Terms & Conditions
TERMS OF USE
Terms of Use
1. GENERALLY
These terms of use of this website, which belongs to the company under the name "KONSTANTINOS KOULLIAS SA" and distinctive title "GRAND BLUE BEACH HOTEL", which is based on the island of Kos (Lambi area) with G.E.MI number 123307020001, TIN 094034654 (hereinafter the "Company") and the PRIVACY POLICY (hereinafter the "Terms of Use"), as amended and in force from time to time, constitute the terms and conditions on which we make available to you, the prospective customer and/or customer and/or user, the website www.grandbluehotel.gr (hereinafter the "Website"), apply immediately from your first visit to the Website and govern your navigation, use and legal relationship with the Company for the provision of reservation and accommodation services at the "GRAND BLUE BEACH HOTEL" (hereinafter the "Hotel"), unless otherwise agreed between the Company and you in writing, thus, depending on what was agreed in the written contract between you and the Company, the terms of the written contract will additionally apply or only the terms of the written contract will apply.
Before continuing to navigate the Website, please read the Terms of Use carefully.
The Website constitutes property of the Company. By accessing the Website, the content and services it provides, you, the user of the Website and/or the prospective customer and/or the customer unconditionally declare and confirm that you agree with and understand the content of the Terms of Use. If for any reason you do not agree with part and/or all of the Terms of Use, please do not use the Website.
These Terms of Use may be amended from time to time with any frequency without special notice, while upon publication of each amendment on the Website they enter into force and become binding. We recommend that, upon completion of your reservation, you print or save a copy of the Terms of Use, since the Terms of Use, as they will apply at the time of your reservation, will govern the relationship between us.
Please check the Terms of Use regularly. Your use of the Website will be considered as your consent to the Terms of Use, as in force from time to time.
If you have any questions for any issue regarding the content and services of the Website and the Terms of Use, you can contact us at email media@koulliasgroup.com.
2.RESERVATIONS/ BOOKING
To make a reservation at the Hotel you must be over 18 years old. Your reservation or reservations are governed by the Terms of Use. If a written agreement is concluded between us, the written agreement will apply additionally or exclusively, depending on what has been agreed therein. By making a reservation, you represent, confirm and guarantee that you have the legal capacity to make the reservation and that the information you fill in for your reservation is true and accurate. In case that you represent and make a booking on behalf of a third party, you confirm and warrant that you have the authorization and consent of the third party for such reservation.
Booking is made by the following ways:
- on-line on the Website: www.grandbluehotel.gr
During your navigation on our Website, each time, in a comprehensible and user-friendly way, are indicated to you specific technical steps to proceed and properly complete your reservation and make any prepayment of the reservation, after being informed about the availability of rooms, the price of the total overnight stays you choose, the cost of any prepayment for the reservation and the facilities of our Hotel regarding the selected reservation.
In order to complete the reservation, it is required a) your acceptance of these Terms of Use and the Privacy Policy of our Website, by "clicking" on the corresponding checkbox "I accept the Terms of Use and Privacy Policy", as well as b) the confirmation of the reservation that entails an obligation to pay by "clicking" on the respective checkbox, after filling in the invoicing/s details and the details of your payment instrument (e.g. debit card details) for carrying out the transaction. Before the final confirmation of the reservation, the consumer is provided with the technical possibility of changing his options (e.g., change of room, dates, etc.).
-by phone at +302242048503,
-via email to reservations@grandbluehotel.gr.
Upon completion of the reservation and provided that a) any payment of the corresponding prepayment amount of the reservation is confirmed to the Company, b) the correctness of the details and validity of your credit/debit etc. card is confirmed, you will receive a confirmation to your e-mail within twenty-four (24) hours with the details of your reservation, if you have notified to us your email.
It is clarified that the final submission and completion of your reservation constitutes your proposal for the conclusion of a distance booking contract and therefore the distance booking contract is concluded upon acceptance of your reservation by our Company.
Upon booking confirmation, we notify you of the following aggregated information:
a) the identity of our company as a supplier-service provider,
(b) the geographical address at which the company is established;
c) the telephone number and e-mail address of our company,
(d) the main features of the reservation;
(e) the total price of the reservation;
(f) payment arrangements (e.g., provision of proof of payment or prepayment of a reservation);
(g) the conditions, deadline and procedures for exercising your right of withdrawal from the concluded contract.
The concluded contract between us is filed by our Company for up to 10 years in accordance with its legal and tax obligations. Although you are aware of the concluded contract, in accordance with the above-described technical stages of its conclusion, you may in any case regain access to the concluded contract in the future by sending us a relevant access request via e-mail, or in any other appropriate way according to our contact details.
3.PRICES - PAYMENT METHODS
Prices displayed on the Website are in Euro (€) include VAT and all taxes provided by applicable law, except overnight tax, which is payable at the Hotel upon your arrival.
For the completion of the reservation, we accept payments by debit/credit card.
The Company shall not be liable against you in the event that third parties, such as your bank or companies that facilitate the completion of your reservation at the Hotel, make any type of charge for the provision of their service or for any other reason.
The prices listed in your reservation are per room and vary depending on the selected reservation dates and the number of people.
4. CANCELLATION & CHANGE POLICY
During the completion of your reservation, you are provided with two different types of booking, "Flexible Booking" and "Prepaid Booking".
Flexible Booking
Your credit/debit card details are necessary for the Company to complete your reservation, but no deposit is required.
Your credit/debit card will be charged upon your arrival at the Hotel.
To cancel your reservation please contact us at +3022420 48503 or via email at reservations@grandbluehotel.gr.
In case you withdraw from the contract concluded between us and cancel your reservation
I. up to four (4) days prior to your arrival date, you will not be charged for such cancellation,
II. less than four days prior to your arrival date, the amount corresponding to the cost of the 1st overnight stay will be charged,
III. In case of non-arrival you will be charged the amount corresponding to the cost of the 1st overnight stay,
IV. In case you do not stay at the Hotel until the last day of your reservation, you will be charged the full amount of your reservation,
V. To exercise your right of withdrawal, you can contact us via e-mail at reservations@grandbluehotel.gr address, or in any other way at our contact details (telephone, address of our premises).
Prepaid Booking
Your credit/debit card details are necessary in order for the Company to complete your reservation and you shall prepay the total cost of your reservation. Your credit/debit card will be charged with your reservation.
In case of change or cancellation or non- arrival on your arrival date, the prepaid amount of your reservation is not refunded.
5.INTELLECTUAL PROPERTY RIGHTS
Unless otherwise stated, the content of the Website, including all intellectual property rights (industrial and intellectual), indicatively unregistered intangible goods, images, graphics, photographs, drawings, texts, structure, are intellectual property of the Company and are protected by the relevant provisions of Greek law, European Union law and international conventions and treaties. Therefore, none of them may be wholly or partially sold, copied, modified, reproduced, republished or uploaded, transmitted or distributed and presented to the public in any way. The user understands and accepts that he is not granted the right to reproduce, copy, sell, resell and / or commercially exploit in any way and for any reason all or part of the content contained on the Website, without prejudice to any legal right of the Company to exercise the relevant claims against the violator of this term of use in any way.
6. DISCLAIMER
The content and services of the Website are provided "as is", without any warranty expressed or implied in any way.
The Company shall not be liable under any circumstances whatsoever, including negligence - to the fullest extent permitted by law - for any kindy of damage: (a) the user of the Website suffered, through the use of the services and content of the Website (e.g. non-completion of the reservation for reasons not falling within the sphere of influence of the Company), which use he/she makes on his/her own initiative and with knowledge and acceptance of the Terms of Use, and/or (b) any third party suffered, as a result of the actions of any user of the Website in violation of the Terms of Use, any more specific terms agreed between the Company and the user and the applicable legislation. In addition, the Company is not liable in case of unavailability. Users are solely responsible for all transactions they make through or as a result of using the Website, as well as for the specific terms and conditions of such transactions. The Company is not responsible for any unavailability or errors of the Website and its contents and services, due to force majeure (indicatively and not restrictively: unavailability of the internet, power failure, failure of technological equipment, telecommunications failure) or other technical reasons or related to the technical maintenance of the Website. Also, the Company is not responsible for any damage due to any use of the Website, including any damage, which is due to the modification or sabotage or any unlawful act or intervention to the Website by third parties. Without prejudice to any mandatory rules of applicable law, the liability of the Company to compensate the user for any claim (including tort) is limited to the cost of the user's reservation.
7.HYPERLINKS
The Website may include hyperlinks to websites and content owned by third parties and managed by third parties. Hyperlinks may be included on the Website from time to time for your convenience (e.g., hyperlinks to attractions, etc.).
With these websites, the Company does not provide any recommendation or advice to you. The Company is also not responsible for examining or evaluating the websites and the content to which the hyperlinks refer and does not bear any liability towards the user for the entire content of these websites (including the comments of the users of these websites) and the acts or omissions of the aforementioned third parties or administrators. We advise you to carefully read the terms of use and privacy and cookies’ policy of these websites.
8.APPLICABLE LAW, JURISDICTION & OTHER TERMS
The Terms of Use, any modification thereof, as well as all matters relating to the Website and the services provided by the Company (and through this Website) are governed and regulated by Greek Law. The courts of Kos are exclusively competent to resolve any dispute relating to the Terms of Use and the Website. The exclusive jurisdiction of the courts of Kos also includes injunctive relief, interim injunctions and disputes arising from tort. Any provision of the above terms is found to be contrary to the above legal framework or becomes invalid, automatically ceases to apply and is removed from the present, without in any way affecting the validity of the other terms. The Terms of Use are provided in Greek and English. In case of discrepancy, the Greek one will prevail.
9.OUT-OF-COURT SETTLEMENT
For the most effective and immediate resolution of any problems you may have from our transactions, you can contact us directly and anytime by e-mail or telephone.
However, if we are unable to fully resolve any issues you may have and you believe that they violate any of your rights to any extent, you may seek to resolve any disputes by resorting to the Online Dispute Resolution Platform (ODR):
https://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=EL.
The ODR platform shall be an interactive website which constitutes a single point of entry for consumers and traders seeking the out-of-court resolution of disputes concerning contractual obligations under online sales or service contracts between a consumer resident in the Union and a trader established in the Union through an Alternative Dispute Resolution (ADR) entity listed in accordance with Article 20(2) of the Directive 2013/11/EU.
In Greece, the certified ADR entities are:
The Independent Authority "Consumer Ombudsman", with competence in all commercial sectors,
The Banking-Investment Services Ombudsman with competence in the commercial sector of financial services, and
ADR POINT PC - Center for Alternative Dispute Resolution with competence in all commercial sectors with the exception of the categories explicitly mentioned in the relevant legislation.
European Institute for Conflict Resolution (E.I.E.S.) with competence in all commercial sectors with the exception of the categories explicitly mentioned in the relevant legislation.
Institute for Alternative Dispute Resolution - startADR with competence in all commercial sectors with the exception of the categories explicitly mentioned in the relevant legislation.
The European Consumer Centre of Greece has been appointed as the National Contact Point for ODR in Greece, information about which and for dispute resolution can be found at Online Dispute Resolution | European Commission (europa.eu).
You can also contact the authority of the Consumer Ombudsman CONSUMER OMBUDSMAN - Independent Authority (synigoroskatanaloti.gr).
