The present Privacy Policy and Personal Data Protection constitutes an integral part of Terms of Use of the Civitel Hotels & Resorts Group. Civitel Hotels & Resorts Group is concerned about the protection of the information that are provided and complies with the Regulation (EU) 2016/679 of the European Parliament (GDPR).

We solely collect personal Information provided voluntarily by visitors/clients in order to provide them with the requested services.

The present privacy policy explains how we collect and use the provided information and the rights concerning that information. On-line use of our services or your providing us with information means that you accept and you are aware of the terms of the present Privacy Policy and Personal Data Protection. Kindly refrain from providing us with any information provided you do not wish for it to be used as follows:

Kindly read carefully the present document:


‘’personal data’’ is every information that concerns natural persons

‘’process of personal data’’ means every action concerning personal data, such as collection, registration, storage, amendment, restoring of information, use, distribution of any means, restriction, deletion or destruction.

‘’Controller of personal data’’ is the natural person or legal entity, public authority or service, that, jointly or separately define the purpose and means of processing the personal data

‘’Processor of personal data’’ is the natural person or legal entity, public authority or service that processes personal data on behalf of the controller.

The data are collected and processed only when absolutely necessary.

We respect your personal privacy. We do not sell, rent or provide your personal data to third parties without your consent.

Legal base for the use of your personal data.

Along with the company’s internal IT systems, this website is designed in the appropriate way in order to comply with the following national and international legislation concerning data protection and personal life of the users:

  • European Directive for protection of personal data dated in 1995 (DPD)
  • Regulation 2018 (2016) of general data protection regulation of the European Parliament (GDPR)

More specifically, Civitel Hotels & Resorts Group collects solely personal data in order to execute your instructions, i.e. to provide the requested services. If additional information is required, you shall be notified upon the collection of the data.

GDPR allows us to process personal data, when the following occur (separately or jointly):

a. Performance of a contract: this occurs when the process of your personal data is essential for the fulfilment of our obligations concerning the contract.

b. Legal obligation: this occurs when we are obliged to process your personal data in order to comply with a legal obligation, such as preserving archives for tax purposes or providing information to a public entity or legal authority.

c. Your consent. You can withdraw your consent at any time, by telephone +30 210 680 1900 or through a request in writing to Civitel Hotels & Resorts Group or through e-mail at

Civitel Hotels & Resorts Group collects personal data for the performance of the contract or to carry out means upon your request before the signing of the contract, or in order to comply with a legal obligation or for the purposes of our vested interests or when you have provided your consent or for the preservation of your vital interests, or for the fulfilment of duty for public interest or for the exercise of right and obligations arising from security law or for legal claims or when required by the Courts of Law.

Our Privacy Policy was last updated and posted on 01/06/2021.

It governs the privacy terms of our Website, sub-domains and any associated web-based and mobile applications.

Information we collect.

a. Voluntary information

We will collect and process information about you if you voluntarily provide us with such information in connection with the following:

  • Filling in a form on our websites (,,, ).
  • Filling in a registration card
  • Contacting us by telephone or face to face
  • Sending us a letter, an e-mail or a social media message
  • Subscribing to receive a service from us (e.g. a newsletter, blog or by following us on social media)
  • Requesting promotional information from us (e.g. information about any of our good or services including gift cards)
  • Participating in a survey, competition or prize draw or
  • Contributing content to us

b. Automated information

When you visit our website, we may also collect certain information through the use of ‘’cookies’’ and other automated means. Cookies are small pieces of information that are stored by your browser on your computer’s hard drive. Such information may compromise the following information:

  • Date and time
  • Originating IP address
  • Domain name
  • Type of browser and operating system used (if provided by the browser)
  • URL of the referring page (if provided by the browser)
  • Object requested
  • Completion status of the request
  • Geographic location or
  • Language preferences.

In order to provide our services at Civitel Hotels & Resorts Group, we must keep, according to the Law, personal data.

We keep your personal information to provide the services you request from Civitel Hotels & Resorts Group in order to carry out a) reservations, b) purchases of vacation packages or other transactions. We also use the personal data to provide you with all the information concerning any conventions or other events in order to provide specific details for administrative purposes. Furthermore, we may use the information: a) to improve the services of Civitel Hotels & Resorts Group in order to provide you with the anticipated hospitality standards. We also use the details to send you newsletters, specials and to carry out purchase surveys and participation in contests by e-mails, phone or post. If you submit a request for a service at the Civitel Hotels & Resorts Group we use your personal information you provide to process your request.

