BOOK NOW

COOKIES POLICY

‘Cookies’ are data files sent by websites to your computer when you browse that website. These data files contain data that allow our website to remember important information that will make your use of the website more efficient. Our website uses cookies for various purposes. We use cookie technology and IP address to obtain non-personal information concerning visitors to each website and in order to provide registered visitors with the best personalized online experience.

How do we use cookies? Visitors to the ‘ROCCA A MARE SINGLE MEMBER PRIVATE CAPITAL COMPANY’ website use different Internet browsers and computers. In order to further facilitate your visits using your technology of choice, we automatically record the browser and operating system used by each visitor, as well as the name of the Internet service provider of each visitor. We also record the total number of visitors to the website in an aggregated manner in order to update and improve our website. No personal information is exported through this process. These data show us whether more visitors prefer specific functions or sections of the website over others, which helps us keep our website up to date with new material that is interesting for the majority of our visitors. More specifically, we use the following types of cookies:

Cookies that are strictly necessary for the operation of the website and user identification: Strictly necessary cookies are of essential importance for the proper operation of our Website, enabling you to browse the website and use its features, as well as access secure areas or use the shopping cart. These cookies do not identify users. Without these cookies, our Website cannot function effectively.

Active Campaigns: This provides integrated e-mail marketing, marketing automation, and CRM for small businesses. We can send you newsletters, set automations based on behavior and benefit from sales automation.

How do we use cookies to personalize your experience on our website? Cookie technology helps us provide information that fits the interests of visitors and allows us to facilitate registration, participation in contests, and access to other functions available on our website for visitors. Where allowed, we may correlate personal information with a cookie file in such cases.

What if you do not wish to accept cookies? If you do not wish to accept cookies, you can click on the special pop-up banner to select which settings you wish for your computer each time: ACCEPT, MORE SETTINGS, REJECT (Check the Help menu of your browser to learn how you can change or correctly update your cookies settings). Disabling cookies may affect your ability to use certain products/services on the ‘ROCCA A MARE SINGLE MEMBER PRIVATE CAPITAL COMPANY’ website.

2nd Level Notification on the processing of personal data through a video surveillance system

Controller Details: The company under the name ‘ROCCA A MARE SINGLE MEMBER PRIVATE CAPITAL COMPANY, trading as ‘ROCCA A MARE , with registered offices in Heraklion, Crete (at 3, Minoos Avenue ), Tel.: +30 2810 260000

E-mail: info@roccamare.gr

Purpose of processing and legal basis: We use a surveillance system for the purpose of protecting people and assets. The processing is necessary for the purpose of the legitimate interests that we pursue as Controller (Article 6(1)(f) GDPR).

Analysis of legitimate interests: Our legitimate interest consists in the need to protect our premises and the goods found in them from illegal acts, including, for example, theft. The same applies to the safety of the lives, physical integrity, health and assets of our staff and third , parties legitimately found in the area under surveillance. We collect only image data and we record only in places, which, in our view, are at risk of illegal action e.g. robbery or vandalism, such as: along the perimeter of the hotel building, along the perimeter of the hotel fencing, at the central entrance, at the side and rear entrances, at the reception desk and reception area, in front of the elevators on each floor, in the parking area and the underground equipment and staff facilities, without focusing on areas where the privacy of those captured by the camera, including their right to the protection of personal data, is excessively restricted.

Recipients: The material stored is accessible only by our competent/authorized personnel and external associates who have entered into contracts with us, who are bound by us under processing agreements of Article 28 of the GDPR, and who are charged with the guarding and security of the space. This material shall not be transmitted to third parties, save in the following cases: a) to the competent judicial, prosecution and police authorities when it includes information necessary to investigate a criminal act involving persons or goods relating to the controller; b) to the competent judicial, prosecution and police authorities when legitimately requesting data in the performance of their duties; and c) to the victim or the perpetrator of a criminal offence, in cases of data which may constitute evidence of the act.

Retention period: We retain the data referred to in this Notification under par. 20 (CCTV), for fifteen (15) days and, after this period has elapsed, the data are automatically deleted. If an incident comes to our attention during this period, we will isolate part of the video and retain it for one (1) further month, for the purpose of investigating the incident and institute legal proceedings to protect our legitimate interests; if the incident concerns a third party, we will retain the video for a further period of up to (3) months.

Rights of Data Subjects: Data Subjects have the following rights in relation to the processing concerned by this Notification under par. 20 (CCTV): • Right of access: You have the right to be informed whether we process your image and, if so, to receive a copy of it. • Right to restrict processing: You have the right to request that we restrict processing, such as, for example, not to delete data which you consider necessary to establish, exercise or defend legal claims. • Right to object: You have the right to object to processing. • Right to erasure: You have the right to request the erasure of your data. You can exercise your rights by sending an email to the address: info@roccamare.gr or a letter to our postal address or by filing a request in person at our offices. In order for us to examine a request related to your image, you will need to advise us approximately when you were within reach of our cameras and provide us with an image of yours to enable us to locate your data and withhold the data which portray third parties. Alternatively, you may visit our premises in order for us to display the images in which you appear. Please note , that the exercise of your right to object or right to erasure does not entail the immediate deletion of your data or the modification of the processing. In any event we will respond in detail as soon as possible, within the time limits set forth in the GDPR.

Right to lodge a complaint: Should you believe that the processing of your data infringes Regulation (EU) 2016/679, you have the right to lodge a complaint with the supervisory authority. The competent supervisory authority for Greece is the Hellenic Data Protection Authority, 1-3, Kifisias Street, GR-11523, Athens, https://www.dpa.gr, tel. No: 2106475600.