The CASINO RODOS S.A., which is a Greek Company, based in Papanikolaou str. number 4 in , with Τax Registration Number094434871 of the Tax Office of Rhodes, values you as our guest and recognizes that privacy is important to you. We want you to be familiar with how we collect, use and disclose data.
This Privacy Notice describes the privacy practices of Grande Albergo delle Rose Hotel for data that we collect directly from you or by any third parties (i.e. tour operators, agents, contractors etc).
If you have any queries regarding this Privacy Notice or complaints about our use of your information please contact us at firstname.lastname@example.org visit the reception desk and we will do our best to deal with your complaint or query as soon as possible.
By using any of our products or services offered through our website and/or by agreeing to this Statement, e.g. in the context of registering for any of our products or services, you agree to the collection and use of Personal Information as described in this Νοtice.
Collection of Personal Data
“Personal Data” are data that identify you as an individual or relate to an identifiable individual.
At touch points throughout your guest journey, we collect Personal Data in accordance with law and because we are under a legal obligation, such as:
Credit and debit card number or other payment data
Date and place of birth
Nationality, passport, visa or other government-issued identification data
credit card information (credit card number, security code, expiration date)
Travel itinerary, tour group or activity data
Personal data about any accompanying persons
The collected data are necessary for the performance of the hospitality contract and in order to provide you our services.
We may also collect other data:
allergies or special dietary preferences
Prior guest stays or interactions, special service and amenity requests
if you contact us or our agents, we may keep a record of that communication and any communications and correspondence with you; and
Images and video and audio data via: security cameras located in public areas, such as entry points and lobbies, in our properties for your security;
Guest preferences and personalized data (“Personal Preferences”)Information related to your travel profile (e.g., accommodation and travel preferences, booking history, special health accommodations);
If you submit any Personal Data about other people to us or our Service Providers (e.g., if you make a reservation for another individual), you represent that you have the authority to do so and you permit us to use the data in accordance with this Privacy Statement.
What information about you do we receive from third parties?
Sometimes, we receive information about you from third parties. In particular, we may receive information about you from travel agents, tour operators and destination management companies worldwide whom you have direct contact.
The information we collect from such third parties include your name and surname and contact information and information related to your booking.
How We Collect Personal Data
We collect Personal Data in a variety of ways:
Booking or/and Check-in:we collect Personal Data when you book a room to our Hotel or/and when we verify your identity during check in at the reception desk. The data we collect is adequate and necessary according to the Greek legislation for the performance of the hospitality contract.
Website visit.We collect Personal Data when you contact us filling in the contact formon our website, communicate with us via email, or via telephone, or otherwise connect with us or post to social media pages on Facebook, Twitter and Google+, or participate in a promotional offer.
Property Visits and Offline Interactions.We collect Personal Data when you visit our properties or use on-property services and outlets, such as restaurants, bars and concierge services using you Casino member card (if you are a Casino client). We also collect Personal Data when you attend promotional events that we host or in which we participate, or when you provide your Personal Data to facilitate an event.
Customer Care Centers.We collect Personal Data when you make a reservation over the phone, communicate with us by email and fax.
How We Use Your Personal Data
We may use your personal data for the purposes set out below.
For the performance of our agreement/contract with you, in order to:
process, confirm, provide and charge for hotel arrangements and restaurant reservations and our goods and services, and in person check in and check out;
fulfill contractual obligations to you, anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organisers and your employer) and vendors (e.g. credit card companies, airline operators and other loyalty programmes);
provide you with access to the content on our Site, and respond to your enquiries and requests for information and services; and
administer, and disclose the winner of, contests and lucky draw competitions conducted by us or on our behalf.
For our legitimate commercial interests, in order to:
understand how our products and services impact you, provide you with a better, more personalised level of service, and further develop our products and services, including linking or combining with information we get from others to do so;
provide privileges, benefits and services to you, process applications for and administer membership programmes, including rewards and offers;
monitor your use of our Site and conduct analysis of the use of our Site in order to operate, evaluate and improve our Site and our services and troubleshoot any problems;
conduct market analysis, market research, customer satisfaction and quality assurance surveys to improve our hotels’ services; and
provide for the safety and security of guests.
respond to requests which you have submitted via our site and to deal with on-going matters relating to such requests
use information you provide to investigate any complaints received from you or from others, about our website or our products or services;
To comply with legal obligations to which we are subject:
meet legal, enforcement and regulatory requirements and administer general record keeping.
Use of information based on your consent:
facilitate direct marketing, promotional and customer management purposes, including sending you promotional communications (including without limitation emails) or special offers if you have consented to receive the same. Please see section “Direct Marketing” below;
we may use special categories of data (e.g. allergy data). But we will only do so if we have received your consent thereto; and
on other occasions where we ask you for consent, we will use the data for the purpose which we explain at the time.
Personal information including allergies and other dietary preferences you provide us are used solely to help us better serve you and protect your health. For such information you need to give us your explicit consent. Records are kept and used only for the necessary period of time, i.e. during your stay. Unless specifically requested by you, we ask that you not send us, and you not disclose, on or through the Services or otherwise to us, any Sensitive Personal Data (e.g., social security numbers, religion, health, biometrics or genetic characteristics, criminal background etc).
