At EPIRUS PALACE HOTEL, we are committed to protecting and respecting your privacy. Please read this Policy as it contains important information about how we use Personal Data that we collect from you or that you provide to us.
1. Identity
When this policy mentions “we,” “us,” or “our,”, “data controller,”, “controller,”, it refers to EPIRUS PALACE HOTEL. Our Web Site is www.epiruspalace.gr.
2. Data Controller
Deliades Hotel has a built-in booking system on its website, as well as uses various booking systems through Data Processors (such as Booking, Webhotelier, Expedia etc). For the purposes of the General Data Protection Regulation GDPR-EU-2016/679, we are the Data Controller. There is a strict contractual framework between the Data Controller and the Data Processor for the protection of your Personal information. We are:
Booking, WebHotelier, Expedia etc. operate certain bookings on behalf of us and they are fully committed to protecting the Privacy of the users of their systems.
For the purposes of the GDPR, where Booking, WebHotelier, Expedia etc. processes your personal data on behalf of us, they are the Data Processors. When this Policy mentions Data Processor or Processor, it refers to Booking, WebHotelier, Expedia etc.
4. Obligatory nature of providing the data
All data requested in the online or hard copy booking forms are, in general, mandatory (unless specified otherwise in the required fields) to meet the stated purposes. Accordingly, if they are not provided or are not provided correctly, we will be unable to process your requests.
5. Which information we collect from you
In General. We receive and store any information you enter on our website or give us in any other way. This includes information that can identify you (“personal information”), including your first and last name, telephone number, postal and email addresses and billing information (such as credit card number, cardholder name, and expiration date). We may also request information about your hotel room preferences. You can choose not to provide information to us, but in general most of the information we request from you is required in order to make a booking.
Travel Companion Information. When you make a reservation for someone else through this website, we will request personal information and travel preferences about that individual. You should obtain the consent of other individuals prior to providing us with their personal information and travel preferences, as any access to view or change their information will be available only through your account.
Social Media. If you make use of any EPIRUS PALACE HOTEL social media features, either on our website or otherwise through a social media provider, we may access information about you via that social media provider in accordance with their policies. For example, we offer the option to register with our website via the “Facebook Connect” feature, allowing you to register with our website using your Facebook account data without entering the required data manually on our webpage. When using a social media feature and if you have chosen to include it in your social media account, we may access information such as your name, profile picture, gender, birthday, email address, town or district and any other information you have chosen to make available. Depending on the privacy settings of you and your friends, we may access information that you provide to a social media provider regarding your respective locations (“Location Data”) to provide you with relevant content. Please note that your Location Data may also be shared with your friends on a social media provider in accordance with your privacy settings for that social media provider. We may also access information from social media providers about your use of an App that we run on their website.
6. How we use your Information
Depending on the User’s requests, the Personal Data collected will be processed in accordance with the following purposes:
To manage the bookings made, including payment management (where applicable) and the management of the user’s requests and preferences.
To manage registration in loyalty or membership programs, as well as obtaining and redeeming points.
To manage the User’s contact requests with us through the channels provided to this end.
To manage the sending of personalised commercial communications from us, by electronic and/or conventional means, in cases in which the User expressly consents.
To manage the provision of the contracted accommodation service, as well as additional services.
To manage surveys and/or evaluations regarding the quality of the services provided by us and/or the perception of its image as a company.
7. With whom we share your information
With your consent, we may share your information with the following entities:
Suppliers such as car rental, and activity providers, who fulfil your travel reservations. All services provided by a third-party supplier are described as such. Therefore, we encourage you to review the privacy policies of any travel supplier whose products you purchase through this website. Please note that these suppliers also may contact you as necessary to obtain additional information about you, facilitate your travel reservation, or respond to a review you may submit;
Third-party vendors who provide services or functions on our behalf, including credit card processing, business analytics, customer service, marketing, distribution of surveys or sweepstakes programs, and fraud prevention. We may also authorize third-party vendors to collect information on our behalf, including as necessary to operate features of our website or our Apps or to facilitate the delivery of online advertising tailored to your interests. Third-party vendors have access to and may collect information only as needed to perform their functions and are not permitted to share or use the information for any other purpose. They are also required to follow the same data security practices that we ourselves adhere to. Please note that these third-party service providers may be established in countries that might not offer a level of protection for your personal information that is equivalent to the one offered in your country of residence. However, we will endeavor to protect all personal information we collect from you in accordance with strict data protection standards;
Business partners with whom we may jointly offer products or services, or whose products or services may be offered on our website. You can tell when a third party is involved in a product or service you have requested because their name will appear, either alone or with ours. If you choose to access these optional services, we may share information about you, including your personal information, with those partners. Please note that we do not control the privacy practices of these third-party business partners;
Referring websites if you were referred to this website from another site (for example, through a link you clicked on another site that directed you to this one), we may share some information about you with that referring website. We encourage you to review the privacy policies of any website that referred you here;
Social media providers. When you access certain social media features through our website, you are sharing information with the social media provider (such as Facebook) and the information you share will be governed by their privacy policies (including that we may access such information via the social media provider). You may be able to modify your privacy settings for these social media providers.
