Privacy protection

GDPR » Personal data privacy protection

Customer personal data protection


At STENDOR SA the protection of your personal data is part of our general philosophy to build strong relations of trust and assure the highest possible customer satisfaction.

We appreciate your trust and we make every possible effort to store and process with utmost care the information you share with us.

Therefore, we have compiled this privacy policy which informs you about how we collect, use and share your information. The collection, use and disclosure of your information on our behalf, is based on your consent and the provisions of applicable law.

At STENDOR SA we enhance the protection of your personal data by implementing internal management procedures technical data security measures, as well as physical data protection measures by continuously evolving our systems and procedures.

We thank you for your continued interest and support.

Privacy policy

1. Consent

"Personal data" means any information that is collected or recorded in a form that may allow direct (e.g. surname) or indirect (e.g. phone number) your identification as a natural person.

We recommend that you read this text, which describes the privacy policy, before you provide us with this information. This "Customer Personal Data Protection Charter" is a part of the terms and conditions that govern our hotel services. By accepting these terms and conditions, you explicitly accept the provisions of this Charter.

2. Scope

At STENDOR SA (hereinafter referred to as "STENDOR" or "we", "us"), we know how important it is to protect the privacy of our customers; we try to be as clear as possible about the way in which we collect, use, share, transfer and store your information. This Privacy Policy gives a summary of the practices we follow with regard to data.

This Privacy Policy applies in all hotels operated by STENDOR SA and applies to this website, to all websites, online applications, and online and offline promotional actions by STENDOR SA, as well as any Service or function provided by us that refers to this Privacy Policy or provides a link hereto (collectively referred to as our "Services").

Please note that the Privacy Policy applies to your use of our Services. It applies regardless of whether you use a computer, mobile phone, tablet, TV or other device to access our Services. It also applies to Services that are provided without the use of any electronic means.

It is important that you carefully read this Privacy Policy, as with every use of our Services, you agree to the practices described in this Privacy Policy. If you do not agree with the practices described in this Privacy Policy, you should not use our Services.

3. For what purposes do we collect data?

We collect and use your personal data in order to manage your relation with STENDOR SA and in order to offer our Services to you. Certain personal data are collected to provide you with personalised and improved services. We collect personal data with the following purposes:

a. Management of reservations and other hospitality services
•Creation and storage of legal documents in accordance with applicable law
•We collect data in order to prepare and meet requests relating to your stay (e.g. room preferences)

b. Management of your stay at the Hotel
•We manage the access to your room
•We may monitor the use of services (room telephone, WiFi access etc.)
•We manage lists with customers’ personal data for operational purposes such as, e.g., daily customer arrival and departure lists and a list with special category customers

c. Improvement of our hotel services
•In order to tailor our products and Services to better meet your requirements
•We process your personal data to better understand your requirements and wishes
•We provide you with useful information for offers or other promotional messages
•We inform you about special offers and new Services
•We provide customised content and suggestions based on previous activities with our Services

d. Management of our relations with you before, during, and after your stay
•Management of loyalty programmes
•Management of customer databases
•We evaluate and analyse the market, our customers, our products and Services
•We create statistical data and reports
•We acquire knowledge and manage the preferences of recurring and new customers
•In order to send newsletters, promotion offers, or to contact you by telephone
•We manage requests for deletion from update lists
•We create and manage questionnaires and statistics
•We organise lotteries, contests and offers, to the extent allowed by law

e. Improvement of our Services
•We conduct market research and analysis of questionnaires and customer comments
•We manage customers’ claims and complaints
•We offer loyalty programme privileges

f. System security
•We record data to ensure security and to avoid fraud

g. Compliance with Greek and European law

h. Safe use of the services of our facilities

4. What personal data do we collect?

Information provided directly by you

A number of our Services may offer the possibility to provide information directly to us. For example:
•Several of our Services allow users to create accounts or user profiles. In conjunction with these Services, we may ask you to provide certain details about yourself in order to set up your account or profile, such as your name and email address.
•When ordering a paid product or service from us, we may ask certain details for the processing of your order, such as your name, room details and billing data.
•When participating in an online or offline contest or promotional action organised by us, we may ask you for your name, contact details, email address, age and gender, personal and occupational interests, other personal characteristics, and your opinion of our products and/or services.
•Some of our Services allow you to communicate with other people. This communication will be transmitted through, and stored on our systems.

The information we are obliged to request about you and/or your family members is the following:
•Contact details (e.g. surname, given name, father’s name, passport number, ID-card details, telephone, home address, email)
•Personal data (e.g. date of birth, nationality, place of birth)
•Information on your children (e.g. given name, date of birth, passport number)
•Billing details (e.g. credit card number, VAT number)
•Loyalty programme member number (member number for loyalty programmes of STENDOR SA or other parties, such as airline operators)
•Date of arrival and departure, flight number and room number
•Preferences and interests (e.g. non-smoking room, preferred floor, type of bed, sports, cultural interests)
•Questions and comments submitted during or after your stay in one of our Hotels.

The data we collect on persons under the age of 18 are restricted to given name, surname, nationality, and date of birth, and can be provided only by an adult / guardian. We thank you for your efforts to ensure that children do not send us personal data without your consent (especially through the internet). Should any information of this type be sent to us, you can communicate with the Data Privacy department (see section “Questions and contact”) to schedule the deletion of such information.

