Privacy & Cookies Policy 

Privacy & Cookies Policy (English) Our business respects the right to privacy and acknowledges the importance of protecting personal information. That is why we ensure your privacy and protect your personal data. Our intended objective is to be transparent as regards the processing of your personal data. In this context, we adhere to this policy that defines how we process and protect your data while you are browsing our website, www.paraxenosskiathos.gr. We use all personal data you provide us in accordance with the General Data Protection Regulation (EU 2016/679) and the applicable personal data protection laws, for the purposes set out in this policy.  

1.   Who is responsible for the collection, handling and processing your personal data?

As the data controller, societe anonyme “restaurant ” is responsible for the processing of your personal data via the website “paraxenosskiathos.gr” and for the security of your data under the applicable personal data protection laws.   DETAILS OF DATA CONTROLLER Corporate Name: “Paraxenos Restaurant Skiathos” Address:  Evangelistrias Street, Skiathos Town, Greece, 37002 T.I.N.:”------------” Telephone: +30 2427 029414 +30 694 6007448 Email: paraxenosres@hotmail.com Tax Office: “--------”  

2. What personal data do we collect? 
3. Personal Data

  The following table presents the personal data our company collects through its website, depending on the type of each user’s activity.   Online Reservation Reservation information might include: name, surname, email, telephone number, country, address, city, PC, table type references, number of persons, dietary preferences, reservation history.   Website browsing Technical Data: IP address, login details, browser type and version, time zone and location, types and versions of additional browsers, operating system and platform and other technology on the devices used to access the website.   Contact Contact Data: name and email. Marketing Data:include your preferences for receiving promotional material from us.   Use of “Cookies” Cookie ID, IP Address, Website user browsing history and behaviour.  

1. Sensitive Personal Data

  Through its website, our company does not ask you to disclose sensitive personal data, i.e. data that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data or data concerning your health or sex life or sexual orientation.  

1. Data of Children

  Our website and services are aimed exclusively at adults (i.e. people aged 18 or more). Our company does not seek and does not receive (at least in its knowledge) personal data directly from minors. However, since it is impossible to always check the age of the persons entering or using the website, we recommend that the parents and guardians of minors contact us if they note any unauthorised disclosure of data by minors for whom they are responsible, in order for them to exercise their rights, such as the right to erasure. Therefore, if you are a minor, do not use or provide any information on this website and do not provide any information about yourself to us. If we note that we have collected or received personal data from a minor, we will delete this information immediately. If you believe that we may have information originating from or concerning a minor, please contact us.  

3.   Why do we process your personal data?

Your personal data is processed by our company in the framework of legitimate purposes and provided that the law permits it. Specifically, we process your personal data:   For the performance of a contract or in order to take steps prior to entering into a contract, For complying with our legal obligations, For pursuing our legitimate interests or the interests of third parties, provided that your interests and fundamental rights do not override our own interests. When you have given us your explicit consent to the processing. Our company relies on your explicit consent as the legal basis for processing your personal data only for sending updates and promotional material and for using certain cookies (see Cookies Policy). In these cases, you always have the right to withdraw your consent at any time, by contacting us. Where your consent is the sole legal basis for the processing of personal data, we will stop the processing following its withdrawal.  

4.   How long do we store your data for?

We retain your data for no longer than is necessary for the purposes for which the personal data are collected. To determine the necessary retention period of your personal data, we check the purposes for which we process your data, the ability to fulfil these purposes with other, less restrictive means, our applicable legal obligations, the quantity, nature and sensitivity of the data, as well as the potential risk of harm from their unauthorised use or disclosure. Different retention periods apply for different types of personal data. However, the maximum retention period of your personal data is twenty (20) years. For more details on the retention periods for each category of personal data, please contact us.  

5.   Who has access to your personal data?

In order to better serve you and ensure the uninterrupted provision of our services, we reserve the right to share some of your personal data with our partners who provide us with support services or help us promote our services. These third-party partners are (natural or legal) persons that process your personal data on our behalf. Our partners include the website and social media managing staff, as well as the advertisers who is responsible for our advertising campaigns. Our partners are not to using your personal information for other purpose than the one pursued and to implement appropriate technical and organisational measures for data safety, always in compliance with the applicable personal data protection legislation.   We will never transfer, sell, lease or exchange your personal data to other companies or organisations for marketing purposes.   It is possible that we may disclose your data to state organisations, regulatory bodies, law enforcement authorities, courts, banking institutions, but only when it is necessary, specifically:   to ensure compliance with our legal obligations. to exercise our legal rights. to prevent, identify, investigate crimes or prosecute offenders. Note that in case of a change in our company (e.g. acquisition or merger with another company), the new owners have the right to use your personal data in the same manner as set out in this privacy statement.  

