Introduction. Wyndham Hotels and Resorts, LLC, ("WHR"), is a subsidiary of Wyndham Hotel Group, LLC, which licenses Wyndham® hotels (the "Brand") to independently owned and/or operated hotels ("Franchise").
EU Privacy Law requires us to be specific about our reasons and legal grounds for using your Personal Data. Accordingly, for the purposes of EU Privacy Law only, the information below describes the type of data we process where we get your data from, the grounds we rely on to carry out the processing, and who we may share your data with.
Wyndham Grand Crete Mirabello Bay Resort is a Hotel Company incorporated under Greek Law, operated by Zeus International Hotel Management and Consulting, having its registered seat and its offices at 2 Megalou Alexandrou Street, 10437, Athens, Greece, telephone number: 216-8009900.
Affiliates and Subsidiaries: Any corporation, firm, partnership or other entity which directly or indirectly controls, is controlled by, or is under common control with Wyndham Hotels and Resorts LLC.
Controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data, where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State Law.
EU Privacy Law: Regulation 2016/679 of the European Parliament and of the Council 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data on the free movement of such data (the ‘’GDPR’’), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and the e-Privacy legislation, or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws relating to the processing of Personal Data and privacy.
Processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient: A natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of processing.
Third Party: A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Supervisory authority: An independent public authority which is established by a Member State pursuant Article 51 of the General Data Protection Regulation.
Personal Data: Any information relating to an identified or identifiable natural person (‘’data subject’’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity o that natural person.
Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Privacy Shield: The EU-U.S. and Swiss-U.S. Privacy Shield legal framework, designed by the U.S Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring Personal Data from the European Union and Switzerland to the United States in support of transatlantic commerce.
Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed.
HOTEL BOOKING PROCESS
- HOTEL BOOKING PROCESS
In the context of the hotel booking process-whether this takes place online on one of our brand websites, through an online booking channel, via a travel agent, through our call center or directly at the hotel-we process your Personal Data for the purposes of a) enabling you to reserve a room in the hotel of your choice; b)verifying the availability of the hotel and to administer the booking; c) sending you a booking confirmation; d)sending you non-commercial pre-arrival emails. You may unsubscribe from pre-arrival emails at any time by clicking on the unsubscribe link in the emails sent to you.
Processed data categories
Address, Date of arrival and departure, Email address, First Name/ Last Name of adult co-guest(s), Payment card type, number and expiration date, Wyndham Rewards membership number, Telephone number, Title.
We may collect Personal Data from when you interact with us such as when you:
- Register for a product or service
- Contact us with a question or request
- Use our Services
- Make a payment for a product or Service
- Stay at one of our properties
- Provide a testimonial or story
- Participate in a competition or sweepstake
- Participate in our loyalty program
- One of the purposes of cookies is to simplify the use of the Website. A cookie may save a user’s login details for example, so that the user does not need to login every time. Cookies, by themselves, do not provide us with your personal information.
- Cookies may be either ‘’persistent’’ or ‘’ temporary’’ (or ‘’session’’) cookies. A persistent cookie retains user preferences for a particular Website allowing these preferences to be used in future browsing sessions and remains valid until its set expiry date (unless deleted by the user before the expiry date). A temporary cookie, on the other hand, will expire at the end of the user session when the web browser is closed.
- Cookies are also used for statistical or marketing purposes, to determine how the Website is used. These cookies are provided by us as well as by third parties (e.g. advertising partners). While we do not control or have access to the advertiser cookies, we do permit those cookies to be used on this Website to facilitate tailored advertising and to monitor patterns of buying specific goods or interest in for example, holidays or hobbies. These cookies run advertisements tailored to the user base on his/her online buying habits.
- Google Analytics: We use Google Analytics to help us get a better understanding of how visitors use this Website. The information generated by the Google Analytics cookie about your use of this Website is transmitted and stored by Google. If you do not want your activity on this Website to be tracked by Google Analytics, you may opt out by using this link : http://tools.google.com.dlpage/gaoptout?hl=en
- Pixels, Beacons: We or third party ad servers may use invisible pixels or beacons on this Website to count how many users visit certain pages. This information is collected and reported in the aggregate. We may use this information to improve our marketing programs and content, and to target advertisements at this Website and/or on other sites.
- From Other Sources: We may receive your Personal Information from other sources, such as public databases, joint marketing partners, data firms, social media platforms, from people with whom you are friends otherwise connected on social media platforms, as well as from other third parties. For example, if you elect to connect your social media account to your Website account, certain Personal Information from your social media account will be shared with u, which may include Personal Information that is part of your public profile or your friends’ public profiles.
