politique de confidentialité

1 Information for the Processing of Personal Data

For Golden Beach Hotel, the protection of the personal data of its customers and associates is of paramount importance. For this reason we take the appropriate technical and organizational measures to protect the personal data we process and to ensure that their processing is always carried out in accordance with the obligations set by the legal framework, both by the company itself and by third parties who process personal data on its behalf.
This Privacy and Privacy Policy applies to the services we provide to our customers, to the communication to any interested party and to the website https://www.goldenbeachtinos.gr and its online services.

2 What is GDPR;

The General Data Protection Regulation (GDPR) 2016/679 (EU) is the new regulatory framework for the protection of personal data of the European Union (EU). The object of the law is to establish the conditions for the processing of personal data, the protection of the rights and freedoms of natural persons and in particular the right to protection of personal data.
Personal data, as defined in Article 4 of the GDPR, is the information that can be used to identify you and to communicate and trade with you, for example your name, your postal address, your e-mail address or any other information that, if combined with each other can identify you.

3 Golden Beach Hotel as data controller

Golden Beach Hotel, as the person in charge of personal data processing, with the name “ΑΚΤΗ ΒΡΕΚΑΣΤΡΟ – ΞΕΝΟΔΟΧΕΙΑΚΗ ΤΟΥΡΙΣΤΙΚΗ ΕΠΙΧΕΙΡΗΣΗ ΑΕ », located in Tinos, Ag. Fwka 0, 82400 with VAT number 094387552, for business purposes collects and processes the personal data of its associates, suppliers, employees and customers, in accordance with applicable national law (4624/2019) and European Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data as applicable. Therefore, Golden Beach Hotel acts as the controller, in accordance with Article 4 para. 7 of the GDPR.
For any issue regarding the processing of personal data you can contact the Privacy Department of Golden Beach Hotel at the following contact details:
email: [email protected]
Phone number: 22830 22579

4 Your personal data that we process

We process your personal data only for a legal purpose, provided that one of the conditions of article 6 par. 1 of the GDPR is met. The website https://www.goldenbeachtinos.gr was designed so that users can visit it without having to reveal their identity and without having to provide personal data unless they wish. In the course of our activities and our cooperation with you, we will need to collect and process some of your personal data in order to offer you specific services and to be able to adequately meet your needs. More specifically:

4.1 Personal data of our clients
Golden Beach Hotel collects and processes personal data of its customers such as names, contact numbers, copy of ID and/or passport of customers who wish to spend the night at the hotel without coming from a tourist office and make the reservation individually.
If the customer is part of a group of people who have arranged to spend the night at the hotel through a tourist office, Golden Beach Hotel collects only his name.
The legal bases for the above processing are the fulfillment of our contractual obligations (GDPR article 6 par. 1b) and the legal interest of Golden Beach Hotel (GDPR article 6 par. 1f)

4.2 Personal data from your use of your website services

To improve our website to better serve your needs, we measure its performance. During your visit, we automatically collect the following information about your computer and your visit to the network and provider, through which you have access to the Internet, your activity on our website, the date and time of your browsing on the website us, how much time you spent, to which pages / websites you connected (Links) from our website, the Internet Protocol address (IP address) your computer operating system and your browser software (browser).
There is also the possibility to facilitate direct communication with you to voluntarily fill in the name, email and phone on our contact page to contact you.
Legal bases for the above processing are your explicit and free consent (GDPR article 6 par. 1a) and the legal interest of Golden Beach Hotel (GDPR article 6 par. 1h).

4.3 Personal data collected and processed by Golden Beach Hotel for its employees

The staff of Golden Beach Hotel, is well trained and aware of its obligations regarding the protection of personal data of customers and professional privacy. There is always a contractual relationship between the Golden Beach Hotel and its employees, with the necessary commitments of confidentiality and taking the appropriate organizational and technical measures to protect the personal data of customers.
When Golden Beach Hotel decides to hire a prospective employee, it collects and processes personal data of employees, such as name, passport / identity card, age, address, telephone, email, job, health certificates, sick leave, VAT, AMKA, AM IKA, IBAN, employment contract payroll information. These data are necessary for the fulfillment of contractual and legal obligations of Golden Beach Hotel.
Legal bases for the above processing are the execution of our legal obligations (eg compliance with tax, insurance and labor obligations set by law) (GDPR article 6 par. 1c) and the legal interest of Golden Beach Hotel (GDPR article 6 par .1΄στ).

4.4 Personal data of our third party partners / suppliers

We collect and process personal data of our partners / suppliers (eg, webmasters, accountants, lawyers, security technicians, etc.) such as name, email, phone, address, VAT number, ID number, AMKA, IBAN, Business Cards, invoices, documents, contracts etc. This information is necessary for the proper execution of our contractual obligations.
Legal bases for the above processing are the execution of our legal obligations (eg compliance with tax, insurance and labor obligations set by law) (GDPR article 6 par. 1c) and the legal interest of Golden Beach Hotel (GDPR article 6 par .1΄στ).

