Privacy Policy

Personal data processing policy

Legal basis for data processing

Intro

The business under the name "Aspasia's Fresh House", is the owner of the website https://aspasiashouse.gr/ which will hereinafter be referred to as "the Company". The users or visitors of the website https://aspasiashouse.gr/ referred to as "the Customer", This privacy statement concerns the customers served by the Company but also the ordinary visitors of its websites.

The Company strictly adheres to a specific security policy, including the Data Processing Policy and The Assurance of Confidentiality of Communications. The Company takes all appropriate technical and organizational measures to ensure the confidentiality of the Customer's communications and to protect the Personal Data it has declared. The Company does not guarantee the security of data transmitted over networks, to the extent that their protection is not achieved by taking appropriate security measures imposed by the relevant institutional and / or regulatory framework.

If a visitor/user does not agree with the terms of processing personal data provided in this section, he/she must not use the services of this website.

Legal basis for data processing

The collection, storage and maintenance of up-to-date contact information is done for the sole purpose of verifying the submitted data, ensuring the continuity of services and serving the Company's customers, within the framework of the Company's operating and data security regulation and data security, as well as its contractual and legal obligations to provide satisfactory services to its customers. The Company provides rooms to let.

The Company's Security Policy is based on:

• the relevant provisions of the National Law on the Protection of Personal Data and on ensuring the Confidentiality of Communications (indicatively, we mention Law 2472/1997 on the protection of personal data, Law 3471/2006 on the protection of privacy in the field of electronic communications, as in force today,
• the Regulations for ensuring the Confidentiality of Communications of A.D.A.E. as published in Government Gazette 87 & 88 / 26-1-2005 and in force, the Presidential Decree 47/2005),
• the relevant provisions of Community Law (European General Data Protection Regulation /GDPR – 2016/679).

The relevant texts are also publicly available on the respective websites of the competent supervisory/supervisory authorities, namely the Data Protection Authority (HDPA, www. dpa. gr), of the Authority for the Safeguarding of The Confidentiality of Communications (A.D.A.E., www. adae. gr) and the National Telecommunications & Post Commission (E.E.T.T., wwww. eett. gr). In any case, the policy of ensuring the confidentiality of our company's communications is formulated on the basis of the above provisions, and is adjusted on a periodic basis, depending on the developments of technology and applicable legislation.

Users/visitors of the website https://aspasiashouse.gr/, subject to the provisions of:

• of Greek law (Law 2472/1999 "on the protection of personal data" as in force, Law 2774/1999 "on the protection of personal data in the telecommunications sector", Law 2472/1997 as supplemented by the decisions of the President of the Personal Data Protection Committee, the Presidential Decrees 207/1998 and 79/2000 and article 8 of Law 2819/2000).
• and European law: Directives 95/46/EC – 97/66/EC and European General Data Protection Regulation/GDPR: EU 2016/679),

agree and accept the processing of personal data in accordance with what is described in this statement.

Information about the data we collect

Data we collect

Any internet user who visits https://aspasiashouse.gr/ website is not required to submit personal information for its use.

If the visitor wishes to submit an electronic question about the availability of rented rooms from the form available on the website https://aspasiashouse.gr/ then when submitting the question he will be asked to state the following information:

• first and last name
• e-mail address
• date of arrival and date of departure  
• amount of visitors

If the visitor wishes to contact our business through the contact form available on the website https://aspasiashouse.gr/ then he will be asked to state the following information:

• name
• e-mail address

If the visitor wishes to take part only in one of the updates (eg newsletter), events or activities that take place on this website should only state the address email.

The Company may keep in a file and process the personal data it will receive after clear information and consent of the data subject, for a specific purpose, with a specific duration and with security.

Purpose of data collection

The personal data declared to the Company are limited to the absolutely necessary data for the secure, functional and computerized service and are used exclusively by the Company, in order to support, promote and execute the transactional relationship between them. That is, the information stated in the forms of the website https://aspasiashouse.gr/ is an electronic query about the availability of rooms (it is not online reservation), and a way for the user / customer to communicate with the business so that it is properly served and informed about anything that concerns him.

In order to prove the user's consent to the processing of his personal data by the Company, the IP address of his connection to the website, the time as well as the data for which he gave his consent is recorded.

When the Customer sends the Company a question or request via the Internet (email or contact form to the https://aspasiashouse.gr/), it becomes immediately known to him and his consent is requested to the fact that any information he provides is used by the Company to answer his question electronically.

Data retention time

The personal data are kept securely for as long as the Customer is registered with a service of the Company and are deleted after the termination in any way of the trading relationship with the Company or if requested by the customer.

Disclosure of personal data

The Company, in the context of the operation of its website https://aspasiashouse.gr/ expressly declares that the data of any kind collected through this website are completely confidential and will not be sold, rented, transferred or disclosed to any third party and for any reason.

The Company does not have a publicly accessible list of e-mail addresses or other details of its customers.

When someone communicates through email with the Company, then depending on the nature of the request / query, the type and range of information requested, the competent representative of the Company will first check whether the email address of the sender is authorized for communication (to receive answers or information or to request the execution of a task by the Company) and in any case will give him information exclusively related to and only the customer account to which the email address is linked.

