Effective Date: 15/5/2018
We comply with the relevant Data Protection legislation as set forth by the European Union regarding the collection, use, and retention of Personal Information.
About G.A.P. Group
Through our network of specialized operating companies, G.A.P. Group is a contemporary and adaptive organization, operating within the services sector by providing a variety of related services under one roof as a one-stop shop.
Using our industry expertise, we have developed a full suite of service solutions. To learn more about the details of our services offerings, please click here.
When this Policy Applies
This Policy applies to our collection, use and disclosure of your Personal Information in relation to the Classic Hotel, division of G.A.P. Vassilopoulos Public Ltd, through our website(s) and content that link or refer to this Policy;
This Privacy Statement does not apply to the practices of third parties that G.A.P. Group does not own or control.
What is in this Policy?
- Collection & Retention of Personal Information
- Use of Personal Information
- Cookies and Online Tracking
- Profiling and decision making
- Sharing Your Personal Information
- International Data Transfers
- Your Privacy Rights
- Security of Your Personal Information
- Children’s Privacy
- Marketing Preferences
- Changes to this Policy
- Contacting Us
Collection & Retention of Personal Information
“Personal Information” is information that identifies you as an individual or relates to an identifiable individual. We may collect Personal Information such as:
General identification and contact information:
Your name; address; e-mail and telephone details; date of birth; occupation and country of residence; additional contact information about you that we may obtain through third parties with whom we do business (e.g., travel agents or similar providers); Identification numbers issued by government bodies or agencies or passport number.
Guest stay information including the date of arrival and departure, goods and services purchased, special requests made, information and observations about your service preferences (including room type, facilities, holiday preferences, amenities requested, ages of children or any other aspects of the Services used); employer or other relevant details if you are an employee of a corporate account, a vendor or other type of business partner (e.g., travel agent or meeting and event planner)
Financial information: Credit and debit card details
Special categories of Personal Information
When you stay at our hotel, you may be asked for types of Personal Information that are viewed as sensitive. Sensitive personal information include information that could reveal religion like a meal preference and other travel preferences; and medical conditions to the extent that it’s relevant to your stay at the hotel or to provide you with special assistance as well as any other information deemed sensitive under applicable data protection laws (collectively ” Special categories of Personal Information”).
Marketing preferences and customer feedback
You may let us know your marketing preferences or other means of sale promotion.
If you submit any Personal Information relating to other people to us or to our service providers, you confirm that you have the authority to do so and to permit us to use the information in accordance with this Policy.
We collect information submitted to us
- Through our online services: We may collect Personal Information when you make a reservation, communicate with us via online chat services, inform us of any special requests or preferences you may have, or sign up for a newsletter or participate in a survey, contest, or promotional offer.
- Through our offline services: We may collect Personal Information from you offline, such as when you visit our hotel and receive any of our services, make a reservation over the phone or contact customer service.
- Through other sources: We may receive your Personal Information from third parties. This may include information from your travel agent, airline and other partners.
- Information we collect automatically: We automatically collect certain technical information from visitors to our Site(s), such as the Internet protocol (IP) address of their device, their login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platforms.
- Retention of Personal Information: Information submitted to us abide to strict confidentiality principles and advanced security policies.
- We will keep your Personal Information as long as it is necessary, as required by law.
- When we destroy Personal Information, we will use safeguards to prevent unauthorized parties from gaining access to the information during the process.
If you do not agree to our processing of your data in the manner outlined in the Policy, please do not submit any Personal Information to us.
Use of Personal Information
The Personal Information we collect, will be used only as described in this Policy.
We use this Personal Information:
- To provide the services you request, such as to facilitate reservations, send confirmations or pre-arrival messages, to assist you with meetings, events or celebrations, and provide you with other information about the area and the hotel;
To complete and fulfil your reservation and stay, for example, to process your payment, ensure that your room is available, and provide you with related customer service;
- To send you administrative information, marketing communications, promotional offers, periodic customer satisfaction, market research or quality assurance surveys (to the extent permitted after we have obtained your consent);
- To personalize your experience when you stay in our hotel;
- To allow you to participate in contests and other promotions and to administer these activities;
- For our business purposes, such as data analysis, audits, security and fraud monitoring and prevention (including through the use of closed-circuit television, and other security systems), enhancing, improving or modifying our Services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities;
- Resolve complaints, and handle requests for data access or correction.
Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism, comply with a legal process, and respond to requests from public and governmental authorities (including those outside your country of residence); and
- Establish and defend legal rights, protect our operations or those of any of our group companies or business partners, our rights, privacy, safety or property, and/or that of our group companies, you or others and pursue available remedies or limit our damages.
Cookies and Online Tracking
A browser cookie is a small file saved on your hard drive when you visit certain websites. Browser cookies store information that a web site may use for a variety of purposes such as to personalize your experience and to gather web site statistical data, such as which pages you visit, what material you download, your Internet provider’s domain name and country, and the addresses of websites you visited immediately before, and after, visiting a particular web site. You can configure your browser to accept or reject browser cookies or to notify you when you are offered a cookie so you can accept or reject it.