- Mobile Devices: When you use or access our Services from a mobile device, we may collect information such as your unique device ID and your location.
- Adobe Marketing Cloud Device Co-Op: WHG participates in the Adobe Marketing Cloud Device Co-Op to better understand how you use our Websites across the various devices you use, and to deliver tailored promotions. Go to https://marketing.adobe.com/resources/help/en_US/mcdc/mcdc-overview.html to learn more about how Adobe does this to manage your choices relating to this linking of devices.
- Do Not Track Signals: At this time, we do not respond to browser ‘do not track ‘ signals, as we await the work of interested stakeholders and others to develop standards for how such signals should be interpreted. Third parties including our service providers, may collect information about your online activities over time and across different websites, including when you visit our website . You can learn about how to exercise choice regarding the collection of information about your online activities over time and across third-party websites or online services by visiting www.aboutads.info and networkadvertising.org
- Other Non-Personal Information: In addition to any Personal Information or other information that you choose to provide to us on the Services, we and our third-party service providers may use a variety of technologies, now and hereafter devised, that automatically collect certain website usage information whenever you visit or interact with the Services. This information may include browser type, operating system, the page served, the time, the source of the request, the preceding page view, and other similar information. We may use this usage information for a variety purposes, including to enhance or otherwise improve the Services. In addition, we may also collect your IP address or some other unique identifier for the particular device you use to access the Internet, as applicable (collectively referred to herein as a ‘’Device Identifier’’). A Device Identifier is a number that is automatically assigned to your device, and we may identify your device by its Device Identifier. When analyzed, usage information helps us determine how our Services are used, such as what types of visitors are interested in particular kinds of content and advertising. We may associate your Device Identifier or web site usage information with the Personal Information you provide, but we will treat the combined information as Personal Information.
Why and How We Use your Information
We may Process Personal Information in connection with any following:
- Our business transactions with you, including, but not limited to:
- To enter into or perform a contract with you
- To respond to your inquiries and fulfill your requests, such as to send you newsletters.
- To send administrative information to you, for example, information regarding the Services or an event in which you are attending and changes to our terms, conditions and policies.
- To complete and fulfill any purchases or requests for services, for example, to process your payments or a hotel stay or vacation rental, communicate with you regarding your purchase and provide you with related customer service.
- To send you marketing communications that we believe may be of interest to you via postal mail, email, telephone or SMS.
- To personalize your experience on the Services by presenting products and offers tailored to you.
- To allow you to participate in sweepstakes, contests and similar promotions and to administer these activities. Some of these activities have additional rules, which could contain additional information about how we use and disclose your Personal Information, so we suggest that you read these rules carefully.
- To facilitate social sharing functionality.
- To allow you to send messages to a friend through the Services. By using this functionality, you are telling us that you are entitled to use and provide us with your friend’s name and email address.
- For our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products, enhancing, improving or modifying our Services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities.
- As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
- In accordance with any consent you may have provided. You have the right to decline to provide your consent and, if consent is provided, to withdraw your consent at any time.
- As necessary or appropriate for legal reasons, including but not limited to:
- Under applicable law
- To comply with legal process
- To respond to requests from public and government authorities, including those outside
- To enforce our terms and conditions
- To protect our operations or those of any of our Affiliates or third parties
- To allow us to pursue available remedies or limit damages we, our Affiliates, or third parties, may sustain.
We may disclose your information as follows:
- Franchised Hotels, Managed Hotels, Vacation Rentals: We may share personal information with the owners and operators of our franchised hotels or owners of hotels that we manage but do not own and timeshare resorts in order to provide you with services.
- Vendors and Service Providers: We may disclose your Personal Information to vendors and service providers we retain in connection with our business such as: travel services companies, financial services companies, property owners’ associations, vacation insurance companies, website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, credit card processing, tax and financial advisers, legal advisers, accountants or auditing services.
- Message Boards: We may take message boards, blogs, and other such user-generated content facilities available to users. Any information that is disclosed in these areas becomes public information and you should always be careful when deciding to disclose your personal information. We are not responsible for privacy practices of other users including website operators to whom you provide information.
- Merger or Acquisition: A third party who acquires any part of Wyndham Worldwide Corporation itself or any of its Affiliates, whether such acquisition is by way of merger, consolidation or purchase of all or a substantial portion of our assets.
