App Terms and Conditions
Creta Maris Application Terms & Conditions
Last Updated: June 12, 2020
This free mobile application named Creta Maris (the "Application") is created and developed by m-hospitality (H+S Technology Solutions S.A.) and is made available by TEAV S.A., a company incorporated under the laws of Greece ("société anonyme") with its registered seat located at 28A Alexandrou Papanastasiou Ave., Heraklion, 71306, Athens, Greece (hereinafter the "Provider", "we", "our", "us"), for its own benefit and the benefit of the Provider’s affiliates and hotels (each "a Hotel" and collectively "the Hotels") and resort properties (the "Creta Maris") owned by the Provider.
Your access to and use of the Application is governed by the following the Terms and Conditions. Please read them carefully prior to using the Application.
We encourage you to download this document for future reference.
- Terms and Conditions
These Terms and Conditions (the "Terms") set forth the conditions of use of the Application.
By clicking on the acceptance button, you acknowledge that you have read and agree to be bound by these Terms. If you do not accept these Terms, the Provider will not be able to provide you access to or use of the Application. These Terms may be amended, updated or otherwise modified, whether in whole or in part, at any time.
1.1 Purpose of the Application
These Terms set forth the scope of your permissible use of the "Application".
The Application is a free application for mobile devices that provides you convenient access to Hotels’ information, amenities and e-concierge services. To make these Terms easier to read reference to the Application will also include all services provided via the Application.
Please read these Terms carefully, as they establish a binding agreement between you and the Provider regarding your use of the Application and all aspects thereof. Your use of the Application is conditioned on your acceptance without modification of these Terms. Your acceptance includes the Application as currently downloaded and all modifications, upgrades, and new versions that can be accessed without acquiring a replacement Application. If you do not agree to the Terms, do not use the Application.
There is no fee for use of the Application, but you may incur fees for Internet access and/or roaming charges and for any goods or services purchased using the Application. You are financially responsible for all fees incurred for Internet access and roaming and for goods or services purchased using the Application by you and others accessing the Application from your Account.
1.2 How the Application Works
The Application provides information about the Creta Maris Beach Resort, including but not limited to photos, videos, descriptions, maps, and directions. By creating an Account with the Application (as defined below) the Application may also be used to make reservations for Hotel rooms, dining, spa and certain other activities at Creta Maris, to check-in, check-out, view your folio and create and/or modify your profile, including billing account information with Creta Maris and Hotels and you may be able to make requests for products and services from the Hotel during your stay (collectively the "Hotel Services").
1.3 Use of the Application
You may use the Application only if you have the minimum age requirement and are capable of concluding a binding agreement with the Provider and are not barred from using the Application under applicable law. By downloading and using the Application, you warrant that you meet the minimum age requirement and have the legal capacity to accept these Terms and to use the Application in accordance with these Terms.
You agree to abide by the Terms herein, and as applicable, any third party terms, including in connection with any and all purchases of goods or services you make (including but not limited to reservations for Hotel services) or any other transactions you may enter within the Application, including, but not limited to, payment of all amounts when due and compliance with all rules and restrictions regarding rates, services, products or amenities.
1.4 E- Contracting
The Application enables you to enter into agreements and make transactions electronically. You acknowledge that your electronic submissions through the Application constitute your agreement and intent to be bound by such terms, including cancellation and refund policies, and to pay for any related transactions.
1.5 Cancellation Policy for Hotel Transactions
All standard cancellation policies for rooms and amenities offered by a Hotel apply to any reservations, orders or purchases of goods or services from such Hotel made with the Application. By reserving, ordering or otherwise purchasing goods or services within the Application from a Hotel, you agree to be bound by all of such Hotel’s standard cancellation policies and by any other policies that may apply. Failure to provide timely cancellation notice for goods or services ordered or reserved from a Hotel may result in a cancellation penalty or fee charged to your room or credit card, pursuant to such Hotel’s relevant policies and at its discretion.
1.6 Your Account
In order to make full use of all the features and services provided by the Application you will need to create an account with the Application ("Account"). Do not reveal your Account information (including your password) to anyone else. You are solely responsible for maintaining the confidentiality and security of your Account, and for all activities that occur on or through your Account, whether or not you know about them, and you agree to immediately notify the Provider of any security breach of your Account. The Provider shall not be responsible for any damages and/or losses arising out of the unauthorized use of your Account.
You agree to provide accurate, complete and up-to-date information when you create an Account and to revise your Account registration data, as needed, to keep it accurate, complete and up-to-date. We may collect, process, store and use the Account registration data you provide for the purposes described herein. The Provider, in its sole discretion, may suspend or terminate your Account at any moment and without notice, whether temporarily or definitively, without any liability towards you in this regard, notably in case of a breach of these Terms, or as a result of an injunction by a third party or competent authorities.
The Provider welcomes feedback, comments and suggestions for improvements to the Application ("Feedback"). You can submit your Feedback by emailing the Provider at firstname.lastname@example.org. You should not include any confidential or other personal information when submitting Feedback to the Provider. You grant us the non-exclusive, worldwide, perpetual, irrevocable, royalty-free, sublicensable and transferable license under any and all intellectual property rights that you own or control to use, copy, modify, create derivative works based upon and otherwise exploit the Feedback, or any ideas, inventions, discoveries or intellectual property of any kind disclosed by or embodied in such Feedback for any purpose, expressly waiving any and all rights to any payment and/or compensation in relation thereto.
