Privacy Policy
This Privacy Policy applies to www.theosholidays.gr, owned and operated by Theos Holidays. This Privacy Policy describes how we collect and use the information, which may include personal data you provide on our web site, www.theosholidays.gr. It also describes the choices available to you regarding our use of your personal data and how you can access and update this data.
Data Collection
The types of personal data that we collect may include:
- Your first name, last name, email address, phone number and home address.
- Guest stay data, such as date of arrival and departure, special requests made, observations about your service preferences (including room preferences, facilities or any other services used).
- Credit card details, such as type of card, credit card number, name on card, expiration date and security code.
- Data you provide regarding your marketing preferences or in the course of participating in surveys, contests or promotional offers.
- In view of purpose A we rely on the performance of a contract: The use of your data may be necessary to perform the contract that you have with us. For example, if you use our services to make a reservation, we will use your data to carry out our obligation to complete and administer that reservation under the contract that we have with you.
- In view of purposes B-F, we use your data for our legitimate interests, such as providing you with the best appropriate content for the website, emails and newsletters, to improve and promote our products and services and the content on our website, and for administrative, fraud detection and legal purposes.
- In respect of purpose G, we also rely, where applicable, on our obligation to comply with applicable law.
- Where needed under applicable law, we will obtain your consent prior to processing your personal data for direct marketing purposes.
- Third-party service providers: We may use service providers to process your personal data strictly on our behalf. This processing would be for purposes as included in this Privacy Policy such as facilitating reservation payments, sending out marketing material or for analytical support services. These service providers are bound by confidentiality clauses and are not allowed to use your personal data for their own purposes or any other purpose. We do not sell or rent your personal data.
- Competent authorities: We may disclose personal data to law enforcement and other governmental authorities insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud.
- You can ask us for a copy of the personal data we hold about you.
- You can inform us of any changes to your personal data, or you can ask us to correct any of the personal data we hold about you.
- In certain situations, you can ask us to erase or block or restrict the processing of the personal data we hold about you, or object to particular ways in which we are using your personal data. Please note that we cannot delete the data that are necessary to conventional and / or legal authorities concerning in particular the conduct of bookkeeping and accounts clearance.
- In certain situations, you can also ask us to send the personal data you have given us to a third party.