How we use your personal information
The term Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). It can include, among other things, your name, address, age, gender and personal financial history in the hotels.
Some types of information are classified as ‘sensitive’ for the purposes of European data protection law and there are additional restrictions on how we may use and hold this information.
Generally, it is necessary to obtain your consent before we can hold and use such information. However, we may hold and use such information without consent for limited statutory purposes such as monitoring compliance with our equal opportunities policies and health and safety rules, or if necessary to protect your vital interests, for legal claims, or in the public interest.
We will always communicate to you the purposes for which we wish to use your sensitive information when it is being collected, and, if necessary, obtain your consent at that time. In such cases, you will be able to withdraw your consent at any time.
What is the purpose of collecting Personal Information?
1. To Provide Superior Customer Service to our Guests
Personal Information is collected to allow us to make your reservation and provide the services you request at any of our properties, to ensure we meet your needs while you are staying with us and/or to allow us to contact you in relation to matters that may arise from your stay with us. By keeping certain Personal Information (strictly relating to your stay with us) on file, such as information regarding guest history and itemized spending, guests of Thanos Hotels and Resorts have the ability to confirm prior transactions and reconcile statements or invoices.
2. To Keep Our Guests Informed
We may use the Personal Information you provide to send you newsletters regarding our properties and to advise you of promotions or to inform you of offers or other information that may be of interest to you. If you do not wish to receive information from Thanos Hotels and Resorts you may indicate your wishes by log in in your profile account through our website or on your registration card when you stay with us or you may at any time advise one of our properties or send an e-mail to: firstname.lastname@example.org.
3. To Improve Our Services
Finally, we may use the Personal Information you provide us to send you surveys strictly related to your stay with us and our services for customer satisfaction purposes and improving our services offered to our clients. Such information may be collected by a third party under contract with us. Occasionally we will combine information from a number of Guests to better understand trends and Guest expectations. When this occurs, all identifiers are removed, and the aggregate information cannot be linked to any specific Guest. If you do not wish to receive such surveys from Thanos Hotels and Resorts, you may indicate your wishes by sending an e-mail to email@example.com.
How we collect Personal Information
1. On Our Web Site
Once you have visited our web site and accepted our cookie, an ID number is automatically assigned to your computer or mobile device whenever you visit our web site. Despite the fact that you remain anonymous until you enter Personal Information on the web site, the ID number allows us to log your session, so that we may better assist you should you need some individualized service or support. Once you enter Personal Information on the web site, we associate your ID number with your contact information so we can recognize you on a future visit. We also use it to keep track of information that appears to be of particular interest to you.
These cookies allow us to distinguish you from other users of our website, which helps us to provide you with a good experience when you browse our website and also allows us to improve our site.
B. While Browsing Our Web Site
While in the process of browsing our web site, you may also provide us with information that does not reveal your personal identity. We use this aggregated, anonymous data mainly for editorial purposes, but we do not connect it to any Personal Information, such as your name or address.
If you wish, you may also submit your e-mail address in order to be placed on a subscription list or to receive other information about our products and services. You will be placed on a subscription list unless you indicate your desire not to be included. In deciding whether or not to join such lists, please note that they are only used for internal purposes and we do not sell or rent our subscription lists to anyone. In the event you choose to join one of our subscription lists, you may ask to be removed from the list at any time. You will always have the ability to accept or decline any form of communication from Thanos Hotels and Resorts.
C. Making a Purchase on Our Web Site
When making a purchase, you will be asked to complete a form that includes your contact information. Then you will be redirected to a secure payment gateway provided by JCC Payment Systems Ltd where you will enter your payment details and confirm the payment. Upon payment, you will be automatically redirected back to our website to view your reservation overview. Additionally an email confirmation of your reservation details is also automatically sent to you. We retain a log file of transactions on our web site, excluding your credit card information. We will then use that information to assist in any inquiries about your transaction. We also occasionally combine information from a number of web visitors in a way that does not identify any user, in order to identify user patterns.
