Statement of the Privacy Policy of the Company EMMAN VARDAKIS ALIANTHOS SA

Last Updated: 27, April 2020

This Website privacy policy (hereinafter the “Policy”) applies to EMMAN VARDAKIS ALIANTHOS SA, its subsidiaries and all hotels in the list of its companies.

At ALIANTHOS GARDEN HOTEL we strive to provide excellent products, services, and experiences around the world. We recognize that the protection of personal data is an important issue. We have compiled this Privacy Statement to explain our practices regarding the personal information we collect from you or for you, on the website, or through our applications, when you contact us in writing or orally, and the information we collect when you visit one of our facilities, or data from other sources. This Privacy Statement describes the practices we have adopted on the basis of European Law and our National Legislation.

By agreeing to this Policy and/or by using any of our products or services (e.g. in the context of registering for any of our products or services), you understand and acknowledge that we will collect and use your Personal Data as described in this Policy.

Please note that this Statement does not apply to the processing of personal data that may be made by us on behalf of and in accordance with the instructions of third parties, such as airlines, car rental companies and other service providers, companies that organize or offer travel packages, marketing partners or corporate clients. In this case, you will be asked for your consent again in accordance with the instructions of the third parties.



We collect personal data at every point of contact or interaction with the visitor. The types of Personal Data that we collect from you in the course of your reservation may include: your full name, home, professional and e-mail addresses, telephone and fax numbers, accommodation or visit to any of our facilities, participation in a member program or loyal customers (including payment cards bearing the name of a group or hotel or other partner programs), Participation in competitions, in a program of offers or marketing, data related to the purchase and receipt of products and services, personal characteristics, such as diet preferences, nationality, passport number, date and place of issue, history of visits to our hotel or one of our group’s hotels, payment details such as the number and other details of your payment card, as well as verification information and other billing and billing information, customer preferences, marketing preferences and contact information, information on vehicles you may bring to our facilities, reviews and opinions on the facilities of our hotels, or on the facilities, reservation for hotel packages, airlines you travel to notify of the flight you arrive and depart for your best service and rental cars if you request the mediation or security of your car in our area, groups with which you are connected to stay in hotels, information that you choose to provide us or that we may collect about you for a better service.

  • Surveys: We may request demographic data or other personal information in customer surveys, which will be used for statistical purposes in accordance with current legislation.
  • Collection during your stay at our facility: We collect additional personal information when you register / log in to our facility, including information that may be required by local law. It is also possible to use a TV circuit and other security measures in our facilities, which may capture or record images of customers and visitors in public places, as well as data related to your location while you are at our facility (via key cards and other technologies). In addition, we may collect personal information relating to services provided to you on our premises, such as hosting services, gyms, spas, activities, childcare services, equipment rental).
  • Profile Events: If you are planning an event with us, we collect meeting and event specifications, the date of the event, the number of customers, details about the guest rooms and for corporate events, company details if you are a legal entity with a guide your best service.

We also collect data on customers who are part of your group or event. If you visit us as a member of a group, we may have your personal information collected from the group and we may promote your services as a result of your stay with a group or your presence at an event according to your preferences, provided that law allows it and you have given your written consent.

  • Social Media: If you choose to participate in Alianthos Garden sponsored social media activities or offerings, we may collect certain information from your social media account consistent with your settings within the social media service, such as location, check-ins, activities, interests, photos, status updates and friend list. We may also allow you to enter into contests to provide photos, such as of your stay with us, which you may share with your connections on social media for votes, shared offers or other promotions.



We use your personal information in various ways to provide and customize the services you request and expect from the hotel, to provide the expected level of hospitality in all our rooms and facilities, to manage the membership program if you wish to become member, for the promotion of marketing and sales and as defined below with more details. We will obtain your consent before processing your data where required by applicable law.

We are required to collect specific information, such as your name, address, payment details, and, in some countries, travel documents in order to process your booking. Failure to provide this information will result in inability to process your reservation.

  • Service Management: We use your personal information to manage the programs in which you participate, providing access to your account information, such as return status and offers for which you meet the requirements.
  • Meeting and event planning: We may use your personal information to inform you about scheduled meetings and events e.g. conferences.
  • Marketing and Communication: To the extent permitted, we may use your personal information to send you or provide you with informational letters, advertisements and suggested special offers in your email, as well as other marketing messages according to the communication preferences you have stated. We use your information to provide messages during your stay, account notifications and booking confirmations, to send you marketing messages and to conduct surveys, lotteries, and other contests that may take place within our group. We may provide this information via the Internet, by mail, through online advertising, via social media, telephone, text messages (including SMS and MMS), push notifications, messages from applications and other media messages (including media, such as TV in your room). With your consent, we also use user-generated content (such as photos) from social media to provide advertising messages or content on our website and applications.
  • Improving the quality of our services: We may use your personal information to improve the quality of our hotel services and to ensure that you are interested in our website, products and services. We also use your personal information to provide you with the expected level of hospitality in your rooms and in all our facilities. This may include the ability to control the equipment of your room through our website or our applications on your personal devices.
  • Data accuracy, analysis and personalization: We may supplement your personal information with data from third parties to keep the information and analysis up to date. We also rely on the data we receive from third parties for better and more personalized service. For example, if you link to social media or other accounts on our services, we may use this information to make your experiences more personal and social with us, or to share and use them, as described elsewhere in the statement.