1. GENERALLY
These terms of use of this website, which belongs to the company under the name "KONSTANTINOS KOULLIAS SA" and distinctive title "GRAND BLUE BEACH HOTEL", which is based on the island of Kos (Lambi area) with G.E.MI number 123307020001, TIN 094034654 (hereinafter the "Company") and the PRIVACY POLICY (hereinafter the "Terms of Use"), as amended and in force from time to time, constitute the terms and conditions on which we make available to you, the prospective customer and/or customer and/or user, the website www.grandbluehotel.gr (hereinafter the "Website"), apply immediately from your first visit to the Website and govern your navigation, use and legal relationship with the Company for the provision of reservation and accommodation services at the "GRAND BLUE BEACH HOTEL" (hereinafter the "Hotel"), unless otherwise agreed between the Company and you in writing, thus, depending on what was agreed in the written contract between you and the Company, the terms of the written contract will additionally apply or only the terms of the written contract will apply.
Before continuing to navigate the Website, please read the Terms of Use carefully.
The Website constitutes property of the Company. By accessing the Website, the content and services it provides, you, the user of the Website and/or the prospective customer and/or the customer unconditionally declare and confirm that you agree with and understand the content of the Terms of Use. If for any reason you do not agree with part and/or all of the Terms of Use, please do not use the Website.
These Terms of Use may be amended from time to time with any frequency without special notice, while upon publication of each amendment on the Website they enter into force and become binding. We recommend that, upon completion of your reservation, you print or save a copy of the Terms of Use, since the Terms of Use, as they will apply at the time of your reservation, will govern the relationship between us.
Please check the Terms of Use regularly. Your use of the Website will be considered as your consent to the Terms of Use, as in force from time to time.
If you have any questions for any issue regarding the content and services of the Website and the Terms of Use, you can contact us at email media@koulliasgroup.com.
2.RESERVATIONS/ BOOKING
To make a reservation at the Hotel you must be over 18 years old. Your reservation or reservations are governed by the Terms of Use. If a written agreement is concluded between us, the written agreement will apply additionally or exclusively, depending on what has been agreed therein. By making a reservation, you represent, confirm and guarantee that you have the legal capacity to make the reservation and that the information you fill in for your reservation is true and accurate. In case that you represent and make a booking on behalf of a third party, you confirm and warrant that you have the authorization and consent of the third party for such reservation.
Booking is made by the following ways:
- on-line on the Website: www.grandbluehotel.gr
During your navigation on our Website, each time, in a comprehensible and user-friendly way, are indicated to you specific technical steps to proceed and properly complete your reservation and make any prepayment of the reservation, after being informed about the availability of rooms, the price of the total overnight stays you choose, the cost of any prepayment for the reservation and the facilities of our Hotel regarding the selected reservation.
In order to complete the reservation, it is required a) your acceptance of these Terms of Use and the Privacy Policy of our Website, by "clicking" on the corresponding checkbox "I accept the Terms of Use and Privacy Policy", as well as b) the confirmation of the reservation that entails an obligation to pay by "clicking" on the respective checkbox, after filling in the invoicing/s details and the details of your payment instrument (e.g. debit card details) for carrying out the transaction. Before the final confirmation of the reservation, the consumer is provided with the technical possibility of changing his options (e.g., change of room, dates, etc.).
-by phone at +302242048503,
-via email to reservations@grandbluehotel.gr.
Upon completion of the reservation and provided that a) any payment of the corresponding prepayment amount of the reservation is confirmed to the Company, b) the correctness of the details and validity of your credit/debit etc. card is confirmed, you will receive a confirmation to your e-mail within twenty-four (24) hours with the details of your reservation, if you have notified to us your email.
It is clarified that the final submission and completion of your reservation constitutes your proposal for the conclusion of a distance booking contract and therefore the distance booking contract is concluded upon acceptance of your reservation by our Company.
Upon booking confirmation, we notify you of the following aggregated information:
a) the identity of our company as a supplier-service provider,
(b) the geographical address at which the company is established;
c) the telephone number and e-mail address of our company,
(d) the main features of the reservation;
(e) the total price of the reservation;
(f) payment arrangements (e.g., provision of proof of payment or prepayment of a reservation);
(g) the conditions, deadline and procedures for exercising your right of withdrawal from the concluded contract.
The concluded contract between us is filed by our Company for up to 10 years in accordance with its legal and tax obligations. Although you are aware of the concluded contract, in accordance with the above-described technical stages of its conclusion, you may in any case regain access to the concluded contract in the future by sending us a relevant access request via e-mail, or in any other appropriate way according to our contact details.
3.PRICES - PAYMENT METHODS
Prices displayed on the Website are in Euro (€) include VAT and all taxes provided by applicable law, except overnight tax, which is payable at the Hotel upon your arrival.
For the completion of the reservation, we accept payments by debit/credit card.
The Company shall not be liable against you in the event that third parties, such as your bank or companies that facilitate the completion of your reservation at the Hotel, make any type of charge for the provision of their service or for any other reason.
The prices listed in your reservation are per room and vary depending on the selected reservation dates and the number of people.
4. CANCELLATION & CHANGE POLICY
During the completion of your reservation, you are provided with two different types of booking, "Flexible Booking" and "Prepaid Booking".
Flexible Booking
Your credit/debit card details are necessary for the Company to complete your reservation, but no deposit is required.
Your credit/debit card will be charged upon your arrival at the Hotel.
To cancel your reservation please contact us at +3022420 48503 or via email at reservations@grandbluehotel.gr.
In case you withdraw from the contract concluded between us and cancel your reservation
I. up to four (4) days prior to your arrival date, you will not be charged for such cancellation,
II. less than four days prior to your arrival date, the amount corresponding to the cost of the 1st overnight stay will be charged,
III. In case of non-arrival you will be charged the amount corresponding to the cost of the 1st overnight stay,
IV. In case you do not stay at the Hotel until the last day of your reservation, you will be charged the full amount of your reservation,
V. To exercise your right of withdrawal, you can contact us via e-mail at reservations@grandbluehotel.gr address, or in any other way at our contact details (telephone, address of our premises).
Prepaid Booking
Your credit/debit card details are necessary in order for the Company to complete your reservation and you shall prepay the total cost of your reservation. Your credit/debit card will be charged with your reservation.
In case of change or cancellation or non- arrival on your arrival date, the prepaid amount of your reservation is not refunded.
5.INTELLECTUAL PROPERTY RIGHTS
Unless otherwise stated, the content of the Website, including all intellectual property rights (industrial and intellectual), indicatively unregistered intangible goods, images, graphics, photographs, drawings, texts, structure, are intellectual property of the Company and are protected by the relevant provisions of Greek law, European Union law and international conventions and treaties. Therefore, none of them may be wholly or partially sold, copied, modified, reproduced, republished or uploaded, transmitted or distributed and presented to the public in any way. The user understands and accepts that he is not granted the right to reproduce, copy, sell, resell and / or commercially exploit in any way and for any reason all or part of the content contained on the Website, without prejudice to any legal right of the Company to exercise the relevant claims against the violator of this term of use in any way.
6. DISCLAIMER
The content and services of the Website are provided "as is", without any warranty expressed or implied in any way.
The Company shall not be liable under any circumstances whatsoever, including negligence - to the fullest extent permitted by law - for any kindy of damage: (a) the user of the Website suffered, through the use of the services and content of the Website (e.g. non-completion of the reservation for reasons not falling within the sphere of influence of the Company), which use he/she makes on his/her own initiative and with knowledge and acceptance of the Terms of Use, and/or (b) any third party suffered, as a result of the actions of any user of the Website in violation of the Terms of Use, any more specific terms agreed between the Company and the user and the applicable legislation. In addition, the Company is not liable in case of unavailability. Users are solely responsible for all transactions they make through or as a result of using the Website, as well as for the specific terms and conditions of such transactions. The Company is not responsible for any unavailability or errors of the Website and its contents and services, due to force majeure (indicatively and not restrictively: unavailability of the internet, power failure, failure of technological equipment, telecommunications failure) or other technical reasons or related to the technical maintenance of the Website. Also, the Company is not responsible for any damage due to any use of the Website, including any damage, which is due to the modification or sabotage or any unlawful act or intervention to the Website by third parties. Without prejudice to any mandatory rules of applicable law, the liability of the Company to compensate the user for any claim (including tort) is limited to the cost of the user's reservation.
7.HYPERLINKS
The Website may include hyperlinks to websites and content owned by third parties and managed by third parties. Hyperlinks may be included on the Website from time to time for your convenience (e.g., hyperlinks to attractions, etc.).
With these websites, the Company does not provide any recommendation or advice to you. The Company is also not responsible for examining or evaluating the websites and the content to which the hyperlinks refer and does not bear any liability towards the user for the entire content of these websites (including the comments of the users of these websites) and the acts or omissions of the aforementioned third parties or administrators. We advise you to carefully read the terms of use and privacy and cookies’ policy of these websites.
8.APPLICABLE LAW, JURISDICTION & OTHER TERMS
The Terms of Use, any modification thereof, as well as all matters relating to the Website and the services provided by the Company (and through this Website) are governed and regulated by Greek Law. The courts of Kos are exclusively competent to resolve any dispute relating to the Terms of Use and the Website. The exclusive jurisdiction of the courts of Kos also includes injunctive relief, interim injunctions and disputes arising from tort. Any provision of the above terms is found to be contrary to the above legal framework or becomes invalid, automatically ceases to apply and is removed from the present, without in any way affecting the validity of the other terms. The Terms of Use are provided in Greek and English. In case of discrepancy, the Greek one will prevail.
9.OUT-OF-COURT SETTLEMENT
For the most effective and immediate resolution of any problems you may have from our transactions, you can contact us directly and anytime by e-mail or telephone.
However, if we are unable to fully resolve any issues you may have and you believe that they violate any of your rights to any extent, you may seek to resolve any disputes by resorting to the Online Dispute Resolution Platform (ODR):
https://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=EL.
The ODR platform shall be an interactive website which constitutes a single point of entry for consumers and traders seeking the out-of-court resolution of disputes concerning contractual obligations under online sales or service contracts between a consumer resident in the Union and a trader established in the Union through an Alternative Dispute Resolution (ADR) entity listed in accordance with Article 20(2) of the Directive 2013/11/EU.
In Greece, the certified ADR entities are:
The Independent Authority "Consumer Ombudsman", with competence in all commercial sectors,
The Banking-Investment Services Ombudsman with competence in the commercial sector of financial services, and
ADR POINT PC - Center for Alternative Dispute Resolution with competence in all commercial sectors with the exception of the categories explicitly mentioned in the relevant legislation.
European Institute for Conflict Resolution (E.I.E.S.) with competence in all commercial sectors with the exception of the categories explicitly mentioned in the relevant legislation.
Institute for Alternative Dispute Resolution - startADR with competence in all commercial sectors with the exception of the categories explicitly mentioned in the relevant legislation.
The European Consumer Centre of Greece has been appointed as the National Contact Point for ODR in Greece, information about which and for dispute resolution can be found at Online Dispute Resolution | European Commission (europa.eu).
You can also contact the authority of the Consumer Ombudsman CONSUMER OMBUDSMAN - Independent Authority (synigoroskatanaloti.gr).