H Enterprise does not provide information (and special personal data) through email and telephone.

The Company considers confidential the requests completed by its customers and the e-mail they send through its services and does not transmit their content except to the directly concerned recipient and to the law, if requested to do so or in case the content of the message is considered to affect it or is associated with illegal actions.

If a Customer or user declares a false e-mail address or tries to take someone else's place when sending information online, all information as well as the address IP of the user will be part of any lawful investigation that may be ordered.

Disclosure of data by third parties

In an effort to offer high quality services, we may from time to time include links from third parties on our website. These links are governed by separate and independent Data Protection Terms. We suggest that you study these principles when visiting such websites. The Personal Data Protection Authority covers exclusively our website and not other websites. Therefore, the website https://aspasiashouse.gr/ bears no responsibility for the content and activities of these connecting websites.

Correctness and completeness of personal data

In order to submit an online query for the availability of rooms from the website https://aspasiashouse.gr/ you do not require registration but only for the completion a name, surname, telephone, email, date of arrival, date of departure, quantity of visitors is required. 

Consent of the data subject

The consent of the data subject to the website https://aspasiashouse.gr/, is one of the legal bases for processing under the GDPR (EUGDPR) and in the Company bears the following necessary characteristics:

• Unbundled: requests for consent are separate from other terms and conditions. Consent is not a prerequisite for subscribing to a service unless it is necessary for that service.
• Active consent: We do not use pre-filled checkboxes but invalid selection boxes or similar active methods opt–in (e.g. a binary option depending on preference).
• Very specific: we give detailed options to separately consent to different types of processing where needed.
• Nominal: we name our organization and any third parties (where required) that will be based on the user's consent.
• Documented: we keep records to show what the person has consented to, including what was said to them and when and how they consented.
• Easy to withdraw: we tell our users that they have the right to withdraw their consent at any time and how to do this, having made it as easy to withdraw as to give consent with simple and effective mechanisms for consent and its withdrawal.
• Balanced: there is no imbalance in the relationship between the individual and the Company and the rights of both are protected and guaranteed to the highest extent in order to realize the purpose of both (acquisition and use of services and provision of services respectively).

Rights of the data subject

We know and demonstrably protect all the legal rights of the subject protected by the GDPR:

• We provide the right to access the data
• We provide the right to rectification of the data
• We provide the right to delete the data
• We provide the right to restrict the processing of data
• We disclose the correction or deletion or restriction of processing, if and when it occurs
• We provide data portability in a structured, compatible and machine-readable format
• We grant the right to object to the processing of data

We do not implement automated individual decision-making including profiling, so the right of objection of the subjects does not apply.

We respond to the requests of the subjects within the prescribed time frame (within 1 month from the receipt of the request and with a margin for extension by 2 more months, if this is required and justified), while in case of extension we will inform the subject within 1 month about the extension as well as the reasons for the delay.

Security measures for data protection

How we protect personal data

The data protection planning concerns the collection of data from customers, the storage of data, the transmission of data requested by customers but also the management of data by its employees in the exercise of their duties and only under the conditions provided by the Company's Security Policy.

The data registered and hosted in the Company's infrastructure are stored on servers that are protected with the strongest possible levels of security measures.

Privacy cookies & marketing

Πολιτική cookies

During any user visit to the Site of the Company, the pages he sees along with the Cookies they may contain, are "loaded" (downloaded) to his device. Cookies are text files (Textfiles) with a unique identifier, through which the Server of the Enterprise recognizes the user's computer. The Cookies record only the areas of the Site that the computer in question has visited and for how long and are called Cookies of the first place (First–partycookies) and include Session & persistent Cookies:

• Cookies visit (Session Cookies), i.e. temporary Cookies that remain in the file of the Cookies of your device's browser only during your visit and are deleted when you close the browser. These are intended for visitors (guest shopping cart) and for connected customers (to maintain their connection) until the expiration of the Cookie (until its deletion from the Browser for visitors and two hours for logged-in users).
• Permanently Cookies (persistent Cookies), which remain in the file of the Cookies of your device even after the browser closes, sometimes for one year or more (the exact length of stay depends on the lifetime of each Cookie) until the deletion of the Cookie from the user's device. Permanent Cookies are used to remember the user's username or preferences regarding the configuration of our website.

The user has the ability at any time to configure his computer to accept the existence of Cookies, to be notified when a Cookie is issued or to reject the installation of Cookies. In case the user has configured his browser (Browser: Firefox, Chrome, Opera, Safari, etc.) to reject the Cookies, he can browse the Site of the Company anonymously, until the moment he/she registers in one of its services when it is necessary to accept them.

Cookies Settings for browsers and devices

To manage your Cookies, please select the Browser from the list below and follow the instructions:

• Internet Explorer
• Chrome
• Safari
• Firefox
• Opera

Mobile devices:

• Android
• Safari
• Windows Phone
• Blackberry

If you do not agree with the above personal data processing policy, you must not use the services of this website and delete the account you maintain with us.

For users under the age of 18, it is considered a given to obtain in advance the consent of parents / guardians in any case of declaration of personal information on the Websites of the Company.

The Company reserves the right to change this data policy, always in accordance with laws and Greek and European Law.