Elysium athens rooftop

The Elysium restaurant (hereinafter as “Company”).With this Privacy Notice, the Company wishes to inform its guests about the processing of their personal data during their stay.Specificly, the personal data that have been voluntarily provided by the users of our website, and our practices regarding personal data obtained from other sources, such as written or telephone communications or the information we have when you visit our accommodation, are used by our company in order for users to have direct and meaningful communication with our company, to provide them with answers to specific questions they ask and finally to serve and execute  reservations. The Company has taken the required technical and organizational measures in order to be fully compliant with the General Data Protection Regulation 2016/679 (GDPR), the Law 4624/2019, the Decisions, Instructions and Opinions of the Hellenic Data Protection Authority and in general the national/EU legislation and jurisprudence regarding data protection (hereinafter “Existing Legislation”. The information collected by our business through our website cookies is intended to measure the number of visits to our website, to determine customer requirements and to facilitate transactions with the business.

The Company may transmit the above personal data to its staff, to the Management or to third parties, to whom it has entrusted the processing of personal data on its behalf (eg reservation management system). After your departure, the Company shares your personal information such as name, length of stay, room number, number of guests, email, with an external partner who undertakes to send you a guest satisfaction questionnaire and collect your respective answers (completion is optional).

In any case, the third parties to which your data may be transmitted, are contractually bound towards the Company to ensure the required obligation of confidentiality as well as all the obligations provided by the Existing Legislation. In addition, your personal data may be transmitted to supervisory, independent, judicial, prosecutorial, public and/or other authorities or bodies or parties entrusted with the control/monitoring of the Company’s activities within the framework of their competences. The Company will not process your personal data for purposes other than those for which they were collected, nor will it transmit them to unauthorized third parties. Although as a rule the Company does not transmit your personal data to countries/organizations outside the EU/EEA, in case it proceeds with such transmission, it will ensure that the conditions of articles 44 et seq. of the GDPR.

Please note that this policy does not apply to the processing of personal data that fall under and belong to the sphere of responsibility of third parties, other service providers, such as companies that organize or offer packages of offers, commercial partners, etc.

In accordance with Existing Legislation you have the right to information, access, correction and deletion, restriction of the processing of your personal data, right to portability and opposition to the processing of your personal data, as well as the right to object to automated decision-making and profiling. In addition, you have the right to withdraw the granted consent and the right to submit a complaint to the Data Protection Authority, in case you believe that your personal data has been violated. Your consent to this Privacy Policy is necessary in order to use our website and its services.

What is the Personal Data we collect and why.

“Personal Data” is defined as any information relating to an identified or identifiable natural person (“data subject”). It does not include anonymous information.I

In order to make reservations, but also to ensure that we can contact you in order to inform you about issues related to your reservations and our offers, it is necessary to disclose certain personal data, such as your full name, address (sender and recipient), telephone number, e-mail address. The above action is in accordance with Article 6 (1) (b) GDPR, according to which processing is necessary for the performance of a contract to which the data subject is a party or for measures to be taken at the request of the data subject prior to entering into a contract.

In addition in case of payment by credit card, the details of the latter are also selected. Your credit card is used only for the specific transaction you have requested. Your credit card details are stored with the user’s details until you leave the restaurant. After payment of your meal, your credit card details are deleted.

We further collect personal information when you contact our company in various ways such as subscribing to our accommodation newsletters or through the contact form we provide. If you follow this option, you will be asked for your name and email address, along with the text of any message you choose to include. By using this feature, you grant us the right to register and use your name and email address for contact purposes in order to keep you informed about issues related to your requests and to learn about our news and offers.

However, we also receive information about you from other sources. These include business partners, such as travel agencies or other websites. Anything we receive from these sources may be combined with the information you have provided us with. Using some of them, you give your booking details to our business partner, who then passes them on to us. We also use third party provider services to facilitate guest payments at the property. These service providers share payment details so that we can manage your reservations and ensure that everything works smoothly for you.

If a refund is requested for your reservation either by you or by the holder of the credit card used to make your reservation, we may need to share some details of the reservation with the payment service provider and the relevant financial institution in order to process the refund. This may include a copy of your confirmation or the IP address from which your booking was made. In addition, we may share information with relevant financial institutions where we consider it necessary for fraud prevention and detection purposes.

We do NOT collect special categories of your personal data, namely data “revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data for the purpose of unambiguous identification of a person, data concerning health or data concerning the sex life of a natural person or sexual orientation” (Article 9(1)(b) of the GDPR). 1 GDPR/GDPR) or data relating to criminal convictions and offences (Article 10 GDPR/GDPR). 