1.8 Proprietary Rights over Content and Application
For purposes of these Terms "Content" means text, graphics, images, music, software, audio, video, works of authorship of any kind, and information or other materials that are posted, generated, provided or otherwise made available through the Application.
The Application, inclusive of its software, as well as the Content each time contained in the Application, constitute copyright and/or industrial property of the Provider and/or its affiliated companies or as the case may be of its licensors, suppliers and/or assignors and is protected by virtue of the pertinent provisions of Greek, European and International law on the protection of copyright and industrial property. The Provider and/or its licensors exclusively own all right, title and interest in and to the Application and Content, including all associated intellectual property rights (with the exception of certain content of the Application, which may contain third party Content, or links to thirty party Content).
Further, the composition and the arrangement of the Content items that each time is contained in the Application belong exclusively to the Provider or as the case may be to its licensors, suppliers and/ or assignors and are protected by the relevant provisions of the Greek, European and International Law.
As per the present, no proprietary right is granted to you in or to Application and its Content other than those powers of use expressly set forth in the present Terms.
The Provider, its suppliers and/or its assignors expressly reserve as per the present all their intellectual property rights in any and all items of the Application and its Content, including and not limited to copyright, industrial property rights on trade and service marks, trade names, distinctive marks etc.
1.9 License to Use the Content
Subject to your compliance with these Terms, the Provider grants you a limited, non-exclusive, non-transferable, non-sublicensable license to access and use the Content solely for your personal and non-commercial purposes in connection with your permitted use of the Application and consistent with these Terms.
1.10 License to use the Application
Subject to your compliance with these Terms, the Provider grants you a limited, non-exclusive, non-transferable, non-sublicenseable license to access, download, execute, display and install a copy of the Application on an unlimited number of mobile devices that you own or control, without deleting the origin indications and provided that you will protect any and all proprietary rights of the Provider from any infringement. Please note that the marketplace or store from which you receive the Application may have its own restrictions regarding the number of copies you may install. The access to the Application or any of the aforementioned actions will in no event result in the creation of any right, title or legitimate interest in any part that was downloaded and/or copied and/or saved or in the entirety of the Application and/or of its Content. The Application is for your personal, non commercial use. The Provider reserves all rights in and to the Application not expressly granted to you under these Terms.
If you accessed or downloaded the Application from the Apple Store, then you agree to use the Application only:
(i) on an Apple-branded product or device that runs iOS (Apple’s proprietary operating system software); and
(ii) as permitted by the "Usage Rules" set forth in the Apple Store Terms of Service.
If you accessed or downloaded the App from any app store or distribution platform (like the Apple Store, Google Play or the Amazon Appstore) (each, an "App Store"), then you acknowledge and agree that:
These Terms are concluded between you and the Provider, and not with App Store, and that, as between the Provider and the App Store, the Provider, is solely responsible for the Application.
App Store has no obligation to furnish any maintenance and support services with respect to the Application.
In the event of any failure of the Application to conform to any applicable warranty, you may notify App Store and App Store will refund the purchase price for the Application to you (if applicable) and, to the maximum extent permitted by applicable law, App Store will have no other warranty obligation whatsoever with respect to the Application. Any other claims, losses, liabilities, damages, costs or expenses attributable to any failure of an Application to conform to any warranty will be the sole responsibility of the Provider.
App Store is not responsible for addressing any claims you have or any claims of any third party relating to the Application or your possession and use of the Application, including, but not limited to: (i) product liability claims; (ii) any claim that the Application fails to conform to any applicable legal or regulatory requirement; and (iii) claims arising under consumer protection or similar legislation.
In the event of any third-party claim that the Application or your possession and use of the Application infringes such third party’s intellectual property rights, the Provider will be solely responsible for the investigation, defense, settlement and discharge of any such intellectual property infringement claim to the extent required by these Terms.
App Store and its subsidiaries are third-party beneficiaries of these Terms as related to your license of the Application, and that, upon your acceptance of the terms and conditions of these Terms, App Store will have the right (and will be deemed to have accepted the right) to enforce these Terms as related to your license of the Application against you as a third party beneficiary thereof.
You must also comply with all applicable third-party terms of service when using the Application.
You agree to comply with all applicable, if any, export laws and regulations to ensure that neither the Application nor any technical data related thereto nor any direct product thereof is exported or re-exported directly or indirectly in violation of, or used for any purposes prohibited by, such laws and regulations.
1.11 General Prohibitions and Enforcement Rights
In connection with your use of the Application or Content or exercise of any rights under these Terms, and except as provided herein or as otherwise agreed to in writing by the Provider, you agree not to do any of the following:
Post, upload, publish, submit, or transmit any Content;
Infringe, misappropriate or violate a third party’s patent, industrial design, utility model, copyright, trademark, service mark, trade secret, moral rights or other intellectual property rights, or rights of personality or privacy;
Use the Provider’s patents industrial designs, utility models, copyrights, trademarks, service marks, logos, trade secrets, moral rights or other intellectual property rights or proprietary information (hereinafter "Provider’s IP"), including but not limited to in or as part of meta tags or other hidden text or metadata;
Remove, alter or obscure any copyright, trademark, service mark or other proprietary rights notices incorporated in or accompanying the Application or Content;
Infringe, violate or otherwise interfere with or challenge Provider’s rights in the Application, Content or Provider’s IP;
Engage in or encourage any conduct that (i) violates, any applicable law or regulation or would give rise to civil liability; (ii) is fraudulent, false, misleading or deceptive; (iii) is defamatory, obscene, pornographic, vulgar or offensive; (iv) promotes discrimination, bigotry, racism, hatred, harassment or harm against any individual or group; (v) is violent or threatening or promotes violence or actions that are threatening to any person or entity; or (vi) promotes illegal or harmful activities or substances;
Modify, edit, adapt, translate, copy, distribute, transmit, display, perform, reproduce, publish, license, sublicense, create derivate works from, transfer, lease, lend, rent or sell the Application or its Content, any information, software or hardware obtained through use of the Application; exceptionally you may only copy the Application in order to create a back-up copy thereof, provided that the copy contains all notices on proprietary rights of the original software of the Application and shall be exclusively used as a back-up copy;
Create and/or publish a database that contains significant sections of the Application or its Content;
Copy the Application to another server by creating image and promise rights towards any third party as of deriving from the Application;
Display, mirror or frame the Application or any individual element within the Application, including but not limited to the layout and design of any page or form contained on the Application;
Make the functionality of the Application available to multiple users through any means;
Decipher, decompile, disassemble or reverse engineer any of the software used in connection with the Application or Content, except to the extent expressly permitted by mandatory provisions of applicable law (including national laws implementing European Union Directive 91/250/EEC, as codified by 2009/24/EC, on the legal protection of computer programs) in order to gain certain information for limited purposes specified in these laws;
Interfere with, or attempt to interfere with, the access of any user, host or network, including, without limitation, sending a virus, overloading, flooding, spamming, or mail-bombing the Application;
Access, tamper with, or use non-public areas of the Application, any computer systems, or technical delivery systems related to the Application;
Avoid, bypass, remove, deactivate, impair, descramble or otherwise circumvent any technological measure implemented by the Provider or any of the Provider’s suppliers or any other third party (including another user) to protect the Application or Content;
Attempt to access or search the Application or Content or download Content from the Application through the use of any engine, software, tool, agent, device or mechanism (including spiders, robots, crawlers, data mining tools or the like) other than the software and/or search agents provided by the Provider or other generally available third-party web browsers;
Use the Application or Content, or any portion thereof, for any commercial purpose or for the benefit of any third party;
Use the Application or Content to send altered, deceptive or false source-identifying information;
Collect or store any personally identifiable information from the Application from other users of the Application without their express permission;
Upload or transmit in any way material and information that they are not entitled to disclose by virtue of legal provisions or private agreements (e.g. confidential information);
Engage in any conduct that would infringe upon any rights or the personality of third parties and especially in any conduct that would harm the minors in any way e.g. by exposing them to inappropriate content;
Access, tamper with, or use non-public areas of the Provider’s computer systems, or the technical delivery systems of the Provider’s providers;
Attempt to probe, scan or test the vulnerability of any the Provider’s system or network or breach any security or authentication measures;
Forge any TCP/IP packet header or any part of the header information in any email or newsgroup posting;
Send any unsolicited or unauthorized advertising, promotional materials, email, junk mail, spam, chain letters or other form of solicitation;
Impersonate or misrepresent your affiliation with any person or entity;
Violate any applicable law or regulation, including any applicable export laws or regulations, including by exporting or re-exporting or using for any purpose the Application or any technical data related thereto directly or indirectly in violation of or in a manner otherwise prohibited by such laws and regulations;
Use the Application for accessing, copying, transferring, encoding or retransmitting content in violation of any law or any rights of the Provider or third parties;
Use the Application in any illegal way, for any illegal purpose or in violation of any applicable provisions or regulations of Greek Law on intellectual property and of pertinent European and International legal provisions; or
Encourage or enable any other individual to do any of the foregoing.
Although the Provider is not obligated to monitor access to or use of the Application or Content or to review or edit any Content, the Provider has the right to do so for the purpose of operating the Application, to ensure compliance with these Terms, and to comply with applicable law or other legal requirements. The Provider reserves the right, but is not obligated, to remove or disable access to any Content, at any time and without notice, including, but not limited to, if the Provider, at its sole discretion, considers any Content to be objectionable or in violation of these Terms. The Provider has the right to investigate violations of these Terms or conduct that affects the Application. The Provider may also consult and cooperate with law enforcement authorities to prosecute users, who violate the law.
1.12 Intellectual Property Laws and Regulations
The Provider respects intellectual property law and expects its users to do the same. It is the Provider’s policy to terminate in appropriate circumstances Account holders, who repeatedly infringe or are believed to be repeatedly infringing the rights of intellectual property owners.
It is the Provider’s standard principle of its policy to respect and protect the intellectual property rights of third parties. If you deem that through the Application any proprietary rights of yours are being infringed, you may contact the Provider, by sending an email at email@example.com, in which you should define the part of the Application that you consider as violating any rights, as well as the reasons that as per your view substantiate the infringement.
The Provider reserves the right to modify, suspend, or discontinue the Application (or any part or content thereof) or your right to use the Application or Content at any time, with or without notice to you, and the Providers will not be liable to you or to any third party should the Providers exercise such rights.
