PRIVACY POLICY

In accordance with Regulation EU 679/2016 (GDPR)

Protection & Processing of General Personal Data

Personal Data (PD) is any information relating to an identified or identifiable natural person. An identifiable natural person is one whose identity can be ascertained, directly or indirectly, by reference to an identification identifier, such as a name, identity number, location data, online identity card, or one or more factors matching to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. This also applies to more personal information such as habits, preferences, biometric data, etc. Every company that manages personal data relating to living natural persons within the EU, is required, from 25th of May 2018, to fully comply with EU Data Protection Regulation 679/2016 on the protection of personal data. The Regulation is directly applicable in all EU Member States. The collection of PD is a form of processing, such as storing, organizing, structuring, altering, retrieving, searching for information, using, disclosing, deleting, or destroying. An enterprise, through its Privacy Policy, informs natural persons about the processing of their PD, by helping them make conscious decisions about their relation with the business.

Nostos Studios Santorini has to collect PD (i.e. personal information) for the effective execution of everyday business functions and services and in some occasions for the compliance with the legislation and/or the regulations that it applies. The Privacy Policy declares our compliance with the Regulation on the Protection of Personal Data and also our respect for the protection of the privacy and security of personal data. Furthermore, it aims to:

Inform the natural persons about the PD we collect and process, for what purpose, in what way and for how long.
Ensure that the natural persons are aware of their rights and of our duty for accountability and security.
Provides an easy and clear way of securing your consent.

What kind of Personal Data we are processing

We collect information and PD from you which you provide with your free consent, either directly or via third party services with which you interact and which have already requested your free consent. Nostos Studios Santorini provides a booking form on it’s website. Potential guests can make inquiries for accommodation availability through this form by providing information and Personal Data (PD) about themselves and their desired dates. In this way we communicate an offer to our potential customers, answer their questions and provide them with personalized and updated service.

We may collect and process data, including the below, during the provision by us of hosting services and use of our facilities by you: Name and surname, information regarding your profession or your participation in professional or other organizations, residence address or/and address of employment, email, telephone (landline or mobile), ID or passport number, nationality, date of birth.

Please note, that all the above details are required by Greek legislation for the provision of hosting services in tourist accommodation establishments. Access to this data is limited to our hotel staff. Data stored on our web information system is regularly deleted, and is kept for up to 1 month. Data on our email system is kept indefinitely for archiving purposes, without limiting the potential guest rights to be informed about correcting or deleting or limiting the processing of their own PD.