- Business Partners, Sponsors, and Other Third Parties: We may disclose your Personal Information to business partners, co-sponsors of promotions, and other third parties in order to provide you with services that may be of interest to you. For example, we may share your Personal Information with the owners and operators of affiliated and unaffiliated hotels and resorts, airlines, car rental services, retail store, credit agencies and other third parties to facilitate reservations, to offer you products or services, or in connection with our loyalty program or a loyalty program of one of our partners. We may also co-sponsor promotions, sweepstakes, or other events with a third party and may share your Personal Information in connection with these events. Further, we may share your Personal Information with third party providers located on-site at hotels or resorts, such as time-share, spa, golf, concierge and dining providers. If you provide additional information to any of these third parties, such information will be subject to such third parties privacy practices.
- Third Parties: Subject to your marketing preferences (which may include consent to marketing under applicable law), we may license, sell or otherwise share your Personal Information with selected third parties for compensation for their own business purposes. Once we share your Personal Information with a third party for such purposes, the information shared becomes subject to such third party’s privacy practices.
- Disclosure Permitted by Law: We may disclose your Personal Information to law enforcement authorities, government or public agencies or officials, regulators, and/or to any other person or entity having appropriate legal authority or justification for receipt of your information, if required or permitted to do so by law or legal process, to respond to claims, or to protect our rights, interests, privacy, property or safety, and/or that of our Affiliates, you or other third parties.
- Security of Your Information: We will take reasonable steps to protect the information you provide us from loss, misuse and unauthorized access, disclosure, alteration and destruction. We have implemented appropriate physical, electronic and managerial procedures to help safeguard and secure your information from loss, misuse, unauthorized access or disclosure, alteration or destruction. Unfortunately, no security system is 100% secure, thus we cannot ensure the security of all information to provide us via the Services.
- Links to Websites: The Services may have links to other websites that are not operated by us. We have no control over how these websites may collect your information and no liability for the practices, policies and security measures implemented on these websites. You should read the privacy notices on those other websites before you submit your information through them.
- Social Media Sites: Please note that we are not responsible for the collection, usage and disclosure policies and practices (including data security) of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media Pages.
- Minors: We do not knowingly collect, maintain or use Personal Information from individuals under 18 years of age in connection with, and no part of our Websites, Social Media Pages, and Apps is directed to, individuals under the age of 18. If we do incidentally collect or maintain Personal Information from individuals under 18 years of age, you may request deletion of such information by contacting us as set forth under ‘’How Can You Contact Us?’’ below.
- International Transfers: We are an international company and we may, subject to applicable law, transfer your information, to our Affiliates or selected third parties outside the country where you are located and where information protection standards may differ (e.g. your information may be stored on servers located in other jurisdictions). We will utilize appropriate safeguards governing the transfer and usage of your Personal Information, such as an adequacy decision by the European Commission, Model Clauses or other applicable adequacy mechanisms. If you would like further detail on the safeguards we have in place you can contact us directly as set forth in "How Can You Contact Us" below.
- Changes to your Marketing Preferences: We may contact you by email, telephone, SMS or postal mail with information about our products or services offered by Wyndham or a third party that may be of interest to you. You can opt-out from receiving future marketing communications from us at any time by:
- Using the unsubscribe function in the e-mail you receive from us; or
- If you do not wish to receive further direct marketing from us about Wyndham products or services, send an email to: firstname.lastname@example.org
- Withdrawing Your Consent: You may withdraw any consent that you have provided to us to Process your information at any time.
- Accessing your Information: In accordance with applicable law, you may access the Personal Information we Process about you.
Any request to access or obtain copies of your Personal Information must be made in writing by contacting us as set forth under ‘’How Can You Contact Us?’’ below. We may, depending on the applicable law in your country, be entitled to charge a nominal fee to cover some of our administration costs in connection with the provision of such information. We may also ask your identity and to provide further details relating to your request.
- Correcting your information: We will take reasonable steps to ensure the accuracy of the Personal Information we retain about you. It is your responsibility to ensure you submit true, accurate, and complete information to us, and timely update us in the event this information changes. You may request that any inaccurate or incomplete Personal Information held by us or on our behalf is corrected, by contacting us as set forth under ‘’How Can You Contact Us’’ below.
- Deleting your Information: Under certain circumstances, you may request we delete Personal Information we hold about you by contacting us as set forth under “How Can You Contact Us?’’ below. We will assess your request and determine, under applicable law, whether we are required to delete this information.
