Privacy & Cookies Policy (English)
Our business respects the right to privacy and acknowledges the importance of protecting personal information. That is why we ensure your privacy and protect your personal data. Our intended objective is to be transparent as regards the processing of your personal data. In this context, we adhere to this policy that defines how we process and protect your data while you are browsing our website, www.paraxenosskiathos.gr. We use all personal data you provide us in accordance with the General Data Protection Regulation (EU 2016/679) and the applicable personal data protection laws, for the purposes set out in this policy.
As the data controller, societe anonyme “restaurant ” is responsible for the processing of your personal data via the website “paraxenosskiathos.gr” and for the security of your data under the applicable personal data protection laws.
DETAILS OF DATA CONTROLLER
Corporate Name: “Paraxenos Restaurant Skiathos”
Address: Evangelistrias Street, Skiathos Town, Greece, 37002
Telephone: +30 2427 029414 +30 694 6007448
Tax Office: “--------”
The following table presents the personal data our company collects through its website, depending on the type of each user’s activity.
Reservation information might include: name, surname, email, telephone number, country, address, city, PC, table type references, number of persons, dietary preferences, reservation history.
Technical Data: IP address, login details, browser type and version, time zone and location, types and versions of additional browsers, operating system and platform and other technology on the devices used to access the website.
Contact Data: name and email.
Marketing Data:include your preferences for receiving promotional material from us.
Use of “Cookies”
Cookie ID, IP Address, Website user browsing history and behaviour.
Through its website, our company does not ask you to disclose sensitive personal data, i.e. data that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data or data concerning your health or sex life or sexual orientation.
Our website and services are aimed exclusively at adults (i.e. people aged 18 or more). Our company does not seek and does not receive (at least in its knowledge) personal data directly from minors. However, since it is impossible to always check the age of the persons entering or using the website, we recommend that the parents and guardians of minors contact us if they note any unauthorised disclosure of data by minors for whom they are responsible, in order for them to exercise their rights, such as the right to erasure. Therefore, if you are a minor, do not use or provide any information on this website and do not provide any information about yourself to us. If we note that we have collected or received personal data from a minor, we will delete this information immediately. If you believe that we may have information originating from or concerning a minor, please contact us.
Your personal data is processed by our company in the framework of legitimate purposes and provided that the law permits it. Specifically, we process your personal data:
For the performance of a contract or in order to take steps prior to entering into a contract,
For complying with our legal obligations,
For pursuing our legitimate interests or the interests of third parties, provided that your interests and fundamental rights do not override our own interests.
When you have given us your explicit consent to the processing.
Our company relies on your explicit consent as the legal basis for processing your personal data only for sending updates and promotional material and for using certain cookies (see Cookies Policy). In these cases, you always have the right to withdraw your consent at any time, by contacting us. Where your consent is the sole legal basis for the processing of personal data, we will stop the processing following its withdrawal.
We retain your data for no longer than is necessary for the purposes for which the personal data are collected. To determine the necessary retention period of your personal data, we check the purposes for which we process your data, the ability to fulfil these purposes with other, less restrictive means, our applicable legal obligations, the quantity, nature and sensitivity of the data, as well as the potential risk of harm from their unauthorised use or disclosure. Different retention periods apply for different types of personal data. However, the maximum retention period of your personal data is twenty (20) years. For more details on the retention periods for each category of personal data, please contact us.
In order to better serve you and ensure the uninterrupted provision of our services, we reserve the right to share some of your personal data with our partners who provide us with support services or help us promote our services. These third-party partners are (natural or legal) persons that process your personal data on our behalf. Our partners include the website and social media managing staff, as well as the advertisers who is responsible for our advertising campaigns. Our partners are not to using your personal information for other purpose than the one pursued and to implement appropriate technical and organisational measures for data safety, always in compliance with the applicable personal data protection legislation.
We will never transfer, sell, lease or exchange your personal data to other companies or organisations for marketing purposes.
It is possible that we may disclose your data to state organisations, regulatory bodies, law enforcement authorities, courts, banking institutions, but only when it is necessary, specifically:
to ensure compliance with our legal obligations.
to exercise our legal rights.
to prevent, identify, investigate crimes or prosecute offenders.
Note that in case of a change in our company (e.g. acquisition or merger with another company), the new owners have the right to use your personal data in the same manner as set out in this privacy statement.
Our company does not transfer the personal data it collects via its website to non EU or non EEA countries.
We implement appropriate technical and organisational measures to ensure your personal data is always protected and safe, preventing any accidental loss, change, disclosure, use or access thereof in an unauthorised manner. Our safety measures include data encryption, regular cyber-safety assessments by all service providers who may handle your personal data, safety audits protecting our overall technical infrastructure against external attacks and unauthorised access and internal policies setting out the method that ensures your personal data protection and the training of our employees. Our company has adopted a policy and procedures for addressing personal data breach incidents, ensuring that you and the supervisory authority are immediately notified, when required by law.