6.   Do we transfer your data to non EU countries?

Our company does not transfer the personal data it collects via its website to non EU or non EEA countries.  

7.   How do we protect your data?

We implement appropriate technical and organisational measures to ensure your personal data is always protected and safe, preventing any accidental loss, change, disclosure, use or access thereof in an unauthorised manner. Our safety measures include data encryption, regular cyber-safety assessments by all service providers who may handle your personal data, safety audits protecting our overall technical infrastructure against external attacks and unauthorised access and internal policies setting out the method that ensures your personal data protection and the training of our employees. Our company has adopted a policy and procedures for addressing personal data breach incidents, ensuring that you and the supervisory authority are immediately notified, when required by law.  

8.   What are your rights?

Right to access:you have the right to access your personal data. By applying for access, you can be informed of the purposes of the processing, the categories of personal data concerned, the recipients to whom your data have been or will be disclosed, its retention period, the existence of your right to rectification or erasure of data or restriction of processing or to object to processing, information on the origin of data and the existence of automated decision making, including profiling, and meaningful information about the logic involved. Right to rectification: You have the right to obtain the rectification of inaccurate data and to complete incomplete personal data. Right to erasure (“right to be forgotten”): when you no longer wish your personal data to be processed and kept, you have the right to obtain its erasure, provided that the data is not kept for a specific lawful and stated purpose. Right of restriction of processing: You have the right to obtain restriction of processing of your data, when specific reasons are applied (e.d. if you contest our legitimate interest or if your personal data is incorrect or if you think that the processing is unlawful or if we no longer need your data). Right to portability: you have the right to receive a copy or obtain to transmit your data, in a machine – readable format, to another controller, if you wish to. This right includes only the personal data you have provided us yourself. Right to object to the processing under legal interest: You have the right to object, at any time, to the processing of your personal data that is based on our legitimate interest. We will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests and rights or we have legal claims. Right to object to direct marketing: You have the right to object to direct marketing, including profiling made for direct marketing purposes. You have the option to opt out from direct marketing. Right to consent withdrawal: in case we have your explicit consent for the processing of your personal data, you have the right to withdraw it at any time. Where your consent is the sole legal basis for the processing, we will stop processing your data following its withdrawal.

9.   How can you exercise your rights?

If you wish to exercise any of your above rights, contact us using our contact information. You are not required to pay us any fee or charge to exercise any of your rights. However, we reserve the right to charge a reasonable fee, if your request is manifestly unfounded, repeated or excessive. In these cases, we also reserve the right to refuse to comply with your request.   In case you exercise any of your rights, our company is required to respond within a period of one (1) month from the submission of your request. If your request is particularly complex or you have submitted a number of requests, we may need more time to respond. In this case, we will inform you.   If you think that our company processes your personal data incorrectly, please contact us. You also have the right to lodge a complaint with a supervisory authority. Noted that the Greek supervisory authority is the Hellenic Data Protection Authority, seated in Athens, at 1-3 Kifissias Street, P.C. 11523, www.dpa.gr.  

10. Do we use cookies?

Our website uses cookies to collect information in order to allow us to provide you better services and to improve our website functions, as well as our services and promotional activities. For more information, please refer to the Cookies Policy.   Cookies   What are cookies and why do we use them?   They are small pieces of information stored on computers in order to identify the browser used during web browsing.Device IDs are collected from the available system data, which may include IP addresses, user information (browser version, type and operating system version) or device identifiers, such as Apple IDs for advertisers, Apple IDs for suppliers, Google’s Android IDs, or Google Play Store ad IDs. Cookies and similar technologies can be used to memorize data, such as user IDs and preferences.   Using cookies makes it easier for our Website to memorize information about your visit, collecting useful information about your search preferences. So, the search experience will be improved the next time you visit us. In order to provide you with our various services, our business and service providers collect traffic data, IP address, your device software, the type of server you use when navigating, and information on how you use the website (such as the day and time of the connection and disconnection) created during the time you use the website.   In addition, cookies help us to see the performance and traffic of our Website, improving its presentation and content, according to the preferences of our visitors.   What cookies do we use?   Some or all of the cookies described below may be stored in the browser. You can view and manage cookies in the browser (however browsers for mobile devices may not offer this visibility). Our Website may use the following cookies.   Absolutely necessary: The necessary technical cookies are essential for the proper functioning of our Website, they allow you to browse and use its functions.These cookies do not recognize your personal identity.Without these cookies, we cannot offer effective operation of our Website.In addition, these cookies allow our Website to remember your options such as font size to provide improved and personalized features.   Performance Cookies Google analytics: These cookies collect information about how you use our Website, for example, which pages you visit most often. These cookies collect aggregate, anonymous information that does not identify a visitor. They are used exclusively to improve the performance of a website.   Search Console These cookies collect aggregate anonymous information about the proper operation and possible errors of our Website, such as whether a user is looking for an older version of it or if some files have been compromised.   Don’t want to use cookies? You can configure the navigation software in such a way that it excludes all cookies or indicates when a cookie is being sent, however some isotope functions or services may not work properly without cookies. More information on the types of cookies is available at http://www.allaboutcookies.org. If you want to know how to check or remove cookies, you can visit www.AboutCookies.org.  