Profiling and decision making
We might make some decisions based on profiling where final decisions are always a result of staff intervention.
Sharing Your Personal Information
- Our Group Companies We may disclose your Personal Information to any affiliate within GAP Group for use in accordance with this Privacy Statement. This includes our subsidiaries, affiliates and our ultimate holding company.
GAP Group has established the GAP Group User Corporate Rules (“Corporate Rules”) in order for the GAP Group Entities to abide by these corporate guidelines that apply to the processing of User Information. The Corporate Rules are incorporated into the GAP Group corporate wide policy, requiring all GAP Group entities and employees to comply with and respect the Corporate Rules governing the collection, use, access, storage and transfer of Personal Information among GAP Group entities. To learn more about the Corporate Rules framework please click here.
- Our service providers
We may disclose Personal Information to our third-party service providers who provide services such as website hosting, payment processing, online booking platforms, marketing agencies, auditing and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.
In addition, we may share and disclose Personal Information about you with in the following circumstances:
- Compliance with laws: We may disclose Personal Information to a third party where we are legally required to do so in order to respond to or comply with any applicable law, regulation, subpoenas, court orders, legal process or government requests, including in response to public authorities to meet national security or law enforcement requirements.
With your consent: We may disclose your Personal Information for other purposes with your consent. Your Personal Information is never sold, rented or leased to any external company.
International Data Transfers
- Transfers to service providers & suppliers
- Transfers to Group companies
As a global company, we may transfer Personal Information for certain services to GAP Group companies and third parties located anywhere in the world that may be outside your country of residence for storage and processing in order to provide the GAP Services. These countries may not necessarily have data protection laws as comprehensive as those in your country or residence. We will however protect your Personal Information in accordance with this Policy and applicable law wherever it is processed.
Your Privacy Rights
You have certain rights under applicable data protection laws, which include the right (i) to request a copy of your Personal Information, (ii) to request access, rectification or erasure; (iii) to restrict the processing of your Personal Information and recall your consent where applicable; and (iv) to submit a complaint to the Commissioner’s Office for the Protection of Personal Data. In certain circumstances, you may also have the right to object to the processing of your Personal Information. All the above are subject to the business relationship you have with us and any applicable prevailing legislations.
If you would like to exercise any of the above rights, please immediately notify us in accordance with the “Contact Us” section below so that we may assess your request and determine, under applicable law, whether we are in position to comply with your request.
Cookies and other similar technologies: For information about how to disable selected cookies and other similar tracking technologies from collecting information on the GAP Services to third party properties, please see the Section headed “Cookies and Online Tracking”.
Marketing preferences: If you no longer want to receive marketing-related material from us on a going-forward basis, you may opt-out by following the instructions in the “Marketing Preferences section”.
Security of Your Personal Information
We are committed to protecting the Personal Information you share with us. We use appropriate physical, technical, organizational and administrative security measures to help protect your Personal Information from unauthorized or unlawful access, use or disclosure, and from accidental loss, destruction or damage.
We support online security using secure server technology because we want your data to be safe.
We use state-of-the-art security arrangements and facilities on our Sites and through the GAP Services to maintain data security. Unfortunately, the transmission of information via the internet cannot be guaranteed 100% completely secure and we cannot guarantee the security of your Personal Information that is transferred over the internet.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the “Contact Us” section below.
GAP Group services are not intended for use by children under the age of 18. We do not knowingly collect Personal Information from children under the age of 18. If we learn that we have collected Personal Information from a child under the age of 18, we will delete that data from our systems unless we have the explicit consent from the parent/guardian.
We will provide you with regular opportunities to tell us your marketing preferences, including in our communications to you. To tell us your marketing preferences and to opt-out, you can contact us using the information in the “Contact Us” section below.
- Receiving e-mail messages and text messages from us: If you no longer want to receive marketing-related e-mails or text messages from us on an ongoing basis, you may opt-out of receiving these marketing-related messages by clicking on the link to “unsubscribe” provided in each message or by contacting us.
- Receiving telephone communications and postal mail from us: If you no longer want to receive mobile messages, telephone communications or postal mail from us on an ongoing basis, you may opt-out of receiving these marketing-related communications by contacting us.
- Our sharing of your Personal Information with our group companies for their marketing purposes: If you would prefer that we do not share your Personal Information on an ongoing basis with our group companies for their own marketing purposes, you may opt-out of this sharing by contacting us at the above addresses.
We aim to comply with your opt-out request(s) within a reasonable time period. Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of third parties with whom we have already shared your Personal Information (i.e., to those to whom we have already provided your Personal Information as of the date on which we respond to your opt-out request). Please also note that if you do opt-out of receiving marketing communications from us, we may still send you other important administrative communications from which you cannot opt-out.
Changes to this Policy
If you have any questions about this Policy or if you wish to exercise Your Privacy Rights please contact:
G.A.P. Vassilopoulos Group
20 Strovolos Av.,
P.O. Box 23897, 1687
ATTN: Privacy Team