PERSONAL DATA PROTECTION POLICY
This Policy was updated on 13/3/2023
Purpose of this policy
The protection of your personal data is important to 7syn7. This policy informs you of 7syn7 personal data collection practices. through its website, including the categories of data it may collect, maintain, process, the purpose of their collection, the categories of persons to whom your data is disclosed, as well as the rights you have.7syn7 makes every effort to protect your personal data, provided that the personal information you provide us is accurate and truthful. It also describes some of the security measures the company takes to protect data privacy and provides certain guarantees about things the company will not do.
We consider the protection of our customers’ privacy and data to be of the utmost importance and we are committed to providing the latter with personalized services that meet their requirements in a way that ensures their privacy. Personal information (personal data) is used exclusively by 7syn7 and its employees, in order to respond to your requests and serve you better, in accordance with this policy. Individuals who handle personal information are trained to use appropriate procedures and do not use the information for any purpose other than those that serve to provide specific services to us. Legal and regulatory framework
7syn7 for the purpose of hotel services collects and processes personal data, for the exercise of its responsibilities, the processing of its electronic services and the fulfillment of its legal obligations. For the purposes of this, Flora Sofiou is the “Processing Officer” within the meaning of article 4 no. 7 of the General Data Protection Regulation. The management and protection of the personal data of the visitor/user of this website https://7syn7.gr is subject to the present conditions, as well as the relevant provisions of the European Regulation 2016/679 on the Protection of Personal Data (GDPR) and the N 4624/2019.
These terms are formulated taking into account both the rapid development of technology, and in particular the Internet, and the existing network of legal regulations regarding these issues. This website is not going to make any unfair use and without your prior approval, following the principles of personal data protection provided by the relevant laws and international conventions and in no way discloses, publicizes, exchanges the personal information and the information you entrust to it.In addition, it does not transmit personal information and details of its users to any other organization or partner that is not connected to it, e-mail addresses or generally any other information concerning its users.
What is ‘GDPR’ – Applicable Legislation.
The GDPR (General Data Protection Regulation General Data Protection Regulation), Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, hereinafter “the Regulation”) concerns the formulation of a single legislative framework for the processing of personal data in the member states of the European.Union and replaces the previous legislation (Directive 95/46/EC).The protection of natural persons against the processing of personal data is a fundamental right. Article 8(1) of the Charter of Fundamental Rights of the European Union (“Charter”) and Article 16(1) of the Treaty on the Functioning of the European Union (TFEU) state that everyone has the right to the protection of personal data character concerning it. The Regulation is binding in all its parts and is directly applicable in every member state (i.e. no special adaptation of the National Legislation is required, article 83 of the Regulation).
What is personal data?
The term “personal data” refers to information of natural persons, such as name, postal address, e-mail address, contact telephone number, etc., which identifies or can identify you, hereinafter “Personal Data or Data”.
What is Personal Data Processing?
Any act or series of acts performed with or without the use of automated means, on personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or alteration, retrieval , information retrieval, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
What is a processing supervisor?
Processing supervisor is the natural or legal person, public authority, agency or other entity that, alone or jointly with others, determines the purposes and manner of processing personal data,
What is the processing executor?
The processing executor is the natural or legal person, public authority, agency or other entity that processes personal data on behalf of the controller.
What kind of data does 7syn7 collect. through this website
Any information that is included in the concept of personal data of the Personal Data Protection Regulation and its collection is not based on the Law or the conclusion or execution of a contract, is collected through this website, only in the event that you choose to expressly consent.
We collect the following personal data (indicative and not limiting):
| Identification Data: | Name, nationality, ID/passport number, date of birth, telephone number. |
| Contact Data: | Postal address, email address, telephone number. |
| Transaction Data: | VAT number, type, place, time of products or services provided. |
| Contractual Relationship Data: | Contractual documents, information and consent forms, electronic declarations of intent. |
| Transactional Behavior Data: | Information regarding interests, preferences and participation in events, contests, surveys. |
| Health Data | Due to the COVID 19 pandemic, health data may be collected. |
We do not collect or gain access in any way to special categories of (“sensitive”) personal data (except during the period of the COVID 19 pandemic, due to strict instructions of the Ministry of Health) or data concerning criminal convictions and offenses of our customers. The customer has the obligation to refrain from providing such data, concerning himself or third data subjects (except during the period of the COVID 19 pandemic, due to strict instructions of the Ministry of Health).