In order to provide the expected level of hosting and the best level of service, your personal information may be shared with third parties as follow:

  • Group events or meetings: If you visit a hotel of our group, as a member of a group event or meeting, the information collected for the planning of the meeting or event may be used jointly with the organizers of the specific meeting or event and, where required, with customers organizing or attending the meeting or event.
  • Services provided on our premises: We may share your personal information with service providers on our premises, such as hosting service providers, spa services, gyms or dining experiences.
  • Business transactions: As we grow our business activities, we may buy, sell, re-arrange, re-organize businesses or assets, or cease to be managers or owners of a hotel that is currently on the list of our companies. In such cases, our Company will have the exclusive and discretionary ability to transfer, sell or assign information it has collected, including, without limitation, personal and other information (described below) to one or more, corporate affiliates or not, third parties in relation to those business transactions. If required by local law, we will inform you of our intention to transfer your personal data to third parties for the aforementioned reason and we will explain how you can object to this transfer.
  • Other: In addition, the Company may disclose personal information about: (i) compliance with applicable laws, (ii) response to government investigations or requests from public authorities, (iii) compliance with valid legal procedures, (iv) protection of the rights, personal data, security or property of the Company, visitors to the site, customers, employees or the public, (v) the ability to find appropriate solutions or reduce the damage we may suffer, (vi ) the imposition of the terms and conditions of our website and (vii) our response to emergencies.



We use cookies and other technologies (such as “pixel tags”, “web beacons”, “clear GIFs”, e-mail links, JavaScript, Google or Apple device IDs or similar technologies) to collect this data. If you want to remove or disable cookies from your device at any time you can upgrade your browser settings (consult your browser’s “Help” menu to learn how to remove and disable cookies). The Company is not responsible for the settings of your browser. You can find simple and useful instructions for managing cookies regarding the different types of browsers at:



The term “sensitive information” refers to information about your racial background, political, religious or philosophical beliefs, health history and sex life, or sexual orientation, genetic information, criminal record, and any biometrics data used for the purpose of unique identification.

We do not collect sensitive information at all, unless provided voluntarily or in accordance with applicable laws and regulations. We may use data on the status of your healthcare provided solely by you in order to serve you better and meet your needs (for example, providing access to people with disabilities, medical information to you are allowed to use spa etc.



We do not intentionally solicit collect personal data from children and adolescents. As a parent or legal guardian, do not allow your children to submit personal information without your permission.



We provide mobile applications, which you can download with a smartphone or mobile devices. These applications have a variety of functions that improve the customer experience. In combination with the provision of services, our applications may collect personal and other information which will be used in accordance with this Statement. For example, to make or change a reservation, including a reservation for a reward stay, you will be asked to enter certain personal details, such as the account you keep in the membership program or other necessary information. We provide customers with the link to this Statement before downloading any of our applications.

If you allow the applications of our mobile devices to have access to information about the location of your device, our applications may use the technology of the Global Positioning System (GPS) and other technologies (such as wireless transmitters, known as identification signals) for provide you with information and suggestions about the location of your device. Recognition signals allow us to collect information about your location in partner hotels by contacting other portable devices. We may use this location information to improve your experience in our premises by sending updates and other material to your mobile device, providing you with guidance as you move through our facilities, and sending you information and offers about products, services, or activities that we think you are interested in. You can prevent or restrict the collection of location data by changing the settings of your device.

We offer all of these location or mobile services only to the extent permitted by applicable local law.



Our site and our mobile applications may contain third party websites. Please note that we are not responsible for the collection, use, maintenance, sharing or disclosure of data and data by such third parties. If you provide information to third party websites, the Privacy Policy and the Terms of Use of such websites apply. It is recommended that you read the privacy policy of the sites you visit before submitting personal information.

The Company may also work with specific Internet service providers so that our customers can access the Internet. The use of Internet services on our premises is subject to the terms of use and the privacy policy of the ISP. You can access these terms and conditions by using the links on the registration website or by visiting the website of the ISP.



