Marbella Collection Hero Image

Privacy Policy

Protection of personal data

The S.A. company with the corporate name “MARBELLA Hotel and Tourist Enterprises S.A.” and the distinctive title “MARBELLA S.A.” (hereinafter the Company), which is seated in Agios Ioannis Peristeron Corfu, is the owner of and is operating the Hotel “MARBELLA CORFU” (hereinafter the Hotel)acknowledges the severity of the issue of ensuring the protection of personal data and informs you that the processing of your personal data, which are collected either through the website “www.marbella.gr” (hereinafter the Website) or from other sources when you visit the Hotel, is realized pursuant to the legislation in force on data protection (Regulation (EU) 2016/679) – hereinafter the “GDPR Regulation”) and the present Privacy Policy.

The Privacy Policy provides you with information with respect to the manner of processing of your personal data, which are collected by the Company, either through the Website “www.marbella.gr” or from other sources, when you visit the Hotel, and constitutes an informative notice to the data subjects, pursuant to the provisions of the GDPR Regulation. Special informative notices with respect to the processing of your personal data may be also contained in forms that you are asked to sign in order to participate in the Hotel’s activities or in order for you to receive services offered in the Hotel.

 

Data Controller and DPO

The Data Controller is the S.A. company with the corporate name“MARBELLA Hotel and Tourist Enterprises S.A.” and the distinctive title “MARBELLA S.A.” (hereinafter the Company), which is seated in Agios Ioannis Peristeron Corfu and is the owner of and is operating the Hotel “MARBELLA CORFU”.

You may contact the Data Protection Officer (hereinafter the DPO) at the following address: dpo@marbella.gr

 

Which are the Personal Data that we process and for which reasons

 The collection and processing of personal data by the Company is necessary and absolutely associated with the provision of the Hotel’s services. With your consent, we process the personal data required in order for us to provide to you our hotel services on the basis of the contract that you have concluded with us either directly or through a tourist agent. These data in principle contain the first and last name, the identity or / and passport information, the residence address, the contact information (address and email), the overnight stays in the Hotel and the dates of the stay, as well as additional personal data, which the Company may obtain within the framework of conducting its business activity, e.g. from the use of the Hotel’s additional services (participation in excursions or sports activities, use of the fitness center or spa etc.) or in order to satisfy a special request of yours (e.g. special meal plan, avoiding consumption of specific foods, any eventual allergies etc.).

In order for us to provide to you the hotel services that you have requested by the room reservation in our Hotel, to respond to your personal requests (e.g. special diet) and to offer you high quality hospitality services, both upon your arrival at the Hotel as well as during your participation in activities and other services, you are asked to sign specific forms and to consent to the processing of the personal data mentioned each time. Without these personal data we cannot offer you the hotel services that you have requested or that you wish that are offered to you on our part.

Upon your arrival, as well as during your stay in the Hotel, you are asked to fill out forms, through which the Company collects and registers your personal data required by the law or which are necessary for the fulfillment of the Company’s obligations towards its customers. If you do not agree with the collection and the registration of these personal data, we shall not be able to offer you our Hotel services and you shall not be able to stay in the Hotel.

For the data or information not required by the law or the registration of which is not necessary for the fulfillment of the Company’s contractual obligations towards you, we ask from you your consent in each relevant form for their collection and processing. The processing of these personal data is realized by the Company within the framework of the hotel services that it offers to you and in its effort to constantly improve their quality and to satisfy your personal needs, which are different for each customer.

In the event that you have requested a payment via credit card, its data are stored until the date of your departure from the Hotel. Following the repayment of your stay and your departure all the data pertaining to your credit card are erased.

In order for you to participate in sports activities organized by the Hotel, to work out in the fitness center or to follow Spa treatments, we request your consent for the collection and the registration of personal data necessary for your protection from participation in non suitable activities. Without these personal data or without your consent, you shall not be able to participate in sports activities, in the Hotel’s fitness center and in the Spa.

The Hotel videotapes the areas in which this is permitted by the law, in order to prevent offenses against persons and goods, by observing all the measures for the protection of your image, pursuant to everything imposed by the relative legislation on the videotaping of areas for security reasons.

The Company takes all the necessary measures so that a photograph of yours does not appear on the Website, on social networks, in advertising, promotional or other relevant brochure, if you have not given your explicit consent in advance, in which also the time period for which your consent is valid shall be determined at the same time, following the lapse of which your image shall be deleted.

In any case, even without your prior consent, the Company, as Data Controller, may process your personal data in order to conform with the obligations that derive from the National Legislation, the regulations and the European Union law, in order to exercise rights in court proceedings, to consolidate or defend its legal claims, to protect its own legal interests, as well as in all the cases that are provided for, where appropriate, in the articles 6 and 9 of the GDPR Regulation.

 

How do we store the personal data and for how long

 The processing of your personal data is realized by printed or by automated means, by ensuring the necessary security, confidentiality and legality level. Pursuant to the provisions of the GDPR Regulation, the Company has taken the appropriate measures so as to limit the use of the personal data and the identification information to the minimum. Your personal data are subject to processing only to the degree required for achieving the purposes mentioned in the present Privacy Policy and they shall be kept for as long as it is necessary for achieving the purposes for which they were collected. In any case, the criterion used for the determination of that time period is based on the observance of the time limits that the legislative provisions either permit, for the protection of the Company’s legal interests, or impose, therefore the Company is obliged to comply with these, as well as with the principles of minimization of the personal data, of the time limitation of the storage and of the rational management of the records.

 

Minors’ Personal Data

 The Personal Data of minors staying at the Hotel are always submitted by the parents / guardians accompanying them, with the consent of whom their every eventual processing is realized. Upon the departure of the minors from the Hotel, their data are erased, except from those that are required to be kept by the provisions of the legislation.