PRIVACY AND COOKIES POLICY
PRIVACY POLICY
(PERSONAL DATA PROCESSING POLICY & TRACKERS’ POLICY)
This Personal Data Processing Policy & Trackers’ Policy, e.g., Cookies (“Privacy Policy”) was posted on 07/02/2023. We regularly review our Privacy Policy to ensure that it is up-to-date and accurate, in accordance with applicable law.
The use of our website [hereinafter the "Website"] is subject to the Terms of Use and this Privacy Policy. The Privacy Policy has been updated to ensure compliance with the General Data Protection Regulation [Regulation (EU) 2016/679, GDPR] and Law 4624/2019.
Via the use of our website you unconditionally declare that you have reviewed, understood, and accepted all terms included in the Terms of Use and the Privacy Policy. If you do not agree with any of the terms included in the Terms of Use and/or the Privacy Policy, you must refrain from browsing and using the Website and its services.
The Privacy Policy may be amended from time to time, whenever needed, without prior notice to you. The amendments will apply on the date they are published in Website. We encourage you to regularly review the Privacy Policy, as your continued use of our Website implies that you have accepted such amendments.
If you do not agree with the use of your data according to Privacy Policy, please stop using the Website.
GRAND BLUE BEACH HOTEL is committed to respecting and protecting your privacy. This Privacy Policy describes how GRAND BLUE BEACH HOTEL, as controller within the meaning of GDPR, collects and processes the personal data and other information of you, the users of our website, and how our website uses cookies and other identification technologies.
This Privacy Policy explains:
1. Types of data we collect for you, how we collect them & how we use them
Data we collect directly from you
Data we collect using cookies and other tracking technologies
Data we collect by third parties
Anonymized and statistical data – Special Categories, Sensitive Data
2. Types of data we share with third parties
Service Providers
Other recipients
International transfers of data
3. How we use cookies and other tracking technologies (trackers)
Types of trackers
How do I change my trackers’ settings?
4. Legal basis for the processing
5. How long do we keep your data
6. How we ensure your data security
7. Your rights
Right to lodge a complaint with the Authority
8. Communicate with usAt first, we inform you that in the premises of the Hotel, a CCTV (video surveillance system) operates in specific areas (with warning signs) for the purpose of security and protection of persons and goods. Kindly be informed in the section "CCTV Policy" about the processing of personal data of hotel guests through a video surveillance system and specifically about:
-The purpose for which the processing is carried out,
-The mode of operation of the CCTV system in use,
-The installation areas and range of the cameras,
−The retention period of the data,
-The categories of persons operating the CCTV system,
-Your rights regarding your personal data, which are processed by the operating CCTV system.
Moreover, when you visit the Website and when you contact us, we may collect and process certain personal data of you in order for you to be able to benefit from the functionalities and services offered via the Website and also in order to understand the need for our services and to improve the way we operate.These data might also contain “personal data”, meaning any information related to you as an identified or identifiable natural person, i.e. as a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, communication details;
The Website is not intended for use by minors (under 18 years old) and we do not knowingly collect personal data related to minors, unless submitted directly by the child's guardian for the purposes of booking.
Data we collect directly from you
We collect some of your personal data for communication purposes, such as to answer your requests for information and to better understand your expectations and needs.
More specifically, when you use the “How to contact us” form of our Website, or or communicate with us in person or in any other way (e.g. participation in a survey, competition, draw, etc.), we collect and process information about you that you directly provide to us, which may include: name, email address, country, the reason for your communication and the content of the communication that you address to us. We will use this information to communicate with you.
When you make a reservation or order a service (via the Website or by phone or email), we process certain data about you, including your name, email, address, telephone number, date of birth, booking details (e.g. arrival date, etc.), travel information (e.g. visa, passport), special remarks (e.g. dietary preferences) and billing information (credit/debit card number; name on the card, type of card, security code, expiration date, all this of course in pseudonymous form of token), in order to complete and manage your reservation and also in order to manage your requests and preferences. You can register and create a user account in the booking system of our Website. We use the information which you give us in order to manage the account, providing you with useful options like making your reservations, managing your bookings, taking advantage of members' special offers, making future bookings easily and managing your personal settings. You may register and/or have access through a third party account (e.g. Gmail) or social media (e.g. Facebook), in which case we collect and have access to certain information of the User's profile, only for the purposes mentioned above.
We also collect and process certain information about you when you send us your CV and when you apply for a job using the "Job Openings" section of our Website, e.g., your identification and contact details and information about your studies and work experience. A separate privacy policy applies here, which can be found here.
Based on your prior consent, we may use information to provide you with promotional material or when you submit your information to send you newsletters. When you provide your consent to receive such communication, you have the right to revoke it at any time.
Data we collect using cookies and other tracking technologies
We also use cookies and other tracking technologies and we may collect information about how you use our Website, technical data including data and time of access, data volume transmitted, status of transmission, browser type, version and language, browser plug-in types and versions, your internet protocol (IP) address, operating system and interface, time zone setting and location and profile data, including your referral website, pages you visit, actions you take, patterns of page visits and information from forms you fill in.
Based on your prior consent, we may use your data in order to deliver advertising relevant to you based on the use of cookies. For further details on this and how to opt-out of such processing, please see the 'How we use cookies and other tracking technologies (trackers)' section of this Privacy Policy.
2. Types of data we share with third parties
Service Providers
GRAND BLUE BEACH HOTEL may engage external/third parties as service providers, who act as data processors of GRAND BLUE BEACH HOTEL to provide certain services to GRAND BLUE BEACH HOTEL, such as, website service providers, marketing service providers or IT support service providers. When providing such services, the external service providers may process your personal data.
Other Recipients
GRAND BLUE BEACH HOTEL may transfer, in compliance with applicable data protection laws, your personal data to courts, law enforcement agencies, governmental authorities.
In case of a corporate merger or acquisition of GRAND BLUE BEACH HOTEL with another legal entity, personal data may be transferred to the third parties being involved in the merger or acquisition (e.g. the previous mentioned legal entity, legal counsels, and auditors).
International Transfers of Personal Data
GRAND BLUE BEACH HOTEL transfers personal data in accordance with applicable law. To the extent that, in the context of and for the needs of the above-mentioned purposes, if your personal data need to be transferred outside the EU, such data transfer will take place in accordance with applicable law and GRAND BLUE BEACH HOTEL will ensure an adequate level of data protection. By way of entering into appropriate data transfer agreements based on Standard Contractual Clauses, which are accessible upon request at info@grandbluehotel.gr, or taking other measures to provide an adequate level of data protection, GRAND BLUE BEACH HOTEL establishes or confirms that all data recipients will provide an adequate level of protection for your personal data.GRAND BLUE BEACH HOTEL may collect identification details of Website’s users, using related technologies, such as cookies and other trackers.
The Website uses trackers, therefore when you visit the Website, a tracker may be installed in your device.
Τrackers are techniques such as: HTTP/S cookies, flash cookies, local storage in HTML 5, identification via the footprint of your device, identification marks created from software (for advertising purposes or not: IDFA, IDFV, Android ID etc.), material identification marks (MAC address, serial number, or other equipment identifier), etc.
The use of trackers allows GRAND BLUE BEACH HOTEL to recognize your device, gather information about your usage patterns when you navigate our website, store some information about your preferences or past actions, improve your online experience and enhance your personalized experience. Moreover, it allows the automatic collection of information of locations you visit and links of third parties’ websites, which you may choose via the use of our Website.
Trackers may also be used to provide advertising tailored to your interests on websites you visit and to analyse the effectiveness of such advertising.
You can manage your browser to be warned for the use of trackers in specific services. Specifically, you can manage your browser in not accepting the use of trackers in some cases or in any case. In case the visitor/user of specific services and webpages does not wish the use of trackers for his/her identification, he/she cannot have access to such services. Specifically, you can opt in or out of trackers at any time – except strictly necessary trackers (these are used to help make our Website work efficiently) and you can delete trackers, e.g. cookies installed on your device at any time, prevent new cookies being saved and receive notification before installation of a new cookie by configuring your browser software.
When certain types of trackers require your prior consent to be installed and used, you are asked through a relevant banner. If you choose not to enable or delete certain cookies, you will still be able to browse our website, but it will restrict some of the functionality of our Website. In other words, when you opt out of trackers, e.g. cookies, this could influence your experience in our Website and the services we may offer to you.
FIRST AND THIRD PARTY COOKIES OF GRAND BLUE BEACH HOTEL
We will only process your personal data when the law allows us to, that is, when we have a legal basis for processing. Οn a case per case basis, we may carry out the processing of your personal data on the following legal basis:
- You have provided your consent to the processing of your data for one or more specific purposes (e.g. when you register for receiving our newsletter, for the installation and use of certain types of trackers);
- The processing is necessary for the performance of a contract to which you are party or in order to take steps at the request of yours prior to entering into a contract (e.g., when you make a reservation/booking).
- The processing is necessary for compliance with a legal obligation to which GRAND BLUE BEACH HOTEL is subject to (e.g. in case access to your personal data is required by a competent judicial authority);
- The processing is necessary for the purposes of the legitimate interests pursued by BLUE BEACH HOTEL, provided that your fundamental rights do not override such interests; such legitimate interests include:
(a) monitoring in order to ensure the efficient and secure running of the website and fraud and misuse detection and prevention;
(b) the improvement of our services and our Website;
(c) monitoring how our Website is used, e.g. via data analytics, to help us improve the layout and information available on our website, our services, marketing, and customer relationship.
If you decide not to provide your personal data in certain cases, this may result in some disadvantages for you, for example, we may not be able to provide you with a service or respond to your request or provide you with marketing communications that we believe may be useful to you.
Not providing your personal data may in certain cases result in disadvantages for you, e.g., we may not be able to provide you with a service.
We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.
5. How long do we keep your data
Generally, we retain your personal data for as long as needed by legislation, depending on the purpose and type of processing.
Specifically, your personal data will be retained for as long as necessary to fulfil the purposes we collected them for, e.g., for as long as necessary to provide you with the functionalities of our Website and the services requested. Once the data processing purpose is completed, we will either delete your personal data or anonymize your personal data, unless statutory retention requirements apply.
Especially:
- We retain your personal data collected from you when you subscribe to the Newsletter (e.g., e-mail address) for as long as you remain subscribed to our newsletter list and delete them in case of withdrawal of your consent.
- We retain your personal data that we collect from you when you deal with our hotel, such as in the case of making a reservation (e.g. name, contact details, product delivery address, billing information) for a maximum period of 10 years from the conclusion of the contract between us, in order to respond to the exercise of any of your rights, until they are time-barred.
- We retain your personal data that we collect from you for the submission of a question or complaint, when you address us through our Website or any other available means of communication for the necessary period of time until the final resolution of the relevant issue.
- We keep your personal data collected from you, when you send your CV for the purpose of finding a job and if our relevant announcement for the recruitment of associates has been posted, for the time period provided in our policy for the information of potential employees’ personal data processing.
6. How we ensure your data security
Considering the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, GRAND BLUE BEACH HOTEL implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing.
7. What are your Rights
Pursuant to the conditions provided in the relevant legislation (GDPR) you may have the following rights for the protection of your personal data:
Right of access
You may contact us to explain to you if and which data we retain about you, as well as the way we process such data. You may also request a copy of your personal data which retain about you.
Right to rectification
If you believe that your data are not accurate or need to be updated, you have the right to obtain the rectification of inaccurate personal data and to have incomplete data completed.
