Privacy Policy

DECLARATION OF CONFIDENTIALITY

Information on the Processing of Personal Data

We would like to assure you that for Moussamas Bros S.A. the protection of our

customers' personal data is of paramount importance. That is why we are taking

appropriate steps to protect the personal data we process and to ensure that the

processing of personal data is always carried out in accordance with the obligations

laid down by the legal framework, both by the company itself and by those third

parties that process personal data on behalf of the company.

 

What is GDPR?

The General Data Protection Regulation (GDPR) is the new regulatory

framework of the European Union (EU) in the area under consideration. The purpose

of the law is to lay down the conditions for the processing of personal data to protect

the rights and freedoms of natural persons, and in particular the right to the

protection of personal data.

 

Head of Processing – Data Protection Officer (DPO)

The company Moussamas Bros S.A., having its seat in Peania Greece, at 40,2 Km

Attica Avenue, email: info@hiathens.com, tel: +302106689000, website:

www.hiathens.com, as duly represented, informs that, for the purposes of its

business activities, processes the personal data of its clients & associates in

accordance with applicable national law and European Regulation 2016/679 on the

protection of natural persons with regard to the processing of personal data and on

the free movement of such data (General Data Protection Regulation, hereinafter

referred to as the “Regulation”), as such is in force.

For any matter relating to the processing of personal data, contact the DPO, Mrs

Despina Chrysopoulou, email: GDPR@hiathens.com, telephone: +302107278555

 

Which is the legitimate ground for processing your personal data; and how

do we process them?

We are processing the personal data that you directly provide us with, as well as the

data that booking engines and travel agencies forward to our hotel, so that you can

enjoy our hotel services. Specifically, but not exhaustively, we are collecting and

processing your full name, email address, mobile and landline phone numbers, credit

card number, date of birth, information relating to your preferences regarding your

staying at the hotel, i.e. preferences on the rooms, favourite activities, dietary habits,

health conditions dictating special room arrangements.

 

Legitimate grounds for processing your personal data constitute:

a) the provision of accommodation, F&B establishment, and entertainment services

that you wish to receive from us. As legitimate grounds can also be considered:

the provision of information concerning our hotels’ services, room reservations,

services concerning your arrival and departure, use of our facilities, and anything

that can contribute to the fulfilment of our contractual obligations in this

context;

b) the safeguarding and protection both of your, as well as our, legal interests.

Thus, we use CCTV and security cameras, in order to be able to protect the

safety and security of individuals, materials, facilities, as well as special security

software to detect and prevent malicious actions. Cameras are to be found in

the hotels’ outdoor and indoor premises;

c) the compliance with an obligation imposed by the law. Specifically, we maintain

personal data records of all of our customers staying at our hotel (full name,

address, Passport or ID number). In addition, we maintain copies of proves of

payments for twenty (20) years;

d) the consent you provide under the specific conditions set out in the legal

framework, in order to receive information on the activity, products, services,

etc. of Moussamas Bros S.A. and/or third cooperating companies, which process

personal data in accordance with the, from time to time, applicable framework.

 

Do we share your personal data?

Our company shares your data with third parties, which have been assigned the

processing of your data on our behalf. In those cases, our company remains

responsible for your data processing, and defines the specifics of the processing. Our

company concludes data processing agreements with the third parties, in order to

ensure the compliance of the process with the current legal framework, and the

exercise of the rights of every natural person.

Our company shares your data within our Group, as well as with cooperating third

companies for purposes of advertising, product and services information and

updates, as well as for promotions, under the condition that your consent has been

provided.

Finally, we share your data with consulting firms, accounting firms, as well as with

cooperating banks.

 

Personal Data Storage Period

The data storage time is decided on the basis of the following specific criteria, as the

case may be:

 

When processing is imposed as a requirement under provisions of the applicable

legal framework, your personal data shall be stored for as long as required by the

relevant provisions.

When processing is done on a contractual basis, your personal data will be stored for

as long as necessary for the performance of the contract and for the foundation,

exercise, and / or support of legal claims under the contract.

For marketing purposes, your personal data shall be kept until your consent is

revoked. The revocation shall take place at any time, and does not affect the legality

of consent-based processing in the period prior to the said revocation.

To revoke your consent, please contact the Data Protection Officer, please get in

touch with Mrs. Despina Chrysopoulou, email: GDPR@hiathens.com, telephone:

+302107278555.

You can also use the unsubscribe options, by clicking on the corresponding link in

our electronic communications.

 

What are your rights in respect with your personal data

Every natural person whose data are being processed by Moussamas Bros S.A.

enjoys the following rights:

 

Right of Access:

You have the right to be aware and verify the legitimacy of the processing. Thus,

you have the right to access the data and get additional information about their

processing.

 

Right to Correct:

You have the right to study, correct, update or modify your personal data. You can

come in contact with our DPO using the above-mentioned contact details.

 

Right to Delete:

You have the right to request the deletion of your personal data when we process it

based on your consent or in order to protect our legitimate interests. In all other

cases (such as, by way of indication, where there is a contract, obligation to process

personal data required by law, public interest), such right shall be subject to specific

restrictions or shall not exist, as the case may be.

 

Right to limit processing:

You have the right to request the limitation of the processing of your personal data

in the following cases: (a) when the accuracy of the personal data is questioned and

until such data is verified, (b) when you object to the deletion of personal data and

request the limitation of their use rather than their deletion, (c) when such personal

data are not needed for processing purposes, they are, however, indispensable for

the foundation, exercise, support of legal claims, and (d) when you oppose to the

processing and until it is verified that there are legitimate grounds that concern us

and supersede the reasons for which you are opposed to the processing.

 

Right to oppose the processing:

You are entitled to oppose the processing of your personal data, at all times, in case

where, as described above, this is necessary for the purposes of legitimate interests

pursued by us as controllers, as well as in the processing for direct marketing

purposes and consumer profile training.

 

Right to portability:

You have the right to receive your personal data free of charge in a format that

allows you to access, use, and edit them with commonly used editing methods.

Moreover, you have the right to ask us, if technically feasible, to pass the data

directly to another controller. Such right to do so exists for the data you have

provided to us and their process is carried out by automated means based on your

consent or performance of a relevant contract.

To exercise any of the above rights you can contact the Data Protection Officer

(DPO), please get in touch with Mrs. Despina Chrysopoulou, email:

GDPR@hiathens.com, telephone: +302107278555.

 

Right to lodge a complaint to the Personal Data Protection Authority

You have the right to file a complaint with the Personal Data Protection Authority

(www.dpa.gr): Switchboard: +30 210 6475600, Fax: +30 210 6475628, E-mail:

contact@dpa.gr

 

Security of Personal Data

Moussamas Bros S.A. shall implement appropriate technical and organizational

measures aimed at the safe processing of personal data and the prevention of

accidental loss or destruction and the unauthorized and/or unlawful access to, use,

modification or disclosure thereof. In any case, the way in which internet operates

and the fact that it is free to anyone cannot guarantee that unauthorized third

parties will never be able to violate the applicable technical and organizational

measures gaining access and, possibly, using personal data for unauthorized and/or unfair purposes. 

Book Online

Check in
calendar image
Nights
Rooms
Adults
Kids

Plan your event

When?
calendar image
Days
Hall Capacity
Area Sq.m
Type