As noted above, the Provider may, in its sole discretion, cancel your Account at any time. You may cancel your Account at any time by sending an email at firstname.lastname@example.org
You will indemnify and hold harmless the Provider and its officers, managers, directors, employees, licensees, contractors, affiliates, and agents (collectively the "Provider Parties"), from and against any claims, disputes, demands, liabilities, damages, losses, and costs and expenses, including, without limitation, reasonable legal and accounting fees arising out of or in any way connected with (i) your access to or use of the Application, or Content or your Account information or Feedback, or (ii) your violation of these Terms.
1.15 LIMITATION OF LIABILITY
THE APPLICATION IS PROVIDED ON AN "AS IS", "AS AVAILABLE" AND "WITH ALL FAULTS" BASIS. WITHOUT LIMITING THE FOREGOING, THE PROVIDER MAKES NO REPRESENTATIONS, WARRANTIES OR ENDORSEMENTS OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, AS TO THE APPLICATION, AND THE CONTENT. IN ADDITION, THE PROVIDER HEREBY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, TITLE, CUSTOM, TRADE, AND QUIET ENJOYMENT.
THE PROVIDER DOES NOT REPRESENT OR WARRANT THAT USE OF THE APPLICATION AND CONTENT ITEMS WILL BE ERROR-FREE OR UNINTERRUPTED; THAT DEFECTS WILL BE CORRECTED; OR THAT THE APPLICATION OR THE SERVER THAT MAKES THE APPLICATION AVAILABLE IS OR WILL REMAIN FREE FROM ANY HARMFUL COMPONENTS, INCLUDING, WITHOUT LIMITATION, VIRUSES. THE PROVIDER PARTIES DO NOT MAKE ANY REPRESENTATIONS OR WARRANTIES THAT THE INFORMATION (INCLUDING ANY INSTRUCTIONS) ON THE APPLICATION AND CONTENT ITEMS IS ACCURATE, COMPLETE, OR USEFUL. YOU ACKNOWLEDGE THAT YOUR USE OF THE APPLICATION AND CONTENT IS AT YOUR SOLE RISK. THE PROVIDER PARTIES DO NOT WARRANT THAT YOUR USE OF THE APPLICATION AND CONTENT ITEMS IS LAWFUL IN ANY PARTICULAR JURISDICTION. SOME JURISDICTIONS LIMIT OR DO NOT ALLOW THE DISCLAIMER OF IMPLIED OR OTHER WARRANTIES SO THE ABOVE DISCLAIMER MAY NOT APPLY TO YOU TO THE EXTENT SUCH JURISDICTION'S LAW IS APPLICABLE TO YOU AND THESE TERMS.
UNDER NO CIRCUMSTANCES WILL THE PROVIDER BE LIABLE TO YOU FOR ANY LOSS OR DAMAGES OF ANY KIND (INCLUDING, WITHOUT LIMITATION, FOR ANY DIRECT, INDIRECT, ECONOMIC, EXEMPLARY, SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSSES OR DAMAGES) THAT ARE DIRECTLY OR INDIRECTLY RELATED TO: (A) THE APPLICATION; (B) THE CONTENT; (C) YOUR USE OF, INABILITY TO USE THE APPLICATION AND CONTENT; (D) THE PERFORMANCE OF THE APPLICATION; (E) ANY ACTION TAKEN IN CONNECTION WITH AN INVESTIGATION BY THE PROVIDER OR LAW ENFORCEMENT AUTHORITIES REGARDING YOUR OR ANY OTHER PARTY'S USE OF THE APPLICATION AND CONTENT; (F) ANY ERRORS OR OMISSIONS IN THE APPLICATION'S OPERATION; (G) YOUR ACCOUNT INFORMATION OR FEEDBACK; OR (H) ANY DAMAGE TO ANY USER'S COMPUTER, MOBILE DEVICE, OR OTHER EQUIPMENT OR TECHNOLOGY INCLUDING, WITHOUT LIMITATION, DAMAGE FROM ANY SECURITY BREACH OR FROM ANY VIRUS, BUGS, TAMPERING, FRAUD, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER LINE OR NETWORK FAILURE OR ANY OTHER TECHNICAL OR OTHER MALFUNCTION, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, LOSS OF DATA, WORK STOPPAGE, ACCURACY OF RESULTS, OR COMPUTER FAILURE OR MALFUNCTION, EVEN IF FORESEEABLE OR EVEN IF THE PROVIDER PARTIES HAVE BEEN ADVISED OF OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE, STRICT LIABILITY OR TORT (INCLUDING, WITHOUT LIMITATION, WHETHER CAUSED IN WHOLE OR IN PART BY NEGLIGENCE, ACTS OF GOD, TELECOMMUNICATIONS FAILURE, OR THEFT OR DESTRUCTION OF THE APPLICATION). IN NO EVENT WILL THE PROVIDER BE LIABLE TO YOU OR ANYONE ELSE FOR LOSS, DAMAGE OR INJURY, INCLUDING, WITHOUT LIMITATION, DEATH OR PERSONAL INJURY. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU.
