Privacy Policy

The present document constitutes the Privacy Policy, according to which, Neptune Luxury Resort, established in Mastihari, Greece, Kos Island, 85 302, acting as data controller, under the EU Regulation 697/2016 – General Data Protection Regulation (GDPR) collects, storages, uses and in general processes your Personal Data during specific online activities.
Furthermore, this privacy statement describes the method of use, disclosure and protection of your Personal Data, your right concerning your Personal Data and how you can contact with us. For any question concerning the present Privacy Policy or any matter relating to the processing of your Personal Data and the exercise of your rights, you can communicate with us:
Tel: +30 22420 58900
Email: gdpr@neptune.gr

1. What is Personal Data?
Personal Data is any information that relates to an identified or identifiable living individual, such as name and surname, home address, email address, phone number etc., hereafter called «Personal Data or Data».

2. What is the Processing of Personal Data?
Any operation or set of operations which is performed by automated means or not on Personal Data or sets of Personal Data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

3. What Personal Data do we collect?
We collect only the absolutely necessary Personal Data, which are adequate and relevant in relation to the purposes for which they have been asked, as the following.
a. Communication via the contact form: a) your name and surname, b) your email address,
c) any other Personal Data included in your message.
b. Online booking: a) your name and surname, b) your email address, c) your phone number, d) financial information (such as credit and debit card number or other payment data), e) in more limited circumstances, we may also collect your postal or job address, in case of business booking.
c. Submission of your job application via our website: a) your name and surname, b) your email address, c) your phone number, d) your CV.
d. Newsletter sending: a) your email address.
e. Subscription to Loyalty Club: a) your email address,

Furthermore, our website uses cookies, which collect only the necessary Personal Data for the better operation of it, only with your consent and in accordance with the Cookies Policy, which is also available in our website. You can read the Cookies Policy here.

Cookies

We use cookies to improve your experience on our website. Cookies are small text files that are placed on your device to help the website provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts and provide anonymized tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.

Cookies used*

Necessary cookies
PHPSESSID, wp-settings-*, _icl_*, wordpress_*, __cfduid, SERVERID, CookieControl, info-stripe-hidden

Necessary cookies enable core functionality or anonymized usage information. The website may not function properly without these cookies and can only be disabled by changing your browser preferences.

Performance cookies
‘_ga’, ‘_gid’, ‘_gat’, ‘_gcl_au’, ‘_gali’, ‘_ga_1ZS2ZDFXX5’, ‘__zlcmid’, ‘__cf_bm’, ‘wsid’

Performance cookies help us to improve our website by collecting and reporting information on its usage. Performance cookies may be disabled at the popup window appearing when clicking on the cookie cog at the footer of the website and unticking the relevant option.

Marketing cookies
‘_fbp’, ‘fr’, ‘usida’, ‘datr’, ‘wd’, ‘oo’, ‘sb’, ‘1P_JAR’, ‘CONSENT’, ‘DV’, ‘NID’, ‘IDE’, ‘OTZ’, ‘ANID’, ‘OGPC’, ‘SAPISID’, ‘SSID’, ‘HSID’, ‘SID’, ‘SIDCC’, ‘APISID’, ‘SEARCH_SAMESITE’, ‘CONSENT’, ‘OGPC’, ‘DSID ‘, ‘RUL’, ‘AEC’, ‘SOCS’

Marketing Cookies help us tailor the messages and the content that you see after your visit in our website. Marketing cookies may be disabled at the popup window appearing when clicking on the cookie cog at the footer of the website and unticking the relevant option.

* all cookies used come from the domain neptune.gr

4. For what purposes do we collect your Personal Data? We collect Personal Data directly from you, as you provide them via our website, in order to communicate with you, to complete your online reservation, order to examine your hiring, to send you newsletter, to provide you special benefits and offers.
5. Which is the legal basis for the Processing of your Personal Data?
We collect your Personal Data only under one of the legal basis of EU Regulation.
a. Communication via the contact form: The processing will be based on your clearly given consent, which is provided by sending your message. You can withdraw your consent at any time.
b. Online booking: The processing will be based on the fact that it is necessary for the performance of a contract to which data subject will become a party and on our
legal obligations relating to financial transactions.
c. Submission of your job application via our website: The processing will be based on the fact that it is necessary for the performance of a contract to which data subject will become a party, namely for your hiring.
d. Newsletter sending: The processing will be based on your clearly given consent, which is given by filling your email address in the relevant form of our website. You can withdraw your consent at any time.
e. Subscription to Loyalty Club: The processing will be based on your clearly given consent, which is given by filling your email address in the relevant form of our website. You can withdraw your consent at any time.

6. Who have access to your Personal Data and / or are the recipients of your Personal Data?
Access to your Personal Data has only the absolutely necessary staff of Neptune Luxury Resort.
Furthermore, recipient of your Personal Data is Microsoft, which provides us web and email hosting services via its servers, which are located in the EU.