This website collects and uses personal information for the following reasons:

  • Review of number of visits. For further information about programs and applications for the review of the interaction with the user, please read Terms of Use Cookies.
  • Contact forms and e-mail links

In case you choose to contact us using contact forms or e-mail links, none of the data you provide will be stored in this website or transferred or processed by a third party. On the contrary, this data will be transferred by e-mail through the protocol SMTP (Simple Mail Transfer Protocol). SMP transporters, are secured by security protocol TLS/SSL, which means that the context of the e-mail is encrypted before being transferred through the Internet. The context of the e-mails is decrypted by the local computers and devises.

If you are under 18 years old, we are OBLIGATED to receive consent of your parents or your legal guardian, before contacting our website.

  • We collect data from the official pages of the Civitel Hotels & Resorts Group in social media
  • We collect personal data to provide you with services in Civitel Hotels & Resorts Group either upon your arrival or during the reservation. During these procedures we may collect the following: name, address, e- mail address, ID number, Passport Number, date of birth. We collect payment information of (credit card number) and if you are member of a company, the company’s information to issue the receipts/invoices. We also collect the dates of your stay at Civitel Hotels & Resorts Group.

We do not collect sensitive personal data or data that might lead to it, unless you voluntarily provide us with it in order to help us make your stay more convenient. For example, medical information concerning allergies or incapability in order to personalize your needs and provide you with the nutrition and the supplements you need.

Disclosure and transfer of Personal Data.

The Civitel Hotels & Resorts Group does not transfer, disclose personal data to third parties that are not connected to us, unless this is required for legal professional needs and the company’s needs, in order to fulfil your requests and provide you with our services or/and this is required by the Law.

In the ‘’Declaration of Consent’’ your simple personal data (name and surname, contact address, e-mail, phone number), can be transferred, if you agree, to companies with which we collaborate for informative, advertising purposes.

Civitel Hotels & Resorts Group may disclose personal data in order to respond to any request by the Courts, government authorities, legal authorities or wherever it is required or advised to comply with the legislation in force, court decisions, or regulation and instructions of the courts or court authorities. Disclosure of personal data may be required by reviews concerning the protection of personal data and the security and/or inquisition or response to a complaint or security threat.

Data Security, Data Breaches, Storage, Time of retention and integrity.

Civitel Hotels & Resorts Group applies reasonable security policies and procedures in order to protect personal data and information from non-authorized loss, bad use, change or destruction. Civitel Hotels & Resorts Group is committed to protect personal data and information that the clients/visitors provide.

For this purpose, it has received all the appropriate measures of technical security, storage and process of personal data of visitors/clients. The personal data collected, id stored in transporters of limited access that are controlled with access codes and Civitel Hotels & Resorts Group uses special technology and procedures to enhance the protection of this information against loss or bad use, along with protecting it from non-authorized access, disclosure, amendment or destruction. Nevertheless, even though Civitel Hotels & Resorts Group makes every possible effort to protect the above-mentioned files, it cannot guarantee that the above-mentioned technology will never be violated and by any means. Despite our efforts, total security against all treats cannot be guaranteed. In case of loss or violation of personal data, we have a specialized team that deals with these incidents in order for everything to be restored, to retain the casualties to a minimum and comply with our legal obligations. We make every possible effort so that the access to the personal data is limited to those who are required to have access to it. The persons that have access to the data have a confidentiality obligation. Consequently, if you become aware of any Illegal, unlawful use of personal data, that are connected in any way to Civitel Hotels & Resorts Group, you undertake the obligation to notify us immediately. Otherwise, you shall be held liable against Civitel Hotels & Resorts Group.

Moreover, we make every possible effort to keep the personal data we collect only for the tome period we need these data to fulfil the purpose for which they were collected or for the compliance with the request of the individual or until their deletion is requested by the subject.

How personal data are used.

We are obliged by the Law to keep specific information, such as your name, address, ID Number or Passport Number and means of payment, in order to provide you with the services you requested.

  • To provide you with special services inside Civitel Hotels & Resorts Group, making your stay special.
  • To notify you about our services and offers through Newsletter only if you declare you want it to.
  • If you are under 18 years old, we are OBLIGATED to receive consent of your parents or your legal guardians before you sing up to our newsletter.

You have the right to be deleted form the newsletter at any time.

  • For improvement purposed regarding our services.

If you visit Civitel Hotels & Resorts Group as part of a convention or a group, we may share some of your personal data with the coordinators of the convention or the agencies in order to verify the reservations.

We collaborate with specific companies and will disclose only the data that are required to provide you with the services needed, for example, we use a company in order to rent taxis for your transfer from and to the places you desire. The IP addresses (the number accustomed to your computer every time you gain access to the internet and allows to the computers and the servers to recognize and contact each other) from which it is clear where the visitors originate may be recorded for safety reasons of technology information and diagnostic system procedure.

On line pricing system: if you choose the link ‘’Book online’’, for the pricing information, the credit card supplier will be notified and if you use a company credit card, your employer may be notified as well.

Group events: if you visit Civitel Hotels & Resorts Group as part of an event or a convention, the coordinator of the said events or conventions may be notified, and where is necessary, the guests that plan or participate in the said events or conventions.

Collaborators of the Company: from time to time we provide package deals with collaborators of the company and other companies, to which we provide services, where personal data may be disclosed. For example, we may jointly carry out promotional events and offer prize, through competitions in our region, along with other companies, with which we will jointly provide the prizes. If you participate in the said promotional events or competitions, we may share your data with our co-guarantor or third-party sponsor.

Services Providers: we rely on the service providers to provide specific goods and services, such as pricing of credit cards, reservation procedure through e-mail and direct mail, that process the transactions of credit cards, the data safety and the services that carry out competitions and events and surveys of clients and competition, for which the disclosure of the personal data is essential. Civitel Hotels & Resorts Group will disclose the personal data to the service providers, according to each case.

Transactions of the company: provided that we develop our company, e.g. in cases that we well, purchase, reconstruct, rearrange our company or our assets. In case of a merger, stabilization, purchase, liquidation or transfer of our assets, Civitel Hotels & Resorts Group may, at its sole discretion, transfer, sell or define the range of the information that have been collected and which include without limitation, the non-personal information and personal information, to one or more companies or to third parties.

Moreover, Civitel Hotels & Resorts Group may disclose personal data, with or without your previous notification, in order to: i) comply with the legislation in force, ii) meet the government standards or the requests of public authorities, iii) comply with the valid legal procedure, iv) protect the right, privacy, safety or property of the Hotel, the visitors, the guests, the employs or the public, v) allow us to deplete all the legal means in order to contain any damage and vi) to impose the terms of use of the website, in order to vii) be able to deal with an emergency.

Sensitive personal data.

The term ‘’sensitive personal data’’ concerns information regarding race, nationality, political views, religion or other beliefs, health, criminal record or being part of a syndicate. In general, we do not collect sensitive personal data, unless you voluntarily provide it. We may use information about your health, exclusively to serve you better and serve your special needs.

Personal data of underage persons.

We do not collect personal data from persons under 18 years old. Acting as a parent, or a legal guardian kindly do not allow your children to provide personal information without your consent.

Non-personal data.

When you visit and interact with our website, Civitel Hotels & Resorts Group and the third parties that the Hotel has signed an agreement in order to provide services to the Hotel, may collect non personal information (e.g. brochure for visiting regional sites)

As is the case with other websites, our website may use ‘’cookies’’ or other technology to help us deliver the context relevant to your interests, in order to process your requests, or/and process the reasons of your visit. Cookies, by themselves, cannot be used to disclose your identity. This information defines the browsers in the central computers when you visit our website. If you wish to deactivate the cookies at any time from your computer, you can delete them by using the browser on your computer (contact ‘’help’’ of your browser to learn how to delete ‘’cookies’’).

Provided that non-personal data do not define you personally, we may use or disclose such information for any purpose. In some cases, we may combine non-personal data with personal data (i.e. incorporation of e-mail addresses in cookies). If we combine any non-personal data with personal data, the combined data will be dealt by us as personal data according to the present policy concerning terms of use of the website and security policy of personal data.

Connection with third party websites.

