Privacy Policy

Personal data protection policy (Privacy Policy)

Purpose

​The purpose of the Privacy Policy is for villaregina.gr (Villa Regina Resort) to describe and disclose its Policy regarding the collection and processing of personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the applicable law 4624/29-08-2019 (for Greece).

Scope

​This Policy applies to the entire business and in particular to the sections or processes that are directly or indirectly involved with the processing of personal data of natural persons, which (the processing) is subject to the requirements of the applicacle law 4624/29-08-2019 and the General Data Protection Regulation (EU) 2016/679.

Description

​At villaregina.gr (Villa Regina Resort) the personal data that you as natural persons provide us with is handled with particular sensitivity and diligence.

​​What personal data we collect

​​The personal data that is collected by us (as appropriate) includes:​​

  • Full name
  • Contact telephone number
  • Email address
  • Phone Number

Why are we processing personal data (purpose)

This data may be necessary for one or more of the following purposes:​​

  • To know who we are dealing with (i.e., for your safety) when you approach us and express your interest in the services that we provide
  • To be able to communicate with you (by phone, via email, online via Skype or Cisco Webex Meetings) in order to provide our services
  • To inform you via email of news or offers related to the services that we provide
  • To provide our services to our clients
  • For responses to any queries or the provision of information regarding our services (when you request these)
  • To issue service invoices for services rendered
  • To issue receipts
  • To issue receipts for retail transactions
  • To issue consignment notes
  • To pay suppliers, collaborators, etc. (e.g., via web banking)​​

How is data collected and which is the legal basis for processing personal data​

​Your personal data is collected by us subject to receiving your written consent (specific form or email) and provided that there is a specific purpose, which you are notified of.​

​Consent for communcation of a professional nature is characterized (as appropriate) by the provision of your business card or filling in the online contact forms on our website (when deemed necessary and in relation to the specific purpose) or other forms (e.g. contact forms).​

​You can revoke your consent in writing (with an email message) at any given time if you would like us to cease processing of your personal data.​

​Personal data may also be collected by us for the purpose of executing collaboration agreements-contracts (e.g., with clients, suppliers, external collaborators).​

By our clients when and if we are asked to process personal data on their behalf in the context of services provided.​​

Our legal obligations are the lawful basis for particular data processing purposes (e.g. to issue service invoices for services rendered, to issue receipts for retail transactions relevant to our services provided to individuals, to issue consignment notes etc.).

Additional information​​

  • We do not collect personal data belonging to children. The collection is prohibited.
  • We do not make decisions based on the automated processing of personal data.​
  • We use Google ads to advertise, but we do not collect the guests’ personal data.

Who collects the personal data​

​Your personal data is collected by us and directly from the data subject.​​​

The data subjects’ personal data may be collected via our clients only in the context of providing our services to the clients in question.​

The information that is usually collected depends on the purpose and we are interested in collecting as little as possible, as long as the purpose for which they are collected can be satisfactorily fulfilled.​​

For better service, please inform us in a timely manner of any changes to your personal data, which you have provided to us for processing.​​

How long can personal data be kept​​

We store personal data for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods only if relevant legal obligations or rights apply to our organization. We then delete and destroy your personal data from our files (electronic and/or physical).​​

Disclosure to third parties and transfer to third countries (outside the EU)​​

Recipients of your personal data may include (as appropriate):​

  • Our external collaborators for their communication with you in the context of the services that we provide 
  • Our external collaborators for the issuance of training program certificates of attendance with the attendees’ names (if requested)
  • Companies providing postal services – courier services
  • Our legal advisor
  • Our tax advisor
  • The competent tax authorities (upon request)

Your personal data will not be transferred to third countries (outside the EU) without your written consent (and only if the transfer is deemed absolutely necessary).​

Measures for protecting the confidentiality, integrity and availability of personal data​

​​In order to protect your personal data, we take the necessary technical and organizational measures that are included in every reliable information security management system.​​

​Among other measures, techniques such as data minimization, pseudonymization and encryption are used.

​​Exercise of data subject rights

​In any event, you (as data subjects) are able to exercise your rights in relation to our processing of information about you and in accordance with the General Data Protection Regulation (GDPR), i.e.​​

  • Right to information (Articles 13,14)
  • Right of access by the data subject (Artcle 15)
  • Right to rectification (Article 16)
  • Right to erasure (‘right to be forgotten’) (Article 17)
  • Right to restriction of processing (Article 18)
  • Right to information on the recipients of the personal data (Article 19)
  • Right to data portability (Artcle 20)
  • Right to object (Article 21)
  • Right to the non-exclusive automated individual decision-making, including profiling (Article 22)

For better and faster service, you can exercise any of the above rights by sending an email stating the subject, your name and your contact telephone number.

Contact information of the controller​

villaregina.gr (Villa Regina Resort)
Email: info@villaregina.gr
Contact telephone: +30 22810 75910
Postal address: Delfini, Kini, Syros

Objectives of this policy​

To protect the data subjects from any risks that could result from the leakage, alteration or destruction of the data while this data is being processed by us.​

To comply with the requirements of the General Data Protection Regulation (EU) 2016/679 of natural persons and the applicable law 29-08-2019

This Privacy Policy is updated regularly and is revised depending on the changes that may arise in relation to the processing of personal data. These changes may be due e.g., to changes in business activities.​

If you believe that your personal data have been breached and your rights have in any way been violated in deviation of our obligation to adhere to the Law or if you are not satisfied with the response that you received regarding the acceptance or rejection of your application (or applications), you can file a complaint with the Hellenic Data Protection Authority ().

Date  of most recent update: June, 28 2021

Required fields are followed by *