece and throughout the world which process your personal data under our written orders and clarifications (Data Processors). We always guarantee that these third parties apply the same measures for the protection of your personal data and act only under our written orders with respect to your personal data.
In general, IKOS HOTEL MANAGEMENT S.A. does not sell, rent, or give physical possession of your personal data to unaffiliated or unknown to us third parties.
More specifically, we may disclose or allow access to your information to others as following:
- when we have received your consent to do so;
- when sharing or disclosing your personal information is necessary;
- when third-parties or service providers acting on behalf of IKOS HOTEL MANAGEMENT S.A. need access to your information, including any interaction by your side with social media channels;
- when compliance with contractual obligations is necessary; when we must comply with legal or regulatory requirements or obligations, in accordance with applicable law or court order;
When individuals’ life, health and/or property is in peril.
Third-Party Websites’ Disclaimer
We may provide hyperlinks to third-party websites as a convenience to our users; IKOS HOTEL MANAGEMENT S.A. does not control third-party websites and is not responsible for the content of any linked-to third-party websites or any hyperlink in a linked-to website. We are not responsible for the privacy practices or the content of third-party websites.
At IKOS HOTEL MANAGEMENT S.A., we endeavor to protect and respect your rights, as set forth by General Data Protection Regulation, including more specifically:
Furthermore, you are entitled to request:
(i) your right to be informed on the processing of your personal information (i.e. right of access) and to request and obtain further information on the processing applied
(ii) request for correction of their inaccurate personal data;
(iii) request for deletion of personal information provided, unless prohibited by legitimate reasons;
(iv) request for limitation of processing;
(v) request for portability of your personal information; and
(vi) objection/opposition to further processing thereof.
In these cases, IKOS HOTEL MANAGEMENT S.A. will respond in writing within 30 days of receipt and identification of the request.
In addition, in the event of exercising one or more of the above-mentioned rights of correction, deletion and restriction of your data, these requests shall also be forwarded to any third-party recipient to whom the personal information may have been disclosed in the scope of pursuance of the aforementioned processing purposes.
Data Protection Contact Person
[Ikos Resorts | 55 Nik. Plastira Str, 54250 | +30 23730 95100 | firstname.lastname@example.org]
In case you consider your personal data are affected in any way, you may contact the Greek national Data Protection Authority as follows: www.dpa.gr, address: 1-3 Kifissias Avenue, PC 115 23, Athens, Call Center: +30 210 6475600,Fax: +30 210 6475628, E-mail: email@example.com
Although, no method of transmission over the Internet or method of electronic storage is 100 percent secure, at IKOS HOTEL MANAGEMENT S.A. we have taken all commercially reasonable measures and precautions in order to maintain your data accuracy and to ensure the appropriate use of information we collect about you, as well as to secure and protect your personal information from unauthorized access, while you enjoy products and services we provide you during your physical presence in our premises or your digital visits in our online environment, respectively.
Retention Period of Personal Data
Your personal data is retained for a predetermined and limited period depending on the purpose of processing, after the end of which, these personal data is being deleted from our files unless another retention period is required or permitted by applicable law.
Revised: May 2018