PRIVACY POLICY
Myconian Collection is a group of hotels and accommodation facilities, based in Mykonos, Greece, belonging to the following companies (hereinafter referred to as the “Companies”):
“ATLANTIDA ANONIMI XENODOCHIAKI KAI TOURISTIKI ETAIREIA” with the distinctive title “ATLANTIDA S.A.”, who is the owner of the Royal Hotel, Utopia Hotel and Panoptis Escape in Mykonos Greece, based in Elia, Mykonos, Greece, P.C: 84600, phone number +302289072000 and email address royal@myconiancollection.gr
“PELAGOS ANONIMI ETAIREIA” with the distinctive title “PELAGOS S.A.”, who is the owner of the Avaton Hotel in Mykonos, Greece, based in Elia, Mykonos, Greece, P.C: 84600, phone number +302289076100 and email address avaton@myconiancollection.gr
“OKEANIDA ANONIMI XENODOCHIAKI KAI TOURISTIKI ETAIREIA” with the distinctive title “OKEANIDA S.A.”, who is the owner of the Villa Collection and Imperial hotels in Mykonos, Greece, based in Elia, Mykonos, Greece, P.C: 84600, phone number +302289079500 and email address imperial@myconiancollection.gr
“XENODOCHIAKES-TOURISTIKES-EMPORIES-NAFTILIAKES-CHOMATOURGIKES KAI KATASKEUASTIKES EPIXEIRISEIS ANONIMI ETAIREIA” with the distinctive title “ZEUS S.A.”, who is the owner of the Ambassador hotel in Mykonos, Greece, based in Platys Gialos, Mykonos, Greece, P.C: 84600, phone number +302289024166 and email address ambassador@myconiancollection.gr
“XENODOCHIAKES KAI TOURISTIKES EPIXEIRISEIS ELEFTHERIA DAKTYLIDI ANONIMI ETAIREIA” with the distinctive title “E DAKTYLIDI SA”, who is theowner of the Korali Hotel, Kyma Hotel, and Naia Hotel in Mykonos, Greece, based in Vrysi, Mykonos, Greece, P.C: 84600, phone number +302289023415 and email address kyma@myconiancollection.gr
(herein collectively referred to as “Myconian Collection group”
Myconian Collection group pays special attention to the protection of your personal data. The Companies are Joint Controllers for the personal data processed through Myconian Collection websites and are always at your disposal for any further information or clarification. Please dedicate some of your time to carefully read the terms of the current Privacy Policy that refers to our websites. For any question do not hesitate to contact us.
THE MYCONIAN COLLECTION WEBSITES
The domain www.myconiancollection.gr is the website of our group of hotels redirecting to the following domains of our hotels and facilities: www.myconianavaton.gr www.myconinanimperial.gr www.panoptisescapemykonos.com www.royalmykonian.gr www.myconianutopia.gr www.myconianvillas.gr www.myconiankorali.gr www.myconiankyma.gr www.myconian-naia.gr The abovementioned domains provide a wide range of information about the products and services offered by Myconian Collection, depending on the facility of your preference. This privacy policy covers all data processing which takes place during your browsing of all the websites mentioned above.
WHAT KIND OF PERSONAL DATA WE PROCESS?
We process only your personal data which you provide us yourself while filling in one of the forms available in our websites, the contents/required date for which might differ depending on the specific facility in which you are interested. Specifically, data collection is performed through the following forms: online booking form, newsletter form, online gift card purchase form, online job application form, online contact form.
An indicative list of the kind of personal data that you may provide us while filling in each form is provided bellow
a) When filling in the online booking form, we process your name, your contact details (telephone number and email address), booking information (dates of arrival and departure), guest stay preferences (i.e. if you are smoking or not), your credit card details, payment method details as well as any other optional information you provide to us (i.e. purpose of stay) or information necessary to fulfill special requests (i.e. conditions that require specific accommodation or services).
b) When filling in the newsletter form, we process your email address.
c) When filling in the online gift card purchase form, we process your name, your contact details (telephone number and email address) as well as your credit card details, payment method details.
d) When filling in the online job application form, we process your name, e-mail address, and the CV you may attach.
e) When filling in the online contact form, we process your name and your email address.
