1. General information
Mitsis Group of Companies (“We”) is a group of Hotels incorporated in Greece. “We” are committed to protecting and respecting your privacy.
This policy (together with our Terms & Conditions, the Cookies Policy and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
We are committed to preserving the privacy of all visitors to [email protected] (the “Website”) and to protecting any personal information that you may provide to us.
What is personal information?
Personal information is information about an identifiable individual, as defined by applicable law and EU Regulations, such as name, e-mail address and telephone number etc.
You may reach the Data controller at [email protected].
Information we may collect:
- We may collect personal information about you when you use our website, and otherwise interact with us. The information we collect falls into three categories: (a) information you provide to us; and (b) information we collect through automated methods, and (c) information we collect from other sources.
- We may combine the information you provide us, with information that is collected through automated methods, and with information we receive from other sources.
- We collect information you provide us. You may provide the following information to us:
- personal details, such as your name, postal and email addresses, phone number, date of birth and other contact information, when you register with our Website, log-in to Wi-Fi, enter and participate to one of our competitions, or contact us by phone or through our online services;
- transaction, information, including information about the services you book, prices, method of payment and payment details;
- Account information, such as your username or password (or anything else that identifies you) used to access our online services or to buy or use our products and services;
- Profile information, including products and services you like, or times you prefer to visit us; and
- Other personal information you choose to give us when you interact with us.
- We collect information through automated methods:
- We may use automated technology to collect information from your computer system or mobile device when you visit our restaurants, use our online services, or in-restaurant technology. Automated technology may include cookies, local shared objects, and web beacons. There is more information below about cookies and other technologies.
- We may collect information about your:
- internet protocol (IP) address;
- computer or mobile-device operating system and browser type;
- type of mobile device and its settings;
- unique device identifier (UDID) or mobile equipment identifier (MEID) for your mobile device;
- device and component serial numbers;
- advertising identifiers (for example, IDFAs and IFAs) or similar identifiers;
- referring website (a site that has led you to ours) or application;
- online activity on other websites, applications, or social media;
- communications to us or regarding us on social media; and
- activity related to how you use our online services, such as the pages you visit on our sites or in our mobile apps.
- Our Website may collect information about the exact location of your mobile device or computer using geolocation and technology such as GPS, Wi-Fi, Bluetooth, or cell tower proximity. For most mobile devices and computer systems, you are able to withdraw your permission for us to collect this information by using the device or web-browser settings. If you have any questions about how to prevent us from collecting exact information about your location, we recommend you contact your mobile-device service provider, the device manufacturer, or your web-browser provider. Our Website may not work properly without information about your location. If you would like us to delete information we have collected which could identify your location, please contact us at the address, phone number or email address below.
- We may collect information about your:
- We may collect information about you from other companies and organizations. We may also collect information that is publicly available. For example, we may collect information about you when you interact with us through social media.
3. Uses made of the information
- We use information held about you in the following ways:
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with the information or services you have requested and for internal customer administration and business purposes.
- To allow you to participate in interactive features of our Website, when you choose to do so.
- To notify you about changes to our Website.
- If you consent to receive marketing material from us, we may use your data to send you marketing and other materials relating to Mitsis Hotels.
- To provide you with services or to execute sales agreements with you.
- We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users. We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.
4. Where we store your personal data
- The data that we collect from you shall not be transferred to, and stored at, a destination outside the European Economic Area (“EEA”).
- All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted.
- Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
5. Information security
- Transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
6. Retention of personal information
7. Disclosure of your information
- We may share your information with vendors who provide services to us, such as fulfilling orders, providing payment and delivery services, in case you purchase products or services from our website, providing data processing and other information technology services, managing promotions, contests, prize draws and sweepstakes, carrying out research and analysis, and personalizing individual customer experiences. We do not allow these vendors to use this information or to share it for any purpose other than to provide services on our behalf.
- We may, for strategic or other business reasons, decide to sell or transfer all or part of our business. As part of that sale or transfer, we may pass information we have collected and stored, including customer information, to anyone involved in the sale or transfer.
- There may be times where we may share information when it does not directly identify you. For example, we may share anonymous, aggregated statistics about your use of our Website. Or we may combine information about you with other customers and share the information in a way that does not identify you.
- We have the right to use or share information as necessary to comply with any law, regulation or legal request, decision of competent administrative authority or Court Order, to protect our Website, to bring or defend legal claims, to protect the rights, interests, safety and security of our organization and our employees, or users of the Website, or in connection with investigating fraud or other crime, or violations of our policies.
8. Your rights
- Under the applicable legislation you have the right to request access to the personal data we hold about you, i.e. to be informed upon your request whether your personal data are subject to processing and to receive further information on such processing, including information on eventual transfers of personal data outside the EU and the appropriate or suitable safeguards we have in place for such transfer. As long as the requirements under the applicable legislation are met, you may also request the correction of any inaccurate information we hold about you or the deletion of the same or restriction of the processing concerning your personal data. If such a request places us or our affiliates in breach of its obligations under applicable laws, regulations or codes of practice or create an impediment for the proper execution of an agreement for the sale of products or services to you, then we may not be able to comply with your request but you may still be able to request that we block the use of your personal information for further processing. You may also have a right to data portability to another data controller under certain circumstances, as long as this is technically feasible. You may withdraw your consent at any time. The withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal. You may also lodge a complaint with the competent Data Protection Supervisory Authority, if you feel that the processing contravenes the law.
9. Links to other websites and social media
- Our Website may, from time to time, contain links to and from the websites of our partner networks, and advertisers. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
- We may also have providers of other apps, tools, widgets and plug-ins on our online services, such as Facebook “Like” buttons, which may also use automated methods to collect information about how you use these features. These organizations may use your information in line with their own policies.
- This Privacy and Cookies Policy is governed by and construed in accordance to Greek Law, without reference to its choice of Laws principles. Any controversy arising out of its enforcement, effect or interpretation shall be settled by the competent Courts of Athens – Greece.
- Furthermore, the Hellenic Data Protection Authority is the competent Data Protection Supervisory Authority concerning the interpretation and enforcement of the General Data Protection Regulation provisions.
11. How to contact us