We will use and disclose Personal Data as we believe to be necessary or appropriate:
To comply with applicable law, including laws outside your country of residence;
To comply with legal process;
To respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements;
To enforce our terms and conditions;
To protect our operations;
To protect the rights, privacy, safety or property of our own, or others; and
To allow us to pursue available remedies or limit the damages that we may sustain.
8. Third-party data (e.g. book for a friend)
In the event that the User provides third-party data, they declare that they have the third party’s consent and undertake to provide the interested party -the data holder- with the information contained in this Privacy Policy, duly exonerating us and our data processor from any liability in this regard. However, we may carry out the necessary verifications to verify this fact, adopting the corresponding due diligence measures, in accordance with the data protection regulations.
9. Sensitive Data
Unless specifically requested, we ask that you not send us, and you not disclose, on or through the Services or otherwise to us, any Sensitive Personal Data (e.g., social security numbers, national identification number, data related to racial or ethnic origin, political opinions, religion, ideological or other beliefs, health, biometrics or genetic characteristics, criminal background, trade union membership, or administrative or criminal proceedings and sanctions).
10. Use of Services by Minors
This website is a general audience site and is not intended for use by children under 16. If you become aware that a child under 16 years of age has provided personal data through the site, notify EPIRUS PALACE HOTEL by sending an email at info@……………….. . If EPIRUS PALACE HOTEL becomes aware that a child under age 16 years of age has provided personally identifiable information through this website, EPIRUS PALACE HOTEL, will take steps to immediately delete it.
11. Data Retention
We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law or if the User requests their withdrawal from us, opposes or revokes their consent.
The criteria used to determine our retention periods include:
The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services or if you have a booking that has not yet been fulfilled)
Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them)
Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)
12. How we protect your Personal Data
We want you to feel confident about using this website and our Apps to make travel arrangements, and we are committed to protecting the information we collect. While no website or App can guarantee security, we have implemented appropriate administrative, technical, and physical security procedures to help protect the personal information you provide to us. For example, only authorized employees are permitted to access personal information, and they may only do so for permitted business functions. In addition, we use encryption when transmitting your sensitive personal information between your system and ours, and we employ firewalls and intrusion detection systems to help prevent unauthorized persons from gaining access to your information.
13. Legitimate interest for processing your data
The data processing required in fulfilment of the aforementioned purposes that require the User’s consent cannot be undertaken without consent. Likewise, whenever the User withdraws their consent to any of the processing, this will not affect the legality of the processing carried out previously. To revoke such consent, the User may contact us through the appropriate channels. By the same token, in those cases in which it is necessary to process the User’s data for the fulfilment of a legal obligation or for the execution of the existing contractual relationship between us and the User, the processing would be legitimized as it is necessary for compliance with said purposes.
14. External links
If any part of this website or any App links you to other sites, those sites do not operate under this Privacy Policy. We recommend you examine the privacy statements posted on those other websites to understand their procedures for collecting, using, and disclosing personal information.
15. User’s Responsibility
The User:
Guarantees that they are of legal age or legally emancipated, where applicable, fully capable, and that the information furnished to us is true, accurate, complete and up-to-date. For these purposes, the User is responsible for the truthfulness of all the data communicated and will keep the information updated, so that said data reflects their actual situation.
Guarantees that he/she has informed third parties on whose behalf he/she has provided data, where applicable, of the aspects contained in this document. Also guarantees that he/she has obtained the third party’s authorization to provide their data to us for the purposes indicated.
Will be responsible for false or inaccurate information provided through the Website and for damages, whether direct or indirect, that this may cause to us or third parties.
16. Exercise of Rights
The User may contact us at any time free of charge, in order:
To obtain confirmation about whether or not personal data concerning the User are being processed by us.
To access his/her personal details.
To rectify any inaccurate or incomplete data.
To request the deletion of his/her personal data when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
To confirm revocation of consent.
To obtain from us the limitation of data processing when any of the conditions provided in the data protection regulations are met.
To request the portability of his/her data.
Likewise, the user is informed that at any time he/she may file a complaint regarding the protection of their personal data before the competent Data Protection Authority. If you want to access any of those Rights, please feel free to contact as (please see section <2. Data Controller>
17. Changes to this Privacy Policy
This Privacy Notice is effective as of ……………………. From time to time it may become necessary to update or change this Privacy Notice and you are encouraged to periodically check here for the most current version. If significant changes are made, EPIRUS PALACE HOTEL will provide you with appropriate notice, which may include a conspicuous notice on the website or email notification.
Sign up to our newsletter
and unlock travel inspiration, news and exclusive offers
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
