This Privacy Policy together with the Privacy Note attached to the Registration Forms and our Cookies Policy provide information and explain how our company called Ananti Resort & Spa processes the personal data of our customers (hereinafter referred to as “Customers”), “Visitors” or “you”) and visitors to our website (hereinafter “you”) and sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully in order to understand our views and practices regarding your personal data and how we will process it.

The definitions contained in this Privacy Policy have the meaning set out in Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016, which together with Greek Law and the regulatory framework applicable in Greece constitute the Personal Data Protection Legislation.

We are committed to maintaining the privacy of all visitors to www.anantiresort.gr and protecting any personal information you may provide to us.

This Privacy Policy is provided to help you understand what we may do with the personal information we receive from or about you. Personal information may include information about an identifiable individual, as defined by the Privacy Act, such as name, email address and telephone number, and other relevant information. By providing us with your personal information, you indicate that you accept this Privacy Policy and agree that we may collect, use and disclose your personal information and data as described in this Privacy Policy. If you do not agree with this notice and/or this Privacy Policy, please do not provide us with your personal information and data. However, this may be necessary if you wish to take advantage of our accommodation services.

INFORMATION & PERSONAL DATA WE COLLECT

1 – We may collect personal information about you when you use our website or our accommodation services and in any other way you may interact with us. The information we collect falls into the following categories.

2 – We may combine the information you provide to us with information collected through automated methods or with information we receive from other sources.

3 – We collect information that you provide to us. You may provide us with the following information:

– Personal data and information that you provide to us on the Registration Form when checking in to one of our hotels or any other type of personal data that you provide to us when you choose to contact us or use our services, such as personal information, your name, postal and email addresses, telephone number, date of birth and other contact details, identity or passport number, check-in and check-out information, payment methods and any other relevant information.

– Personal information such as your name, postal and email addresses, telephone number, date of birth and other contact details when you register on our website and/or Mobile App, when you connect to Wi-Fi, enter one of our competitions or contact us by phone or through our online services,

– Transactions, information, including information about the services you book, prices, payment methods and payment details,

– Account information, such as your username or password (or anything else that identifies you) used to access our online services or to purchase or use our products and services,

– Email address and other contact information upon your consent,

– Profile and preference information, with your prior consent, such as products and services you desire, time you prefer to visit us, room preferences, bathroom preferences, food and beverage preferences, newspaper and other magazine preferences or any other preferences resulting from your behavior, comments, choices and suggestions during a previous stay, as well as your purchase and record history, activity information, membership in loyalty programs, and other preferences.

4 – We collect information through automated methods. In this context, we may use automated technology to collect information from your computer or mobile device when you visit our restaurants, use our online services or in-restaurant technology. Automated technology may include cookies, local shared objects and web alerts. Below you will find more information about cookies and other technologies.

(a) your internet protocol (IP) address,
(b) your computer or mobile device operating system and browser type,
(c) the type of mobile device and its settings,
(d) the unique device identifier (UDID) or mobile equipment identifier (MEID) for your mobile device,
(e) the serial numbers of the devices and hardware parts,
(f) advertising identifiers (for example, IDFA and IFA) or similar identifiers,
(g) website referral (a website that led you to ours) or application,
(h) online activity on other websites, apps or social media,
(i) communication with us or about us on social media; and
(j) activity related to how you use our online services, such as the pages you visit on our website or mobile applications.

5 – Our website may collect information about the exact location of your mobile device or computer using geolocation and technologies such as GPS, Wi-Fi, Bluetooth or cell tower proximity. On most mobile devices and computer systems, you can revoke your permission for us not to collect this information using your device or web browser settings. If you have any questions about how you can prevent the collection of accurate information about your location, we encourage you to contact your mobile device service provider, device manufacturer, or web browser provider. Our site may not function properly without your location information. If you would like us to delete information we have collected that could identify your location, please contact us at the address, phone number or email address listed below.