In the event that a customer makes a relevant provision of such data, it will be deleted as soon as it comes to our attention (except during the period of the COVID 19 pandemic, due to strict instructions of the Ministry of Health). We bear no responsibility towards customers or third parties for any provision and/or processing of sensitive data, due to acts or omissions of customers in violation of the above obligation.Visiting our website does not necessarily require you to provide any kind of personal data. In several cases, however, it is necessary to provide some of your personal data yourself, which are indicated in the corresponding data entry sections on this website.
We may collect and store the following personal information about you from the following limited sources:
– contact data, when you contact us to ask questions or request information about the services provided by 7syn7.
– data of identification, communication, transactions, contractual relationship and transactional behavior, when you make a room reservation regardless of the means by which it is made (electronically, by telephone through the customer reception, etc.).
– data of identification, communication, transactions, contractual relationship and transactional behavior, when, in the context of the use of the services provided within our hotel.
– identification, communication, transaction, contractual relationship and transactional data, when you enter into a contract with us for the provision of any services.
– identification, communication, transaction, contractual relationship and transaction data, when you make online purchases of products or services we provide.
– health data from questionnaires that must be completed, due to the COVID 19 pandemic and following instructions from the Ministry of Health.
The 7syn7 does not store or collect payment information during electronic or online payments via credit, debit or prepaid cards. Specifically, by entering the number, security code, name of the holder and the expiry date of the debit or credit card and completing the payment, this data is automatically transmitted to the competent Bank. The Bank collects the data and makes the payment and then confirms to 7syn7 the completion of the transaction.
Retention-Storage of data
At 7syn7 we store personal data only for the time required to perform a service that you have requested or for which you have given your approval, subject to the contrary provisions of the Law as the case may be in matters governed by commercial and/or tax legislation, the various relevant provisions, etc. The health data that may be collected during the period of the COVID 19 pandemic will be deleted immediately after the end of the pandemic and following the instructions of the Ministry of Health.
Data Deletion
Your data is deleted depending on the case and always based on the provisions defined by the relevant Legislation.
Data security
The Internet, like any medium used to transmit information, cannot be considered 100% secure. Internet security is a sensitive issue and relies mainly on reliable organizations and businesses that respect the confidentiality and security of its Users’ information. 7syn7 strives to maintain strict security measures and controls to protect your personal information in order to ensure compliance with all applicable legal requirements, and we implement security measures, at a technical and organizational level, to secure the data we collect by you, against any intentional or unintentional attempt, manipulation, loss, destruction or in general access by an unauthorized person. Our security measures are subject to constant reviews and reforms, according to the latest technological developments. Access to your personal data is limited only to employees authorized for this purpose to provide you with products and services and who come into contact with this data. Physical, electronic and procedural safeguards have been activated, which are harmonized with the regulations for the protection of your personal data.
Internet access
If you contact 7syn7 online, we may occasionally use an email or telephone number to contact you if you have voluntarily provided them to us. You should be aware that communications over the internet, such as emails etc., are not secure unless they are encrypted and we are not responsible for any unauthorized access or loss of your personal information that is beyond our control.
Privacy Policy and Kids
This website is designed and intended for use by adults. If you are a minor below the age limit, from which parental consent is required in your country (in Greece this limit is over 15 years – Law 4624/2019), you should check the terms of this Statement, together with your parent or guardian to ensure you understand and accept these terms. If it is determined that we have collected information from a minor without the consent of their parent or guardian, when such consent should have been obtained, we will delete the information as soon as possible.
Communication through the website platform
In the event that a user communicates with us, through the contact form or in any other way, the provision of personal data by the user is done voluntarily and exclusively at the user’s free will. We will process such provided personal data only to the extent necessary for the specific purpose.
Social networks
Our Website may offer Social Networking and other related tools that allow you to share your actions within the Website with other applications, websites or mass media, and vice versa. Using such features allows information to be shared with your friends or the general public, depending on the settings you have specified in your personal profile. Please see the Privacy Policies of these social networking services for more information about how they handle your data.