Furthermore, during your visit on our website we process data through the strictly necessary technical cookies that are installed on our website as well as the cookies for the use of which you have provided us with your explicit consent. Learn more about the Cookies Policy of our website here.
Your data are being processed solely for the abovementioned purposes or in certain occasions for the purpose of the legal/regulatory compliance of our Hotel or for supporting our legal claims.
PURPOSE OF PROCESSING YOUR PERSONAL DATA
The Companies and/or those acting under their instructions and on their behalf (data processors), process your personal data solely for the following purposes:
a) to process and accommodate your booking requests and provide charge for hotel accommodation and other goods and services,
b) to send you our newsletter, which provides information for the services provided by our Company,
c) to process your gift card purchase orders,
d) to evaluate your application for an available job,
e) to process and complete our communication with you, upon your relevant request, through the contact form,
f) to improve the operation of our website and your browsing experience, by using cookies. Learn more about our website’s Cookie Policy here.
LEGAL BASIS FOR THE PROCESSING
Regarding your personal data received by the Companies when you fill in the online booking form, the legal basis for the processing Is that it is necessary for us to take steps towards processing and accepting your booking request.
When registering to our Newsletter recipient list, we process your personal data based on your explicit consent [ for this specific processing purpose.
Regarding the personal data we collect when you fill in the online gift card purchase form, the legal basis for the processing is that it is necessary for the performance of the purchase contract to which you are a party or in order to take steps at your order, prior to entering into a contract with you.
Regarding the personal data we process after you submit an online job application, the legal basis for the processing is that it is necessary in order to take steps at your request, prior to entering into a contract with you.
Regarding your personal data received by the Companies when you fill in the contact form, the processing is based on our legitimate interest to serve the requested communication.
Regarding the personal data we collect via cookies installed on our website, processing is based on your explicit consent, except for the use of cookies that are strictly necessary for the operation of the website, which we process based on our legitimate interest, and specifically to be able to provide our website to the public and to ensure our website’s security. You can find out more about the Cookies Policy of our website here.
DO WE USE AUTOMATED INDIVIDUAL DECISION-MAKING, INCLUDING PROFILING?
We do not make decisions, including profiling, based on automated processing of your data.
DO WE PROCESS MINORS’ DATA?
Our website and services are not intended for minors. In case a minor gets in contact with us, through the contact form, his personal data will be deleted immediately.
WHO HAS ACCESS TO YOUR PERSONAL DATA?
Access to your personal data has the strictly necessary, in each case, personnel of the Company, who is committed to confidentiality and has received the required information regarding the safe processing of your personal data.
Moreover, the companies and the individuals that cooperate with us, such as our IT support company, might have access to your personal data as data processors, when a specific processing has been assigned to them by the Hotel. The processing of the personal data by the data processors is made under the explicit instructions of the Company and after it is guaranteed that all the necessary technical and organizational measures have been taken.
Furthermore, third parties, such as official government and supervising bodies (e.g. law enforcement and prosecuting authorities, supervising authorities, etc.) may access your data, when we are under a legal obligation to share/send them relevant data, as well as for the establishment, exercise or defense of legal claims.
DO WE TRANSFER YOUR DATA TO THIRD COUNTRIES?
Your data may be transferred outside the European Economic Area (EEA), particularly to the U.S., due to the use of Google services and more specifically, Gmail. Such international transfers of your personal data are subject to the appropriate safeguards provided by Standard Contractual Clauses (SCCs) adopted by Google Inc. regarding its services.
WHICH IS THE RETENTION PERIOD FOR YOUR PERSONAL DATA
Your personal data is kept only for the reasonable period of time required by the nature of the processing and only for as long as it is required to achieve the purpose of processing, unless a longer retention period is required by law.