Right to erasure
Under certain circumstances, e.g., personal data are no longer necessary, you withdraw your consent, the data have been unlawfully processed, you have the right to obtain the erasure of personal data.
Right to restriction of processing
If you believe that your data are not accurate or their processing is unlawful or you think that GRAND BLUE BEACH HOTEL does no longer need your data or you have objections to automated processing, you have the right to obtain the restriction of processing.
Right to object
You have the right to object to processing of your personal data from GRAND BLUE BEACH HOTEL on grounds relating to your particular situation, unless, inter alia, there are compelling legitimate grounds for the processing which override your interests, rights and freedoms. You also have the right to object when a decision concerning you is based solely on automated processing, including profiling, and produces legal effects concerning you or significantly affects you (statutory exceptions apply).
Right to data portability
You may request to receive your data in a structured, commonly used and machine-readable format, as well as to transmit your data to another organization (controller), which you will indicate to GRAND BLUE BEACH HOTEL.
If you have provided your consent with regard to specific collection, process and use of your personal data (e.g. to receive communication for direct marketing of products and services), you may withdraw that consent at any time with effect for the future.
You can find more detailed information regarding your rights on the Hellenic Data Protection Authority’s (HDPA) website here.
In order to exercise your rights, you can contact GRAND BLUE BEACH HOTEL by mail at info@grandbluehotel.gr
Right to lodge a complaint with the Authority
We inform you that you have the right to lodge a complaint with the HDPA for issues regarding the processing of your personal data. HDPA is seated in Athens (Kifisias Avenue, 1-3, 115 23). With regard to HDPA’s competency and the submission of a complaint, you may visit HDPA’s webpage (www.dpa.gr).
If you have any doubts or questions about this Privacy Policy or if you wish to exercise any of your rights included in the "What are your rights" section of this Privacy Policy, you can contact us by mail at the following address: KARDAMENA, KOS 85302, Greece or by email at: info@grandbluehotel.gr
We may modify this Privacy Policy from time to time to comply with regulatory changes and for operational purposes. Updated versions of this Privacy Policy will be posted on the Website with a date indication, so that you know which is the most recently updated version.
This Privacy Policy was posted on 07. 02.2023.
(PERSONAL DATA PROCESSING POLICY & TRACKERS’ POLICY)
This Personal Data Processing Policy & Trackers’ Policy, e.g., Cookies (“Privacy Policy”) was posted on 07/02/2023. We regularly review our Privacy Policy to ensure that it is up-to-date and accurate, in accordance with applicable law.
About us
Welcome to www.grandbluehotel.gr a website managed by the company under the name "KONSTANTINOS KOULIAS S.A." and distinctive title "GRAND BLUE BEACH HOTEL", which is based on the island of Kos (Lambi area) with G.E.MI number 123307020001, TIN 094034654 ["we", "us", "our", "GRAND BLUE BEACH HOTEL"].The use of our website [hereinafter the "Website"] is subject to the Terms of Use and this Privacy Policy. The Privacy Policy has been updated to ensure compliance with the General Data Protection Regulation [Regulation (EU) 2016/679, GDPR] and Law 4624/2019.
Via the use of our website you unconditionally declare that you have reviewed, understood, and accepted all terms included in the Terms of Use and the Privacy Policy. If you do not agree with any of the terms included in the Terms of Use and/or the Privacy Policy, you must refrain from browsing and using the Website and its services.
The Privacy Policy may be amended from time to time, whenever needed, without prior notice to you. The amendments will apply on the date they are published in Website. We encourage you to regularly review the Privacy Policy, as your continued use of our Website implies that you have accepted such amendments.
If you do not agree with the use of your data according to Privacy Policy, please stop using the Website.
GRAND BLUE BEACH HOTEL is committed to respecting and protecting your privacy. This Privacy Policy describes how GRAND BLUE BEACH HOTEL, as controller within the meaning of GDPR, collects and processes the personal data and other information of you, the users of our website, and how our website uses cookies and other identification technologies.
Privacy Policy Scope
This Privacy Policy explains how we process your personal information when you contact us or use any of the services on our Website. Especially, by reading the Privacy Policy you are able to understand, among others:- the purpose that we process your personal data;
- which personal data we collect directly from you and which from third parties;
- the time of their retention,
- the categories of recipients of your personal data, if any;
- if we intend to transfer this information to a non-EU country;
- if we make automated decision-making or profiling;
- and your rights have in relation to the processing of your personal data, as well as the way of their exercise.
This Privacy Policy explains:
1. Types of data we collect for you, how we collect them & how we use them
Data we collect directly from you
Data we collect using cookies and other tracking technologies
Data we collect by third parties
Anonymized and statistical data – Special Categories, Sensitive Data
2. Types of data we share with third parties
Service Providers
Other recipients
International transfers of data
3. How we use cookies and other tracking technologies (trackers)
Types of trackers
How do I change my trackers’ settings?
4. Legal basis for the processing
5. How long do we keep your data
6. How we ensure your data security
7. Your rights
Right to lodge a complaint with the Authority
8. Communicate with us
1. What data we collect about you, how we collect it and how we use it
-The purpose for which the processing is carried out,
-The mode of operation of the CCTV system in use,
-The installation areas and range of the cameras,
−The retention period of the data,
-The categories of persons operating the CCTV system,
-Your rights regarding your personal data, which are processed by the operating CCTV system.
Moreover, when you visit the Website and when you contact us, we may collect and process certain personal data of you in order for you to be able to benefit from the functionalities and services offered via the Website and also in order to understand the need for our services and to improve the way we operate.These data might also contain “personal data”, meaning any information related to you as an identified or identifiable natural person, i.e. as a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, communication details;
The Website is not intended for use by minors (under 18 years old) and we do not knowingly collect personal data related to minors, unless submitted directly by the child's guardian for the purposes of booking.
Data we collect directly from you
We collect some of your personal data for communication purposes, such as to answer your requests for information and to better understand your expectations and needs.
More specifically, when you use the “How to contact us” form of our Website, or or communicate with us in person or in any other way (e.g. participation in a survey, competition, draw, etc.), we collect and process information about you that you directly provide to us, which may include: name, email address, country, the reason for your communication and the content of the communication that you address to us. We will use this information to communicate with you.
When you make a reservation or order a service (via the Website or by phone or email), we process certain data about you, including your name, email, address, telephone number, date of birth, booking details (e.g. arrival date, etc.), travel information (e.g. visa, passport), special remarks (e.g. dietary preferences) and billing information (credit/debit card number; name on the card, type of card, security code, expiration date, all this of course in pseudonymous form of token), in order to complete and manage your reservation and also in order to manage your requests and preferences. You can register and create a user account in the booking system of our Website. We use the information which you give us in order to manage the account, providing you with useful options like making your reservations, managing your bookings, taking advantage of members' special offers, making future bookings easily and managing your personal settings. You may register and/or have access through a third party account (e.g. Gmail) or social media (e.g. Facebook), in which case we collect and have access to certain information of the User's profile, only for the purposes mentioned above.
We also collect and process certain information about you when you send us your CV and when you apply for a job using the "Job Openings" section of our Website, e.g., your identification and contact details and information about your studies and work experience. A separate privacy policy applies here, which can be found here.
Based on your prior consent, we may use information to provide you with promotional material or when you submit your information to send you newsletters. When you provide your consent to receive such communication, you have the right to revoke it at any time.
Data we collect using cookies and other tracking technologies
We also use cookies and other tracking technologies and we may collect information about how you use our Website, technical data including data and time of access, data volume transmitted, status of transmission, browser type, version and language, browser plug-in types and versions, your internet protocol (IP) address, operating system and interface, time zone setting and location and profile data, including your referral website, pages you visit, actions you take, patterns of page visits and information from forms you fill in.
Based on your prior consent, we may use your data in order to deliver advertising relevant to you based on the use of cookies. For further details on this and how to opt-out of such processing, please see the 'How we use cookies and other tracking technologies (trackers)' section of this Privacy Policy.
Data we collect by third parties
Your personal data that we collect from third parties is in particular technical data, concerning the details of your device (e.g. manufacturer, model, screen characteristics, operating system, etc.), or financial data (e.g. token with some card details through which you pay for a reservation at our hotel, which means that we do not know the full details of your card, your card is stored pseudonymised to facilitate your future transactions through the Website), as well as statistics or data of your behavior (e.g. clicks, choices). For example, we receive some of the aforementioned technical data from analytics providers such as Google.ΑΝΩΝΥΜΟΠΟΙΗΜΕΝΑ ΚΑΙ ΣΤΑΤΙΣΤΙΚΑ ΔΕΔΟΜΕΝΑ
We may process anonymized and statistical data, for any purpose, especially for statistical reasons and for the improvement of the provided services-information of the Website. While such data may be derived from your personal data, these are not considered personal data as such data does not directly or indirectly reveal your identity (e.g., we may aggregate your usage data to calculate the percentage of users accessing a specific website feature).Special Categories of Personal Data- Sensitive Data
Generally, we do not knowingly collect or process through the Website special categories of personal data ("sensitive" personal data), such as information about your health, race or ethnicity, religious or philosophical beliefs, sex life, etc. We may collect health data that you provide to us directly, in case we need to fulfill a request of yours during your stay at our hotel (e.g. if you have a mobility problem, or suffer from allergies or eating disorders and need to take special care).2. Types of data we share with third parties
Service Providers
GRAND BLUE BEACH HOTEL may engage external/third parties as service providers, who act as data processors of GRAND BLUE BEACH HOTEL to provide certain services to GRAND BLUE BEACH HOTEL, such as, website service providers, marketing service providers or IT support service providers. When providing such services, the external service providers may process your personal data.
Other Recipients
GRAND BLUE BEACH HOTEL may transfer, in compliance with applicable data protection laws, your personal data to courts, law enforcement agencies, governmental authorities.
In case of a corporate merger or acquisition of GRAND BLUE BEACH HOTEL with another legal entity, personal data may be transferred to the third parties being involved in the merger or acquisition (e.g. the previous mentioned legal entity, legal counsels, and auditors).
International Transfers of Personal Data
GRAND BLUE BEACH HOTEL transfers personal data in accordance with applicable law. To the extent that, in the context of and for the needs of the above-mentioned purposes, if your personal data need to be transferred outside the EU, such data transfer will take place in accordance with applicable law and GRAND BLUE BEACH HOTEL will ensure an adequate level of data protection. By way of entering into appropriate data transfer agreements based on Standard Contractual Clauses, which are accessible upon request at info@grandbluehotel.gr, or taking other measures to provide an adequate level of data protection, GRAND BLUE BEACH HOTEL establishes or confirms that all data recipients will provide an adequate level of protection for your personal data.
3. How we use cookies and other tracking technologies (trackers)
The Website uses trackers, therefore when you visit the Website, a tracker may be installed in your device.
Τrackers are techniques such as: HTTP/S cookies, flash cookies, local storage in HTML 5, identification via the footprint of your device, identification marks created from software (for advertising purposes or not: IDFA, IDFV, Android ID etc.), material identification marks (MAC address, serial number, or other equipment identifier), etc.
The use of trackers allows GRAND BLUE BEACH HOTEL to recognize your device, gather information about your usage patterns when you navigate our website, store some information about your preferences or past actions, improve your online experience and enhance your personalized experience. Moreover, it allows the automatic collection of information of locations you visit and links of third parties’ websites, which you may choose via the use of our Website.