11. Can we amend the privacy policy?

We reserve the right to update or modify this Policy at any time. For this reason, you are required to regularly check this Policy. Its latest edition is always available on our website and replaces all previous editions. In case of any crucial modification to this policy, such as modifications concerning the purpose for which we use your personal data, the identity of the controller or your rights, we will notify you by publishing the modifications on our website.   Contact details If you have any questions regarding the way in which we collect or use your personal data that were not answered here or if you want to exercise your rights regarding your personal data, please contact us by paraxenosres@hotmail.com.     Camera Policy ENG: A VIDEO SURVEILLANCE SYSTEM WORKS IN THE PREMISES WITH THE PURPOSE OF PROTECTING PERSONS, FACILITIES AND GOODS For more detailed information and to exercise the rights of Regulation (EU) 2016/679 (GDPR), we refer you to: Information form for the processing of personal data through a video surveillance system that is printed on the premises of the company and is available on request Controller under the GDPR: Drew Artan of Gion and Gourier, resident of Evosmos, Thessaloniki, 29 B. Rota Street, with ID number AI 733257/2010 and VAT number 065097013, tel. 6945266080, e-mail: HYPERLINK "mailto:paraxenosres@hotmail.com" paraxenosres@hotmail .com, legal representative and administrator of the company DREW ARTAN & SIA OE Instructions for use: Purpose of processing: Amend accordingly in case of variation of the purpose. More detailed information and exercise of rights: List where in the store/building the data subjects can find the detailed information of level B. Referral can be made to a website. Controller: Enter the details of the controller. In case the controller is established outside the EU, you should include the details of his representative, based on Article 27 of the GDPR.   GR: ΣΤΟΝ ΧΩΡΟ ΛΕΙΤΟΥΡΓΕΙ ΣΥΣΤΗΜΑ ΒΙΝΤΕΟΕΠΙΤΗΡΗΣ ΜΕ ΣΚΟΠΟ ΤΗΝ ΠΡΟΣΤΑΣΙΑ ΠΡΟΣΩΠΩΝ, ΕΓΚΑΤΑΣΤΑΣΕΩΝ ΚΑΙ ΑΓΑΘΩΝ Για αναλυτικότερη ενημέρωση και για την άσκηση δικαιωμάτων του Κανονισμού (ΕΕ) 2016/679 (ΓΚΠΔ) σας παραπέμπουμε στο: Έντυπο Ενημέρωσης για την επεξεργασία δεδομένων προσωπικού χαρακτήρα μέσω συστήματος βιντεοεπιτήρησης που βρίσκεται εκτυπωμένο εντός του χώρου της επιχείρησης και διατίθεται σε κάθε ζήτηση Υπεύθυνος επεξεργασίας με βάση τον ΓΚΠΔ: Ο Ντρέου Αρτάν του Γκιόν και της Γκουριέ, κάτοικος Ευόσμου Θεσσαλονίκης, οδός Β. Ρώτα 29, με ΑΔΤ ΑΙ 733257/2010 και ΑΦΜ 065097013, τηλ. 6945266080, e-mail: HYPERLINK "mailto:paraxenosres@hotmail.com" paraxenosres@hotmail.com, νόμιμος εκπρόσωπος και διαχειριστής της εταιρίας ΝΤΡΕΟΥ ΑΡΤΑΝ & ΣΙΑ ΟΕ Οδηγίες χρήσης: Σκοπός επεξεργασίας: Τροποποιήστε κατάλληλα σε περίπτωση διαφοροποίησης του σκοπού. Αναλυτικότερη ενημέρωση και άσκηση δικαιωμάτων: Αναγράψτε σε ποιο σημείο του καταστήματος/κτιρίου τα υποκείμενα των δεδομένων μπορούν να βρουν την αναλυτική ενημέρωση του Β’ επιπέδου. Η παραπομπή μπορεί να γίνεται σε ιστοσελίδα. Υπεύθυνος επεξεργασίας: Αναγράψτε τα στοιχεία του υπευθύνου επεξεργασίας. Σε περίπτωση που ο υπεύθυνος είναι εγκατεστημένος εκτός ΕΕ, θα πρέπει να συμπεριλάβετε τα στοιχεία του εκπροσώπου του, με βάση το άρθρο 27 του ΓΚΠΔ.