Privacy Policy - Data protection



Protecting your personal data is a task we take very seriously in ΚΟΤRETSOS SA. For this reason, we developed this Privacy Policy to keep you informed about the nature, the types and the purposes of collecting, using and processing your personal data "Personal data" means any information that is collected or recorded in a way that may allow direct (e.g. surname) or indirect (e.g. phone number) identification of a natural person.
We recommend that you read this text, which describes the privacy policy, before providing us with personal data.

This Privacy Policy is harmonized with the national, European and International regulatory framework about personal protection and privacy and especially with EU's General Data Protection Regulation.

Information we collect

We only collect what we need to provide you with services corresponding to your needs. Normally, we collect the following:

  • - contact information (name/ surname, email, work and home street address, mobile and land line phone number),
  • - credit card information (type, number, name on card, valid until date, security number),
  • - information needed to offer you better services (dates of arrival and departure, date of birth, sex,
  • - names and ages of your family members, rooms preferences, dietary peculiarities, entertainment activities, etc.),
  • - information coming from visiting our site (cookies),
  • - "sensible" data, such as allergies that we are handling with extra care.

Why do we need your data?

Both when you are getting information about our hotels and while you are staying at them, you are revealing some information about you to us, as explained in the previous paragraph.

In general, we collect information to:

  • - to manage reservations and other hospitality services
  • - communicate with you when you are asking us to book a room for you,
  • - react to your requests both before coming to our hotels and you are staying at them,
  • - create and store legal documents in accordance with applicable law,
  • - keep you updated about our offerings,
  • - send you newsletters and similar informational material,
  • - adjust our services to your personal preferences,
  • - get information on the use of our apps in your mobile devices,
  • - receive your feedback both during your stay and after leaving our hotels,
  • - offer you special services when staying at our hotels.


We always ask for your consent when we are planning to use your personal data for purposes beyond these directly related to our service. Such purposes include direct marketing (e.g. newsletters, promotional emails). We also ask for your consent when asking for "sensitive" personal data such as your health status or your ethnic origin.

Please, keep in mind that you can always take your consent back by contacting us both by phone: +30 26240 22547 and by email: info [at] Specifically, for the promotional messages and the newsletters you can always click the unsubscribe link that is always found at the bottom part of such messages.

This "Customer Personal Data Protection Charter" is a part of the terms and conditions that govern our hotel services. By accepting these terms and conditions, you explicitly accept the provisions of this Charter.

Disclosure of personal data

KOTRETSOS SA does not disclose your information to third parties for their own business or marketing purposes without prior your consent.

However, we may disclose your information to the following entities:

  • - Business associates. We may also share your information with trusted business partners. These entities may use your information to provide you with services you have requested, make provisions relating to your interests, and offer you promotions, advertisements, and other material.
  • - Service providers and/or any third parties that may process information on our behalf. We may also share your information with companies that provide services on our account or behalf, such as IT contractors, bulk mailers, banks, credit card institutions, law firms, mail service companies, printing services companies, etc.
  • - Credit approval: Upon submission of a credit approval claim, personal data are utilized and disclosed to designated third parties according to applicable legislation in order to decide on the credit approval and its subsequent level.
  • - Other third parties, if so required by law or in order to protect our Services. Situations may arise in which we share your information with other third parties:
    • + To comply with the law or mandatory legal procedure (such as search warrants or other court orders)
    • + To confirm or implement our compliance with the policies governing our Services
    • + To protect the rights, ownership or security of KOTRETSOS SA or any of our affiliates, business partners, or customers
  • - Other third parties with your consent or at your command. In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties if you give your consent or if you request us to do so.

To provide you the best possible service, we allow access to your personal data or to certain categories to competent, authorised members of our personnel.

This includes:

  • - Hotels taff
  • - Reservations departments
  • - IT department
  • - Marketing/Guest Relations department
  • - Legal Services department, if and when required
  • - Medical Services, if and when required


We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law.

After the end of retention period, your personal data are destroyed, deleted or anonymized.

Your rights

Access and correction of your data – right to erasure ("right to be forgotten")

In addition to existing lawful user rights, according to the legislation in certain jurisdictions, you may also be entitled to request details on the information that we collect and to correct any inaccuracies that may be contained in such information. If permitted by law, we may charge you a small fee for the provision of this possibility. We may refuse to handle requests that are repeated to an unreasonable degree, require disproportional technical effort, jeopardise the privacy protection of others, are extremely impractical, or involve access that is not otherwise required by domestic law.

Υου have the right to obtain the erasure of your personal data from the controller.

To ask us to do anything of the above, you contact us by phone +30 26240 22547 και με email info [at] We will promptly examine your request against the relevant requirements of the laws and regulations governing personal data protection and we will answer the latest within 30 days after receiving your request. If, for reasons of complexity of the request or a multitude of requests, we are unable to respond promptly, we will notify you within thirty days of any delay, which in no case may exceed two months from the expiration of the 30-day deadline. It is possible to ask from you some kind of identification (e.g. photocopy of your identity card or passport) to avoid non-authorized reveal of your personal data.

To ensure that your personal data are always accurate and updated, we recommend you to keep us informed about your data, as needed (e.g. in case of a change in a street or email address).


We have taken organisational and technical measures to protect the information that we collect in relation to our Services, especially sensitive personal data. Our IT department implements international standards and practices to ensure the safety of networks and the encryption of data.

However, please bear in mind that despite the reasonable measures that we take to protect your information, no website, internet transmission, computer system or wireless connection is ever completely safe.


When you visit our site, we receive information about you using some small alphanumeric character files called cookies that are stored on your computer. Cookies assign your computer with a unique ID, which in turn becomes your own identity each time you return to our site.

Cookies have been developed to save you time because they help us provide you with a customized experience without having to remind us of your preferences each time you return to our site. Cookies do not damage your electronic equipment, nor can they read information from other files on your computer’s hard drive.

Our cookies follow you only while you are on our website and do not collect information about you after you leave it and go to another website. We are not the only ones to place cookies on your computer and we are not responsible for the presence of third party cookies and the way they are used.

To use cookies, your prior consent is necessary. An exception to this rule is cookies that serve the functional needs of the website (functional cookies) and are necessary for the appearance and effective operation of the site.

Minors personal data

The data we collect on persons under the age of 16 are restricted to given name, surname, nationality, and date of birth. This data can only be provided by an adult, parents or guardian and are absolutely necessary for the provision of our services (e.g. placement of a baby bed in a room).


This policy may be amended from time to time. To ensure that you are aware of any changes, please check this policy on a regular basis, especially before submitting a reservation request with one of our hotels. By accessing or using our Services after we have posted an updated version of the Privacy Policy, you agree with the new practices contained in the update. The most recent version of the privacy policy will always be available here: