Terms of service.

General Terms of Use

  1. Introduction

The website www.sgl.gr  (hereinafter the “Website”) is operated by the single member private company by the name “A. MANTZAVELAKIS SA”, based in Kolonaki, Attica, address 2 Kleomenous Street, (hereinafter referred to as “the company” for short), which, manages the hotel St. George Lycabettus.

  1. Content

    1. The Website’s content includes information that concerns the services provided by the hotel St. George Lycabettus. Its purpose and character are merely informative and in no case binding. The information provided through the Website can in no case be regarded as advice-instigation to certain actions.

    1. Any new information added to the Website will pertain to the present terms and conditions.

  1. Limitation of Liability

    1. We make every effort to ensure the accuracy of the information on the Website at the time of posting it but we cannot guarantee that the information stays up-to-date, therefore we recommend that you verify it.

    1. Generally and to the fullest extent permitted by law, we do not assume any responsibility whatsoever for any damage, loss or other kind of malfunction may directly or indirectly be caused to you in relation to your visit to the Website and/or the use of its content, or part of it (for example, damage caused by viruses or by harmful and/ or malicious software that may affect your equipment or the validity of the information you obtained through the Website or any other actions or omissions on your part that result from your visit to the Website and/ or through the use of its content, to name but a few).

    1. As users, you are solely responsible for accessing the Website, as such access may require payment of fees to third parties, for example, to companies that provide internet services, or who charge internet time, to name but a few. In addition, as users of the Web site you have sole responsibility for your personal equipment and the technological means you use to access the Website.

  1. Copyright / Trademarks

    1. The Website and all of its content, that is, all the information, data, texts, graphics, photographs, images and in general any material collected by the company, its contractors or its partners, save for explicitly mentioned exceptions (such as third party copyright), are subject to the intellectual and industrial property rights of “A. Mantzavelakis SA”, protected under the applicable copyright protection regulatory framework.

    1. It is illegal to copy, reproduce or modify in any way, part or all of the Website content, and/or its use on different websites without the prior written consent of the copyright holders. As an exception, individual storage and copying of parts of the content on the Website are allowed for personal use only. Note that this exception does not in any way imply the concession of intellectual or industrial property rights to anyone. This permission does not apply to any third party material on the Website.

    1. All the trademarks, logos and service brand names appearing on the Website are the property of the company.

  1. External links

The Website may contain external links for better information and easier reference purposes. Nevertheless, we do not take any responsibility for the accuracy, completeness or authenticity of the content, or – for that matter – for the content itself, the services, function or efficiency of all the external links that may be used on the Website and are contained in any third-party internet site, nor can we guarantee their availability. Consequently, a visit to such internet sites is made at your own risk. Their content does not bind us in any way, and any reference or mention to these webpages through our Website does not constitute, nor should it be construed as, an endorsement or unreserved recommendation for the use of such websites.

  1. Personal Data

6.1. The personal data that you enter through the Website will be processed by the company in order to serve and inform you better in compliance with the company’s General Data Protection and Privacy Regulation Policy, which can be found on the following link https://sgl.gr/privacy-policy/ . The company, respecting your privacy, will make every possible effort to safeguard your personal data and undertakes not to use it for advertising-information purposes without your explicit consent.

6.2. In case of linking the Website to third party internet sites (through links), you should read the other websites’ policy regarding the protection of personal data and the practices they apply to safeguard this protection, as the company assumes no responsibility for the content or the data collection policies of other companies’ websites.

  1. Cookies

It is possible that our Website has cookies. Cookies are small text files that are stored on each user’s hard disc and which do not receive information from any file on their computer. For further details, you may refer to the Use of Cookies Policy https://sgl.gr/cookie-policy/ .

  1. Other terms

    1. All the terms mentioned above cover the entire agreement between you, the visitor to the Website, and the company that created it.

    1. The company has the right to unilaterally modify the terms mentioned above without prior notice to you if it is deemed necessary for the assurance of the services it provides. In case the present terms are modified, you will be notified accordingly by the company.

    1. All the terms mentioned above are considered essential. Should any of the terms be declared void by court order for any reason, the remaining terms shall apply and remain in full force.

    1. Please read the terms above carefully. If, after reading the terms, you continue to access and link to the Website, it shall be assumed that you have fully and unconditionally accepted all the general terms and conditions of the Website in their entirety.

    1. For any further questions, contact info@sgl.gr

    1. The Website was created and operates in accordance with Greek law. For any dispute that concerns the use, execution, interpretation or content of the Website, Greek law applies. The courts of Athens shall have exclusive jurisdiction over the resolution of any dispute between you, the user of the Website, and the Company.

Privacy Policy

The hotel St. GEORGE LYCABETTUS wishes to inform the users of this website (hereinafter “Data Subject”, “you”) for the processing of their personal data, in accordance with the provisions of the Regulation (EU) 2016/679 (hereinafter “GDPR”), law 4624/2019, Decisions, Guidelines and Opinions of Hellenic Data Protection Authority and, the relevant legislation about the protection of Personal Data (hereinafter “Data Protection Legislation”).

Ι. What personal data we collect, for which purposes and which are the legal bases

PURPOSE

PERSONAL DATA COLLECTED

LEGAL BASIS

Contacting prospecting customers/customers (reservation form)

First name, last name, email address, phone number, personal data that may be included in the message sent by the user

Article 6(1)(b) GDPR: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

 

Social Plugins

Through the plugins in use in our website we may be granted access only to publicly shared information found on the respective Social Media platforms. The use of the plugins found on our website is governed by the terms and conditions of each platform.

Article 6(1)(a) GDPR: the data subject’s consent, as explicitly given by clicking each social media icon that transfers the user to the corresponding social medium.

II. How long your personal data is retained for


Personal data shall be retained for as long as necessary for data collection purposes, as specified in section I, unless otherwise specified by law. It is our responsibility, once the retention period expires, to ensure that your data will be safely deleted or destroyed in accordance to explicitly described standards and specifications.

ΙΙΙ. To whom your personal data are disclosed and/or transferred

The hotel St. GEORGE LYCABETTUS may disclose your personal data to its authorized employees and/or transfer data collected through this website to:

a) Entities entrusted with the execution of specific tasks such as, but not limited to, product suppliers and/or IT service providers and/or support service providers of all kinds of computer-based information systems or electronic systems and networks. Those entities offer adequate assurance for the implementation of necessary technical and organizational measures, so that data processing is conducted in accordance to GDPR and other relevant legislation for data protection. In particular, “A. MANTZAVELAKIS SA”, which is based in Kolonaki, Attica, Kleomenous 2, manages the hotel St. George Lycabettus and therefore processes personal data as referred in section I. In case you attempt to make a reservation through our website, you will be redirected to iHotelier’s reservation platform (Amadeus Hospitality/TravelClick), which processes personal data included in your reservations.
b) Supervisory, independent, judicial, prosecuting, public and/or other authorities, bodies or parties assigned to control/monitor our activities within the scope of their responsibilities.

Your personal data shall not be processed for any other purposes than mentioned above, nor shall be transferred to unauthorized third parties. Although we do not transfer your personal data to countries/organizations outside the EU/EEA, in the event that we need to proceed with such transfer, we will ensure that the conditions of articles 44etc. of the GDPR are met.

ΙV. Rights of the data subject

The General Data Protection Regulation provides you with rights and options that we are committed to satisfying. Thus, you may:

  • request information about your stored personal data and the way it is processed. If you so wish, we shall provide a copy of your personal data undergoing processing, free of charge (Right of Access).

  • request rectification of inaccuracies or errors, correction of incomplete data or an update of your data (Right to rectification).

  • request erasure of personal data, if no longer retained for specific, legal or stated purposes (Right to erasure or Right to be forgotten).

  • request restriction of processing a) when the accuracy of the personal data is contested, b) when the processing is unlawful (but you oppose the erasure of the data), c) when the data is no longer needed for the purposes of the processing, and d) for as long as the verification whether the legitimate grounds of the controller override those of the data subject are still pending.

  • object on grounds relating to your particular situation, at any time, to processing of personal data, especially when this data is processed for direct marketing purposes or profiling. More specifically, you may object to a decision based solely on automated processing. In such a case, you may exercise your right of intervention (Right to object – Automated individual decision-making).

  • receive your personal data in a structured, commonly used and machine-readable format or transmit this data to another controller at your behest, where technically feasible and at all times under the specific conditions of the law (Right to data portability).

  • revoke your once granted consent for your data processing at any time. As a result, we will not be allowed to continue the data processing based on this consent in the future.

You may address your requests via email  info@sgl.gr and we shall answer all your requests within one (1) month. In the extremely rare cases that such a fulfillment is proven unfeasible, we shall immediately inform you explaining the reasons in detail. If you believe that the provisions for personal data are being violated, you may file a complaint to the Hellenic Data Protection Authority (DPA).

Privacy Notice

The hotel St. GEORGE LYCABETTUS acts as a Data Controller (hereinafter each of them as “Company”). With this Privacy Notice, the Company wishes to inform its guests about the processing of their personal data during their stay. The Company has taken the required technical and organizational measures in order to be fully compliant with the General Data Protection Regulation 2016/679 (GDPR), the Law 4624/2019, the Decisions, Instructions and Opinions of the Hellenic Data Protection Authority and in general the national/EU legislation and jurisprudence regarding data protection (hereinafter “Existing Legislation”), in order to be able to guarantee the security, integrity and confidentiality of your personal data.

Purpose

Personal Data Collected

Legal Basis

Management of room reservations

Name, surname, phone number, email, address, number of guests (adults & minors), date and number of reservations, booking method (e.g. travel agent, via a booking platform e.g. booking, by phone, etc.) date of arrival and departure, signature, type and room cost per night, payment details, comments.

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (GDPR article 6 para.1΄b)

  • processing is necessary for compliance with a legal obligation to which the Company is subject; (GDPR article 6 para.1΄c)

Provision of accommodation/hosting services

First name, last name, phone number, email, address, zip code, city, country, date of birth, passport/ID number, number of guests (adults & minors), date and reservation number, reservation method arrival and departure date, signature, room type and cost per night, details of the person responsible for the payment, additional consumptions, total cost for the services provided.

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (GDPR article 6 para.1΄b)

  • processing is necessary for compliance with a legal obligation to which the Company is subject; (GDPR article 6 para.1΄c)

Management of restaurant reservations

First name, last name, date and time of reservation, number of people, reason for reservation (optional)

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (GDPR article 6 para.1΄b)

Management of requests/complaints

Name, surname, date, content of request/complaint, phone number

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (GDPR article 6 para.1΄b)

  • processing is necessary for compliance with a legal obligation to which the Company is subject; (GDPR article 6 para.1΄c)

  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (GDPR article 6 para.1΄f)

Invoicing

Reservation and accommodation data such as first and last name, father’s name, VAT number and tax office, duration of stay, room number, number of guests, additional charges/ consumptions, discounts, payable costs, payment method (bank deposit, card, cash) data in issued receipt/invoice, advances, outstanding debts.

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (GDPR article 6 para.1΄b)

  • processing is necessary for compliance with a legal obligation to which the Company is subject; (GDPR article 6 para.1΄c)

  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (GDPR article 6 para.1΄st)

Safety of people and goods

Image data collected through the closed-circuit surveillance system, data included in security (e.g. theft) or accident reports such as name and surname, duration and room of stay, description of event/ accident etc.

  • processing is necessary for compliance with a legal obligation to which the Company is subject; (GDPR article 6 para.1΄c)

 

  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (GDPR article 6 para.1΄f)

Managing health issues/allergies/special guest’s preferences

Optionally and on your own initiative, health data is collected, such as diseases, disabilities, allergies, special diet, special preferences.

  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes (GDPR article 6 para.1΄a)

Sending Newsletter emails

Email 

  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes (GDPR article 6 para.1΄a)

Providing additional services at the customer’s request, such as finding a babysitter, finding a tour guide, booking an event, booking a restaurant

First name, last name, date and time, type of service, location

  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (GDPR article 6 para.1΄f)

Guest satisfaction assessment, after completing (optionally) a relevant questionnaire via external partner’s platform

Reservation ID, name and surname, check in and check out date, room number, number of guests, email, language, nationality, responses to a guest satisfaction questionnaire (optional)

  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes (GDPR article 6 para.1΄a)

Although the Company does not seek to collect personal data directly from minors (under 18), if required, the Company will collect minors’ data from their parents or legal guardians upon obtaining their consent (if it’s necessary). Also, the Company does not seek to collect and process “sensitive personal data”, i.e. personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Exceptionally, the Company may process sensitive personal data that you provide voluntarily, or if it has received your prior expressed consent (e.g. for allergy notification).

Your personal data is kept for a limited period, depending on the purpose of the processing, after which your data is deleted and/or securely destroyed based on clearly defined standards under the responsibility of the Company. The personal data collected and processed for the performance of a contract are kept for as long as is necessary for the performance of the contract and for the establishment, exercise, and/or support of any legal claims based on the contract. When processing is required by law or a specific retention period is provided, your personal data will be stored for as long as the relevant provisions require. Personal data collected with your consent will be retained until you withdraw your consent.

The Company may transfer the above personal data to its staff, to the Management or to third parties, to whom it has entrusted the processing of personal data on its behalf (e.g. reservation management system, web-hosting, hotel management services, etc. After checking-out, the Company shares your personal information such as name, duration of stay, room number, number of guests, email, with an external partner who undertakes to send you a guest satisfaction questionnaire and collect your respective answers (completion is optional).At any case, the third parties to which your data may be transferred, are contractually bound to the Company in order to ensure the required obligation of confidentiality as well as all the obligations provided for by the Existing Legislation. In addition, your personal data may be transferred to supervisory, independent, judicial, public and/or other authorities or bodies or parties entrusted with the control/monitoring of the Company’s activities, within the framework of their competences. The Company will not process your personal data for any other purposes, nor will transfer your data to unauthorized third parties.

Under Existing Legislation, you have the right to be informed, to access, to request the correction, deletion, or restriction of the processing of your personal data, the right to portability and opposition to the processing of your personal data, as well as the right to object to automated decision-making and profiling. In addition, you have the right to withdraw the consent granted and the right to submit a complaint to the Data Protection Authority, in case you believe that your personal data has been violated. To exercise the above rights and for any further information regarding the processing of your personal data, you can contact the Company via email at info@sgl.gr.