Trackers may also be used to provide advertising tailored to your interests on websites you visit and to analyse the effectiveness of such advertising.
You can manage your browser to be warned for the use of trackers in specific services. Specifically, you can manage your browser in not accepting the use of trackers in some cases or in any case. In case the visitor/user of specific services and webpages does not wish the use of trackers for his/her identification, he/she cannot have access to such services. Specifically, you can opt in or out of trackers at any time – except strictly necessary trackers (these are used to help make our Website work efficiently) and you can delete trackers, e.g. cookies installed on your device at any time, prevent new cookies being saved and receive notification before installation of a new cookie by configuring your browser software.
When certain types of trackers require your prior consent to be installed and used, you are asked through a relevant banner. If you choose not to enable or delete certain cookies, you will still be able to browse our website, but it will restrict some of the functionality of our Website. In other words, when you opt out of trackers, e.g. cookies, this could influence your experience in our Website and the services we may offer to you.
Types of trackers
We may use ‘persistent’ trackers as well as 'session-based' trackers. A 'persistent' tracker will be saved on your device, is not deleted automatically when you close your browser and will remain for a period set for that tracker. On the other hand, a 'session-based' tracker is allocated only for the duration of your visit to our Website and automatically expires when you close your browser.| A | Strictly necessary trackers | Used to help make our Website work efficiently and enable you to browse around our website and use its features; used e.g. to keep track of your input when filling online forms over several pages and help us ensure that the content of your page loads quickly and effectively by distributing the workload across numerous computers (load balancing). | These trackers are session trackers that are allocated only for the duration of your visit to our Website and are erased when you close your browser. |
| B | Analytical/performance trackers | Used to analyse the way our Website works and how we can improve and optimize it; e.g. for statistical audience measuring, to estimate the number of unique visitors, to detect the most preeminent search engine keywords that lead to a webpage or to track down website navigation issues. | We use such trackers only on the basis of your prior consent. These are typically persistent trackers, are stored on your device, are not deleted automatically when you close your browser and will remain for a period set for that trackers. They remain on your device for us to use during a next visit to our Website. For information on how to delete these trackers, please refer below to ‘How do I change my trackers’ settings?’ section of this Privacy Policy. |
| Γ | Functionality trackers | Help to enhance your experience by doing things like remembering preferences, choices you make while browsing the Website or past actions; e.g. such trackers may remember preferences such as text size, fonts, and other customizable site elements of the Website. | We use such trackers only on the basis of your prior consent. These are typically persistent trackers, are stored on your device, are not deleted automatically when you close your browser and will remain for a period set for that trackers. They remain on your device for us to use during a next visit to our Website. For information on how to delete these trackers, please refer below to ‘How do I change my trackers’ settings?’ section of this Privacy Policy. |
| Δ | Targeting/advertising trackers | They are used by us and our trade partners for the provision of content, that best suits your interests. They may be used for targeted advertisements/offers, to measure effectiveness of an advertising campaign and for the display of relevant advertisements in our advertising business partners’ websites. Used to share some information with third parties who we advertise with, so we know how you have reached our Website. These trackers record your visit to our Website, the parts of our Website you have visited and you are interested in and the links you have followed to recognize you as a previous visitor and to track your activity on our website and other websites you visit. This information is used to show you advertisements we think may be of interest to you, to tailor how we communicate with you, or to tailor the contents of the communications we send to you. | We use such trackers only on the basis of your prior consent. These are typically persistent trackers, because they remain on your device for us to use during a next visit to our website. These are typically persistent trackers, are stored on your device, are not deleted automatically when you close your browser and will remain for a period set for that trackers. They remain on your device for us to use during a next visit to our Website. For information on how to delete these trackers, please refer below to ‘How do I change my trackers’ settings?’ section of this Privacy Policy. |
FIRST AND THIRD PARTY COOKIES OF GRAND BLUE BEACH HOTEL
| Cookie | Domain | Description | Duration | Type |
|---|---|---|---|---|
| PHPSESSID | www.grandbluehotel.gr | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. | session | Necessary |
| YSC | .youtube.com | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. | session | Advertisement |
| VISITOR_INFO1_LIVE | .youtube.com | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. | 5 months 27 days | Advertisement |
| _gcl_au | .grandbluehotel.gr | Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services. | 3 months | Analytics |
| test_cookie | .doubleclick.net | The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies. | 15 minutes | Advertisement |
| _ga | .grandbluehotel.gr | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. | 1 year 1 month 4 days | Analytics |
| _gid | .grandbluehotel.gr | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. | 1 day | Analytics |
| _dc_gtm_UA-109654204-5 | .grandbluehotel.gr | Installed by Google Analytics, | 1 minute | Other |
| _dc_gtm_UA-222574309-1 | .grandbluehotel.gr | Installed by Google Analytics, | 1 minute | Other |
| _ga_* | .grandbluehotel.gr | This cookie is installed by Google Analytics. | 1 year 1 month 4 days | Analytics |
| CONSENT | .youtube.com | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. | 2 years | Analytics |
How do I change my trackers’ settings?
Most web browsers allow some control of most trackers, e.g. cookies, through the browser settings. To find out more about cookies, including how to see what cookies have been set on your device, you can visit: http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, or www.aboutcookies.org, or www.allaboutcookies.org.
Find out how to manage cookies on popular browsers:
4. Legal Basis for the processingWe will only process your personal data when the law allows us to, that is, when we have a legal basis for processing. Οn a case per case basis, we may carry out the processing of your personal data on the following legal basis:
- You have provided your consent to the processing of your data for one or more specific purposes (e.g. when you register for receiving our newsletter, for the installation and use of certain types of trackers);
- The processing is necessary for the performance of a contract to which you are party or in order to take steps at the request of yours prior to entering into a contract (e.g., when you make a reservation/booking).
- The processing is necessary for compliance with a legal obligation to which GRAND BLUE BEACH HOTEL is subject to (e.g. in case access to your personal data is required by a competent judicial authority);
- The processing is necessary for the purposes of the legitimate interests pursued by BLUE BEACH HOTEL, provided that your fundamental rights do not override such interests; such legitimate interests include:
(a) monitoring in order to ensure the efficient and secure running of the website and fraud and misuse detection and prevention;
(b) the improvement of our services and our Website;
(c) monitoring how our Website is used, e.g. via data analytics, to help us improve the layout and information available on our website, our services, marketing, and customer relationship.
If you decide not to provide your personal data in certain cases, this may result in some disadvantages for you, for example, we may not be able to provide you with a service or respond to your request or provide you with marketing communications that we believe may be useful to you.
Not providing your personal data may in certain cases result in disadvantages for you, e.g., we may not be able to provide you with a service.
We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.
5. How long do we keep your data
Generally, we retain your personal data for as long as needed by legislation, depending on the purpose and type of processing.
Specifically, your personal data will be retained for as long as necessary to fulfil the purposes we collected them for, e.g., for as long as necessary to provide you with the functionalities of our Website and the services requested. Once the data processing purpose is completed, we will either delete your personal data or anonymize your personal data, unless statutory retention requirements apply.
Especially:
- We retain your personal data collected from you when you subscribe to the Newsletter (e.g., e-mail address) for as long as you remain subscribed to our newsletter list and delete them in case of withdrawal of your consent.
- We retain your personal data that we collect from you when you deal with our hotel, such as in the case of making a reservation (e.g. name, contact details, product delivery address, billing information) for a maximum period of 10 years from the conclusion of the contract between us, in order to respond to the exercise of any of your rights, until they are time-barred.
- We retain your personal data that we collect from you for the submission of a question or complaint, when you address us through our Website or any other available means of communication for the necessary period of time until the final resolution of the relevant issue.
- We keep your personal data collected from you, when you send your CV for the purpose of finding a job and if our relevant announcement for the recruitment of associates has been posted, for the time period provided in our policy for the information of potential employees’ personal data processing.
6. How we ensure your data security
Considering the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, GRAND BLUE BEACH HOTEL implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing.
7. What are your Rights
Pursuant to the conditions provided in the relevant legislation (GDPR) you may have the following rights for the protection of your personal data:
Right of access
You may contact us to explain to you if and which data we retain about you, as well as the way we process such data. You may also request a copy of your personal data which retain about you.
Right to rectification
If you believe that your data are not accurate or need to be updated, you have the right to obtain the rectification of inaccurate personal data and to have incomplete data completed.
Right to erasure
Under certain circumstances, e.g., personal data are no longer necessary, you withdraw your consent, the data have been unlawfully processed, you have the right to obtain the erasure of personal data.
Right to restriction of processing
If you believe that your data are not accurate or their processing is unlawful or you think that GRAND BLUE BEACH HOTEL does no longer need your data or you have objections to automated processing, you have the right to obtain the restriction of processing.
Right to object
You have the right to object to processing of your personal data from GRAND BLUE BEACH HOTEL on grounds relating to your particular situation, unless, inter alia, there are compelling legitimate grounds for the processing which override your interests, rights and freedoms. You also have the right to object when a decision concerning you is based solely on automated processing, including profiling, and produces legal effects concerning you or significantly affects you (statutory exceptions apply).
Right to data portability
You may request to receive your data in a structured, commonly used and machine-readable format, as well as to transmit your data to another organization (controller), which you will indicate to GRAND BLUE BEACH HOTEL.
If you have provided your consent with regard to specific collection, process and use of your personal data (e.g. to receive communication for direct marketing of products and services), you may withdraw that consent at any time with effect for the future.
You can find more detailed information regarding your rights on the Hellenic Data Protection Authority’s (HDPA) website here.
In order to exercise your rights, you can contact GRAND BLUE BEACH HOTEL by mail at info@grandbluehotel.gr
Right to lodge a complaint with the Authority
We inform you that you have the right to lodge a complaint with the HDPA for issues regarding the processing of your personal data. HDPA is seated in Athens (Kifisias Avenue, 1-3, 115 23). With regard to HDPA’s competency and the submission of a complaint, you may visit HDPA’s webpage (www.dpa.gr).
8. How to contact us
We may modify this Privacy Policy from time to time to comply with regulatory changes and for operational purposes. Updated versions of this Privacy Policy will be posted on the Website with a date indication, so that you know which is the most recently updated version.
This Privacy Policy was posted on 07. 02.2023.
CCTV POLICY
CCTV POLICY
(INFORMATION POLICY FOR THE PROCESSING OF PERSONAL DATA THROUGH VIDEO SURVEILLANCE SYSTEM)
Intro
This Information Policy on the processing of personal data through a video surveillance system (hereinafter "CCTV Policy" or “Policy”) belongs to the company under the company name "KONSTANTINOS KOULIAS ANONYMI ETAIREIA" and the distinctive title "GRAND BLUE BEACH HOTEL" (hereinafter referred to as "company", or "hotel" or "we"), which by law acts as Data Controller and is based in the area of Lambi (P.C. 85300) of the municipality of Kos, Dodecanese, with TIN 094034654.
This Policy describes important aspects concerning our processing of the data subjects’ personal data, which we receive in the context of the operation of the video surveillance system through closed-circuit television cameras (hereinafter referred to as "CCTV system") in the hotel premises where our company operates.