6 – We may collect information about you from other companies and organisations as well as from partners or service providers, such as information transmitted by third parties, such as travel agencies, tour operators, whether operating online or in any other form, booking systems, platforms, service providers and in any other way. We may also collect information that is publicly available. For example, we may collect information about you when you interact with us through social media.

COOKIES

We may obtain information about your general internet usage by using a cookie file, which is stored in your browser or on your computer’s hard drive. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our website and provide a better and more personalised service. Some of the cookies we use are necessary for the operation of our website. Please note that our advertisers may also use cookies, over which we have no control. For more information on how we use cookies, please see our Cookies Policy.

PURPOSE & USE OF INFORMATION & PERSONAL DATA


1 – We use information collected, stored and processed about you in the following ways:

2 – In order to provide our services to our Visitors and for administrative & business purposes.

In order to manage your booking and accommodation request, Ananti Resort & Spa will collect, use, share, transfer, process and store the personal data you provide to us. This process is necessary to fulfil our obligations to our Clients, to provide you with information or services and to communicate with you, whether at your request or otherwise as required. In addition, we will use your personal data in order to provide you with our services and to collect payment for those services, for internal Customer management and for business purposes in order to provide you with the information or services you have requested and to improve our services, products or processes.

3 – For promotional announcements.

With your consent, we may collect, use, share, transfer, process and store your personal data in order to contact you about newsletters, discounts and special offers, as well as other promotional material, messages and unique offers. You can withdraw your consent at any time by following the unsubscribe instructions in the promotional communications we send you. You can also withdraw your consent by contacting us at our email address (info@anantiresort.gr).
If you choose not to receive promotional communications from us, we may continue to send you communications about your transactions.

4 – For the operation of our website.

We will process your personal data in order to ensure that the content on our website is presented in the most effective way for you and your computer and for marketing and promotional purposes for our services and third party products or services. In addition, we may process your personal information so that you can participate in interactive features of our website when you choose to do so or to notify you of changes to our website.

5 – Complying with the law and protecting our interests.

We may use your information in order to comply with our legal obligations under applicable law or to disclose your personal data as required to comply with applicable laws and regulations, such as our obligation to collect personal data of our Visitors in accordance with Police Directives, to process and store accounting documents and records, to respond to requests from governmental, judicial or other competent authorities, to protect business.

6 – Management of consumer complaints.

We will use your personal data to respond to any customer complaint, as well as to defend the hotel and present our case to any Court or administrative authority in relation to any such customer complaint.

7 – Preferences & Profiles.

With your consent, Ananti Resort & Spa will collect, use, disclose, transfer, process and store your personal data in order to provide you with unique experiences, enhanced and personalized services when you visit our hotel in the future, according to your preferences and profile, to customize our commercial offers and promotional messages, to inform you about special offers and new services created to meet your personal needs, to keep you informed about special offers and new services created to meet your personal needs, to provide you with information about our services, and to provide you with information about our services. You may withdraw your consent at any time by contacting us at our email address (info@anantiresort.gr).

8 – Poor Visitor Behaviour.

For the management of our group and for administration purposes, we may collect and process personal data of Customers or Guests who have shown misconduct during their stay in our hotels or have shown anti-social behaviour or non-compliance with security regulations, been accused of theft, damage to property or any other type of damage or vandalism and any payment incidents. This processing is necessary for the legitimate interests of our business and all members of our group, to protect our future Visitors and our employees and to prevent instances of fraud and misuse of our property or personnel.

8 – Securing Payments.

We may adopt systems to assess the risk of fraud. In this context, we may use service providers or risk prevention systems for analysis and, depending on their results and investigations, we may need to take security measures, such as suggesting different booking channels or requiring alternative payment methods. Non-compliance may result in suspension of a booking or cancellation of an order. In the event of illegal use of any payment instrument or payment methods, leading to payment default or payment fraud, and despite other legal actions that may be available, Ananti Resort & Spa may record such incident data on file in order to rule out future fraud or payment avoidance and conduct additional checks. This processing is important and necessary in order to protect our legitimate interests, operate our business properly, prevent fraud and pursue appropriate legal actions.