Right to access:you have the right to access your personal data. By applying for access, you can be informed of the purposes of the processing, the categories of personal data concerned, the recipients to whom your data have been or will be disclosed, its retention period, the existence of your right to rectification or erasure of data or restriction of processing or to object to processing, information on the origin of data and the existence of automated decision making, including profiling, and meaningful information about the logic involved.
Right to rectification: You have the right to obtain the rectification of inaccurate data and to complete incomplete personal data.
Right to erasure (“right to be forgotten”): when you no longer wish your personal data to be processed and kept, you have the right to obtain its erasure, provided that the data is not kept for a specific lawful and stated purpose.
Right of restriction of processing: You have the right to obtain restriction of processing of your data, when specific reasons are applied (e.d. if you contest our legitimate interest or if your personal data is incorrect or if you think that the processing is unlawful or if we no longer need your data).
Right to portability: you have the right to receive a copy or obtain to transmit your data, in a machine – readable format, to another controller, if you wish to. This right includes only the personal data you have provided us yourself.
Right to object to the processing under legal interest: You have the right to object, at any time, to the processing of your personal data that is based on our legitimate interest. We will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests and rights or we have legal claims.
Right to object to direct marketing: You have the right to object to direct marketing, including profiling made for direct marketing purposes. You have the option to opt out from direct marketing.
Right to consent withdrawal: in case we have your explicit consent for the processing of your personal data, you have the right to withdraw it at any time. Where your consent is the sole legal basis for the processing, we will stop processing your data following its withdrawal.
If you wish to exercise any of your above rights, contact us using our contact information. You are not required to pay us any fee or charge to exercise any of your rights. However, we reserve the right to charge a reasonable fee, if your request is manifestly unfounded, repeated or excessive. In these cases, we also reserve the right to refuse to comply with your request.
In case you exercise any of your rights, our company is required to respond within a period of one (1) month from the submission of your request. If your request is particularly complex or you have submitted a number of requests, we may need more time to respond. In this case, we will inform you.
If you think that our company processes your personal data incorrectly, please contact us. You also have the right to lodge a complaint with a supervisory authority. Noted that the Greek supervisory authority is the Hellenic Data Protection Authority, seated in Athens, at 1-3 Kifissias Street, P.C. 11523, www.dpa.gr.
What are cookies and why do we use them?
They are small pieces of information stored on computers in order to identify the browser used during web browsing.Device IDs are collected from the available system data, which may include IP addresses, user information (browser version, type and operating system version) or device identifiers, such as Apple IDs for advertisers, Apple IDs for suppliers, Google’s Android IDs, or Google Play Store ad IDs. Cookies and similar technologies can be used to memorize data, such as user IDs and preferences.
Using cookies makes it easier for our Website to memorize information about your visit, collecting useful information about your search preferences. So, the search experience will be improved the next time you visit us. In order to provide you with our various services, our business and service providers collect traffic data, IP address, your device software, the type of server you use when navigating, and information on how you use the website (such as the day and time of the connection and disconnection) created during the time you use the website.
In addition, cookies help us to see the performance and traffic of our Website, improving its presentation and content, according to the preferences of our visitors.
What cookies do we use?
Some or all of the cookies described below may be stored in the browser. You can view and manage cookies in the browser (however browsers for mobile devices may not offer this visibility). Our Website may use the following cookies.
The necessary technical cookies are essential for the proper functioning of our Website, they allow you to browse and use its functions.These cookies do not recognize your personal identity.Without these cookies, we cannot offer effective operation of our Website.In addition, these cookies allow our Website to remember your options such as font size to provide improved and personalized features.
These cookies collect information about how you use our Website, for example, which pages you visit most often.
These cookies collect aggregate, anonymous information that does not identify a visitor. They are used exclusively to improve the performance of a website.
These cookies collect aggregate anonymous information about the proper operation and possible errors of our Website, such as whether a user is looking for an older version of it or if some files have been compromised.
You can configure the navigation software in such a way that it excludes all cookies or indicates when a cookie is being sent, however some isotope functions or services may not work properly without cookies.
More information on the types of cookies is available at http://www.allaboutcookies.org. If you want to know how to check or remove cookies, you can visit www.AboutCookies.org.
We reserve the right to update or modify this Policy at any time. For this reason, you are required to regularly check this Policy. Its latest edition is always available on our website and replaces all previous editions. In case of any crucial modification to this policy, such as modifications concerning the purpose for which we use your personal data, the identity of the controller or your rights, we will notify you by publishing the modifications on our website.
If you have any questions regarding the way in which we collect or use your personal data that were not answered here or if you want to exercise your rights regarding your personal data, please contact us by firstname.lastname@example.org.