Thanks to this Policy, clearly documented procedures are formed for the processing of your personal data and you are informed about:
-The purpose for which the processing is carried out,
-The mode of operation of the CCTV system in use,
-The installation areas and range of the cameras,
−The retention period of the data,
-The categories of persons operating the CCTV system,
-Your rights regarding your personal data, which are processed by the operating CCTV system.
1. Purposes of installation and operation of CCTV system
1.1. We use a surveillance system for the purpose of security and protection of persons and goods.
1.2. The purpose of protecting persons and goods is initially justified by our legitimate interest to preserve the reputation of our hotel as a safe place to stay, taking care of the safety of life, physical integrity, health and property of persons lawfully present in it. Furthermore, our company, operating a hotel, is obliged to protect the property of its customers in accordance with applicable law (cf. Articles 834 et seq. of the Greek Civil Code, regarding the liability of hoteliers).
1.3. The company does not use the CCTV system for other purposes. The CCTV system is not used to evaluate employees’ efficiency.
2. How CCTV System Works
2.1. The operation of the CCTV system is justified and necessary for the purposes of the legitimate interests pursued by the company and for its compliance with its legal obligations regarding the operation of a hotel (see clause 1.2 above) with the minimal privacy impact.
2.2. We collect only image data and limit the video- surveillance to specific places where we have assessed that there is an increased likelihood of committing illegal acts (e.g. theft, such as at our cash registers, warehouses of goods and at the hotel entrance), without focusing on areas where the privacy of the persons whose image is recorded may be excessively restricted (see in particular clauses 3.1.5; 3.1.6).
2.3. Our company uses a CCTV system designed with privacy-friendly settings for the subjects entering and circulating in the area of video surveillance. This is because:
- The CCTV system does not process audio data.
- It is a static CCTV system, without the possibility of torsion and focus (zoom).
2.4. Our company uses the CCTV system in the least invasive way to the privacy of data subjects, as evidenced by the video surveillance operating conditions (camera locations, record retention time, limited access to the file), which are more specifically analyzed in section 3 hereof as well as by the fact that no special categories of data are collected.
3. Description of CCTV system used
3.1. Number and locations of cameras:
3.1.1. The cameras are installed in such an environment that they receive clear quality images to serve their installation purposes, providing the necessary information to the company.
3.1.2. Nine [9] cameras have been installed, by a specialist, in the absolutely necessary areas in relation to the intended purposes. The number and type of cameras installed is depended on the size of the installations and the increased security requirements and is limited to the processing of the absolutely necessary information.
3.1.3. The area covered by the cameras is owned by the company and public spaces are not video-surveilled (e.g., no image is taken from side streets, and/or sidewalks, nor from entrances or interiors of neighboring buildings/spaces).
3.1.4. We have posted in our hotel in every place where the video surveillance system operates an appropriate number of visible information/warning signs about the fact that the space is being video-surveilled.
3.1.5. The company has limited the image capture through the CCTV system to areas where it is assessed that there is an increased likelihood of criminal or delinquent acts and to areas containing sensitive information or assets that need increased protection, as well as to entry and exit points of our hotel facilities to control incoming/outgoing guests (e.g. entrances/exits of property and buildings, reception, elevator and staircase entrances/exits, money storage areas, warehouse entrances, electromechanical installations, etc.).
3.1.6. The cameras do not focus on data subjects or areas where their privacy could be deemed as excessively restricted and hotel guests or guests may be unduly monitored, such as dining areas and corridors leading to hotel rooms. Such areas also mean, but not limited to, the entrances of private rooms, toilets, and areas where leisure activities take place (such as swimming pools, gyms, sports areas, changing rooms, etc.).
3.2. System’s Operation Time:
The CCTV system operates twenty-four (24) hours a day seven (7) days a week with time stamping, to ensure the intended increased protection of goods and persons. The CCTV system records the movement in the video-surveilled area in combination with the date and time.
3.3. Record Retention Period:
3.3.1. The data processed through the CCTV system are kept for a period of 15 days in view of the intended processing purposes.
3.3.2. The data is automatically deleted via the CCTV system after the above period has elapsed.
3.3.3. In special cases of criminal or delinquent acts (e.g., theft, robbery, unauthorized access to the company's premises), it is allowed to keep images of the specific incident in a separate file for 30 days, in accordance with Directive 1/2011 of the Hellenic Data Protection Authority. If the incident concerns a third party, it is allowed to keep images for 3 months, similarly in accordance with the above directive of the Hellenic Data Protection Authority.
4. Recipients
4.1. The maintained CCTV record is not transmitted to third party recipients.
This material is accessible only by our competent and authorized personnel in charge of the security of the site. Specifically, to prevent the dissemination of material to unauthorized recipients, access to the CCTV system has a special team of authorized persons-associates, properly trained and familiar with this Policy and the safe and lawful operation of the system, which consists of the CEO, the Hotel Manager, the IT Manager and the external partner responsible for the Technical Maintenance of the CCTV system, each of whom has clearly defined responsibilities.
4.2. Exceptionally, the transmission of material is allowed without the consent of the data subject, in case our company is obliged to transmit data to a competent judicial, prosecutorial, police or other competent authority under their lawful request during the exercise of their duties, or in case it constitutes evidence of a criminal act committed in the area of the operating video surveillance system and can contribute to the investigation of the incident or the identification of perpetrators.
5. Data Subject Rights
5.1. According to data protection law, the data subject has the following rights:
Right of access: the data subject has the right to know if we are processing his or her image and, if so, to receive a copy of it.
Right to restriction: the data subject has the right to ask us to restrict processing, such as not to delete data that he/she considers necessary for the establishment, exercise or support of his/her legal claims.
Right to object: the data subject has the right to object to the processing of his or her personal data.
Right to erasure: the data subject has the right to ask us to delete his or her data.
5.2 You can exercise your rights by sending an email to address “info@grandbluehotel.gr”, or a letter to our postal address, or by submitting your request in person to the reception of our hotel at Kardamena, Kos 85302, Greece. The application must contain your identity details (ID number, passport, etc.). In case of a request related to your image, it is required to determine when you were within the range of our company's cameras, as well as to provide us with a recent photo of you, which will facilitate us in specifying your data and hiding third parties depicted. Alternatively, you can come to our facilities to show to us the images in which you appear. Please note that exercising the right to object or delete does not imply the immediate deletion of data or the modification of processing. In any case, the company will respond in detail to the request as soon as possible, within the legal deadlines.
5.3 In case you believe that we have unjustifiably not satisfied any of your above rights or that we have proceeded to any unlawful processing of your personal data, you are entitled to file a complaint before the Hellenic Data Protection Authority, based in Athens on Leof. Kifisias 1 (PC 115 23), with contact phone 2106475600. Prior to the submission of your complaint, it is recommended to consult the official website of the Hellenic Data Protection Authority "www.dpa.gr", in order to check that your complaint can be admissibly submitted before the DPA, as detailed therein.
(INFORMATION POLICY FOR THE PROCESSING OF PERSONAL DATA THROUGH VIDEO SURVEILLANCE SYSTEM)
Intro
This Information Policy on the processing of personal data through a video surveillance system (hereinafter "CCTV Policy" or “Policy”) belongs to the company under the company name "KONSTANTINOS KOULIAS ANONYMI ETAIREIA" and the distinctive title "GRAND BLUE BEACH HOTEL" (hereinafter referred to as "company", or "hotel" or "we"), which by law acts as Data Controller and is based in the area of Lambi (P.C. 85300) of the municipality of Kos, Dodecanese, with TIN 094034654.
This Policy describes important aspects concerning our processing of the data subjects’ personal data, which we receive in the context of the operation of the video surveillance system through closed-circuit television cameras (hereinafter referred to as "CCTV system") in the hotel premises where our company operates.
Thanks to this Policy, clearly documented procedures are formed for the processing of your personal data and you are informed about:
-The purpose for which the processing is carried out,
-The mode of operation of the CCTV system in use,
-The installation areas and range of the cameras,
−The retention period of the data,
-The categories of persons operating the CCTV system,
-Your rights regarding your personal data, which are processed by the operating CCTV system.
1. Purposes of installation and operation of CCTV system
1.1. We use a surveillance system for the purpose of security and protection of persons and goods.
1.2. The purpose of protecting persons and goods is initially justified by our legitimate interest to preserve the reputation of our hotel as a safe place to stay, taking care of the safety of life, physical integrity, health and property of persons lawfully present in it. Furthermore, our company, operating a hotel, is obliged to protect the property of its customers in accordance with applicable law (cf. Articles 834 et seq. of the Greek Civil Code, regarding the liability of hoteliers).
1.3. The company does not use the CCTV system for other purposes. The CCTV system is not used to evaluate employees’ efficiency.
2. How CCTV System Works
2.1. The operation of the CCTV system is justified and necessary for the purposes of the legitimate interests pursued by the company and for its compliance with its legal obligations regarding the operation of a hotel (see clause 1.2 above) with the minimal privacy impact.
2.2. We collect only image data and limit the video- surveillance to specific places where we have assessed that there is an increased likelihood of committing illegal acts (e.g. theft, such as at our cash registers, warehouses of goods and at the hotel entrance), without focusing on areas where the privacy of the persons whose image is recorded may be excessively restricted (see in particular clauses 3.1.5; 3.1.6).
2.3. Our company uses a CCTV system designed with privacy-friendly settings for the subjects entering and circulating in the area of video surveillance. This is because:
- The CCTV system does not process audio data.
- It is a static CCTV system, without the possibility of torsion and focus (zoom).
2.4. Our company uses the CCTV system in the least invasive way to the privacy of data subjects, as evidenced by the video surveillance operating conditions (camera locations, record retention time, limited access to the file), which are more specifically analyzed in section 3 hereof as well as by the fact that no special categories of data are collected.
3. Description of CCTV system used
3.1. Number and locations of cameras:
3.1.1. The cameras are installed in such an environment that they receive clear quality images to serve their installation purposes, providing the necessary information to the company.
3.1.2. Nine [9] cameras have been installed, by a specialist, in the absolutely necessary areas in relation to the intended purposes. The number and type of cameras installed is depended on the size of the installations and the increased security requirements and is limited to the processing of the absolutely necessary information.
3.1.3. The area covered by the cameras is owned by the company and public spaces are not video-surveilled (e.g., no image is taken from side streets, and/or sidewalks, nor from entrances or interiors of neighboring buildings/spaces).
3.1.4. We have posted in our hotel in every place where the video surveillance system operates an appropriate number of visible information/warning signs about the fact that the space is being video-surveilled.
3.1.5. The company has limited the image capture through the CCTV system to areas where it is assessed that there is an increased likelihood of criminal or delinquent acts and to areas containing sensitive information or assets that need increased protection, as well as to entry and exit points of our hotel facilities to control incoming/outgoing guests (e.g. entrances/exits of property and buildings, reception, elevator and staircase entrances/exits, money storage areas, warehouse entrances, electromechanical installations, etc.).
3.1.6. The cameras do not focus on data subjects or areas where their privacy could be deemed as excessively restricted and hotel guests or guests may be unduly monitored, such as dining areas and corridors leading to hotel rooms. Such areas also mean, but not limited to, the entrances of private rooms, toilets, and areas where leisure activities take place (such as swimming pools, gyms, sports areas, changing rooms, etc.).
3.2. System’s Operation Time:
The CCTV system operates twenty-four (24) hours a day seven (7) days a week with time stamping, to ensure the intended increased protection of goods and persons. The CCTV system records the movement in the video-surveilled area in combination with the date and time.