9 – Extreme circumstances & public health.

In the event of extreme or unprecedented and unexpected circumstances, particularly due to public health incidents or issues and pandemics, we may need to collect, store, process and disclose to third parties and relevant administrative authorities personal information, including medical and other sensitive data, in order to comply with applicable laws and regulations or to protect individuals, such as other Guests and Customers of our hotels or our employees from the spread of a pandemic or any Where personal data is stored by relevant public authorities, you may need to refer to their privacy policy for more information about their use and processing of your personal data.

We may also use your data or allow selected third parties to use your data to provide you with information about goods and services that may be of interest to you and we or they may contact you about them. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users. We may use the personal information we have collected from you in order to comply with our advertisers’ wishes by displaying their advertising to targeted audiences.

In order to meet your specific requirements, such as dietary needs, we may need to collect sensitive information, such as information about race, ethnicity, political opinions, religious and philosophical beliefs, trade union membership or health, medical or sexual orientation information. In this case, we will only process this data if you provide your explicit prior consent.

WHERE WE STORE YOUR PERSONAL DATA


1- As a general rule, the data collected from you will not be transferred or stored to a destination outside the European Economic Area (“EEA”).

2 – In certain cases, your personal data may be shared with our service providers, suppliers or partners who may be based anywhere in the world, including countries that do not offer the same legal protection for personal data as your country of residence. Ananti Resort & Spa complies with EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016, as well as with Greek Data Protection Legislation and has entered into respective Data Protection Agreements with service providers, suppliers or partners in order to protect and safeguard your personal data to the extent that it is technically and practically feasible that there will be an adequate level of protection from these third parties for your personal data. In any event, Ananti Resort & Spa discloses your Personal Data strictly and only on a need-to-know basis and subject to appropriate contractual restrictions (such as the EU Standard Contractual Clauses).

3 – All information provided to us is stored on our secure servers.
Any payment transactions will be encrypted.

4 – Where we have given you (or where you have chosen) a password that allows you to access certain parts of our website, you are responsible for maintaining the confidentiality of that password. Please do not disclose your password to any third party.

INFORMATION SECURITY


Ananti Resort & Spa has established a strict and highly sophisticated security system, adopts security procedures and measures and takes appropriate technical and organizational measures, in accordance with legal provisions and market standards, in order to protect your personal data, avoiding, to the extent technically feasible, any security or personal data breach or security incident and preventing any unlawful or accidental destruction, alteration or loss, misuse, unauthorized access, modification, alteration, alteration or loss, misuse, unauthorized access, alteration, alteration or loss of your personal data. However, the transmission of information over the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site. Any transmission is at your own risk. Once we receive your information, we will follow strict security procedures and operations to try to prevent unauthorized access and use, including but not limited to physical security, technical measures, firewalls, organizational measures, password systems, and any other reasonable protective measures.

RETENTION OF PERSONAL DATA


We retain personal data for the period of time necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law or applicable regulations.

DISCLOSURE OF YOUR INFORMATION


1 – We will only share your information in accordance with what is described in this Privacy Policy.

2 – We may share your information with Ananti Resort & Spa’s member companies, which include all of our hotels, affiliates and subsidiaries. All Ananti Resort & Spa member companies that receive information are not authorized to use or disclose the information, except as set forth in this Privacy Policy.

3 – In addition, Ananti Resort & Spa is our primary Information Processor, providing direct sales, marketing and other administrative, support and consulting services. In this context, your personal data will be disclosed and processed by Ananti Resort & Spa.

