Privacy Policy for the Star Paradise Hotel website describes the ways and procedures through which our business manages and protects your personal data.
Contact Us
For the purposes of our hospitality services and the overall operation of the hotel, we collect and process personal data from guests, prospective guests, partners and other interested parties. This is done, on the one hand, to provide high-quality services and, on the other hand, to comply with our contractual and legal obligations. Our Privacy Policy is designed in line with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and the applicable Greek legislation on personal data protection.
General Terms
Personal Data
Star Paradise Hotel collects and processes personal data strictly for the purposes of offering accommodation services and ensuring the smooth operation of the hotel. Data may be collected from guests, prospective guests, website visitors, partners and individuals who contact the hotel in any way. The information is processed only when necessary and always in accordance with the principles of lawfulness, fairness and transparency. Our goal is to collect the minimum amount of personal data required and to retain it only for the period necessary to fulfil contractual and legal obligations. All processing is carried out with full respect for confidentiality, integrity and security throughout the life cycle of the data.
GDPR: Basic Concept
Processing of personal data at Star Paradise Hotel follows Regulation (EU) 2016/679 (GDPR) and applicable Greek legislation. As Data Controller, the hotel determines the purpose and means of processing. Any natural or legal person acting on behalf of the hotel processes data strictly under our instructions and does not acquire independent control over that data. The Data Subject is any individual whose personal information is collected, stored or processed. Where applicable, a Data Protection Officer ensures compliance with privacy legislation in an independent and supervisory capacity. Consent refers to a freely given, informed and explicit indication that the individual agrees to specific processing of their personal data.
Reservation Data
Reservations may be made by phone, via email, through our website or through affiliated booking platforms. During this process, we may collect information such as full name, date of birth, arrival and departure dates, accommodation type, postal address, country, email address and payment details. This information allows us to identify the guest, confirm and manage their reservation, prepare the appropriate accommodation, communicate updates and process payments, cancellations or no-shows. The legal basis for processing is the performance of the accommodation contract and the legitimate interest of the hotel in ensuring service quality. If required data is not provided, the hotel may be unable to complete a reservation or deliver requested services. Reservation-related data is retained for the period necessary to manage the stay and fulfil administrative or legal obligations. In accordance with legal requirements, tax and accounting data may be stored for at least ninety days, while certain information may be retained for up to two years to protect legitimate business interests, as specified in Articles 29 and 30 of Regulation (EU) 2016/679.
Bank Accounts, Credit and Debit Cards
Guests may be asked to provide credit or debit card numbers or bank account details to complete a reservation or process a payment. This information is used solely for authorised transactions and is handled only by trained and authorised personnel. The purpose is to secure the booking, charge deposits or settle outstanding amounts according to the agreed terms. The legal basis for processing is the performance of the contract and the requirement to ensure secure payments. In cases where the guest provides explicit consent, payment data may be retained for future transactions. Consent may be withdrawn at any time without affecting previous lawful processing. As a rule, payment data is stored only for transactional purposes and deleted within twelve months after completion of payment, unless ongoing consent is granted for extended retention.
Record
Star Paradise Hotel maintains an internal record of guests for the efficient administration of reservations and accommodation services. This record may include name, surname, address, city, region, postal code, country, identification document details, date of birth, telephone number and email address. The purpose is to prepare the room, manage guest preferences, issue invoices and facilitate future bookings. The legal basis includes compliance with contractual obligations, tax requirements and regulatory procedures, as well as the legitimate interest of the hotel in proper service management. Data in this record may be retained for at least ninety days or longer where required by law or justified by legitimate business interest. If the guest consents to the use of certain data for future communication or personalised service, such consent may be withdrawn at any time.
Website Policy
General Data Protection Regulation
Visitors to the website may be asked to provide personal information to enable communication with the hotel or to access certain online services. Any data submitted through the website is used exclusively for reservation management, communication and customer service. It is not shared with third parties except as required by law or in compliance with privacy regulations. The website operates according to current Greek and European legislation and stores personal information securely for the legally required period. Data may be disclosed to competent authorities only upon lawful request.