3.3. Record Retention Period:
3.3.1. The data processed through the CCTV system are kept for a period of 15 days in view of the intended processing purposes.
3.3.2. The data is automatically deleted via the CCTV system after the above period has elapsed.
3.3.3. In special cases of criminal or delinquent acts (e.g., theft, robbery, unauthorized access to the company's premises), it is allowed to keep images of the specific incident in a separate file for 30 days, in accordance with Directive 1/2011 of the Hellenic Data Protection Authority. If the incident concerns a third party, it is allowed to keep images for 3 months, similarly in accordance with the above directive of the Hellenic Data Protection Authority.
4. Recipients
4.1. The maintained CCTV record is not transmitted to third party recipients.
This material is accessible only by our competent and authorized personnel in charge of the security of the site. Specifically, to prevent the dissemination of material to unauthorized recipients, access to the CCTV system has a special team of authorized persons-associates, properly trained and familiar with this Policy and the safe and lawful operation of the system, which consists of the CEO, the Hotel Manager, the IT Manager and the external partner responsible for the Technical Maintenance of the CCTV system, each of whom has clearly defined responsibilities.
4.2. Exceptionally, the transmission of material is allowed without the consent of the data subject, in case our company is obliged to transmit data to a competent judicial, prosecutorial, police or other competent authority under their lawful request during the exercise of their duties, or in case it constitutes evidence of a criminal act committed in the area of the operating video surveillance system and can contribute to the investigation of the incident or the identification of perpetrators.
5. Data Subject Rights
5.1. According to data protection law, the data subject has the following rights:
Right of access: the data subject has the right to know if we are processing his or her image and, if so, to receive a copy of it.
Right to restriction: the data subject has the right to ask us to restrict processing, such as not to delete data that he/she considers necessary for the establishment, exercise or support of his/her legal claims.
Right to object: the data subject has the right to object to the processing of his or her personal data.
Right to erasure: the data subject has the right to ask us to delete his or her data.
5.2 You can exercise your rights by sending an email to address “info@grandbluehotel.gr”, or a letter to our postal address, or by submitting your request in person to the reception of our hotel at Kardamena, Kos 85302, Greece. The application must contain your identity details (ID number, passport, etc.). In case of a request related to your image, it is required to determine when you were within the range of our company's cameras, as well as to provide us with a recent photo of you, which will facilitate us in specifying your data and hiding third parties depicted. Alternatively, you can come to our facilities to show to us the images in which you appear. Please note that exercising the right to object or delete does not imply the immediate deletion of data or the modification of processing. In any case, the company will respond in detail to the request as soon as possible, within the legal deadlines.
5.3 In case you believe that we have unjustifiably not satisfied any of your above rights or that we have proceeded to any unlawful processing of your personal data, you are entitled to file a complaint before the Hellenic Data Protection Authority, based in Athens on Leof. Kifisias 1 (PC 115 23), with contact phone 2106475600. Prior to the submission of your complaint, it is recommended to consult the official website of the Hellenic Data Protection Authority "www.dpa.gr", in order to check that your complaint can be admissibly submitted before the DPA, as detailed therein.
JOB APPLICANT PRIVACY STATEMENT
Summary of
APPLICANT PRIVACY STATEMENT
This Summary Applicant Privacy Statement regarding job applicant’s personal data processing (“Summary Statement”) will provide you with a summary of the accompanied, detailed Applicant Privacy Statement (hereafter “Full Statement”) on our data processing activities with respect to individually identifiable information about job applicants for positions ("Personal Data") at GRAND BLUE BEACH HOTEL. GRAND BLUE BEACH HOTEL (Κ. ΚΟΥΛΙΑΣ Α.Ε.) has its registered offices in Lambi, Kos, Greece, 85300 (“GRAND BLUE BEACH HOTEL” or “we” or “us” or “our”).
Scope of applicability
This Summary Statement applies to you if you are applying for a position at GRAND BLUE BEACH HOTEL or if you are sending an unsolicited application/CV to GRAND BLUE BEACH HOTEL. It also applies if you apply for a position at GRAND BLUE BEACH HOTEL through a third-party provider, such as recruitment agency or a job search website (e.g. www.kariera.gr). In this case, we draw your attention to the fact that special terms apply to the processing of personal data by these third party providers, which we encourage you to ask them from these third party providers and keep a copy of them.
Processing of your Personal Data & Categories of Personal Data
We process the following Personal Data collected from you (during the application and job interview process or as included in your unsolicited application/CV), or from authorized third parties (recruitment companies), as applicable: full name, contact details, information related to your education and professional experience, language skills, your eligibility to work in Greece, information about the reason for your application at GRAND BLUE BEACH HOTEL, information included in the CV you shared with us and any other information you have provided. For more details see I. 1. of the Full Statement or click here.
Processing purposes
We process your Personal Data for the following purposes, in order to:
Legal basis for the processing of your Personal Data
One of the key privacy law requirements is that any processing of Personal Data must have a legal justification. We generally use the following legal justifications: the processing is necessary (i) to conclude an employment contract with you [Art. 6(1)(b) GDPR], (ii) to comply with a legal obligation [Article 6 (1) (c) GDPR], (iii) to assert our legitimate interest [Art. 6(1)(f) GDPR], or (iv) based on your consent [Art. 6(1)(a) GDPR], where required. For more details see I. 3. of the Full Statement or click here.
Data transfers and recipients of personal data
We may, where applicable, transfer your Personal Data to our service providers, external advisors, and, in accordance with applicable law, governmental authorities, courts, and similar third parties, some of the aforementioned recipients might be located in jurisdictions outside the EU. For more details see II. of the Full Statement or click here.
Retention periods for and deletion of your Personal Data
We delete your data immediately, in case your application is rejected, or in case you reject our job offer, although your application has been approved.
In case of rejection, the data collected during the recruitment process is retained by us for a maximum period of two years in case your application has been rejected but you asked from us to be informed for future positions.
In case of approval and acceptance of the job offer, you will be informed during the recruitment process and before the stage of assuming your duties about the processing of your data that we carry out as an employing company.
For more details see point III. of the Full Update or click here.
Your statutory rights
You have specific rights with regard to the processing or your Personal Data, each as per the conditions defined in applicable law, such as the right to have access to your data, to have them corrected, erased or handed over. Please refer any of your questions to GRAND BLUE BEACH HOTEL at info@grandbluehotel.gr. For more details see IV. of the Full Statement or click here.
Changes of this Summary and the Full Statement as well as further notices
Both this Summary and the Full Statement are subject to change. You will be notified adequately of any such changes. In case of discrepancies, the latest update will always apply.
How to contact us
If you wish to exercise your data subject rights or if you have any other questions concerning this Statement, please address your request at info@grandbluehotel.gr.
FULL
APPLICANT PRIVACY STATEMENT
If you have applied for a specific job position and have additionally provided your consent for GRAND BLUE BEACH HOTEL to inform you for potential job opportunities that may be of your interest, the processing of your Personal Data is based on your consent [pursuant to Article 6 (1) (a) GDPR] (please specify that such consent is not necessary if you have sent us an unsolicited application/CV). Your Personal Data may also be processed when necessary to comply with our legal obligations (pursuant to Article 6 (1) (c) GDPR): e.g. if you are recruited, your data is transferred to the competent tax and social security authorities, or for the pursuit of the following legitimate interests (pursuant to Article 6 (1) (f) GDPR): in order to protect the legitimate interests of GRAND BLUE BEACH HOTEL, e.g. as necessary to protect against legal claims).
We may transfer some of your Personal Data to other parties, as permitted pursuant to Art. 6 para. 1 lit. f) GDPR, for the legitimate interests of GRAND BLUE BEACH HOTEL, i.e., in order to be able to support our recruiting processes. We may use externally provided IT systems or services provided by third party vendors as a support in the recruitment process and third-party providers of recruiting software services.
We may also transfer of your Personal Data to public authorities, if legally required to do so under applicable national law and according to the Art. 6 para. 1 lit. c) GDPR.
In case your application is rejected (including your unsolicited applications), or you reject our job offer, your personal data will be deleted immediately with safety. If you have applied for a specific position and in case of rejection of your application you have provided your consent which allows GRAND BLUE BEACH HOTEL to inform you about existing and future new positions that may be of interest to you, your Personal Data is stored for 2 years maximum, or until you withdraw your consent and let us know about such withdrawal.
In case of hiring, you will be informed at the stage of taking up your duties about the processing of your data that we carry out as an employing company.
GRAND BLUE BEACH HOTEL may retain anonymized data, i.e. data that does not allow you to be identified, for internal statistical purposes and for the purpose of improving our recruitment process.
(i) Right of access: You may contact us to explain to you if and which data we retain about you, as well as the way we process such data. You may also request a copy of your personal data which retain about you.
(ii) Right to rectification: If you believe that your data are not accurate or need to be updated, you have the right to ask for the rectification of inaccurate personal data and to completion of the incomplete data.
(iii) Right to erasure: Under certain circumstances, e.g., the personal data are no longer necessary, you withdraw your consent, the data have been unlawfully processed, you have the right to ask for the erasure of personal data.
(iv) Right to restriction of processing: If you believe that your data are not accurate or their processing is unlawful or you think that we no longer need your data or you have objections to automated processing, you have the right to ask for the restriction of processing.
(v) Right to data portability: You have the right to receive the data concerning you in a structured, commonly used and machine-readable format, as well as the right to transmit those data to another entity (controller), indicated by you to us.
(vi) Right to object: You have the right to object to processing of your personal data from us on grounds relating to your particular situation, unless, among other reasons, if there are compelling and legitimate grounds for the processing which override your interests, rights and freedoms. You also have the right to object when a decision concerning you is based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you (the law provides exceptions which apply).
If, where applicable, you have provided your consent to any processing activity (e.g. in order to be contacted in case of job vacancy), you may withdraw your consent at any time, with effect for the future, i.e. such withdrawal will not affect the lawfulness of the processing prior to the withdrawal of consent.
The table below lists your rights per processing purpose and corresponding legal basis:
V. RIGHT OF APPEAL TO THE AUTHORITY
We inform you that you have the right to appeal to the Hellenic Data Protection Authority (HDPA) for issues relating to the processing of your personal data. The Hellenic Data Protection Authority is based in Athens (Kifisias 1-3, PC 115 23). Regarding the competence of the Hellenic Data Protection Authority and the procedure for a complaint submission, you can visit the website of the Hellenic Data Protection Authority (www.dpa.gr). Further and more detailed information about your rights can be found on the website of the Hellenic Data Protection Authority, which we encourage you to visit.
VI. CONTACT GRAND BLUE BEACH HOTEL
To contact GRAND BLUE BEACH HOTEL and/or to exercise your rights mentioned in the above section entitled "IV. Your Rights» you can contact us at the following address: info@grandbluehotel.gr
APPLICANT PRIVACY STATEMENT
This Summary Applicant Privacy Statement regarding job applicant’s personal data processing (“Summary Statement”) will provide you with a summary of the accompanied, detailed Applicant Privacy Statement (hereafter “Full Statement”) on our data processing activities with respect to individually identifiable information about job applicants for positions ("Personal Data") at GRAND BLUE BEACH HOTEL. GRAND BLUE BEACH HOTEL (Κ. ΚΟΥΛΙΑΣ Α.Ε.) has its registered offices in Lambi, Kos, Greece, 85300 (“GRAND BLUE BEACH HOTEL” or “we” or “us” or “our”).