Moreover, information such as your passport number, your recreational activities, your hobbies, any health issues that you may have, or whether you are a smoker or not, can possibly be described as sensitive. We retain such information only if we are obliged to do so by applicable law or if you have explicitly given us your consent (e.g. in order to provide you with an appropriate Service, such as a special diet)

Information on your use of our Services

Apart from the information provided directly by you, we may also collect information on your use of our Services through the software of your device, or by other means. For example, we may collect:
•Device information - such as hardware model, International Mobile Equipment Identity (IMEI) and other unique device identity data, MAC address, IP address, operating system issue, and setting of the appliance you use to access our Services.
•Connection information - such as the time and duration of use of the Service, search commands entered in the Services, and information that may be stored in cookies we have placed on your device.
•Location information - such as GPS signal of your appliance, or information on WiFi access points that may be transmitted to us when you use our Services (e.g. WiFi, Guestportal, Mobile Apps).
•Audiovisual information - such as recordings we make of your voice (and which may be stored on our servers) when you use voice commands to use a Service, or audiovisual information collected through closed circuit tv circuits (CCTV) for security reasons.
•Other information that relates to your use of our Services, such as the applications that you use, the websites that you visit, and the way in which you interact with content offered through a Service.

Information from third parties

We may receive information about you from available public and commercial sources (to the extent permitted by law), which we may combine with other information that we receive directly from you, or in relation to you. We may also receive information about you from third party social networking services when you choose to connect to such services.

Other information we collect

We may also collect other information about you, your device or your use of services in manners described at the point of collection, or otherwise with your consent.

You may choose not to provide certain types of information, but this may influence the possibility to use certain Services.

5. When do we collect personal data?

We may collect personal data in various cases, such as:

a. Hotel activities:
•Room reservation
•Check-in and payment
•Reservation of seat and/or use of hotel services, such as catering and recreational services
•Various requests, complaints and/or disputes

b. Participation in marketing programmes or events:
•Registration in loyalty programmes (e.g. Privilege)
•Participation in online and offline surveys (for example, Customer Satisfaction Survey)
•Participation in contests and games
•Subscription to mailing lists, in order to receive offers and other promotions by email

c. Transmission of information from third parties:
•Tourist agencies, tourist offices, GDS reservation systems, online reservation systems (such as e.g.,, etc.) and other reservation systems

d. Actions through electronic devices
•Login on our websites
•Connection to the WiFi network of our hotels
•Completion of online forms (e.g. reservation forms, precheck-in forms, satisfaction survey forms, etc.)

6. Third party access terms to your personal data

At STENDOR SA, it is part of our philosophy and basic principles to not disclose your information with third parties for their unrelated business or marketing purposes, without your consent. However, we may disclose your information to the following entities.
•Business associates. We may also share your information with trusted business partners. These entities may use your information in order to provide you with services you have requested, to make provisions relating to your interests, and possibly to provide you with promotions, advertisements and other material.
•Service providers and/or any third parties that may process information on our behalf. We may also share your information with companies that provide services on our account or behalf, such as IT contractors, bulk mailers, banks, credit card institutions, law firms, mail service companies, printing services companies, etc.
•Other third parties, if so required by law or in order to protect our Services. Situations may arise in which we share your information with other third parties:

- in order to comply with the law or in order to comply with a mandatory legal procedure (such as search warrants or other court orders),

- in order to confirm or implement our compliance with the policies governing our Services; and

- in order to protect the rights, ownership or security of STENDOR SA, business partners or customers.
•Other third parties in relation to corporate transactions. We may share your information with third parties within the context of a merger or transfer, or in the event of bankruptcy.
•Other third parties with your consent or at your command. In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties if you give your consent or if you request us to do so.

In order to provide you the best possible service, we allow access to your personal data or to certain categories thereof to competent, authorised members of our personnel. This includes:
•Hotel staff
•Reservations departments
•IT department
•Marketing/Guest Relations department
•Legal Services department, if and when required
•Medical Services, if and when required

7. Protection of personal data during international transfer

For the purposes set out in Article 3 of this Charter, we may transfer your personal data to internal or external recipients who may be located in countries that offer different levels of protection for personal data. Kindly note that data protection and other laws in the countries to which your information may be transferred may not be equally protective as in your country. The transfer will take place according to the legislation on the processing of personal data, in order to ensure sufficient protection of your personal data.

STENDOR SA implements suitable measures in order to ensure safe transfer of your personal data to an external recipient located in a country that offers a different level of privacy than the one proposed by the country where the personal data are collected.

8. What we do to keep your information safe

We have taken reasonable organisational and technical measures in order to protect the information we collect in relation to our Services, especially with regard to any sensitive personal data that happen to be collected. Our IT department implements the international standards and practices in order to ensure the safety of the networks and the encryption of the data. However, you should bear in mind that despite the reasonable measures that we take for the protection of your information, no website, internet transmission, computer system or wireless connection is ever completely safe.

9. Data storage

We take reasonable measures in order to ensure that the information concerning you will be stored no longer than needed for the purpose for which it has been collected and no longer than required by the contract or the applicable legislation.