- Objecting to Processing: If you would like us to stop Processing your Personal Information, you can request this by contacting us as set forth under ‘’How Can You Contact Us?’’ below. We will assess your request and determine, under applicable law, whether we have any justification for the continued Processing.
- Transferring your Information: Under certain circumstances, you may receive your Personal Information in a format that allows you to spend it to another company or to direct us to tranfer it directly to another company.
Notice to Russian Citizens: In accordance with Russian Federal Law “On Personal Data” No. 152-FZ we collect, record, systematize, accumulate, store, update (renew and modify), and extract Personal Data about Russian citizens using databases located in the territory of the Russian Federation. If you indicate that you are a Russian citizen of the Russian Federation, we will process your Personal Data in compliance with this requirement and your profile will be maintained on databases in the Russian Federation. If you do not indicate that you are a citizen of the Russian Federation, we are not able to process and maintain your Personal Data under these requirements and will not be liable for that. You are solely responsible for indicating the country of your citizenship. Information containing Personal Data of Russian citizens may be transmitted from the Russian Federation to countries that ensure an adequate level of protection for Personal Data, including member states of the European Union and other countries which Russian law recognizes as ensuring adequate to protection, and also to other countries that may not ensure adequate level of protection for Personal Data. By submitting information to us on our sites and apps, submitting forms to us, or registering on our sites, programs and apps, or making reservations, you grant us consent to process your Personal Data.
SOCIAL MEDIA AND ONLINE REVIEWS
We may process your Personal Data through social media platforms (including Facebook, Instagram, Twitter, LinkedIn) or online reviews (including on Booking and TripAdvisor) concerning our Wyndham Hospitality brands for the purposes of a) addressing your questions or complaints; b) monitoring our online reputation; and c) improving our services and identifying opportunities on which we could focus.
Please remember that any content submitted to one of our social media pages can be viewed by the public and you should be cautious about providing certain personal information via these platforms. We are not responsible for any actions taken by other individuals if you post personal information on one of our social media platforms. Please also refer to the respective privacy and cookies policies of the social media platforms that you are using.
Wyndham Rewards is a global hotel rewards program applicable throughout the hotels of the Wyndham Hotel Group that is available to guest staying in our hotels, and to professional partners irrespective of whether the professional partners stay as guest or book on behalf of others. The Wyndham Rewards program is managed by WYNDHAM HOTELS AND RESORTS, LLC and provides you with a number of benefits during your stay at our hotels, and enables you to collect Wyndham Rewards points during your stay in our hotels and when purchasing from our selected partners. In such context, we may process your Personal Data in order to be able to a) Create your online Wyndham Rewards profile, including sending you an activation link by email; b) provide you with information on your Wyndham Rewards points; c)register your bookings and award points to your membership card, d)inform you about your rewards once you reach a certain points level; and e)inform you about any changes to the Wyndham Rewards Program.
Source of Data
Directly from you when signing up to Wyndham Rewards or claiming or redeeming Wyndham Rewards points.
OTHER LOYALTY PROGRAMS
Apart from Wyndham Rewards, we also offer our guests the possibility to earn miles or points in loyalty programs of our partners, such as frequent flier programs, car rental programs etc. In such context, we may process your Personal Data in order to be able to a) award miles or points to your membership account with one of our recognized partners following your stay at our hotel; b) assess and fulfill your request to redeem your miles or points of our recognized partners’ loyalty programs at our hotel.
Source of Data
Directly from you when claiming or redeeming miles or points
What Rules Apply to Children
We do not knowingly collect Personal Data from anyone under the age of 18 or allow such persons to book a room in one of our hotels.
In the event that we are informed that we have collected Personal Data from a child under the age of 18 without verification of parental content, steps will be taken promptly to remove that information. If you believe that we may have information from or about a child under 18 years old, please contact us at email@example.com .
How Can You Contact Us?
Wyndham Hotels and Resorts
22 Sylvan Way
Parsippany, New Jersey 07054, USA
Attn: Legal Privacy
If you have a complaint or concern about how we are processing your Personal Information then we will work to address such concern (s). You may also direct your complaint/concern to the applicable data protection authority.
ΔΙΑΣΚΕΔΑΣΗ & ΨΥΧΑΓΩΓΙΑ
Απολαύστε ανέμελες οικογενειακές διακοπές σε ένα ειδυλλιακό μέρος δίπλα στη θάλασσα, περιτριγυρισμένο από ένα μαγευτικό φυσικό περιβάλλον, ενώ τα παιδιά σας θα έχουν την ευκαιρία να διασκεδάσουν με χαρούμενες δραστηριότητες.