Scope of applicability
This Summary Statement applies to you if you are applying for a position at GRAND BLUE BEACH HOTEL or if you are sending an unsolicited application/CV to GRAND BLUE BEACH HOTEL. It also applies if you apply for a position at GRAND BLUE BEACH HOTEL through a third-party provider, such as recruitment agency or a job search website (e.g. www.kariera.gr). In this case, we draw your attention to the fact that special terms apply to the processing of personal data by these third party providers, which we encourage you to ask them from these third party providers and keep a copy of them.
Processing of your Personal Data & Categories of Personal Data
We process the following Personal Data collected from you (during the application and job interview process or as included in your unsolicited application/CV), or from authorized third parties (recruitment companies), as applicable: full name, contact details, information related to your education and professional experience, language skills, your eligibility to work in Greece, information about the reason for your application at GRAND BLUE BEACH HOTEL, information included in the CV you shared with us and any other information you have provided. For more details see I. 1. of the Full Statement or click here.
Processing purposes
We process your Personal Data for the following purposes, in order to:
- determine your suitability for the position you are applying for as part of the application process,
- inform you for existing or potential job opportunities that may be of your interests,
- protect the legal interests of ATLANTIS HOTEL (e.g., as required to defend against legal claims),
- comply with legal or regulatory obligations under laws applicable to ATLANTIS HOTEL.
Legal basis for the processing of your Personal Data
One of the key privacy law requirements is that any processing of Personal Data must have a legal justification. We generally use the following legal justifications: the processing is necessary (i) to conclude an employment contract with you [Art. 6(1)(b) GDPR], (ii) to comply with a legal obligation [Article 6 (1) (c) GDPR], (iii) to assert our legitimate interest [Art. 6(1)(f) GDPR], or (iv) based on your consent [Art. 6(1)(a) GDPR], where required. For more details see I. 3. of the Full Statement or click here.
Data transfers and recipients of personal data
We may, where applicable, transfer your Personal Data to our service providers, external advisors, and, in accordance with applicable law, governmental authorities, courts, and similar third parties, some of the aforementioned recipients might be located in jurisdictions outside the EU. For more details see II. of the Full Statement or click here.
Retention periods for and deletion of your Personal Data
We delete your data immediately, in case your application is rejected, or in case you reject our job offer, although your application has been approved.
In case of rejection, the data collected during the recruitment process is retained by us for a maximum period of two years in case your application has been rejected but you asked from us to be informed for future positions.
In case of approval and acceptance of the job offer, you will be informed during the recruitment process and before the stage of assuming your duties about the processing of your data that we carry out as an employing company.
For more details see point III. of the Full Update or click here.
Your statutory rights
You have specific rights with regard to the processing or your Personal Data, each as per the conditions defined in applicable law, such as the right to have access to your data, to have them corrected, erased or handed over. Please refer any of your questions to GRAND BLUE BEACH HOTEL at info@grandbluehotel.gr. For more details see IV. of the Full Statement or click here.
Changes of this Summary and the Full Statement as well as further notices
Both this Summary and the Full Statement are subject to change. You will be notified adequately of any such changes. In case of discrepancies, the latest update will always apply.
How to contact us
If you wish to exercise your data subject rights or if you have any other questions concerning this Statement, please address your request at info@grandbluehotel.gr.
FULL
APPLICANT PRIVACY STATEMENT
I.YOUR PERSONAL DATA / PURPOSES AND LEGAL BASIS OF THE PROCESSING
We will process your Personal Data in this regard, which we collect from you during the application process, as part of the job interview process or included in the unsolicited application/CV you have sent us or from third parties (e.g., employment agencies).
1.Categories of Personal Data
As needed, we may collect the following Personal Data categories:- Identification data, such as name, date of birth, nationality.
- Contact details, such as address, phone number, email address.
- Recruitment-related information, such as professional experience (including references from previous employers), education, language skills, qualifications, talents, professional memberships.
- Interview notes.
- Communication details, such as email content.
- Information about your eligibility to work in Greece.
- Information about the reason for your application at GRAND BLUE BEACH HOTEL.
- Any other information you provide in your CV/resume, cover letter and/or the documents you upload or provide to us by any other means.
2.Processing Purposes
We process your Personal Data, to the extent permitted or required under applicable law, for the purposes to- determine your suitability for the position you are applying for as part of the application process.
- contact you regarding your application.
- inform you for potential other job opportunities which might be of your interest (if you have provided your consent).
- protect the legal interests of GRAND BLUE BEACH HOTEL (e.g., as required to defend against legal claims) and
- comply with legal or regulatory obligations under laws applicable to GRAND BLUE BEACH HOTEL.
3.Legal Basis
The processing of your Personal Data is mainly necessary to evaluate your CV and professional background, as well as to determine whether to conclude an employment contract with you. This processing is based on Article 6(1)(b) of the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"). The legal basis for processing any information you provide to us in your application, which belongs to special categories of data, such as health data, is Article 9 para. 2 b) GDPR, which is also related to our obligations under labor law and to safeguarding your fundamental rights and Article 9 para. (2h) to assess the worker's working capacity.If you have applied for a specific job position and have additionally provided your consent for GRAND BLUE BEACH HOTEL to inform you for potential job opportunities that may be of your interest, the processing of your Personal Data is based on your consent [pursuant to Article 6 (1) (a) GDPR] (please specify that such consent is not necessary if you have sent us an unsolicited application/CV). Your Personal Data may also be processed when necessary to comply with our legal obligations (pursuant to Article 6 (1) (c) GDPR): e.g. if you are recruited, your data is transferred to the competent tax and social security authorities, or for the pursuit of the following legitimate interests (pursuant to Article 6 (1) (f) GDPR): in order to protect the legitimate interests of GRAND BLUE BEACH HOTEL, e.g. as necessary to protect against legal claims).
II.DATA TRANSFERS AND RECIPIENTS
GRAND BLUE BEACH HOTEL transfers personal data in accordance with applicable laws. Generally, your personal data are not transferred outside EU/EEA. To the extent that, in the context of and for the needs of the above-mentioned purposes, your personal data need to be transferred outside EU, such data transfer will take place in accordance with applicable law and GRAND BLUE BEACH HOTEL will ensure an adequate level of data protection, by entering into appropriate data transfer agreements based on Standard Contractual Clauses, which are accessible upon request at info@grandbluehotel.gr or taking other measures to provide an adequate level of data protection. GRAND BLUE BEACH HOTEL establishes or confirms that all data recipients will provide an adequate level of protection for your personal data.We may transfer some of your Personal Data to other parties, as permitted pursuant to Art. 6 para. 1 lit. f) GDPR, for the legitimate interests of GRAND BLUE BEACH HOTEL, i.e., in order to be able to support our recruiting processes. We may use externally provided IT systems or services provided by third party vendors as a support in the recruitment process and third-party providers of recruiting software services.
We may also transfer of your Personal Data to public authorities, if legally required to do so under applicable national law and according to the Art. 6 para. 1 lit. c) GDPR.
III.RETENTION PERIODS
The main principle is that Personal Data pertaining to a job application will be deleted as soon as a decision has been made in respect of the job and any applicable period to appeal or otherwise dispute the decision has expired. In other words, Personal Data processed for the purposes stated in the Statement will only be stored for as long as necessary to evaluate them.In case your application is rejected (including your unsolicited applications), or you reject our job offer, your personal data will be deleted immediately with safety. If you have applied for a specific position and in case of rejection of your application you have provided your consent which allows GRAND BLUE BEACH HOTEL to inform you about existing and future new positions that may be of interest to you, your Personal Data is stored for 2 years maximum, or until you withdraw your consent and let us know about such withdrawal.
In case of hiring, you will be informed at the stage of taking up your duties about the processing of your data that we carry out as an employing company.
GRAND BLUE BEACH HOTEL may retain anonymized data, i.e. data that does not allow you to be identified, for internal statistical purposes and for the purpose of improving our recruitment process.
IV.YOUR STATUTORY RIGHTS
Under the conditions provided for in the relevant legislation, you have the following rights regarding the protection of your Personal Data:(i) Right of access: You may contact us to explain to you if and which data we retain about you, as well as the way we process such data. You may also request a copy of your personal data which retain about you.
(ii) Right to rectification: If you believe that your data are not accurate or need to be updated, you have the right to ask for the rectification of inaccurate personal data and to completion of the incomplete data.
(iii) Right to erasure: Under certain circumstances, e.g., the personal data are no longer necessary, you withdraw your consent, the data have been unlawfully processed, you have the right to ask for the erasure of personal data.
(iv) Right to restriction of processing: If you believe that your data are not accurate or their processing is unlawful or you think that we no longer need your data or you have objections to automated processing, you have the right to ask for the restriction of processing.
(v) Right to data portability: You have the right to receive the data concerning you in a structured, commonly used and machine-readable format, as well as the right to transmit those data to another entity (controller), indicated by you to us.
(vi) Right to object: You have the right to object to processing of your personal data from us on grounds relating to your particular situation, unless, among other reasons, if there are compelling and legitimate grounds for the processing which override your interests, rights and freedoms. You also have the right to object when a decision concerning you is based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you (the law provides exceptions which apply).
If, where applicable, you have provided your consent to any processing activity (e.g. in order to be contacted in case of job vacancy), you may withdraw your consent at any time, with effect for the future, i.e. such withdrawal will not affect the lawfulness of the processing prior to the withdrawal of consent.
The table below lists your rights per processing purpose and corresponding legal basis:
| RIGHTS (GDPR ARTICLES) | ||||||||
| Access (15) | Rectification (16) | Erasure (17) | Restriction (18) | Portability (20) | Objection (21) | Withdrawal of consent (7.3) | ||
| PURPOSE | LEGAL BASIS | |||||||
| Assessment of recruitment conditions | 6.1b GDPR (take steps prior to contract) | Χ | Χ | Χ | Χ | Χ | ||
| Inform you about future job opportunities | 6.1a GDPR (consent) | Χ | Χ | Χ | Χ | Χ | Χ | |
V. RIGHT OF APPEAL TO THE AUTHORITY
We inform you that you have the right to appeal to the Hellenic Data Protection Authority (HDPA) for issues relating to the processing of your personal data. The Hellenic Data Protection Authority is based in Athens (Kifisias 1-3, PC 115 23). Regarding the competence of the Hellenic Data Protection Authority and the procedure for a complaint submission, you can visit the website of the Hellenic Data Protection Authority (www.dpa.gr). Further and more detailed information about your rights can be found on the website of the Hellenic Data Protection Authority, which we encourage you to visit.
VI. CONTACT GRAND BLUE BEACH HOTEL
To contact GRAND BLUE BEACH HOTEL and/or to exercise your rights mentioned in the above section entitled "IV. Your Rights» you can contact us at the following address: info@grandbluehotel.gr
Kardamena - Kos Island, Dodecanese, Greece 85302
Phone: +30 22420 91252, Reservations: +3022420 48503, Fax: +30 22420 91254
email: info@grandbluehotel.gr
MHTE: 1027177
Phone: +30 22420 91252, Reservations: +3022420 48503, Fax: +30 22420 91254
email: info@grandbluehotel.gr
MHTE: 1027177