The Company will take reasonable measures to: (i) protect personal data from unauthorized access, disclosure, modification or destruction and (ii) the proper maintenance of accurate and up-to-date personal information. The Company has a strong internal team of dedicated data security experts who are responsible for creating, updating and managing its security program. In the event of a security incident, the Company will notify the regulatory authorities and / or consumers as required by applicable laws and regulations.

We also ask our partners and service providers with whom we share personal information to make reasonable efforts to maintain the confidentiality of your personal information. In e-commerce, we use reasonable technological measures to protect the personal information you send to us through our website. However, no security system or Internet data transmission system guarantees complete security.

To protect your personal data, we recommend that you do not send us payment card numbers or other sensitive personal information via email.

We will never ask you for confidential personal information or card details via SMS or email. We will only ask you for your card details by phone when you book or book a promotional package over the phone. If you receive a request like this, do not reply. Please inform us at:



Based on the applicable law, you may request us to inform you about your personal information we hold and you can, request where is possible to update/ or delete your personal information in our active database. We will make all the required updates and changes within the time period specified by the applicable law and as required by law. You can submit such requests via e-mail. To protect confidentiality, we respond to these requests only at the e-mail address you have provided. Remember that if you make a request like this, we may not be able to provide the same quality and variety of services as you are used to.

In addition, in some cases, under applicable laws, you may request that we discontinue the use of your personal information with our business associates or request that the Company stop using your personal information by contacting us at the above email address or our postal address. We will consistently meet these requirements in accordance with applicable law.



We retain your personal information for as long as it takes to meet the purposes of this Statement, unless applicable laws require or allow for retention for a longer period of time. We maintain the personal data collected for the purpose of satisfying customer reservations for five years after the expiration of the stay. We retain other personal data for shorter periods of time if this is possible and if permitted by law.

We will destroy your personal information as soon as possible and in a way that does not allow the data to be restored or rebuilt.

In case it was printed on paper, personal data will be securely destroyed, for example by using a document destroyer otherwise, and if they are stored in electronic form, personal data will be technically destroyed means in order to ensure that there is no possibility of subsequent recovery or reconstruction of the data.



If you have provided us with your contact details (postal address, email address or phone number) we may inform you, according to your preferences and with your consent, of our products and services or invite you to events via email, online advertising, social media, phone, text messages (SMS and MMS), announcements, application and mail notifications, through our call center for customer service, and other media (including sending messages in the installations, such as on the TV in your room).

If you do not wish to receive our email with marketing material, you can remove it at any time by deleting your registration from the emails you receive from us or by clicking on the following link The default requests can be processed within ten business days.

In order not to receive text messages anymore, inform the hotel reception that you do not wish to receive text messages from the hotel, or reply “STOP” to the message that will be sent to you.



This Privacy Notice may be amended periodically. When we make substantial changes we will post a link with updated versions on the homepage of our website. If you have registered with any of our products or services, we will also notify you via the contact form you have provided. Updated versions will be posted to our web site and date stamped so that you are always aware of when the Privacy Notice was last updated. The changes to our Statement apply from the publication of the Revised Statement on the Website. The use of the Website, any of our products and services, or/ and the consent to the Updated Statement following such changes constitutes your acceptance of the revised Statement.



If you have any questions about this Statement or the way in which the Company processes your personal information, or if you would like to submit a positive comment or a complaint, please contact us via e-mail at or mail to the address of Plakias 74060, Rethymno Crete We will answer you within 30 days or sooner if possible.

For individuals residing in the EEA, this Annex describes additional information that the Company is required to provide to you, as well as any rights you have regarding the processing of your personal data, in accordance with the applicable European Personal Data Protection Regulation (GDPR 2016/679). This Annex will check to the extent that it is contrary to any provision in the main part of this Declaration.



  • Data Protection officer responsible for processing the personal data is the legal entity with the name EMMAN VARDAKIS  ALIANTHOS SA., located at Rethymno, Crete, and area of Plakias, Τ.Κ. 74060, and Municipality of Ag. Vasileiou, with A.T.: 094118026, RETHYMNOU, as legally represented.

The contact details of EMMAN VARDAKIS ALLIANTHOS SA are:

Alianthos Garden hotel
Telephone: 0030 28320 31280
Plakias 74060, Rethymno Crete

  • Representative for Processing the Personal Data is Konstantinos Vardakis son of Emmanuel and Maria resident of Plakias, Τ.Κ. 74060 with V.A.T. 058661740

Any requests related to your personal data must be submitted to the controller, whose contact details are as follows:

  • Responsible for data protection is Konstantinos Vardakis, son of Emmanuel and Maria, resident of Plakias 74060 with VAT 058661740
  • The contact details of the data protection officer are as follows:

Address: Plakias, 74060 Rethymno, Crete
Phone: (+30) 2832031280 / (+30) 6976880660



The Company processes your personal data for the purposes recorded in the Unit (Use of Personal Data Collected for You) and in the Unit (Personal Data that we disclose) of the main part of this Declaration, as detailed above. The legal bases of the Company’s processing actions include the processing of this information as necessary for compliance with our contractual obligations, compliance with our legal obligations, the protection of the safety of employees, visitors and others, for our legitimate business interests, and with your consent.