1.16 Third-party sites and Materials
The Provider does not endorse, does not make any warranties and is not responsible for any data, software or other content and products or services available from Linked Sites or resources. You acknowledge and agree that the Provider shall not be held liable, directly or indirectly, for any damage or loss relating to the use of or reliance on such data, software or other content.
Where the Application refers through "links" or "hyperlinks" to Linked Sites, the owners and/or operators of these sites bear full (civil and criminal) responsibility for the security, legality and validity of their site content, to the exclusion of any liability of the Provider. Indicatively, the Provider is not responsible, if the websites of third parties violate third party rights, if they are not safe or they are inaccurate, incomplete or misleading or if they contain viruses or other destructive programs. The visit and access to these linked sites is at your own responsibility, without any involvement of the Provider.
1.17 Changes to these Terms
The Provider may, in its sole discretion, change and modify from time to time the terms of these Terms or the Application, services, materials, programs, policies or other information described herein. We will notify you of any changes to the Terms by posting the new Terms and informing you via an application update. You are also advised to consult these Terms regularly for any changes. If you continue to use the Application after the Provider has posted modified Terms, you are indicating to the Provider that you agree to be bound by the modified Terms. If you don’t agree to be bound by the modified Terms, then you may not use the Application after such modifications have been made. As this Application is evolving over time, the Provider may change or discontinue all or any part of the Application, at any time with or without notice to you, at its sole discretion.
1.18 Applicable Law and Jurisdiction
1.18.1 Applicable Law
Except to the extent that applicable law in your country of residence requires application of another law and/or jurisdiction and provides that such application of another law and/or jurisdiction cannot be waived or altered by contract, this Agreement shall be governed by and construed in accordance with the laws of Greece, without giving effect to any principles of conflicts of law.
It is expressly agreed that the Courts of Athens, Greece shall be exclusively competent for the resolution of any dispute, claim or controversy arising out of or relating to these Terms or the breach, termination, enforcement, interpretation or validity thereof or the use of the Application or Content (collectively, "Disputes").
1.19 General Provisions
These Terms constitute the entire agreement between you and the Provider regarding the use of the Application and Content. You also may be subject to additional terms and conditions that may apply when you use affiliate services or purchase goods and services from third party providers.
Failure or delay on the part of the Provider in exercising any right or remedy hereunder or enforcing the terms and conditions of these Terms shall not operate as a waiver thereof. The waiver of any such right or provision will be effective only if in writing and signed by a duly authorized representative of the Provider. Except as expressly set forth in these Terms, the exercise by either party of any of its remedies under these Terms will be without prejudice to its other remedies under these Terms or otherwise.
If any part or provision of these Terms is found to be invalid, unenforceable or void, that part or provision will be enforced to the maximum extent permissible and the other provisions of these Terms will remain in full force and affect.
You may not assign or transfer these Terms, by operation of law or otherwise, without the Provider’s prior written consent. Any attempt by you to assign or transfer these Terms, without such consent, will be n ull and void. The Provider may freely assign or transfer these Terms without restriction. Subject to the foregoing, these Terms will bind and inure to the benefit of the parties, their successors and permitted assigns.
Any notices or other communications provided by the Provider under these Terms, including those regarding modifications to these Terms, will be given: (i) via email; or (ii) by posting to the Application. For notices made by e-mail, the date of receipt will be deemed the date on which such notice is transmitted.
If you have any questions about these Terms or the Application, please contact us via email at email@example.com.
- Personal Data Policy
This policy governs your use of the software application CRETA MARIS (the "Application") for mobile devices created and developed by m-hospitality (H+S Technology Solutions S.A.) which is available, should you wish to download it for your convenience, while you stay at our Hotels. The Application is functioning as a tool to present available Hotel's offers, Concierge Services and information, an option of guest services, as well as integration services with the Social Media of the Hotel.
The personal data, optional and compulsory, that you need to provide when you register for the Application and any additional personal data (such as device ID) related to the use of the Application are collected, processed, transferred, stored and used by the Provider, TEAV S.A., under its capacity as data controller, for its own benefit and the benefit of the Provider’s affiliates, as well as by service providers ("Service Providers"), either located within or outside of Greece, including the service provider H+S Technology Solutions S.A.
2.1 Information we collect about you and how we collect it
2.1.1 User Provided Information
The Application obtains the information you provide when you download and register to the Application. Registration to the Application is optional. However, please keep in mind that you may not be able to use some of the features offered by the Application unless you register. When you register and use the Application, you are required to provide certain personal data (such as your first and last name, email address, password etc.) by filling in the fields identified as mandatory in the registration form on the login page. You may also provide (a) your age, user name and other registration information; (b) transaction-related information, such as when you make purchases or respond to any offers; (c) information you provide us when you contact us for help, (d) information you enter into our system when using the Application, such as contact information and your preferences regarding your stay at the Hotels, and (e) certain categories of sensitive personal data (e.g. any food allergies) only to the extent required so that we can improve the services offered to you. Providing your sensitive personal data is optional and you may still be able to use the Application and all of its features. We may also use the information you provided us to contact you from time to time to provide you with important information, required notices and marketing promotions, unless you wish to opt out by sending us an email at firstname.lastname@example.org.
2.1.2 Automatically Collected Information
In addition, the Provider and its Service Providers may create and retain authentication and activity logs (type of device, date and hour of connection to the Application). Insofar as required to make the Application available, the Provider and its Service Providers collect traffic data (i.e., data processed to transfer the Users’ communication through the electronic communication network, including, but not limited to, the type of mobile device you use, your mobile device’s unique device ID, User identification information, IP address, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application (such as date and time of connection and disconnection) generated through your use of the Application.
The Application is not intended for use by minors under the legal age requirement. No one under the legal age requirement may provide any personal information to or through the Application. We do not knowingly collect personal information from minors. If you are under the legal age requirement, please do not register with the Application, make any use of the Application or send any information about yourself to us, including your name, address, telephone number or email address. In the event that we find out that we have collected personal information from a minor without verification of parental consent, this information will be deleted, upon the minor’s parent or guardian notification. If you believe that we might have any information from or about a minor, please contact us at email@example.com.
To the maximum extent permitted by applicable law and without limiting any other provision of this Policy, the Provider disclaims any liability for any personal data submitted in contravention of this clause.
2.3 Purposes of processing
We collect, process, use and store your personal data:
to authenticate you when log in to the Application;
to remember your preferences and registration information;
to ensure the secure use of the Application;
to measure and obtain data in order to o improve the effectiveness of the Application;
to comply with applicable law;
to support IT purposes;
with your express consent, for direct marketing purposes (such as to send you communications containing news, information and updates about our services, offers, promotions and special events and other marketing communications that may be of interest to you).
2.4 Location-based features
When you visit the Application, we may use GPS technology (or other similar technology) and may collect, store and use precise location data, including the real-time geographic location of your device(s) in order to determine your current location and display a location map with relevant advertisements. We will not share your current location with other users or partners. If you do not want us to use your location for the purposes set forth above, you may turn off the location services for the Application located in your account settings or in your mobile phone settings and/or within the Application at any time.
2.5 Data sharing and transfers
We will share your information with third parties only as described in this Policy. We may disclose User Provided and Automatically Collected Information:
with government or law enforcement authorities, where required by applicable law in order to comply with any court order or other legal obligation, or respond to a government request;
when we consider in good faith that disclosure is necessary to protect our rights or property, protect your safety or the safety of others or to investigate theft or fraud;
with Service Providers, including H+S Technology Solutions S.A., which we use in order to improve our services and support our business;
For the purposes noted above and during the applicable retention period, your personal data will only be transferred and processed within the EU/EEA. In the event your personal data is transferred outside the EU/EEA, the Provider undertakes the obligation to ensure that transfers to those countries will be made pursuant to the Standard Contractual Clauses approved by the European Commission or any other safeguards where permissible by the applicable law.
2.6 Data Retention Period
We will retain User Provided data for as long as you use the Application and for a reasonable time thereafter so as to fulfil the afore mentioned purposes or to respect any applicable laws or statutes of limitation or terms of this Policy. We will retain Automatically Collected information for up to 12 months and thereafter may store it in a non identifiable aggregate form.
We implement appropriate technical and organizational measures to protect your personal data against unauthorized and unlawful access and processing or accidental loss, destruction, damage, theft, use or disclosure.
The safety and security of your information also depends on you. Where we have given you or where you have chosen a password for access to the Application, you are responsible for keeping this password confidential. We request you not to share your password with anyone else.
2.8 Changes to the Personal Data Policy
To improve our Application we may require amendments to this Policy – e.g. by the implementation of new technologies or the introduction of new features and services. We reserve the right to change, update or supplement this Policy at any time. We will notify you of any changes to our Policy by posting the new Policy and informing you via an application update. You are also advised to consult this Policy regularly for any changes.
2.9 Your Rights
Pursuant to art. 12-23 of Law 2016/679, you have the right to information, access, rectification, blocking, and/or requesting deletion and objection in relation to the processing of your personal data in line with the applicable data protection legislation.
You may also stop all collection of information by the Application easily by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
2.10 Your Consent
By accepting this Policy and by granting your express consent, you accept the processing of your personal data, as set forth and for the purposes described in this Policy.
If you have any questions regarding your personal data while using the Application, or in case you want to exercise your rights, as described in the 12-23 articles of the GDPR, please contact us via email at firstname.lastname@example.org.
Version 2.0 (01/05/2020)
This Data Protection Policy sets out the Metaxa Hospitality Group’s arrangement in place to comply with its obligations under the General Data Protection Regulation (GDPR – 2016/679).
Further to compliance with data protection law this policy helps to protect the organization from other risks such as damage to the reputation of the organization and trust in the services that it provides.
The policy provides demonstrable commitment and support from senior management to ensure compliance with data protection law.
- Data protection policy elements
In accordance with the GDPR Metaxa Hospitality Group adopts and implements the following principles across the organization:
- Purpose specification and purpose limitation: the purpose(s) for which Metaxa Hospitality Group collects and uses personal data shall be specified and legitimate. The data shall not be used for anything other than the specified purposes;
- Transparency: clear information shall be provided to individuals about the purpose(s) for which personal data are collected and used, at the time the data is collected;
- Data minimization: Metaxa Hospitality Group shall only collect personal data that is strictly necessary for the specific purpose(s) i.e. the minimum personal data required shall be collected and used;
- Accuracy: personal data shall be accurate and where necessary kept up to date;
- Retention: personal data shall not be kept for longer than is necessary;
- Security: appropriate measures to protect personal data shall be implemented maintained;
- International transfers: personal data shall only be transferred to countries outside the European Economic Area when the countries have an adequate level of data protection; and
- Accountability: the organization will be able to demonstrate that it has implemented measures to comply with the abovementioned principles.
Further to the above, Metaxa Hospitality Group shall ensure that it has measures I place to ensure that it respects and conforms with the rights of individuals under data protection law, namely:
- The right to be informed about the collection and use of their information;
- The right of access to their personal data;
- The right for individuals to have their personal data rectified when it is inaccurate or incomplete;
- The right for individuals to have their personal data erased when there is no compelling reason or it to be processed;
- The right for individuals to request the restriction or suppression of their data, when the accuracy of the data is contested, or processing is unlawful, but the individuals opposes erasure and requests restriction instead;
- The right to data portability whereby in certain circumstances individuals can request for personal data that they have submitted via automated means and in electronic format to be moved, copied or transferred to another organization in a safe and secure way, without affecting its usability;
- The right of individuals to object to processing of their personal data when it is based on “legitimate interests” or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling), or when processed for purposes of scientific/historical research and statistics; and
- The right not to be subject to decisions solely on automated means without human intervention.
- Governance and accountability
Under data protection law every person that handles personal data has some responsibility to ensure that it used appropriate. However, the following person(s) within the organization have key responsibilities:
- Chief executive officer – has overall responsibility for ensuring that the organization meets its obligations under data protection law.
- Data protection officer – shall be responsible for:
- Day to day implementation and management of this policy;
- Advising the organization and its employees on data protection compliance;
- Planning and coordinating activities within the organization to ensure the objectives of this policy are met;
- Monitoring compliance with data protection law;
- Reporting directly to the CEO on data protection;
- Ensuring that the appropriate data protection training and awareness is provided to staff;
- Acting as the contact point for the Information Commisioner;
- Cooperating with the Information Commisioner;
- Approve this policy and periodically review its implementation and effectiveness to ensure ongoing compliance with data protection law.
- IT manager: he is responsible for ensuring that the organization has appropriate IT security measures in place to protect the personal data help.
When Metaxa Hospitality Group collects information about individuals, Metaxa Hospitality Group provides a written notice to the individuals from whom the data is collected that includes the following information:
- The identity of the organization, as the data controller, including contact details;
- The contact detail of the Data Protection Officer;
- The purpose for which the information is collected and use, including the lawful basis (to also include the right to withdraw consent when the lawful basis to the processing is based on consent);
- The period for which the data will be kept;
- Whether the information will be shared, and if so, with who;
- Whether the information will be transferred outside of the EEA;
- Information about the rights of individual under the GDPR (as identified in section2);
- The right of individuals to lodge a complaint with the Data Protection Authority (DPA);
- Where applicable, inform the individual that the requirement to provide the personal data is a statutory requirement, contractual requirement or a requirement necessary to enter into a contract;
- Identify and inform individuals where they are obliged to provide personal information together with the possible consequences of failure to provide the information; and
- Where applicable, the existence of automated decision-making (including profiling) including meaningful information about the logic involved and the significance and envisaged consequences for the individual and envisaged consequences for the individual.
The abovementioned information and notice is provided by Metaxa Hospitality Group in the following manner-
- Electronically on the websites operated by Metaxa Hospitality Group: (mention the websites);
- As a hard copy at the front office of the hotel;
- As an annex to the contracts drawn up by Metaxa Hospitality Group; and
- As a hard copy attached to the forms that consent is required.
- Purpose specification and purpose limitation
Metaxa Hospitality Group collects and processes personal data only for-
- Fulfilling Metaxa Hospitality Group’s obligations to the State
- Performing a contract between you and Metaxa Hospitality Group
- Providing the services you request
- Personalizing the services according to your personal preferences
- Communication you about goods and services according to your personal preferences
The abovementioned purposes rely respectively on the following lawful basis:
- Processing is necessary for compliance with a legal obligation to which the controller is subject to;
- Processing is necessary for the performance of a contract to which the data subject is party;
- Processing is necessary in order to take steps at the request of a data subject;
- Processing is necessary for the purposes of the legitimate interests pursued by the controller;
- Processing takes place given your consent.
Collection of Data
We collect Personal Data in accordance with law as follows:
- Name, Email address, Phone number
- Date of birth
- ID/Passport Number
- Credit Card Number
- Room Preferences
- Medical information
- Transportation details (flight number, etc.)
- Date of reservation made
- Start and end date of reservation
- The date and time you made a booking
- Reference Code
- Amount due
- Final date when payment is due
- IP address
- Preferences during browsing
In more limited circumstances, we also may collect:
- Data about family members and companions, such as names and ages of children
- Images and video and audio data via: (a) security cameras (images and audio data are stored for 15 days and they are deleted afterwards) (b) hotel activities taking place during your visit, given your consent.
We collect personal data either directly from you, when you visit our hotel or through online services (the website we operate, www.cretamaris.gr the software application made available by us, Creta Maris App, our social media pages)
Special categories of personal data
Unless specifically requested, we ask that you not send us, and you not disclose, any Sensitive Personal Data (e.g. social security numbers, national identification number, data related to racial or ethnic origin, political opinions, religion, ideological or other beliefs, health, biometrics or genetic characteristics, criminal background, trade union membership, or administrative or criminal proceedings and sanctions)
- Data minimization
The Data Protection Officer will keep an inventory of all the personal data that the organization holds and processes (“the Inventory”). The Inventory shall include a justification for the collection and use of each data set processed. Any data set, which is not strictly necessary for the purposes for which the data is collected shall be removed from the organization’s data processing activities. The Inventory shall be reviewed on an annual basis.