 

Processing of Personal Data from browsing the Website

 If you visit the Website without using any of its available services and functions, the processing of your personal data is limited to the browsing personal data, to wit to the data that are necessary to be sent to the Website for its operation on the Internet (e.g. IP addresses), as well as to the data collected through the cookies monitoring system. The Company collects these data (e.g. the number of visitors on the Website, average duration of stay) from its partner (third party), who has undertaken the operation of the Website, only for receiving statistical data with respect to the Website’s use and its correct operation. The Company does not have any possibility to access data that may lead to the identification of a specific individual (e.g. MAC address or IP). Only the third party to whom the operation of the Website has been assigned by the Company has this ability, which third party has fully complied with the provisions of the GDPR Regulation and who, in any case, does not collect this information for the users’ identification. Nevertheless, given the fact that there is a possibility to trace the user through the connection with data possessed by third parties, the above data may be eventually stored by the third party associate of the Company for the tracing and the identification of the perpetrators of criminal and civil offenses committed either against the Website and the Company or against third parties, through the Website or by using the Hotel’s Wi-Fi. Without prejudice to this ability, the browsing data described above are temporarily stored for the purpose for which they were collected and always pursuant to the provisions of the legislation.

 

Links to other websites

 The present Privacy Policy applies only to the Company’s Website, which is mentioned above.

The Website may contain links to other websites (third parties’ websites), which may eventually obtain access to your personal data, in order to serve the provision of the service that you have requested (e.g. Air tickets, Web hotelier). In order to have direct knowledge and information for the recording, the collection and the processing of your personal data from any one of them, you are kindly requested to be informed with respect to the Privacy Policy of the third parties’ websites with which you select to be linked.

 

How do we ensure the security and the quality of your personal data

 The Company has taken all the necessary, appropriate, advisable and provided for by the GDPR Regulation organizational and technical measures, for the security of your personal data. The Company keeps the filled out forms in an area with protected and controlled access and uses advanced computer security technology for the protection of your electronically recorded personal data, in order for your personal data, in whatever manner these may be recorded, to be protected from accidental or illegal destruction or loss, from their illegal or unlawful use, from unauthorized access to them, as well as from disclosure without consent.

 

Which persons have access to your personal data

 The Company’s employees and the Hotel’s personnel, who must process your personal data for the performance of their service duties and the provision of the hotel services that you have requested during your stay in the Hotel, have access to your personal data.

Your personal data may be eventually shared with third parties, which provide to the Company commercial, business or other services required for the Hotel’s operation and the support of the Company and the Hotel in providing the services you requested (e.g. tourist agencies, excursion organization agencies, sports activities organization agencies, Website support agencies, agencies for the provision of IT services) for the purposes that are mentioned above. The third parties receive only the necessary personal data for their respective operations and they undertake their processing only for the purposes mentioned above, pursuant to the provisions of the GDPR Regulation, with which they fully comply.

Your personal data may be also eventually notified to recipients determined by the legislation in force from time to time, with which the Company is obliged to comply. Please note that the Company is obliged to transmit your personal data to any competent Police, Prosecuting and Judicial Authority, if a relative request is submitted to it or a relative order is given to the Company.

 

Personal data transfer outside the E.U.

 The Company informs you that, with respect to the transfer of your personal data outside the European Union, the transfer shall be solely and exclusively realized pursuant to the provisions of the GDPR Regulation and only to countries that participate in international programmes for the free movement of data or that are considered safe by the European Commission.

 

What are your rights

 You may at any time exercise the rights that are provided for by the relative provisions of the GDPR Regulation. Inter alia, you may: confirm the existence or not of your personal data, control their content, their origin, their accuracy and their location, request a copy of these and demand any eventual corrections of these, request the limitation of their processing or and their deletion, as well as oppose to direct communication and direct marketing activities (which are limited also to specific communication means). You may also, whenever you wish so, withdraw your consent, submit remarks with respect to the procedures for processing your personal data, if you consider them erroneous or unjustified within the framework of your relationship with the Company, as well as submit a complaint to the Hellenic Data Protection Authority. You may communicate with the Data Controller or / and with the DPO at the Addresses indicated above, in order to submit requests with respect to the processing of your personal data by the Company and to exercise your legal rights.

 

Change in the Privacy Policy

 The present Privacy Policy may change, in order to comply with the legislation in force from time to time and to be in agreement with the mandates and the decisions issued each time by the competent institutions for the protection of personal data. Ergo we advise you to read it regularly, so that you are fully informed on any eventual changes in its content.

You can also manage your preferences regarding cookies that help with the process of tailoring the messages and the content that you see during and after your visit to our website.

 

Guests arriving to our hotels during season 2020

 In MARBELLA S.A. we process data that are either imposed by law or necessary for the fulfillment of our obligations to you. In this context, a) we collect and register data concerning your identification (name, surname, passport number, date of birth) and our communication with you (telephone number, e-mail, arrival details, contact person), b) we request the name and the date of birth of the accompanying members, c) we keep a record of the events in our Hotels and d) we register your personal preferences that  you  might  have  communicated  to  us,  so  that  the Hotel may offer you the specific services you have requested. These data shall be retained for the time that is either imposed by the law or necessary for the fulfillment of our obligations to you. Fields indicated as “compulsory” are requested for purposes of contact tracking in case of a Covid case. The process of these data will be conducted only for this purpose and for the time that is imposed by the law.

You agree to have read MarBella Collection Covid19 Protocol “WE CARE”, for the prevention of the spread of SARS-CoV-2 and declare that you will follow the in-house rules as your own personal responsibility towards others.

Discover next
Awards
back to top