4.5 Personal data from video surveillance

The main purpose of the security cameras and CCTV circuits that we have, is first of all the prevention of criminal actions and then the keeping of the records that help us to protect our staff and customers but also the goods of the company. Golden Beach Hotel ensures that the locations of the cameras and the way of receiving the data are determined in such a way that the data collected is not more than what is absolutely necessary for the fulfillment of the purpose of the processing and that the fundamental rights of our customers and employees are not violated. Also, Golden Beach Hotel takes care to inform the customers, before entering the scope of the video surveillance system, in a visible and understandable way (sign), that they are going to enter a place that is being videotaped. The video surveillance system is not used for the purpose of evaluating employees within the workplace. The staff has been informed in writing about the existence of video surveillance and there is a process of informing the subjects based on the Press Release of the Data Protection Authority on June 9 2020. Personal data resulting from the use of control and monitoring methods will not be used to the detriment of customers, if they have not been previously informed about the introduction of the Control and Monitoring Methods and the use of this data.

5 Basic Principles of personal data processing

The processing of personal data takes place in a legal, fair and transparent manner.
The collection of personal data is carried out only for specified, clear and legal purposes.
The collection of personal data is adequate and relevant.
Personal data is accurate and up to date.
Inaccurate personal data is corrected or deleted.
Personal data remains confidential and securely stored.
Personal data is not disclosed to third parties unless it is necessary for them to be offered services by agreement.

6 Where is your personal data disclosed?

Golden Beach Hotel may transmit personal data provided by individuals to third parties, in the following cases and for specific purposes.

6.1 To employees or external associates
These are experienced professionals who are well-informed about the confidentiality obligations regarding clients’ personal data. The employees / external associates of Golden Beach Hotel have access only to the personal data of the clients, which are deemed absolutely necessary for the execution of their duties (reservation management, updating the reservation system, computerization). There is always a contractual relationship between Golden Beach Hotel and its employees / external partners, with the necessary commitments of confidentiality and taking the appropriate organizational and technical measures to protect the personal data of our customers.

6.2 Other third parties due to legislation
We may disclose your personal information in order to comply with the law or to comply with a mandatory legal procedure (eg for tax purposes), or to protect the rights or security of Golden Beach Hotel.

6.3 Other third parties with your consent
In addition to the disclosures described in this Privacy and Privacy Policy, we may transmit information about you to third parties, provided you give us your free and express consent.

6.4 Recipients outside the EEA
The personal data you provide to us will be transferred and stored on our servers, located within the EEA (European Economic Area). We will not transfer your information outside the European Economic Area (EEA) unless you are a non-EEA user, in which case you may need to transfer your details to deliver your products, process payment / returns or send us promotional information on which you have registered. We will take all necessary steps to ensure that your personal information is processed securely and in accordance with this Data Protection Policy and legislation when it takes place from a location outside the EEA. For the avoidance of doubt, where the United Kingdom is no longer a Party to the EEA, the references in this paragraph to the EEA shall mean the EEA and the United Kingdom.

7 Data retention period

The data storage period is decided based on the following specific criteria depending on the case:
When processing is required by the provisions of the applicable legal framework, the personal data of the customers will be stored for as long as the relevant provisions require.
When processing is performed on a contract basis, customers’ personal data is stored for as long as is necessary for the performance of the contract and for the establishment, exercise, and / or support of legal claims under the contract.
Your account data subject to tax regulations will be retained for up to 10 years from the cancellation of your account in our system as required by law. After this time, they are deleted without notice.
Regarding the personal data of the employees of Golden Beach Hotel, we keep them for 20 years from the end of our contractual cooperation, for the possibility of projecting ancillary claims of these subjects, which are subject to the 20-year limitation period.
Personal data reserved for room reservation is destroyed within one week of the customer leaving the hotel.

8 Privacy policy

Golden Beach Hotel implements appropriate technical and organizational measures aimed at the secure processing of personal data and the prevention of accidental loss or destruction and unauthorized and / or illegal access to them, their use, modification or disclosure. These technical and organizational measures are taken both during the design of the processing media (eg encryption of the data and the computers of the Hotel, etc.), and by default, so that only the personal data necessary for the respective purpose are processed. of processing (principle of minimization of personal data-immediate destruction of booking data and similar documents). Golden Beach Hotel does not rest on the technical security measures it has taken so far, but is constantly looking for new and modern methods in order to shield the personal data it collects and processes. In any case, the operation of the internet and the fact that it is free to anyone does not guarantee that unauthorized third parties will never be able to violate the applicable technical and organizational measures by gaining access and possibly using personal data for unauthorized and / or unlawful purposes.