7. How do we ensure that our associates respect your Personal Data?
Our associates have agreed:
 to maintain confidentiality,
 not to send your Personal Data to third parties without Data Controller’spermission,
 to take the appropriate technical and organizational security measures,
 to comply with the legal framework for the protection of Personal Data, in particular Regulation 679/2016 (GDPR).

8. Do we transmit your Personal Data outside the E.U.?
Normally, we do not transmit your Personal Data outside the E.U.
As to newsletter sending: Mailchimp, which belongs to The Rocket Science Group LLC company, is a platform of sending newsletter and provides us with newsletter services. Mailchimp’s servers are located in the USA.

9. Period of keeping the Personal Data
Your Personal Data are being kept only as long as it is necessary for the fulfillment of the purpose for which you have disclosed them to us, unless if the extension of this time period is necessary due to legal claims or legal obligation.
a. Communication via the contact form: Your Personal Data are typically deleted within six (6) months after our last contact.
b. Online booking: Your Personal Data are typically deleted within five (5) years.
c. Submission of your job application via our website: Your Personal Data are typically deleted within one (1) year after the submission of your job application.
d. Newsletter sending: Your Personal Data are typically deleted after a lapse of six (6) months without sending our newsletter.
e. Subscription to Loyalty Club: Your Personal Data are typically deleted within a year after your last log in.

 

10. Are your Personal Data safe?
Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to secure and protect your Personal Data from any unauthorized access, misuse, alteration, forbidden dissemination, disclosure, loss or accidental / unlawful destruction and any other form of illicit processing. These measures shall be reviewed and amended as necessary.

11. What are your rights?
 Right of access
That means that you have the right to receive information from us concerning how and which of your Personal Data we process. You can also be informed for the purpose of these processing, the type of Personal Data that we store, which are the recipients of your Personal Data, the time of keeping them and whether we take decisions based solely on automated means or not.
 Right to rectification
If you find that there is an inaccuracy concerning your Personal Data, you may ask from us the correction of any inaccuracies and the completion of any incomplete Personal Data (e.g. rectification of name), in order to be complete and accurate.
 Right to erasure
You have the right to request from us the erasure of your Personal Data, if they are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
 Right to data portability
You have the right to ask to receive your Personal Data in a structured, commonly used and machine-readable format or to request their transmission to another data controller.
 Right to restriction of processing
You have the right to request from us the restriction of the processing of your Personal Data while the examination of your objections is pending.
 Right to withdraw consent/object
You have the right to object to the processing of your Personal Data at any time or to withdraw your consent which was asked by us, and we are going to stop the processing of your Personal Data, if there are not other compelling and legitimate reasons that override your right or are no longer necessary for the above-mentioned processing purposes.

12. How can you exercise your rights?
In order to exercise your rights, you have to contact us and express your request as follows:
-Address: Mastihari, Greece, Kos Island, 85 302
-email: gdpr@neptune.gr

Please see also, Contact Us.
As soon as we get your request, we are going to send you a special form in order to proceed with its execution.
In any case, concerning the processing of your Personal Data, you can communicate with the company’s Data Protection Officer (DPO), sending your message as follows:
-Address: Mastihari, Greece, Kos Island, 85 302
-email: gdpr@neptune.gr

13. When do we reply to your requests?
We reply to your request free of charge, without delay, in any case within (1) one month from the receipt of your request. Nevertheless, if your request is complicated or there is a great number of requests, we will inform you within one month if we need an extension of two (2) more months, within which we will answer you.
If your requests are manifestly unfounded or excessive in particular because of their repetitive character, we may impose the payment of a reasonable fee, taking into consideration the administrative expenses for the provision of the information or for the execution of the requested action, or may refuse to execute your request, by providing you with a justified answer.
In case you do not receive our answer within the aforementioned period or the answer that you received is not satisfactory or your issue has not been resolved, you have the right to communicate with the Hellenic Data Protection Authority (www.dpa.gr).

14. Do we take decisions based solely on automated means/ including the profiling during the processing of your Personal Data?
We do not take decisions based solely on automated means/ including the profiling during the processing of your Personal Data.

15. What is the applicable law for the processing of your Personal Data?
Applicable Law is the Greek Law as formulated in accordance with the General Regulation on the Protection of Personal Data 679/2016 and in general the current national and European legislative and regulatory framework for the protection of Personal Data. The Courts of Kos are competent for any disputes raised concerning your Personal Data.

16. How will you be informed about any changes to this Privacy Policy?

We update this Privacy Policy whenever it is necessary. If there are any significant changes to the Privacy Policy or the way we use your Personal Data, we will post on our site the update of this and we will notify you in any appropriate manner.
We encourage you to read this Policy at regular intervals to know how your Personal Data are protected.

The present Privacy Policy was updated on 01.07.2023.