Our website may contain links with third party websites. Kindly note that we are not competent for the collection, use, retention, delivery or disclose of the data and information from third parties. If you provide personal data to third party websites, their policy of personal data and terms of use will apply. We advise you to get informed about the policy of personal data and terms of use of the websites you visit before providing your personal data to them.

Personal Data Protection.

Civitel Hotels & Resorts Group has taken and will update the necessary technical and organizational means: i) to protect the personal data that has been collected from any non-competent access, disclosure, amendment or destruction kai ii) keep and update personal data according to the Law. We also intend and require from Services Providers to make every possible effort in order to retain the confidentiality of your personal data. Regarding the online transactions, we use modern technology to protect your personal data that you provide to us through our website. Unfortunately, no security system or transfer system through the internet cannot be considered completely secured.

For the protection of your personal data, we inform you not to include sensitive personal data in e-mails that you may send us. Kindly do not send us credit card numbers or any sensitive personal information through e-mail.

Retention of personal data.

We keep your personal data for the time period required in order to fulfil the purposes described above, unless a longer time period is required or permitted by the law.

Marketing catalogues.

If you have provided us with contact information (postal address, fax number, e-mail address or phone number), we can inform you about our services or invite you to events through e-mail, or by phone, or by post.

If you prefer to not receive marketing material from us, you can, at any time, contact us through e-mail to, in order to express your wish to be deleted from the list.

Kindly note, that if you ‘’withdraw’’, as described above, we will not be able to delete your data from the database of our collaborated companies with which we have already shared your data (i.e. to which you have already provided your personal data before the date that you submitted your ‘’withdrawal’’ request).

Modification policy.

We can, periodically, modify the terms. When we make these modifications, the new Terms of Use, will be placed on the home page of our website. You can be informed when the Terms of Use were last updated, after regarding the date on the top of the page. Any modifications to the Terms of Use will be in force after they are posted on our website. Use of the website after these modifications, can be carried out when you accept the revised Terms of Use.

Rights of the subject of the data – visitor/client.

The subject of the data (visitor/client) is able to access their personal data that have been collected and are being processed by the Civitel Hotels & Resorts Group along with the right of notification, upon relevant request by phone +30 210 680 1900 or through e-mail to This is referred to as ‘’Subject’s request for Access’’. Access to your personal data is free of charge. Before carrying out your request and in order to have transparence through the transactions, we may ask for verification of your ID and sufficient information for your transaction with us in order to identify you.

If the data we have that concern you, are not accurate, you can request us to correct any inaccuracies concerning your personal data. You can modify, correct, provide additional information concerning your personal data that are being processed by the Hotel and for this purpose you can submit a relevant request by phone at +30 210 680 1900 or through e-mail at: You also have the right to decline the processing of your personal data by us (right of decline) if we do not have the right to use it, or request that it is deleted from our archives (right of deletion) or to request to limits its use in specific cases (right of limited process). For exercising all the above-mentioned rights, you can submit a relevant request by phone at +30 210 680 1900 or through e-mail at: Upon review of the relevant request, the Hotel will proceed to carrying it out within a month, provided that it is legal and valid.

The subject of the data has the right to revoke the present consent to process the personal data by submitting a relevant request by phone at +30 210 680 1900 or through e-mail at:

Contact us.

If you have any questions that concern the Terms of Use or the ways of processing your personal data by Civitel Hotels & Resorts Group, kindly contact us through e-mail at: or by phone at +30 210 680 1900. If you have any questions, comments or complaints concerning the management or the protection of your personal data by us or if you wish to modify your personal data or exercise any of your rights as a subject of data, kindly submit a relevant request by phone at +30 210 680 1900 or through e-mail at:

The controllers are the General Managers of each hotel of Civitel Hotels & Resorts Group and you can contact them through e-mail at: or by phone at +30 210 6801900. The Visitor/Client reserves the right to file a complaint before the Hellenic Data Protection Authority (HDPA) (Kifisias 1-3 Street, Postal Code 115 23, Athens, +30 210 6475600,

Upon consent of the Visitor/Client, which will be provided with filing a relevant document named ‘’DECLERATION OF CONSENT’’, process of personal data will be carried out, for the performance of the contract of providing services and for the improvement of the provided services in compliance with Regulation (EU) 2016/679 and the national and European legislation in force, the Regulations of  Data Protection Authority, along with the decisions of the above mentioned Authority, as it is defined in the present Declaration.