Statement Revisions
7syn7 μ reserves the right to periodically modify or revise this Statement, at its sole discretion. In the event that changes are made, 7syn7 will record the date of the amendment or revision to this Statement and the updated Statement will apply to you from that date. We encourage you to periodically review this Statement to review any changes to the way we manage your personal data.
Applicable Law and Jurisdiction
For any dispute arising between the user and 7syn7, the applicable law is Greek and the competent courts to resolve the dispute are the competent Courts of the Prefecture of Thessaloniki.
What are your rights?
In accordance with the Personal Data Protection Regulation [EU General Data Protection Regulation (GDPR) 2016/679], as applicable, you have the following rights:
a) the right of access,
b) the right to rectification,
c) the right to erasure, under certain circumstances, such as when the processing is no longer necessary for the purpose for which it was originally collected and there is no compelling reason for us to continue processing (or storing it);
d) the right to restrict processing,
e) the right to transfer the data,
f) the right to object and the right not to be subject to a decision made solely on the basis of automated processing, including profiling;
g) the right of complaint to the supervisory authority.
That is, you have the right to receive, upon request, free information about the stored personal data concerning you, to present, upon request, objections to the processing of the data concerning you, with effect for the future and to withdraw your consent , as well as, in accordance with the provisions in force, the right to correction, restriction of processing, transmission of the data, deletion of said data and complaint to a supervisory authority. In these cases, please address in writing with a relevant original letter or by fax or by e-mail to the relevant Personal Data Protection department of the Company, mentioned below.
Right to file a complaint
If you believe that the processing of your data violates Regulation (EU) 2016/679, you have the right to file a complaint with a supervisory authority. The competent supervisory authority for Greece is the Data Protection Authority, Kifisias 1-3, 115 23, Athens, https://www.dpa.gr/, tel. 2106475600.
Contact
7syn7 informs you that it has appointed Personal Data Protection Officers with an electronic contact address: florasofiou@yahoo.gr If you have questions or recommendations regarding this Policy, you can direct them to the above address. Continuous developments on the Internet in general make it necessary to adjust our online data protection rules from time to time. 7syn7 reserves the right to make any appropriate changes to these rules at any time.
PERSONAL DATA PROTECTION POLICY
This Policy was updated on 13/3/2023
Purpose of this policy
The protection of your personal data is important to 7syn7. This policy informs you of 7syn7 personal data collection practices. through its website, including the categories of data it may collect, maintain, process, the purpose of their collection, the categories of persons to whom your data is disclosed, as well as the rights you have.7syn7 makes every effort to protect your personal data, provided that the personal information you provide us is accurate and truthful. It also describes some of the security measures the company takes to protect data privacy and provides certain guarantees about things the company will not do.
We consider the protection of our customers’ privacy and data to be of the utmost importance and we are committed to providing the latter with personalized services that meet their requirements in a way that ensures their privacy. Personal information (personal data) is used exclusively by 7syn7 and its employees, in order to respond to your requests and serve you better, in accordance with this policy. Individuals who handle personal information are trained to use appropriate procedures and do not use the information for any purpose other than those that serve to provide specific services to us. Legal and regulatory framework
7syn7 for the purpose of hotel services collects and processes personal data, for the exercise of its responsibilities, the processing of its electronic services and the fulfillment of its legal obligations. For the purposes of this, Flora Sofiou is the “Processing Officer” within the meaning of article 4 no. 7 of the General Data Protection Regulation. The management and protection of the personal data of the visitor/user of this website https://7syn7.gr is subject to the present conditions, as well as the relevant provisions of the European Regulation 2016/679 on the Protection of Personal Data (GDPR) and the N 4624/2019.
These terms are formulated taking into account both the rapid development of technology, and in particular the Internet, and the existing network of legal regulations regarding these issues. This website is not going to make any unfair use and without your prior approval, following the principles of personal data protection provided by the relevant laws and international conventions and in no way discloses, publicizes, exchanges the personal information and the information you entrust to it.In addition, it does not transmit personal information and details of its users to any other organization or partner that is not connected to it, e-mail addresses or generally any other information concerning its users.
What is ‘GDPR’ – Applicable Legislation.