Personal data, that are being processed under the legal basis of your explicit consent are kept only for as long as the consent has not been withdrawn.
Furthermore, we delete your personal data collected by cookies in accordance with the Cookies Policy. You can find out more about our Cookies Policy here .
CONNECTION WITH OTHER WEBSITES
The potential interconnection of our website with other third parties’ websites through links, hyperlinks, banners, does not entail any liability on behalf of the Hotel for the content of those websites, the quality of the products and services that might promote, or the policy that they might use concerning the protection and the process of the personal data. The natural person should pay the necessary attention and be informed concerning the protection and processing of his/her personal data from the above websites by reading their respective data protection policies.
ARE YOUR DATA SAFE AND SECURE?
We commit to safeguard your personal data by taking all the appropriate organizational and technical measures to secure and protect them from any form of accidental or fraudulent processing. Please note that our authorized staff, who process your personal data, has also received appropriate guidance and information regarding safety and security of your data.
These measures are reviewed and amended when deemed necessary.
WHAT ARE YOUR RIGHTS?
You have the right to access your personal data.
This means you have the right to be informed from us about whether we process your data. If we process your data you can request to be informed about the purpose of processing, the type of information we keep, the recipients, the retention periods, whether we do automated decision making, as well as about your other rights, such as rectification, erasure, restriction of processing and to lodge a complaint with the Hellenic Data Protection Authority.
You have the right to rectify your inaccurate personal data.
You can request the rectification of your inaccurate personal data (correct a wrong or previous phone number/address etc.). Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
You have the right to erase your Information / right to be forgotten.
You can request from us to delete your personal data if it is not necessary for the above-mentioned purposes or if you wish to withdraw your consent in case this is the only legal basis for the processing.
You have the right to data portability.
You can request form us to receive in a readable format your personal data that you have provided us or request from us to transfer your Information to another data controller.
You have the right to restrict the processingof your personal data.
You can request from us to restrict the processing of your personal data for as long as the examination of your objections is pending.
You have the right to object to the processing of your personal data.
You can object to the processing of your personal data, in case we process them upon the legal basis of our legitimate interest. In that case, we shall no longer process your personal data, unless we have compelling legitimate grounds for the processing which override your rights.
You have the right to withdraw your consent.
You have the right to withdraw your consent at any time, in those cases that processing is based on that legal basis. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
HOW CAN YOU EXERCISE YOUR RIGHTS?
If you wish to receive further information or exercise your rights, concerning the processing of your personal data, you can send us a letter to one of the above mentioned postal addresses or an email to sales@myconiancollection.gr stating “Exercise of the right of access / rectification / erasure /portability/ restriction / objection / withdrawal of consent”, with a description of your request and we will make sure to examine it and respond to it as soon as possible.
We will reply to your request without delay, within (1) one month after receiving it and without any cost for you. The above time-period might be extended for two (2) more months, due to the complexity or the number of the requests. In such a case you will be informed for the time extension and the reasons for it, as soon as possible and in any case within (1) one month since receiving your request. In case your request is considered obviously unfounded or excessive, the Company may impose a reasonable fee, taking into account the administrative costs for providing information or performing the requested action, or refuse to respond to the request and providing you with the justification of its refusal.
In case you consider that: a. your request has not been sufficiently satisfied and legally or b. your right to the protection of your personal data has been violated by our processing, you have the right to lodge a complaint with the Hellenic Data Protection Authority (address: Kifissias 1-3, Athens, Greece, Postal Code: 115 23, phone number: 210 6475600 ,email address: contact@dpa.gr)
CHANGE OF OUR POLICY
We will update this Policy whenever deemed to be necessary. If there are any significant changes to the Policy or the way we use your personal data, we will notify you either by posting those changes on a visible place to our website, before the changes come into force, or in any other appropriate manner. We encourage you to read this Policy on a regular basis in order for you to be aware on the way your information is protected. Τhe last change in our policy was made at 26/06/2021.