9 Actions in case of security breach of customer’s personal data

In case a violation of the personal data subjects is found and this violation may endanger their rights and freedoms, Golden Beach Hotel, undertakes to notify without delay and in any case within 72 hours from the moment of becoming aware of the event. of the violation, to the Greek Personal Data Protection Authority (DPA) and if deemed necessary to the data subject.

10 Subject rights

Every natural person whose data is processed by Golden Beach Hotel, has the following rights:

10.1 The right to be informed
You have the right to be informed about the identity and contact details of us, or our representatives, the purposes of the processing for which the personal data is intended, as well as the legal basis for the processing, the recipients or the categories of recipients of the personal data. As part of the principle of transparency that governs the operation of our company, you can contact us requesting further information on how your personal data is processed and how to exercise your rights, by submitting the relevant requests. Your requests will be answered without delay and in any case within one month of receiving the request. This time limit may be extended by a further two months, if necessary, taking into account the complexity of the request and the number of requests.

10.2 Right of access
You have the right to be aware of and verify the legality of the processing and to request copies of the personal data being processed. Thus, you have the right to access the data and receive additional information about their processing. You also have the right to access more specific information about the content and how to exercise your individual rights.

10.3 Right of correction
You have the right to study, correct, update or modify your personal data

10.4 Right of erasure
You have the right to request the deletion of your personal data when we process it with your consent or in order to protect our legal interests. In all other cases (such as when there is a contract, obligation to process personal data imposed by law, public interest), this right is subject to certain restrictions or does not exist as the case may be (eg we have the right to refuse the deletion of personal for the purpose of establishing, exercising or upholding our legal claims).

10.5 Right to restriction of processing
Υou have the right to request a restriction on the processing of your personal data in the following cases: (a) when you dispute the accuracy of the personal data and until it is verified, (b) when you oppose the deletion of personal data and instead of deleting you request the restriction of their use, (c) when personal data is not needed for processing purposes, however you are necessary to establish, exercise, support legal claims, and (d) when you object to the processing and until it is verified that there are legitimate reasons that concern us and prevail over the reasons why you oppose the processing.

10.6 Right to object
You have the right to object at any time to the processing of your personal data in cases where, as described above, it is necessary for the purposes of the legal interests we seek as processors, as well as to the processing for the purposes of direct information promotion. In particular, you have the right to object to any decision made solely on the basis of automated processing, including profiling, which produces legal effects that affect or significantly affect you. Exceptionally, you may not object to the This decision is either necessary for the conclusion or performance of the contract we have entered into with you, or is based on your explicit and free consent.

10.7 Right to data portability
You have the right to receive your personal data free of charge in a form that will allow you to access, use and process it using commonly used processing methods. You also have the right to request that, if technically possible, we transfer the data directly to another controller. This right exists for the data you have provided to us and their processing is carried out by automated means based on your consent or in execution of a relevant contract.

10.8 Right to withdraw consent
Where processing is based on your explicit and free consent, you have the right to revoke it freely, without prejudice to the legality of the processing based on your consent, before revoking it.
To revoke your consent you can contact the Personal Data Protection Department of Golden Beach Hotel, at the following contact details:
email: [email protected]
Phone number: 22830 22579

10.9 Right of complaint to authorities
In case of violation of your personal data you have the right to file a complaint to the Personal Data Protection Authority (www.dpa.gr):
Phone number: +30 210 6475600,
Fax: +30 210 6475628,
email: [email protected].

11 Websites of third parties
Our website may provide links to other websites which are not owned or controlled by us, but which we believe could be useful or interesting to our website visitors. In this case, we are not responsible for the privacy practices used on other people’s websites or for the validity of their content or for the collection of information by the parties who own and control those websites, or the use of their Cookies.
Respectively we are not responsible for the processing of your personal data in case you enter the page https://www.booking.com/ to make your reservation. For the protection of your personal data on the booking page you can read here.
As for the group on the Facebook page « Working in Tinos » it is subject to the Privacy Policy of the company Meta, which is owned by Facebook.
Therefore, we are not responsible for any damage or problems that occur to any of you who use this foreign Website and ultimately, it is up to you whether or not to use a link to another website provided by our website, in in case you do not trust him completely.

12 Children
By giving your consent you responsibly declare that you are over 15 years old. If you are under 15 years old, you may use our website and its services only with the participation and approval of a parent or guardian.

13 Renewals and changes
The website https://www.goldenbeachtinos.gr is constantly updated and expanded both functionally and in terms of services, with the consequence that it renews the current policy of protection of the secrecy of transactions. We recommend that you read this page at regular intervals to be informed of any changes to the content of this protection policy.