The GDPR (General Data Protection Regulation General Data Protection Regulation), Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, hereinafter “the Regulation”) concerns the formulation of a single legislative framework for the processing of personal data in the member states of the European.Union and replaces the previous legislation (Directive 95/46/EC).The protection of natural persons against the processing of personal data is a fundamental right. Article 8(1) of the Charter of Fundamental Rights of the European Union (“Charter”) and Article 16(1) of the Treaty on the Functioning of the European Union (TFEU) state that everyone has the right to the protection of personal data character concerning it. The Regulation is binding in all its parts and is directly applicable in every member state (i.e. no special adaptation of the National Legislation is required, article 83 of the Regulation).
What is personal data?
The term “personal data” refers to information of natural persons, such as name, postal address, e-mail address, contact telephone number, etc., which identifies or can identify you, hereinafter “Personal Data or Data”.
What is Personal Data Processing?
Any act or series of acts performed with or without the use of automated means, on personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or alteration, retrieval , information retrieval, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
What is a processing supervisor?
Controller is the natural or legal person, public authority, agency or other entity that, alone or jointly with others, determines the purposes and manner of processing personal data,
What is the processor?
The processor is the natural or legal person, public authority, agency or other entity that processes personal data on behalf of the controller.
What kind of data does 7syn7 collect. through this website
Any information that is included in the concept of personal data of the Personal Data Protection Regulation and its collection is not based on the Law or the conclusion or execution of a contract, is collected through this website, only in the event that you choose to expressly consent.
We collect the following personal data (indicative and not limiting):
| Identification Data: | Name, nationality, ID/passport number, date of birth, telephone number. |
| Contact Data: | Postal address, email address, telephone number. |
| Transaction Data: | VAT number, type, place, time of products or services provided. |
| Contractual Relationship Data: | Contractual documents, information and consent forms, electronic declarations of intent. |
| Transactional Behavior Data: | Information regarding interests, preferences and participation in events, contests, surveys. |
| Health Data | Due to the COVID 19 pandemic, health data may be collected. |
We do not collect or gain access in any way to special categories of (“sensitive”) personal data (except during the period of the COVID 19 pandemic, due to strict instructions of the Ministry of Health) or data concerning criminal convictions and offenses of our customers. The customer has the obligation to refrain from providing such data, concerning himself or third data subjects (except during the period of the COVID 19 pandemic, due to strict instructions of the Ministry of Health).
In the event that a customer makes a relevant provision of such data, it will be deleted as soon as it comes to our attention (except during the period of the COVID 19 pandemic, due to strict instructions of the Ministry of Health). We bear no responsibility towards customers or third parties for any provision and/or processing of sensitive data, due to acts or omissions of customers in violation of the above obligation.Visiting our website does not necessarily require you to provide any kind of personal data. In several cases, however, it is necessary to provide some of your personal data yourself, which are indicated in the corresponding data entry sections on this website.
We may collect and store the following personal information about you from the following limited sources:
– contact data, when you contact us to ask questions or request information about the services provided by 7syn7.
– data of identification, communication, transactions, contractual relationship and transactional behavior, when you make a room reservation regardless of the means by which it is made (electronically, by telephone through the customer reception, etc.).
– data of identification, communication, transactions, contractual relationship and transactional behavior, when, in the context of the use of the services provided within our hotel.
– identification, communication, transaction, contractual relationship and transactional data, when you enter into a contract with us for the provision of any services.
– identification, communication, transaction, contractual relationship and transaction data, when you make online purchases of products or services we provide.
– health data from questionnaires that must be completed, due to the COVID 19 pandemic and following instructions from the Ministry of Health.
The 7syn7 does not store or collect payment information during electronic or online payments via credit, debit or prepaid cards. Specifically, by entering the number, security code, name of the holder and the expiry date of the debit or credit card and completing the payment, this data is automatically transmitted to the competent Bank. The Bank collects the data and makes the payment and then confirms to 7syn7 the completion of the transaction.
Retention-Storage of data
At 7syn7 we store personal data only for the time required to perform a service that you have requested or for which you have given your approval, subject to the contrary provisions of the Law as the case may be in matters governed by commercial and/or tax legislation, the various relevant provisions, etc. The health data that may be collected during the period of the COVID 19 pandemic will be deleted immediately after the end of the pandemic and following the instructions of the Ministry of Health.