The Data Protection officer shall ensure that the Inventory records the following for each data set-
- The data source;
- The organization’s need for accuracy of data; and
- The time sensitivity of each data set.
The organization has established appropriate measures to ensure that the data that it processes is accurate and up to date.
The Data Protection Officer shall ensure that there is a clear policy on how long each data item is to be retained, including the reason(s) for doing so, such as any legal requirements to retain data for a certain reason:
On a yearly basis each department of Metaxa Hospitality Group purges its filing systems (manual and electronically) of personal data that is no longer required, in accordance with the retention periods established in the Inventory.
Details of the purges carried out including how it was carried out and by whom are recorded and signed by the Data Protection officer.
To ensure that the organization has appropriate security measures in place to protect the personal data that it processes from being accidently or deliberately compromised, the organization has established organizational and technical measures.
- Data breach management and notification
As part of its data breach management procedure, Metaxa Hospitality Group shall notify DPA without undue delay and where feasible within 72 hours, after becoming aware of a data breach, unless it is determined that the breach is unlikely to result in a risk to the individuals affected. If it is determined that the breach is likely to result in a high risk to the individuals affected, Metaxa Hospitality Group shall notify those individuals of the breach without undue delay.
Metaxa Hospitality Group shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken (including whether it has been notified to the DPA and/or the individuals affected.
- Data subject’s rights
As described in section 2, Metaxa Hospitality Group informs all individuals about their data protection rights. Any request from individuals are internally directed to the Data Protection Officer who ensures that the request is processes and responded to without undue delay and in any event within one month of receipt of the request.
You may exercise your rights at email@example.com or send a letter at 28A Alex. Papanastasiou Ave., Heraklion, Crete, Greece, 71306.
- Data protection by design & by default
Metaxa Hospitality Group will consider the data protection and privacy implications of any project proposal that involves the use the use of personal data, prior to its implementation.
Further, periodically reviews shall be undertaken to make appropriate adjustments to the data processing with the aim of improving data protection and privacy, taking into account technological developments.
The organization will:
- Require the advice of the Data Protection Officer before processing on a new data processing activity, particularly when it involves special categories of data, data relating to criminal convictions and\or new technology. A record active list is kept;
- Continuously strive to minimize the data that the organization processes by carrying out periodic audits;
- Implement pseudonymization to the maximum extent possible;
- Limit staff access to personal data to only the information that is strictly necessary for them to carry out their tasks;
- Ensure that persons authorized by Processor to process the Personal Data on behalf of Controller are suitably informed, trained and instructed in respect of Applicable Data Protection Law and have committed themselves in writing to confidentiality or are under an appropriate statutory obligation of confidentiality;
- Implement the Technical and Organizational Measures which meet the requirements of Applicable Data Protection Law and especially of article 32 of the GDPR;
- Data protection impact assessments
Where a data processing activity is likely to result in a high risk to individuals, Metaxa Hospitality Group shall carry out a Data Protection Impact Assessment (DPIA), particularly when-
- New technologies are used,
- Systematic and automated processing resulting in decisions that affect individuals take place, special categories of personal data and/or data relating to criminal convictions are processed on a large scale, or
- Systematic monitoring of a publicly accessible area on a large scale occurs.
Metaxa Hospitality Group shall:
- Seek the advice of the Data Protection Officer in regard to DPIAs.
- Include the following in its DPIAs:
- A description of the envisaged processing operations and the purposes of the processing, including, where applicable, the legitimate interest pursued;
- An assessment of the necessity and proportionality of the processing in relation to the purposes;
- An assessment of the risks to the rights and freedoms of individuals; and
- The measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protectioin of personal data.
- Data Processors
Metaxa Hospitality Group only uses third parties to carry out an activity on the personal data that we hold, when the third party provides sufficient guarantees that it will process the data in compliance with the GDPR and DPA. These are:
- Review Pro
- Legal Advisors
Further, all the activities on the personal data that we hold carried out by third parties on your behalf, shall be governed by a written contract as per Articles 28 and 29 of the GDPR.
We collect certain data from cookies, which are pieces of data stored directly on the computer or mobile device that you are using. Cookies allow us to collect data such as browser type, time spent on the Online Services, pages visited, referring URL, language preferences, and other aggregated traffic data. We use the data for security purposes, to facilitate navigation, to display data more effectively, to collect statistical data, to personalize your experience while using the Online Services and to recognize your computer to assist your use of the Online Services. We also gather statistical data about the use of the Online Services to continually improve design and functionality, understand how they are used and assist us with resolving questions.
Significant note: only functional cookies are stored by default in the devise you are using. All the other kinds of cookies (marketing cookies, statistics cookies, preferences cookies) are used only if consent to it.
You can learn more about our cookies at Cookies Policy and change your tracking preferences at any time by clicking on “Cookie Settings” at Cookies Policy located at the bottom of our homepage. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Online Services.