Valid from: 4/3/2019
At The Ace VIP, we prioritize the protection of your personal data as part of our general philosophy to aim for the highest possible customer satisfaction and to build strong relations of trust.
We understand the importance of your personal data and make every possible effort to store and process the information you share with us with utmost care.
At The Ace VIP, we enhance the protection of your personal data by implementing technical data security measures and internal management procedures, as well as physical data protection measures. We continuously evolve our systems and procedures in order to stand out in relation to others. We thank you for your continued interest and support.
“Personal data” means any information that is collected or recorded in a form that may allow direct (e.g. surname) or indirect (e.g. phone number) your identification as a natural person.
This “Customer Personal Data Protection Charter” is a part of the terms and conditions that govern our accommodation services. By accepting these terms and conditions, you explicitly accept the provisions of this Charter.
We collect and use personal data in order to manage your relation with The Ace VIP and in order to offer our Services to you. Certain personal data are collected to provide you with personalized and improved services.
We collect personal data with the following purposes:
a) Management of reservations and other hospitality services
Creation and storage of legal documents in accordance with applicable law
We collect data in order to prepare and meet requests relating to your stay (e.g. accommodation preferences)
b) Management of your stay at our accommodation
We manage the access to your accommodation
We manage lists with customers’ personal data for operational purposes such as, e.g., daily customer arrival and departure lists and a list with special category customers.
c) Improvement of our accommodation services
In order to tailor our products and Services to better meet your requirements
We process your personal data using marketing programs for marketing and promotional purposes, but also to better understand your requirements and wishes
We provide you with useful information for offers or other promotional messages
We inform you about special offers and new Services
We provide customized content and suggestions based on previous activities with our Services
d) Management of our relations with you before, during, and after your stay
Management of customer databases
We evaluate and analyze the market, our customers, our products and Services
We create statistical data and reports
We acquire knowledge and manage the preferences of new and recurring customers
In order to send newsletters, promotion products and offers, or to contact you by telephone
We manage requests for deletion from update lists
We create and manage questionnaires and statistics
We organize lotteries, contests and offers, to the extent allowed by law
e) Improvement of our Services
We conduct market research and analysis of questionnaires and customer comments
We manage customers’ claims and complaints
f) System security
We record data to ensure security and to avoid fraud
g) Compliance with Greek and European law
h) Conducting market research, customer satisfaction and quality assurance, direct marketing and sales promotions
i) Conducting targeted advertising campaigns on the Internet through third-party websites
Information provided directly by you
A number of our Services provide the possibility to provide information directly to us. For example:
We are obliged to request the following details about you and/or your family members:
The data we collect on persons under the age of 16 are restricted to given name, surname, nationality, and date of birth, and can be provided only by an adult / guardian. We thank you for your efforts to ensure that children do not send us personal data without your consent (especially through the internet). Should any information of this type be sent to us, you can communicate with us to schedule the deletion of such information.
Moreover, information such as your passport number, your recreational activities, your hobbies, any health issues that you may have, or whether you are a smoker or not, can be described as sensitive. We retain such information only if we are obliged to do so by applicable law or if you have explicitly given us your consent (e.g. in order to provide you with an appropriate Service, such as a special diet)
Information on your use of our Services
Apart from the information provided directly by you, we may also collect information on your use of our Services through the software of your device, or by other means. For example, we may collect:
Information from third parties
We may receive information about you from available public and commercial sources (to the extent permitted by law), which we may combine with other information that we receive directly from you, or in relation to you. We may also receive information about you from third party social networking services when you choose to connect to such services.
Other information we collect
We may also collect other information about you, your device or your use of services in manners described at the point of collection, or otherwise with your consent.
You may choose not to provide certain types of information, but this may influence the possibility to use certain Services.
We collect personal data in various cases, such as:
Check-in and payment
Reservation of and use of our services, such as drivers, chefs, catering, and recreational services
Various requests, complaints and/or disputes
b) Participation in marketing programs or events:
Participation in online and offline surveys (for example, Customer Satisfaction Survey)
Participation in contests and games
Subscription to mailing lists, in order to receive offers and other promotions by email
c) Transmission of information from third parties:
Tourist agencies, tourist offices, GDS reservation systems, online reservation systems (such as e.g. Booking.com, Expedia.com, etc.) and other reservation systems
d) Actions through electronic devices
Login on our websites
Completion of online forms (e.g. reservation forms, pre check-in forms, satisfaction survey forms, etc.)
At The Ace VIP, it is part of our philosophy and basic principles to not disclose your information with third parties for their unrelated business or marketing purposes, without your consent.