If you do not allow us to collect your personal data for the purposes listed here, we may not be able to provide you with our services in an optimal way.

Personal data of minors

Minors who wish to use our services must have the consent of their parents, who are the only people responsible for the submission of their children’s personal data.

Links to other websites

Our website may contain links to third party websites. Please note that we are not responsible for the collection, use, maintenance, distribution, or disclosure of data and information from third parties. If you provide personal data to third-party websites, the privacy policy and terms of service of those services will apply. We advise you to first check the privacy assurance policy of the websites you visit before you consent to the assignment of your personal data to them.

Non-personal information – cookies

As with other websites, our website may use “cookies” or other technologies to help us deliver content relevant to your interests, to process your reservations or requests, and/or to analyze your visit patterns. Cookies, on their own, cannot be used to reveal your individual identity. This information identifies the search engine, on our servers when you visit our website. If you wish to remove cookies at any time from your computer, you can delete them using your computer’s browser (consult the “help” options of your browser to find out how to delete cookies).

Security of your personal data

We have effectively implemented, both at the time of determining the means of processing and at the time of processing, appropriate technical and organizational measures designed to implement data protection principles and incorporate the necessary safeguards into the processing in a way that meets the requirements of the GDPR and protects your rights. We have also implemented appropriate technical and organizational measures to ensure that, by default, only personal data that are necessary for the purpose of the processing are processed. We have active procedures in place to control possible personal data breaches and in such a case we will inform you immediately as well as the competent supervisory authority.

For how long do we keep your personal data?

The computers and programs we use are set up in such a way that the use of personal and identifying information is kept to a minimum. This data is processed only to the extent necessary to achieve the purposes set out in this Policy and will be stored for as long as is strictly necessary to achieve the specific purposes pursued. In any case, the criterion used to determine the storage period is based on compliance with the time limits allowed by law and the principles of data minimization, storage limitation or rational management of our records.

Find out your rights under the GDPR.

If you are resident in the European Union, you have the following rights in simple terms:

– The right to be informed about how we use your personal data.

– The right of access, which means you can request a copy of the personal data we hold about you.

– The right to rectification, i.e. to have us correct your personal data that may be incomplete or inaccurate.

– The right to erasure (the right to “be forgotten”), which means that in certain circumstances you can ask us to erase the personal data we hold about you (unless there is a legal reason why we should not do so)

– The right to restrict the processing of your personal data.

– The right of portability of your data, i.e. to request a copy of your personal data in a common file format and to transfer that data to another company.

– The right to object to the processing of your personal data, e.g., for direct marketing purposes.

– The right not to be subject to a decision taken solely based on automated processing, including profiling, which produces legitimate effects concerning you or significantly affects you in a similar way.

– The right to lodge a complaint with the competent data protection supervisory authority in the Member State in which you have your habitual residence or place of work.

The above rights are subject to specific regulations on when you can exercise them. You do not have to pay to access your personal data (or to exercise any of your rights) unless your request is unfounded, repetitive or excessive, in which case we may refuse to comply. Please note that we may ask for some additional information to confirm your identity when you request access to your rights or to exercise any of your other rights; this is as a security measure that your personal data will not be disclosed to others. We will respond to each of your requests within a period of one (1) month. Ιf we need more time due to complexity or number of requests, we will let you know.

Limitation of liability – Disclaimer

The content of our website is provided “as is” and no warranty, express or implied, is made as to the completeness, accuracy, timeliness, merchantability, non-infringement or fitness for any use, application or purpose of such content.

Our company, under any circumstances, including negligence, are not liable for any form of damage suffered by the visitor/user of the pages, services, options and contents that he/she enters on his/her own initiative and with knowledge of these terms. They also do not guarantee that the pages, services, options and contents will be provided without interruption, without errors, that errors will be corrected or that answers will be given to all questions raised. Similarly, it does not guarantee that the servers through which the content is made available to visitors/users are provided free of “viruses” or other harmful components. The cost of any corrections or services is borne by the visitor / user and in no case our company.

Policy Modifications

We may from time to time change our Privacy Policy. If you are interested in keeping track of this policy, it is advisable to visit this page regularly. If we modify our Privacy Policy in a way that will affect you (for example, if we intend to process your personal data for purposes other than those previously disclosed to you in this Privacy Policy) we will notify you of those changes before those new activities begin.

Acceptance of our Privacy Procedures

If you use this website, you accept and consent to this Privacy Statement and to the terms and conditions of use of the website communicated through it.