2. When Making a Reservation
A. On Our Web Site
You can search for rates and availability at our hotels and resorts without providing any Personal Information.
We also retain a copy of the reservation profile on our web site, excluding your credit card number. We will then use that information to create a log in our web site database.
We also may combine information from a number of web visitors in a way that does not identify any user, in order to identify user patterns.
B. Through our Reservations Office or Hotels
Reservations can also be made by calling our Reservation Office or by contacting a particular hotel or resort directly. When you make a reservation we may ask you for Personal Information such as your name, address, telephone number and method of payment. We may also obtain from you any room preferences or special requests. Personal Information obtained by our Reservation Office or hotels will be sent in a secured communication to the relevant hotel. Confirmation of your reservation will be provided directly to you, generally by e-mail.
3. During your stay at Thanos Hotels and Resorts
During your stay, we record your itemized spending to properly assemble your folio, which sets out your room rate and other expenses billed to your room. We also record this information to comply with financial reporting requirements, including those imposed by auditors and government regulators. We may also collect certain Personal Information as required by local laws (e.g. passport number). Information particular to your stay may also be stored (i.e. health issues, payment difficulties, special requests, service issues). This specific information is stored in the property management system at the particular hotel where you stayed and is combined with information from previous visits that you have made to that hotel. Certain information regarding your service preferences is also stored centrally by us and may be made available to other Thanos Hotels and Resorts properties through the Thanos Hotels and Resorts guest history database. You may advise the hotel if you do not want personal preferences shared.
In addition, we may retain the content of any document (including letters, comment cards, electronic documents such as e-mails and other similar forms of communication) that you send us before, during or following your stay. This information may be shared with employees of the hotel.
Storage of personal information
1. At the Hotel or Resort
Each Thanos Hotels and Resort managed property goes to great measures to ensure that all Personal Information is kept in a secure location, be it a database or filing cabinet. Furthermore, we take steps to ensure that only designated individuals have access to this information.
2. In Our Guest Property Management System
In order to serve you better we also store certain guest information in our Property Management System (“PMS"), a platform located in a data centre in Cyprus.
The stored information includes guest name, address and phone numbers. We may also store certain information regarding your service preferences. When you make a reservation at another Thanos Hotels and Resorts property, this information is sent to that hotel or resort.
We also store other transaction information in our PMS, including the number of stays you have had at properties managed by Thanos Hotels and Resorts and the number of nights of each stay.
This information may be transferred and/or made available to other Thanos Hotels and Resorts property when you make a reservation at that property, in order to serve you better.
3. In Our Customer Relationship Management
In order to serve you better we also store certain guest information in our Customer Relationship Management (“CRM"), on a Microsoft Azure Cloud platform. The stored information includes guest name, address and phone numbers. We may also store certain information regarding your service preferences. When you make a reservation at another Thanos Hotels and Resorts property, this information is sent to that hotel or resort.
We also store other transaction information in our CRM, including the number of stays you have had at properties managed by Thanos Hotels and Resorts and the number of nights of each stay.
This information may be transferred and/or made available to other Thanos Hotels and Resorts property when you make a reservation at that property, in order to serve you better.
3. In Our Marketing Database
Thanos Hotels and Resorts maintains a database of Guest information which is used for marketing, promotion and research purposes. Any information sent to guests provides a clear notice of how to discontinue receiving promotional materials.
Information that is not secure
It is important to note that any e-mail communication is not secure. This is a risk inherent in the use of e-mail. Please be aware of this when requesting information or sending forms to us by e-mail (for example, from the Contact Us section of our web site). We recommend that you do not include any confidential information (i.e. credit card information) when using e-mail. For your protection, our e-mail responses to you will not include any confidential information.
Finally, to be prudent, please be sure to always close your browsers when you are done using a form or the reservation site. Although the session will terminate after a short period of inactivity, it is best to close your browsers immediately upon completion.
