We collect personal data from you if you register online with us, access and/or use our website or carry out transactions for goods and services via our website or our hotel directly.
1. Information we collect and how we use and share it
Personal data we collect when you access and use our website, when you make a booking through our reservation system and where you register online with us (hereinafter referred to as “personal data”):
• Your name, email address, physical address, phone number, date of birth, country location and payment card information (to the extent this information is provided by you);
• Information relating to your membership in one of our services or programs;
• Information about how you use our website, products and services; and
• Information such as stay and room preferences made during the course of your reservation such as your preferred room type and specific requests to the hotel.
2. We use the personal data collected for the purposes of:
a. Registering you as a new user of our services and managing our relationship with you as a registered user;
b. Providing our reservation and booking services for our hotels and facilities to you;
c. Internal analysis purposes;
d. To the extent that you have consented to being contacted for marketing purposes, we will use your personal data for the purposes of providing you with email newsletters, surveys, any other communication for the purposes of advertising and marketing of our services as well as providing you with targeted advertisements on our or third party websites;
e. Maintaining legal records and accounts for the time periods required by European/Cyprus law or where we need to comply with a legal or regulatory obligation;
f. Where it is necessary to establish and/or exercise our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
3. Disclosures of your personal data
We may have to share your personal data within our group to the extent that is necessary for the purposes for which the personal data was collected for and with some third party companies under specific contract terms in accordance with the applicable laws, whose services we employ to conduct our business or in relation to any supply of products and services by us. Disclosure of your personal data may also be required in order to comply with any applicable laws.
In the instances where you have consented to the use of your personal data for the purposes of advertising and/or marketing we may share your personal data with third party online service providers who may be located outside of the EEA.
Whenever we transfer your personal data outside of the EEA, we ensure a similar degree of protection is afforded to it and that all third parties respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will only send you marketing emails where you have agreed to this. You can opt out of our advertising and marketing communications at any time by any of the following methods:
a. Contacting our Marketing Team at email@example.com
Data Retention of your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Your legal rights
Your duty to inform us of changes
It is important that the personal data that we hold about you is accurate and current. Please keep us informed if your personal data changes at any time.
Your rights in connection with personal data
Under certain circumstances, by law you have the right to:
• Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data that we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continue to processing it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Object to processing of your personal data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal information about you if we no longer require it to establish, exercise or defend legal claims.
• Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact our Data Protection Officer in writing at firstname.lastname@example.org
DATA PROTECTION OFFICER
What are cookies
Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows us or a third-party to recognize you and make your next visit easier and the Service more useful to you.
Cookies can be “persistent” or “session” cookies.
When you use and access the Service, we may place a number of cookie files in your web browser.
We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:
– Essential cookies: We may use essential cookies to authenticate users and load their preferences automatically.
– Advertising cookies: Advertising and targeting cookies are used to deliver advertisements more relevant to you, but can also limit the number of times you see an advertisement, and be used to chart the effectiveness of an ad campaign by tracking users’ clicks. They are usually placed by third-party advertising networks with a website operator’s permission.
The two main ways we use advertising and targeting cookies are set out below:
Interest-based advertising (or online behavioral advertising) is where cookies are placed on your device by our third-party advertising partners which remember your web browsing activity and group together your interests in order to provide you with targeted advertisements which are more relevant to you when you visit our websites. Your previous web browsing activity can also be used to infer things about you, such as your demographics (age, gender etc.). This information may also be used to make the advertising on our websites more relevant to you.
‘Retargeting’ is a form of interest-based advertising that enables our third-party advertising partners to show you advertisements selected based on your online browsing activity away from the Website. This allows companies to advertise to people who previously visited their website. These cookies will usually be placed on your device by third party advertising partners and we have listed the main ones we work with as follows: Google AdWords, Facebook.
Without these cookies, online advertisements you encounter will be less relevant to you and your interests.
In addition to our own cookies, we may also use various third-party’s cookies to report usage statistics of the Service.
What are your choices regarding cookies?
Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=en
Google Adwords: https://support.google.com/ads/answer/7395996
Please note, however, that if you delete cookies or refuse to accept them, you might not be able to store your preferences.
We work hard to protect our users and their personal data from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:
• We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
• We restrict access to personal data to CADS Hotels Management Ltd hotels employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.