Privacy Policy

Data Protection (GDPR) Policy

Your personal details and information is very important to ALLTIME TOURIST COMPLEX/ST RAPHAEL RESORT (hereinafter referred to as “ST. RAPHAEL RESORT” ,or “St Raphael” ,or “we” ,or “us”). This Data Protection and Privacy Policy outlines how we, ST. RAPHAEL RESORT, collect, use, store, and share your personal data in compliance with Regulation 2016/679 (General Data Protection Regulation - GDPR) and the local legislation N.125(I)/2018.

 

1.    Personal Data We Collect

Some of the information we require is considered personal information and is mandatory to be given to us to provide our services. Other information which may be considered as sensitive information, you can choose not to give. However, this may have an impact in our services towards you.

When you use our services, we may collect the following types of personal data:

  • Personal Data is any data which can be used in order to identify you. This may be your name, identification number, date of birth, address or any other of the aforementioned data listed
  • Identification Data: Name, address, phone number, email, gender, date of birth, identification documentation.
  • Contact Information: Phone numbers, email addresses.
  • Booking and Transaction Data: Details of your reservations, services requested, and payment information.
  • Sensitive Data: Information such as health status, racial or ethnic origin, religious beliefs, and criminal records may also be collected with your explicit consent.

 

2.     Purpose of Data Collection

Your personal data is collected and processed for the following purposes:

  • Managing bookings and reservations.
  • Registering your arrival and departure at the hotel;
  • Assigning you a key card to your room
  • Obtaining a credit card guarantee or hotel deposit to ensure payment of your stay;
  • Managing (and archiving) your hotel registration card;
  • Creating or updating your profile in our hotel management system;
  • Assessing your eligibility for a room upgrade and managing this if applicable;
  • Managing payment of your stay;
  • Establishing, printing or sending an invoice for your stay
  • Providing customer service and support.
  • Sharing information with third parties as necessary for service provision, based on your consent.
  • Improving our services through data analysis and feedback.
  • Sending marketing promotions and promotional communications if sperate consent is provided (as below).
  • In the event you have booked a room in our hotel but do not show up – without cancelling – on the date of arrival communicated, we will process your Personal Data for the purposes of (i) cancelling your stay and any other reservation you may have made; and (ii) managing, processing and settling any outstanding payment that may be due.
  • We may send you guest satisfaction surveys by email during or after your stay to enable us to measure the performance of our hotel.
  • When you stay in our hotel or we provide you with any function or events services in our hotel, we endeavor to make it as pleasant as possible for you. This requires processing your Personal Data for the purposes of providing specific services during your hotel stay. These services include (i) housekeeping and maintenance; (ii) returning lost or forgotten items to you; and/or (iii) managing your and your co-guests’ preferences, such as dietary requirements preferences, in order to provide you with a better service during your stay with us.
  • In ST RAPHAL RESORT you can benefit from additional services and facilities, such as breakfast, room service, minibar, pool, restaurants and bars, spa treatments, laundry services, parking, taxi requests, free WiFi, gym, hair salon etc. In the event you make use of additional services or facilities at one of our hotels, your Personal Data may be processed to (i) manage the booking and use of such additional hotel services and/or facilities; (ii) administer any advance bookings of additional services and/or facilities to your file; (iii) personalize returning guests’ arrival to the hotel and the choice of room amenities and room features; and (iv) manage the expenses incurred for such additional services and/or facilities.
  • We may use your personal data to share an idea of what products or services we think you may want or need, or what may be of interest to you. You may receive marketing communication from us if you have requested information from us, reserved a room with us, booked an event with us or if you have provided us with your details when you entered a competition or registered for promotional material and, in each case, you have not opted out of receiving marketing material. We will get your express opt-in consent before we share your personal data with any company outside Louis Hotels group for marketing purposes. 
  • Should you choose to opt not to receive marketing material, we will continue to carry out our other relevant activities using your personal data, for example this will not apply to personal data provided to us because of a room reservation or other services.

 

3.    Data Controller 

A data controller is someone who is responsible for your data and who must make sure that your data is processed according to the law. For example, they are responsible to make sure that data held about you is accurate and that is kept secure. 

Note that you have the right as provided by the current legislation, to keep a copy of your personal information as kept by ST. RAPHAEL RESORT. You can get this by contacting us, at [email protected] . However, there may be an administration charge, which is up to ST. RAPHAEL RESORT’s discretion. 

For the purposes of GDPR, ST. RAPHAEL RESORT is the Data Controller for the personal data collected. For any queries or to exercise your data rights, please contact our Data Protection Officer (“DPO”) at [email protected].

 

4.    Collection of Personal Data

Based on the interactions we have with you either directly or indirectly (automatically) through the use of cookies to our websites.

Direct ways we collect your personal data are the following
•    In person
•    Over the phone
•    Via email
•    Via our websites by leaving a message, completing a form, registering to our newsletters etc.
•    Through the online booking channel, you used to make the booking Expedia, Booking, Hotelbeds, Bookcyprus, HRS, GTA, hotels.com and other third-party online systems (affiliates of the above)
•    When you making your additional service/facility request with the hotel front desk or the F&B.
Indirect (automatic) ways we collect your personal data are the following:
•    When you use our websites by using cookies or other marketing analytics technologies. Please check out our cookies policy for more details .
•    Payment and delivery services such as PayPal
•    Online and offline publicly available sources such as Companies registration authority
•    Fraud detection agencies that might be located outside the European Union
•    Aggregators (website or program that collects related items of content and displays them or links to them) that might be located outside the European Union

 

5.    Data Sharing and Third-Party Access

All your personal data will be treated with full confidentiality. By giving your consent below you are agreeing that ST. RAPHAEL RESORT may: 
Review any bookings made with ST. RAPHAEL RESORT, including any services provided by any affiliates and/or affiliated companies, for the purpose of ensuring that you obtain the best possible Service and/or for the best of your interests. Additionally, your consent shall enable us and/or our Affiliates to gather facts and figures to help plan and improve our services. However, ST RAPHAL RESORT may share your personal data without your consent if required by Cyprus law or under a valid court order.

 

6.     Data Storage and Security

We store your personal data both electronically and in hard copies. We take reasonable measures to ensure that your data is kept secure and is only accessed by authorized personnel. St. Raphael Resort is required by law to ask for your permission to record your details. By giving your consent below, you agree and give your consent to St. Raphael Resort to record your consent. These details may contain your personal and sensitive data. 

 

7.     Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access: You can request a copy of your data.
  • Correction: You can request that inaccurate or incomplete data be corrected.
  • Deletion: You can request the deletion of your data, subject to legal requirements.
  • Restriction: You can request that we restrict the processing of your data.
  • Objection: You can object to the processing of your data.
  • Portability: You can request that we transfer your data to another entity.

To exercise any of these rights, please contact our Data Protection Officer at [email protected].

 

8.    Consent and Withdrawal

You have the right to withhold or withdraw your consent at any time. However, please note that this may affect the quality and availability of our services.

 

9.    Data Retention

Your data will be retained for as long as necessary to fulfill the purposes outlined in this policy, but no longer than 7 years unless required by law or with your consent.

 

10.     Amendments

We reserve the right to amend this policy at any time. Any changes will be posted on our website and, where appropriate, notified to you by email.

 

11.    Contact Information

For any queries or concerns regarding your data, please contact our Data Protection Officer at [email protected].


By using our services, you agree to this Data Protection and Privacy Policy as part of our Terms and Conditions.