1. Our Customer acknowledges that in the context of the transactional relationship with the Hotel, personal data in the Registration Form will be collected and processed by Astor Hotel (Data Controller) for the purpose of providing services to him/her and optimizing his/her comfort.

2. The Customer agrees that the processing of special categories of personal data (nationality) provided through this form are also processed by the Controller (Astor Hotel) for the above purposes.

3.The Data Controller will process the personal data provided by the customer (otherwise “Data”), in accordance with the applicable legislation on personal data (Regulation 679/2016 / EU, Law 2472 / 1997, as in force, Law 3471 / 2006) and the terms of the Registration Form. Only the authorized staff of the Controller and its affiliates, who process the Data as Processors on behalf of the Controller and in accordance with its instructions, with the purpose of supporting and monitoring the provision of the Hotel’s services, have access to these data and are committed to confidentiality of the Data. In any case, the Hotel ensures the confidentiality of the Data and does not transfer it to any third party (natural or legal person) except where this is provided for by law.

4. The Controller maintains the Customer’s Personal Data for as long as this is necessary for the execution of the contract and for the exercise, and / or support of legal claims under the contract. Where the processing is based on the Customer’s consent, his/her personal data are processed until the withdrawal of that consent without prejudice to the Hotel’ s legal obligation to maintain these data. The Customer has the right to withdraw his/her given consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

5. Our hotel takes all appropriate technical and organizational security measures, which are evaluated on a regular basis, and adopts technological standards in accordance with applicable laws and regulations, in order to ensure the safe, accurate use and integrity of Customer Data, as well as to prevent unauthorized or accidental access, processing, deletion, alteration or other use of these data.

6. The Customer has the right to access his/her data, to rectification, to erasure (‘right to be forgotten’), to data portability, to restriction of processing of personal data maintained by the Controller and to object to these Data. In the event of the exercise of one or more of the above-mentioned rights by the Customer, Astor Hotel will take all possible measures to satisfy his / her request within one (1) month of submission of the request and identification of the Customer. That period may be extended by two (2) further months where necessary, taking into account the complexity and number of requests. In any event, the Customer will be informed of such an extension within one (1) month of the receipt of the request.

7. In addition, if the customer believes that his/her rights or legal obligations of the Data Controller have been violated, he/she may lodge a complaint with the Data Protection Authority (www.dpa.gr). For more information regarding his/her personal Data or to withdraw the given consent, the customer may contact the Data Controller at 210 6989000 and email dpo@president.gr. The customer affirms through the present form that he/she is aware of the Hotel’s Privacy Policy which is published on the website www.astorhotel.gr .