Use of Services by Minors
The Services are not directed to individuals under the age of sixteen (16), and we request that they not provide Personal Data through the Services. Their data are only necessary if they are accompanying their parents and only under legal obligation to keep a hotel registry.
Relying on our legitimate interests
We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests, which we have described above. You can obtain information on any of our balancing tests by contacting us using the details set out later in this notice.Withdrawing consent or otherwise objecting to direct marketing/profiling
Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing communication without your consent, where we promote relevant products or services to those you have already bought from us (Law 3471/2006) or/and where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by contacting us using the details set out in “Opting Out” section you could find at the end of each email we may send you.
DisclosureIn some cases we may be required to disclose your personal information to comply with legal requirements and requests from government agencies if required for the purposes set out above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.
We may also disclose your personal information to our group companies or to third parties:
Disclosures of Your Personal Data
We may share your personal data:
with the operator of the hotel which you book, stay or visit for the above purposes;
with third-party payment processors, payment service providers, IT and marketing support service providers and other consultants, vendors and service providers who need access to such information to carry out work or provide services on our behalf or who help us to provide these services to you;
with anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organisers and your employer) in order to fulfill contractual obligations;
with any law enforcement, courts, Government or regulatory bodies (in whatever jurisdiction), or otherwise in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, court order or legal process;
if we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of our hotel or any third parties
in connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company, or any change of management of a hotel;
with our advisors, which includes our accountants, auditors, lawyers, other professional advisors and business contacts for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations;
with any other party at your consent or at your direction; and
otherwise as permitted or required by applicable laws and regulations.
Our site may contain links to other websites belonging to third parties. We do not control the privacy practices of these other websites. You should therefore make sure when you leave our site that you have read that website’s Privacy Notice.
Overseas Transfers of Your Personal Data
Your personal data will be stored at our hotel in which you stay or visit. It may also be accessed and processed by our managing/mother company in Israel Queenco Leisure International. Your personal data will only be transferred to Israel where we are satisfied that adequate or comparable levels of protection are in place to protect personal data held in that jurisdiction, and (where we are required to do so) with your consent.
The information you provide to us may be given to our third party service suppliers outside the European Economic Area for the purpose of delivering the personalized services and communications stated above. Our hotel will always take steps to ensure that your information is used by third parties in accordance with this Privacy Notice and that your information is kept secure at all times. In particular, in relation to any transfer to a third party in a country that is not subject to an adequacy decision by the EU Commission, such transfer will be appropriately protected through mechanisms such as EU Commission approved standard contractual clauses, an appropriate Privacy Shield certification or Binding Corporate Rules. A copy of the relevant mechanism can be provided for your review upon request.
You are not obliged to accept cookies. If you wish, you can set your browser to notify you before you receive a cookie so you have the chance to accept it and you can also set your browser to refuse to receive or send all cookies. The website www.allaboutcookies.org contains step-by-step guidance on how cookies can be switched off by users.
What rights do i have?
If you would like to access,review, correct, update, restrict, delete or object to the processing of thePersonal Data that you have previously provided to us, or if you would like to receive an electronic or printed copyof your Personal Data for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by law) or for any other use, you can contact us at email@example.com, or in person or by mail:
Grande Albergo delle Rose
Georgiou Papanikolaou 4
Rhodes 85131 Greece
Telephone: +30 22410 97400
In your request, please make clear what Personal Data you would like to have changed, whether you would like to have your Personal Data suppressed from our database, or other limitations you would like to put on our use of your Personal Data. We will try to comply with your request as soon as reasonably practicable.
In addition, you can object to the processingof your personal information in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing)
To exercise any of these rights, or to obtain other information, such as a copy of a legitimate interests balancing test, you can get in touch with us using the details set out above. If you have unresolved concerns, you have the right to complainto the Greek Data Protection Authority at www.dpa.gr
Data Integrity and Purpose Limitation
We limit the collection and use of Personal Data to the information that is relevant for the purposes of processing and will not process Personal Data in a way that is incompatible with the purposes for which the information has been collected or subsequently authorized by you. We take reasonable steps to ensure the Personal Data is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the Personal Data.
If you do not wish to remain on our database and to receive our personalized mailings (electronic or otherwise) or other communications, please note that you may opt out of our database by using the “Unsubscribe” option at the foot of our email communications, or by sending an email to us at the following email address: firstname.lastname@example.org
How long will you retain my data?
We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law.
The criteria used to determine our retention periods include:
The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you stay with us or keep using our Services)
Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your stay and transactions for a certain period of time before we can delete them)
Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)
Where we process your financial information (credit card details), we will only keep the information for as long as necessary for the purpose/s for which it is collected (billing purposes) and up to two months thereafter.
Where we process personal information for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in future.
In relation to all your other personal data including registration data, we will not retain your data for longer than required for the purposes indicated above, and will delete personal data if they are no longer necessary for the purposes for which they are collected or otherwise processed, unless we are required to keep the data to comply with applicable legal obligations.
Queries or complaints
If you have any queries or complaints regarding this Privacy Notice or use of your personal information please contact our front desk manager at any time or send us an email at email@example.com
If you have any questions about this Privacy Statement, please visit us at the reception desk or contact us at firstname.lastname@example.org