Cyprus law applies to Madama Residence. We comply with the requirements of these laws with regards to the handling of all Personal Information and Data processing.
PRIVACY + PROTECTION OF PERSONAL DATA
We collect and process personal data such as name, address, age, gender and spending activity within the hotel only when it is absolutely necessary. This data is protected by us and will never be sold, passed on, distributed, used for profit or publicised in any way. In cases where consent is needed, we will always obtain it in advance. Consent can be withdrawn by you at any time. Those under the age of 16 need parental consent before using the hotel services.
WHY WE COLLECT PERSONAL DATA
We gather your personal data for the following purposes:
1. Website traffic monitoring: Like most sites, this site uses Google Analytics (GA) to track user activity. We use this data to determine the number of our site visitors to better understand how they find and use our web pages. Although GA records data such as your geographic location, your device, your web browser, and your operating system, none of this information identify you to us. GA also records your computer's IP address, which could be used to identify you, but Google does not provide access to it. We believe that Google is a third data processor that is compliant with the requirements of European legislation.
2. Contact forms and e-mail links: If you choose to contact us using a contact form or an email link, none of the data you provide will be stored to our site or transferred or processed by any third party data processor as defined below in the section «Our third-party data processors». Instead, these data will be sent to us via an SMTP protocol (Simple Mail Transfer Protocol). Our SMTP servers are protected by a TLS security protocol (also known as SSL), meaning that email content is encrypted before being sent over the Internet. The content of the email is decrypted by our local computers and devices.
3. To Improve Guest Customer Service: Personal data is gathered by the hotel team, to enable us to deliver a smooth reservation and ensure guest needs are met and requested services are provided. Keeping a history of guest spending within the hotel also allows us to confirm prior transactions and reconcile statements or invoices. This data collection also allows us to contact guests when relevant or necessary, in relation to your stay, for customer satisfaction purposes, to request feedback or regarding current promotions, offers or other information.
HOW WE COLLECT PERSONAL INFORMATION
Cookies: Personal data is collected when you visit our data via cookies. These are small data files consisting solely of a set of text information that the site transmits to the web browser on your computer's hard disk, either temporarily throughout your visit , or sometimes for longer periods, depending on the type of cookie. Cookies perform different operations (for example, you are distinguished from other site's visitors or remember certain info for you like your preferences) and are used by most websites to improve your user experience. Each cookie is unique to your browser and contains some anonymous information. A cookie typically contains the name of the cookie field, the cookie's lifetime, and a value (usually in the form of a randomly generated unique number). If you do not want to accept cookies, you can block them by adjusting the settings on your Internet browser.
Basic types of cookies include:
THIRD PARTY PERSONAL INFORMATION PROVIDERS
DATA PROTECTION RIGHTS
The following are the rights you have pursuant to the provisions of the GDPR and the applicable local legislation in relation to the data protection:-
• Request access to your personal data (commonly known as a “data subject access request”).
• Request correction of the personal data.
• Request erasure of your personal data.
• Subject to the legal basis on which the processing activity is based, you may object to processing of your personal data.
• Request restriction of processing of your personal data.
• Request the transfer of your personal data to you or to a third party.
• In case the processing of the data is performed subject to your consent, you may withdraw consent at any time.
DATA SECURITY AND BREACHES
We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. For any of your personal information stored in our database, Madama Residence has appropriate security measures in place to prevent any breach of data security to prevent your personal data from being lost, used or accessed in an unauthorised way. We will notify you and any applicable regulator of a breach where we are legally required to do so and report any unlawful violation of our database or any third party data processing database to all relevant stakeholders, as well as authorities within 72 hours of the violation.
Data Protection Officer