4 – We also rely on third parties to provide services and products to you and may share your personal information with them as necessary and as required to provide our services, including but not limited to food and beverage, transportation, information technology, Wi-Fi and network services, banking information, credit card issuers, travel agents and other partners or vendors. We will also share your personal data with third-party vendors who provide services to us, such as fulfilling orders, providing data processing and other information technology services, administering promotions, contests, prize draws and sweepstakes, conducting research and analysis, and personalizing individual customer experiences. All such third parties are contractually obligated to protect your personal data and information in accordance with the Privacy Act and may not use or disclose your personal data and information except as required by law or our contracts and data protection agreements. We do not allow these service providers to use this information or disclose it for any purpose other than to provide services to us or on our behalf.

5 – We may, for strategic or other business purposes, decide to sell or transfer all or part of our business. As part of that sale or transfer, we may disclose information we have collected and stored, including customer information, to anyone involved in that sale or transfer.

6 – There may be occasions when we will disclose information that does not directly identify you. For example, we may disclose anonymous, aggregated statistics about your use of our website. We may also combine information about you with that of other customers and may disclose or otherwise process that information in a way that does not identify you.

7 – We have the right to use or disclose information as necessary to comply with any law, regulation or legal request, to protect our website, to pursue or defend legal claims, to protect the rights, interests and safety of our organization, our Customers and Visitors, and our employees or users of our website, or in connection with an investigation of fraud or other crime or violations of our policies.

YOUR RIGHTS


1 – Under the Personal Data Protection Legislation, you have the right to request access to the personal data we hold about you in order to be informed, at your request, whether your personal data is being processed and to receive additional information about that processing, such as information about the possible transfer of personal data outside the EU and the appropriate or adequate safeguards we have in place for such a transfer. Where the requirements of the Data Protection Legislation are met, you may also request that any inaccurate information we hold about you be corrected or deleted or that we restrict the processing of your personal data. If such a request constitutes a breach of our or our partners’ obligations under any applicable laws, regulations or codes of practice, then we may not be able to comply with your request. However, you may request that we block the use of your personal data from further processing. You also have the right to data portability to another data controller in certain circumstances and where technically and economically feasible.You can withdraw your consent at any time. Withdrawal of your consent will not affect the lawfulness of the processing based on the consent prior to its withdrawal. You can also lodge a complaint with the competent Data Protection Supervisory Authority (www.dpa.gr) if you believe that the processing is in breach of the law.

2 – If you wish to exercise your aforementioned rights or if you have any questions or concerns about our Privacy Policy, please contact our Data Protection Officer at : info@anantiresort.gr

LINKS TO OTHER WEBSITES AND SOCIAL NETWORKING SITES


1 – Our website may, from time to time, contain links to and from the websites of our partner networks, as well as advertisers or any third party. If you follow a link to any of these sites, please note that these sites follow their own privacy policies and that we accept no responsibility or liability for these policies or any processing carried out by these third parties. Please review these policies before submitting any personal data to these sites.

2 – We may also have providers of other applications, tools, graphics and add-ons on our online services, such as Facebook “Like” buttons, who may also use automated methods to collect information about how these features are used. These organisations may use your information in accordance with their own policies, which we recommend that you read carefully.

CHANGES TO OUR PRIVACY POLICY


1 – This Privacy Policy is effective as of the date indicated at the bottom of this document. There may be changes to this Privacy Policy from time to time. In that case, we will post the revised version here and change the date of the “Last Updated Version” (the date from which it becomes effective) at the bottom of this document. Please check this link regularly for the most up-to-date version of our Privacy Policy, especially before booking any of our hotels.

2 – Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified by email.

HOW TO CONTACT US


In order to protect your privacy and personal data, we may ask you to provide us with identification credentials before we respond to your request. In particular, if we have reasonable doubt about your true identity, we may ask you to provide us with a copy of your police ID or passport or information about your stay at our hotels, such as your registration number, booking confirmation, check-in and departure dates or other useful information. If we do not receive this information, we may refuse to provide a response to your request.