The Tourism & Technical enterprise “IONIA S.A.” with distinctive title “PEGASUS HOTEL” (hereinafter “PEGASUS Hotel”) provides to its clients since 2001 high standard services in a hospitable & friendly environment, taking care for their safe and comfortable stay, aiming to assure a unique hospitality experience.
Respect of privacy is our main goal and due to this we are taking all necessary technical and organizational measures, in order to protect your personal data and to provide assurances for their safe and lawful process, by applying the applicable provisions which govern our hotel services, as well as the applicable provisions regarding personal data protection.
Please, read the present Personal Data Protection Policy, which aims to inform you fully and transparently about the type of data collected, the means and purpose of their collection, their retention period, as well as the possible recipients to whom they are transmitted.
The above-mentioned Enterprise is responsible for personal data, under the Personal Data Law, as well as the General Data Protection Regulation under number 679/2016.
Which are the collected personal data.
Under the concerning legal definition, “personal data” means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Furthermore “special categories of personal data” are those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
The present Policy is applied on services provided by any mean, as through our official website www.pegasushotel-ch.gr our online activities and applications, e.g. example during completion of the communication form or through third parties we co-operate, including their websites (as e.g. travel agencies), whether they concern reservation systems by phone call, fax or in person “walk in” registration, or service due to our commercial relationship by providing hospitality services to you during your stay in the Pegasus Hotel. Using these services implies the necessary collection of your personal data under the current travel legislation on a basis of respect for your personal data protection.
Specifically, we collect legally and insofar as necessary following appropriate and necessary data for the purposes defined underneath:
Identifying data of your identity (as your name and surname, nationality, ID- Card or Passport Number, date of birth, etc.)
Arrival and departure date, in connection with your room number
Financial information (as TIN, Fiscal Office, credit card data) and
Contact information (as address, telephone number, E/mail), which are submitted with the reservation form
Possibly and under the current legislation, special categories of personal data, as allergies, nutritional needs, health data, providing access to people with disabilities, which are submitted to us voluntarily due to your declaration and after your explicit consent, for your safe, comfortable stay and best service.
Preferences and interests: e.g., rooms with view, non-smoking rooms, travel purpose (business or pleasure)
In case of participating at any contest or promotional event of ours, your name and surname, contact information, E-mail address, personal or business interests etc. may be asked.
Device information (e.g., unique identification data of your device, IP address, device configurations for access to our services, etc.)
Location information (e.g., your GPS device etc.)
Information, recorded for ordering a product or a service during your stay in or outside of the hotel (e.g., transfer, participation at activities, consumptions, product purchases outside the hotel)
While your entrance at the hotel website, personalized information may be recorded about your device from which you accessed the website as well, like IP- address, information on geographic access location, detectors of access devices, information about the browser, browser language or/ and related information. In no case, use of internet by personal IP-addresses is revealed, while these data (web server logs) are periodically deleted.
It is pointed out, that we do not collect information on persons under 18 years, except those which are provided to us by their legal guardian.
Purposes of data collection.
In order to serve our commercial relationship, under our legitimate interests and to improve your hospitality experience by improving our services, we collect only necessary personal data for following purposes:
Room reservation system management (as keeping the necessary documents under the current legislation and providing service to your requests during your stay at the Pegasus Hotel)
For purposes of service pricing
In order to comply with the current Greek and European legislation.
For purposes of commercial communication, promotion of our services, conduct of surveys on customer satisfaction.
In order to serve our legitimate interests.
In order to fulfill our legal obligations, under travel, fiscal, accounting and administrative legislation.
Retention period of Personal data.
Pegasus Hotel keeps your personal data in written or/ and in electronic form only for the absolute necessary period required, in order to fulfill our legal obligations and legitimate purposes, for which they were collected.
Due to this reason, we keep your personal data during our commercial relationship e.g., for the fulfillment of our fiscal obligation or after its termination for the fulfillment for example of the statutory limitation period of any claims.
Access to your personal data by third parties.
We assure that your personal data are submitted to lawful process, which is limited within the Hotel and furthermore confidentiality is ensured. It is possible that they are transmitted to our co-workers, who operate as processors on our behalf, in the extend our mentioned purposes of process are served and under the condition of ensuring confidentiality for safeguarding them in the framework of our contractual commitment, our legitimate interests and with the right of auditing them. Therefore, it is possible to communicate your personal data specifically to the competent departments of the Pegasus Hotel, to our reliable co-workers, natural or legal persons. Furthermore, under compliance with the legislative and regulatory framework we will transmit your personal data to Supervisory Authorities, Public Services and Organizations or in case of corporate reorganization we may share those with the individuals, natural or legal persons, involved by any means.
Information on your rights.
Pegasus Hotel ensures that you shall exercise following of your rights, which are provided for and governed by the General Data Protection Regulation.
Right to access and information about your personal data, as for purposes of processing, retention period, possible recipients.
Right to rectification of inaccurate or incomplete data completion, so that they are accurate.
Right to erasure of personal data from our archives, if their retention is not necessary, subject to the existence of legitimate reasons for their retention.
Right of restriction of processing personal data in following cases: the accuracy of personal data is questioned by you, process is illegal and you object to the deletion of your personal data, your personal data are not anymore necessary for purposes of process, but they are required by you for establishment, exercise or defense of legal claims, until the reasons of process continuation are verified.
Right to object in the cases of Article 21 of the General Data Protection Regulation, including profiling.
Right to data portability: You have the right to receive your personal data in electronic form, in a structured, commonly used, machine-readable and interoperable format, and to transmit them to another controller.
Pegasus Hotel will comply with the terms and conditions defined by the General Data Protection Regulation for the satisfaction of your rights. In order to exercise your rights, you may at any time send an application/ letter for free or contact Mr. Mourtzakis Takis at the following address: firstname.lastname@example.org
Tel.: +30-28210-38130. We will make every effort to respond within thirty (30) days on your request, in order to satisfy it or to justify the legal grounds by which we are bound.
Withdrawal of your consent.
We inform you that you can withdraw your consent at any time, in cases in which your consent consists the legal basis of processing your personal data. Withdrawal of your consent may imply suspension of services, since we will not be able to process your personal data.
Contact with the Data Protection Authority.
You may also contact the Data Protection Authority in order to submit any complaint or accusation, at following address: E-mail email@example.com, Telephone: +30 210 6475600, Fax: +30 210 6475628, Address: 1-3, Kifissia’s Avenue, P.C. 115 23, Athens.
The present Personal Data Protection Policy, which complies with the General Data Protection Regulation under number 679/2016, shall be regularly updated at the Pegasus Hotel’s discretion.