This Privacy Notice concerns only the personal data processing conducted through the Astir Odysseus Kos website. If you are a customer of the hotel and you want to know more about the processing of your personal data, please read our Customers’ Privacy Notice.
Which data do we collect from you?
- When you book accommodation online: The data that is required in the booking form
- When you check in online: Last Name, Arrival Date, Booking reference
- When you book our extra services online: The data that is required in the booking form
- When you contact us for questions and/or feedback: Email address, Name, Any information you provide us via the “message” section
- Data we collect through cookies. For more information, please read our Cookies Policy.
Who controls and processes your personal data?
- The Data Controller for your data is OCCIDENTAL S.A.” with registered offices at Kos, Mpamialiki 85300, with VAT 998922193
- Our website is hosted in the European Union by Hetzner Online GmbH.
- WebHotelier Technologies Limited operates the booking system on behalf of Astir Odysseus Kos Resort & Spa.
- Customers’ data are hosted in the Fidelio software, provided by Oracle Corporation.
- If you contact us through our contact form our via email, Microsoft processes your data within the European Union, acting as our email service provider.
- The Company’s employees and associates process your data.
All the above-mentioned parties are bound by confidentiality obligations.
Why do we process your personal data and on which basis?
- To provide you with our services, based on our contractual relationship or the pre-contractual steps you take.
- To receive any questions and feedback and answer back to you after your communication, based on our legitimate interests.
- To keep our website secure and nice, based on our legitimate interest.
- To provide you with content you might be interested in (including i.e., our news, promotions, contests, etc.), based on your consent.
For how long do we retain your data?
- If you book any of our services, please consult our Customers’ Privacy Notice.
- If you contact us, we will retain the communication and its meta-data until you ask us to delete it, unless it needs to be retained for a longer period or for legitimate reason or for our compliance with a legal obligation.
- If you provide your consent to receive content by us, we will keep your data until you revoke your consent.
For cookies retention periods, please refer to our Cookies Policy.
What are your rights?
You can ask us:
- Inform you about the data we have about you
- To provide you with a copy of the personal data we hold about you
- To correct certain data if it is incorrect
- To delete your data
- To stop processing your data or restrict processing for certain uses
- To send your data to another company or entity by reasonable means
- To revoke your consent if you have given it to us
How you may exercise your rights?
If, at any time, you would like to exercise your rights or ask any question regarding your personal data, please refer to our Data Protection Officer via the email address email@example.com
We will respond to you within 30 days of the reception of your request.
If you feel that the protection of your personal data has been violated, you may file a complaint with the Greek Data Protection Authority.