The specific legal basis for the processing of your personal data is based on the purpose for which this data was provided or collected:

  • Research: Completing surveys is voluntary – we process the data obtained from surveys based on your consent and to promote our business interests, such as marketing, service improvements and statistics.
  • Collection during your stay at our facilities:
  • When you make a reservation and when you stay in one of our hotels, we process the name, address, contact details, along with your accommodation details (day and time of arrival and departure, vehicle details and details of other people traveling or reside with you), based on the contractual relationship with you. We also process this data for our business interests, such as marketing, service improvements, statistics and personalization of services, as described in Section 4 of the Global Privacy Policy (above).
  • We collect some additional personal data when registering / check-in at our hotels (such as identity or passport details), necessary to comply with our legal obligations.
  • We use a closed circuit television and other security measures on our premises, which may capture or record images of customers and visitors in public areas, as well as information related to your location while you are on our premises (via key cards and others technologies) to protect staff, customers and visitors to our facilities.
  • We process personal data in relation to the services within the facility (such as reception services, gyms, spas, activities, childcare services, equipment rental), in order to provide services to you and our business interests such as marketing, service improvements and statistics and personalization of services, as described in Section 4 of the Privacy Statement (above).
  • Event Profiles: We process the personal data obtained in connection with your event based on our contractual relationship with you and to promote our business interests, such as marketing, service improvements and statistics and service personalization, as described in Section 4 of World Privacy Statement (above).
  • Social media: Participation in the activities and offers of social media provided by the Company is voluntary. We process the data obtained from participation in social media based on your consent and to promote our relevant business interests, such as marketing, service improvements and statistics and personalization of services, as described in Section 4 of the Privacy Statement (above).
  • Promotions and Lotteries: Participation in lotteries, competitions and other promotional offers is voluntary. We process the information obtained from this participation based on your consent and as required to manage the offer. We also use certain data for our business purposes, such as marketing, service improvements, statistics and service personalization, as described in Section 4 of the Privacy Statement (above).
  • Direct marketing: We use your personal data to send you marketing messages based on your consent. You can withdraw your consent for direct marketing communications at any time by contacting us at
  • Retention: We retain your personal data for the period of time required to carry out the purpose for which it was collected, usually for the duration of any contractual obligation and for any period from now on as required or permitted by law. Our retention policies reflect the statute of limitations and legal requirements.



Requests for Access, Correction and Deletion: You have the right to:

  • ask us to confirm if we are processing your personal data
  • receive information on how your data is processed
  • get a copy of your personal data
  • ask us to update or correct our personal data
  • ask us to delete your personal data in some cases



You have the right to ask the Company to stop processing your personal data:

  • For marketing actions, such as creating profiles
  • For statistical reasons
  • When this processing is based on our legitimate business interests, unless we can demonstrate an imperative legal basis for this processing or we must process your personal data for the establishment, exercise or defense of a legal claim.

Right to limit processing: You have the right to request the Company to restrict the processing of your personal data:

  • During the evaluation or in the process of responding to a request from you to the Company for the information or correction of your personal data
  • When this processing is illegal under new legislation and you do not wish your Company to delete your data
  • When the Company no longer needs this data, but you wish to retain it for the establishment, exercise or defense of a legal claim
  • When you object to the processing based on our legitimate business interests, while our response to this request is pending.

When we restrict the processing of your personal data upon your request, we will notify you before any resumption of this processing.



You have the right to request that we provide you or a third party with certain personal data in a widely used form that can be read by a machine. Please note, however, that data portability rights apply only to the personal data we have acquired directly from you and only if the processing is based on the consent or signature of a contract.

Submission of Applications:

You can submit your requests via email

We will respond to all requests within 30 days of receiving your request, unless there are special circumstances, so it may take up to 60 days to respond. We will let you know if we are going to delay our response for more than 30 days. Note, however, that some personal data may be excluded from these rights under applicable data protection legislation. In addition, we will not respond to any request unless we are able to verify the identity of the applicant. We may charge you a reasonable fee for the corresponding copies of the data you requested.

If you have any questions about our practices regarding personal data or the exercise of your rights, you can either contact the Company at

Or the supervisory authority in the Member State of your residence.



You have the right to revoke your consent to any processing we perform solely with your consent (such as sending direct marketing material to your personal email account). You may withdraw your consent to marketing actions as well as to all other actions for which you have given your consent by contacting,