Data Deletion
Your data is deleted depending on the case and always based on the provisions defined by the relevant Legislation.
Data security
The Internet, like any medium used to transmit information, cannot be considered 100% secure. Internet security is a sensitive issue and relies mainly on reliable organizations and businesses that respect the confidentiality and security of its Users’ information. 7syn7 strives to maintain strict security measures and controls to protect your personal information in order to ensure compliance with all applicable legal requirements, and we implement security measures, at a technical and organizational level, to secure the data we collect by you, against any intentional or unintentional attempt, manipulation, loss, destruction or in general access by an unauthorized person. Our security measures are subject to constant reviews and reforms, according to the latest technological developments. Access to your personal data is limited only to employees authorized for this purpose to provide you with products and services and who come into contact with this data. Physical, electronic and procedural safeguards have been activated, which are harmonized with the regulations for the protection of your personal data.
Internet access
If you contact 7syn7 online, we may occasionally use an email or telephone number to contact you if you have voluntarily provided them to us. You should be aware that communications over the internet, such as emails etc., are not secure unless they are encrypted and we are not responsible for any unauthorized access or loss of your personal information that is beyond our control.
Privacy Policy and Kids
This website is designed and intended for use by adults. If you are a minor below the age limit, from which parental consent is required in your country (in Greece this limit is over 15 years – Law 4624/2019), you should check the terms of this Statement, together with your parent or guardian to ensure you understand and accept these terms. If it is determined that we have collected information from a minor without the consent of their parent or guardian, when such consent should have been obtained, we will delete the information as soon as possible.
Communication through the website platform
In the event that a user communicates with us, through the contact form or in any other way, the provision of personal data by the user is done voluntarily and exclusively at the user’s free will. We will process such provided personal data only to the extent necessary for the specific purpose.
Social networks
Our Website may offer Social Networking and other related tools that allow you to share your actions within the Website with other applications, websites or mass media, and vice versa. Using such features allows information to be shared with your friends or the general public, depending on the settings you have specified in your personal profile. Please see the Privacy Policies of these social networking services for more information about how they handle your data.
Statement Revisions
7syn7 μ reserves the right to periodically modify or revise this Statement, at its sole discretion. In the event that changes are made, 7syn7 will record the date of the amendment or revision to this Statement and the updated Statement will apply to you from that date. We encourage you to periodically review this Statement to review any changes to the way we manage your personal data.
Applicable Law and Jurisdiction
For any dispute arising between the user and 7syn7, the applicable law is Greek and the competent courts to resolve the dispute are the competent Courts of the Prefecture of Thessaloniki.
What are your rights?
In accordance with the Personal Data Protection Regulation [EU General Data Protection Regulation (GDPR) 2016/679], as applicable, you have the following rights:
a) the right of access,
b) the right to rectification,
c) the right to erasure, under certain circumstances, such as when the processing is no longer necessary for the purpose for which it was originally collected and there is no compelling reason for us to continue processing (or storing it);
d) the right to restrict processing,
e) the right to transfer the data,
f) the right to object and the right not to be subject to a decision made solely on the basis of automated processing, including profiling;
g) the right of complaint to the supervisory authority.
That is, you have the right to receive, upon request, free information about the stored personal data concerning you, to present, upon request, objections to the processing of the data concerning you, with effect for the future and to withdraw your consent , as well as, in accordance with the provisions in force, the right to correction, restriction of processing, transmission of the data, deletion of said data and complaint to a supervisory authority. In these cases, please address in writing with a relevant original letter or by fax or by e-mail to the relevant Personal Data Protection department of the Company, mentioned below.
Right to file a complaint
If you believe that the processing of your data violates Regulation (EU) 2016/679, you have the right to file a complaint with a supervisory authority. The competent supervisory authority for Greece is the Data Protection Authority, Kifisias 1-3, 115 23, Athens, https://www.dpa.gr/, tel. 2106475600.
Contact
7syn7 informs you that it has appointed Personal Data Protection Officers with an electronic contact address: florasofiou@yahoo.gr If you have questions or recommendations regarding this Policy, you can direct them to the above address. Continuous developments on the Internet in general make it necessary to adjust our online data protection rules from time to time. 7syn7 reserves the right to make any appropriate changes to these rules at any time.