However, we may disclose your information to the following entities:
In order to provide you the best possible service, we allow access to your personal data or to certain categories thereof to competent, authorized members of our personnel. This includes:
For the purposes set out in Article 3 of this Charter, we may transfer your personal data to internal or external recipients who may be located in countries that offer different levels of protection for personal data.
Please note that data protection and other laws in the countries to which your information may be transferred may not be equally protective as in your country. The transfer will take place according to the legislation on the processing of personal data, in order to ensure sufficient protection of your personal data.
The Ace VIP implements suitable measures in order to ensure safe transfer of your personal data to an external recipient located in a country that offers a different level of privacy than the one proposed by the country where the personal data are collected.
We have taken reasonable organizational and technical measures in order to protect the information that we collect in relation to our Services, especially with regard to any sensitive personal data that happen to be collected. Our IT department implements the international standards and practices in order to ensure the safety of the networks and the encryption of the data.
Ensure the confidentiality of the transfer of your personal data
To ensure the confidentiality of data transfer, we use the SSL-128bit encryption protocol. Encryption covers all areas of the website as well as the transfer of data to and from our mail server (Mail Exchanger).
Controlled Access (Firewall)
Access to its systems The Ace VIP (Servers) is controlled by Firewall, which allows the use of specific services by customers/users while prohibiting access to systems and databases with confidential data and company information. There are also additional security systems such as WAF, Antivirus, Anti-malware, Cpanel WHM etc. which reduce the chances of malicious actions.
The system of The Ace VIP first decrypts the information it receives using the same key (predetermined when you start your connection with the service) and then processes it.The systems of The Ace VIP send you information by following the same encryption process. At any point in the Site Enter personal data (name, address, phone number, etc.) there is SSL 128-bit encryption. Encryption is essentially a way of coding the information until it reaches its designated recipient, who will be able to decode it using the appropriate key.
That is, every time you send information to the system, the Browser encrypts them first by using a 128 key Bits and then sends them to the system.
The system of The Ace VIP first decrypts the information it receives using the same key (predetermined when you start your connection with the service) and then processes it. The systems of The Ace VIP send you information by following the same encryption process.
However, you should bear in mind that despite the reasonable measures that we take for the protection of your information, no website, Internet transmission, computer system or wireless connection is ever completely safe.
We take reasonable measures in order to ensure that the information concerning you will be stored no longer than needed for the purpose for which it has been collected and no longer than required by the contract or the applicable legislation.
Cookies are small files that store information on your computer, mobile phone, or other device. They allow the entity who places these files on your device to identify you across different websites, services, devices and/or browsing times. Cookies serve a range of useful purposes. For example:
Cookies can remember your login credentials, so you do not have to enter them again each time you connect to a service.
Cookies help us and third parties to understand what parts of our Services are the most popular; they help us see which pages and features are visited by the users, and how much time is spent on each. By studying this kind of information, we can better customize our Services and provide you with better experience.
Cookies help us and third parties to understand which advertisements you have viewed, so that you do not receive the same advertisement each time you access the Service.
Cookies help us and third parties to provide you with relevant content and advertisements by collecting information about your use of our Services and other websites and applications.
When you use a web browser in order to access our Services, you can make settings in your browser to accept all cookies, to reject all cookies, or to notify you when cookies are sent. Each browser is different. Refer to the “Help” menu of your browser in order to find out how you can change your cookie preferences. The operating system of your device may offer more control settings for cookies.
However, please note that certain Services may have been designed in order to work with cookies and that deactivating cookies may affect your ability to use these Services or a specific part thereof.
Right to erasure (‘right to be forgotten’)
According to the legislation in certain jurisdictions, you are entitled to request details on the information that we collect and to correct any inaccuracies that may be contained in such information. All other lawful user rights remain unaffected. We may refuse to handle requests that are repeated to an unreasonable degree, require disproportional technical effort, jeopardize the privacy protection of others, are extremely unpractical, or involve access that is not otherwise required by domestic law.
In case you want to modify or delete your personal data please visit our website, in which you will find our contact information. Stay confident that our team will serve you as soon as possible.
You have the right to obtain from the controller the erasure of your personal data.
The User’s Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Additional information about User’s Personal Data
System logs and maintenance
For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) use other Personal Data (such as the IP Address) for this purpose.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
How “Do Not Track” requests are handled
This Website and Application does not support “Do Not Track” requests.
To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
The means by which the Personal Data of the User is collected and processed.
The service provided by this Application as described in the relative terms (if available) and on this site/application.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Small piece of data stored in the User’s device.
This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).