Guest Profiles and Personal Information
If you are invited and elect to create a Guest Profile, on our web site, you will be asked to furnish specific Personal Information. You will also be asked to provide a password for use each time you log-in. Once you have created a Guest Profile, we may add online session data to your Guest Profile on subsequent visits to our website. When you provide information, including revised information to your Guest Profile, we may use the information you provide to update other databases maintained by us.
Exchange of Personal Information between properties
Information is shared between certified data privacy personnel at individual Thanos Hotels and Resorts and resorts in certain limited circumstances, particularly where health or safety concerns have arisen in the past. Preference information may also be shared to enhance your guest experience.
Furthermore, if a guest does not pay an outstanding account on time, or acts in an unlawful manner in regard to payment obligations, this information may be shared among accounting personnel at other Thanos Hotels and Resorts managed properties.
Provision of Personal Information to third parties
Agents, contractors or third party service providers of Thanos Hotels and Resorts may receive your Personal Information in the course of providing services to Thanos Hotels and Resorts to better serve your needs as a Guest.
We will only share Personal Information about you outside Thanos Hotels and Resorts without your consent, where: (a) it is required or authorized by law (for example, in response to a legal subpoena); (b) it is required to provide you with services you have requested in which case you will be considered to have implied your consent (e.g. car rental); (c) if your stay has been paid for by a third party we will provide billing information to the paying party;(d) if you have failed to pay amounts owed to a property; or with your consent and/or upon your instructions.
With regard to the transfer of data to recipients outside Thanos Hotels and Resorts, we note that we always maintain discretion with respect to your Personal Information.
We may disclose your personal data to third parties in order to comply with any legal obligation or in order to enforce or apply our terms and conditions and other agreements and/or based on your consent/instructions.
If Thanos Hotels and Resorts suspects any unlawful activity is taking place, it may investigate and/or report its findings or suspicions to the police or other relevant law enforcement agency.
Why do we process your data (purpose of the processing) and on what legal basis
We process the aforementioned personal data in compliance with the provisions of GDPR and the applicable local legislation as amended from time to time.
Access to Personal Information
We understand that you may like to know what Personal Information we hold about you. We are happy to assist you with your request. To protect your Personal Information, however, we require that you prove your identity to us at the time your request is made. You may make a request at the property where you stayed as set out below.
When you make a request in person, we will require you to produce some form of photo identification such as a passport or a driver's licence.
Where you make a request by other means, we require the request be made in writing via fax or letter including a copy of a government issued identification and signature. We also require home and business addresses and phone numbers so we can check them with our files and satisfy ourselves as to your identity.
The above information is required in order to create an audit trail of how the request has been handled. Where a request is made, any correspondence or application may be kept and added to your Personal Information.
Thanos Hotels and Resorts reserves the right to decline access to your Personal Information under certain circumstances. If your Personal Information will not be disclosed, you will be provided with the reasons for this non-disclosure.
Updating your Personal Information
If at any time you wish to update or access your Personal Information, you can do so by:
Log in to your Personal Profile account on any of our Thanos Hotels and Resorts websites, or by contacting our Data Protection Officer:
- via e-mail at firstname.lastname@example.org
- via fax at +357 26 931656
- via letter
Attention: Data Protection Officer
Thanos Hotels and Resorts
PO Box 60136
How long is Personal Information retained?
We will keep your personal information for as long as you are guest and/or otherwise a person enjoying our services.
After you stop being a guest and/or a person enjoying our services, we may keep your personal information for a period of up to 6 years. We may keep your data for longer than 6 years if we cannot delete it for legal and / or regulatory and/or technical reasons. If we do so, we will ensure that your privacy is protected and the data are used only for the above-mentioned purposes.
Please note that we will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please Contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
What data protection rights you have
The following are the rights you have pursuant to the provisions of the GDPR and the applicable local legislation (as amended from time to time) in relation to the data protection:
Lodging a complain
Please let us know if you are unhappy with how we have used your personal information. You can contact us as noted above.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Cyprus law applies to our company. We apply the requirements of this law (and any other applicable laws) to how we handle all Personal Information wherever received.