Personal Data and Booking Information
Browsing the website does not require submission of personal information. Data is collected only when voluntarily provided by the visitor for enquiries, booking requests or communication. For online reservations, identification and payment details may be required. Optional fields such as full address may be completed at the guest’s discretion. The hotel collects only the information necessary to process each request accurately and efficiently.
User Rights and Legal Protections
Website users have the right to access their personal data, request correction of inaccuracies, or—where permitted by law—object to or limit certain processing activities. These rights are exercised according to GDPR and the national legal framework. Users may contact the hotel to request updates or corrections, provided they can demonstrate the accuracy of their claim. Visitors under eighteen years of age must review the Privacy Policy under the supervision of a parent or legal guardian, whose acceptance is considered binding for the minor.
Security of Personal Data
Recognising the importance of secure data handling, Star Paradise Hotel applies appropriate technical and organisational measures. Data transmission is protected by SSL encryption, while access to the website’s infrastructure is regulated by firewalls that prevent unauthorised access to sensitive systems. Personal information is stored in encrypted form and processed only by authorised personnel. The hotel does not disclose personal data unless there is written consent from the individual or a lawful requirement by a court or public authority. When third-party providers support the website’s systems, confidentiality and data protection obligations apply to them as well.
Contact Forms
When a visitor submits a message through the website’s contact form, they may choose to store their name, email and phone number through cookies for convenience. This optional feature allows the browser to remember information for future submissions and is generally retained for approximately one year, unless manually deleted through browser settings.
Social Media Interaction
Star Paradise Hotel may connect with visitors through social media platforms such as Facebook or Instagram. By interacting with the hotel’s pages, users may receive updates, offers and promotional content. The hotel may view certain publicly available profile information depending on each platform’s settings but does not record or systematically process these details. Processing is based on user consent, which may be revoked at any time, and revocation does not affect the legality of prior interactions.
Embedded Third-Party Content
Some pages on the website may include embedded material such as videos, maps, images or external articles. When interacting with such embedded content, third-party websites may collect data, use cookies or apply tracking technologies as if the visitor had accessed the third-party website directly. The processing of data by these external providers is governed exclusively by their own privacy policies, which visitors are encouraged to review.
Cookies Policy
Website Cookies
The Star Paradise Hotel website uses cookies to ensure proper technical operation, improve user experience and support essential functionalities. Cookies may store basic identification details, display preferences, language settings or login options. Some cookies may also collect non-sensitive information such as approximate location or device identifiers, always in compliance with legal requirements.
How Cookies Are Used
Certain pages use cookies to store visitor preferences, simplify navigation and remember user selections during browsing. Cookies may also assist in functionality such as language detection, site appearance preferences and user session recovery. Sensitive personal data is never collected through cookies without explicit consent.
How Cookies Are Controlled
Visitors can control cookies through their browser settings, delete existing cookies or block new ones. Detailed instructions are available on independent resources such as aboutcookies.org. Blocking cookies may require users to reapply certain preferences during future visits and may limit access to some website features.
Third-Party Cookies
External links or embedded components may use independent third-party cookies. These cookies may serve analytics or marketing purposes and are controlled exclusively by the providers that create them. The hotel cannot influence third-party cookie behaviour and holds no responsibility for their operation. Visitors are encouraged to review the privacy policies of these third-party sites.
Website Security
To ensure the highest level of security, SSL encryption is applied to safeguard data transmission. Firewall systems restrict access to internal databases, allowing only specific necessary services while preventing unauthorised entry. Data transmitted to our systems is decrypted securely and processed according to strict internal security standards.
Multilanguage Addon
If the website uses a multilingual tool such as WPML, language-related cookies may be placed to recognise the visitor’s current or last-used language. These cookies serve exclusively for language display purposes and do not process personal data for profiling or tracking.
