PRIVACY POLICY
MUSKITA HOTELS LTD, CYPRUS
DATA PROTECTION & PRIVACY POLICY
Your privacy is very important to Muskita Hotels Ltd (“we” / “us”). We follow strict security procedures in the storage and disclosure of personal information which you have given to us when accessing and using our website, when making a booking on our website or registering with us, to protect your privacy in accordance with the provisions of the applicable data protection laws. In this section, you can find information about our policy regarding the protection of personal data, our use of cookies and the security policy that we follow about your privacy.
We collect personal data from you if you register online with us, access and/or use our website or carry out transactions for goods and services via our website or our hotel directly.
- Information we collect and how we use and share it
Personal data we collect when you access and use our website, when you make a booking through our reservation system and where you register online with us (hereinafter referred to as “personal data”):
• Your name, email address, physical address, phone number, date of birth, country location and payment card information (to the extent this information is provided by you);
• Information relating to your membership in one of our services or programs;
• Information about how you use our website, products and services; and
• Information such as stay and room preferences made during the course of your reservation such as your preferred room type and specific requests to the hotel. - We use the personal data collected for the purposes of:
a. Registering you as a new user of our services and managing our relationship with you as a registered user;
b. Providing our reservation and booking services for our hotels and facilities to you;
c. Internal analysis purposes;
d. To the extent that you have consented to being contacted for marketing purposes, we will use your personal data for the purposes of providing you with email newsletters, surveys, any other communication for the purposes of advertising and marketing of our services as well as providing you with targeted advertisements on our or third party websites;
e. Maintaining legal records and accounts for the time periods required by European/Cyprus law or where we need to comply with a legal or regulatory obligation;
f. Where it is necessary to establish and/or exercise our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. - Disclosures of your personal data
We may have to share your personal data within our group to the extent that is necessary for the purposes for which the personal data was collected for and with some third party companies under specific contract terms in accordance with the applicable laws, whose services we employ to conduct our business or in relation to any supply of products and services by us. Disclosure of your personal data may also be required in order to comply with any applicable laws.
In the instances where you have consented to the use of your personal data for the purposes of advertising and/or marketing we may share your personal data with third party online service providers who may be located outside of the EEA.
Whenever we transfer your personal data outside of the EEA, we ensure a similar degree of protection is afforded to it and that all third parties respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Marketing Communications
We will only send you marketing emails where you have agreed to this. You can opt out of our advertising and marketing communications at any time by any of the following methods:
a. Selecting the UNSUBSCRIBE link included in our emails.
b. Editing your Four Seasons Hotel website account profile to change your communication preferences; OR
c. Contacting our Marketing Team at k.michael@muskitahotels.com.cy
Data Retention of your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Change of our Privacy Policy
If we decide to change our privacy policy, we will post any changes on this page of the site and notify you of such changes so that you always know how we use the information we collect and under what circumstances we disclose it to others.
Your legal rights
Your duty to inform us of changes
It is important that the personal data that we hold about you is accurate and current. Please keep us informed if your personal data changes at any time.
Your rights in connection with personal data
Under certain circumstances, by law you have the right to:
• Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data that we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continue to processing it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Object to processing of your personal data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal information about you if we no longer require it to establish, exercise or defend legal claims.
• Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact our Data Protection Officer in writing at dpo@fourseasons.com.cy
DATA PROTECTION OFFICER
We have appointed a data protection officer (DPO) to oversee compliance with this privacy policy. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO at dpo@fourseasons.com.cy. You have the right to make a complaint at any time to the Data Protection Commissioner’s Office, the Republic of Cyprus’ supervisory authority for data protection issues.
COOKIES POLICY
We don’t collect any cookies on this website.
Information security
We work hard to protect our users and their personal data from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:
• We encrypt many of our services using SSL.
• We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
• We restrict access to personal data to Muskita hotels employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
MUSKITA ALUMINIUM INDUSTRIES, CYPRUS
DATA PROTECTION & PRIVACY POLICY
We are committed to protecting your privacy – in this privacy policy, we set out how we collect your personal data, how we use it, and what rights and choices you have in relation to the personal data we hold and process.
Who decides why and how we process your personal data?
MUSKITA Aluminium Industries Limited (“MUSKITA”) determines why and how we process your personal data.
What personal data might we collect?
We collect different types of personal data for different reasons – this may include:
Contact information: Information such as your name, job title, postal address, home address where you provide this to us, business address, telephone number, mobile number, fax number and email address.
Payment data: Data necessary for us to process payments and implement fraud prevention measures, including credit / debit card numbers, security code numbers and other such relevant billing details.
Platform information: Your password and other related log-in details for platforms maintained by MUSKITA, where you have access to any.
Details from events: In some cases, we may collect information about you to tailor our events to your preferences.
Compliance details: We may collect personal data on the technical certifications held by our partners and clients, such as CE certifications, for the purposes of ensuring compliance with applicable production regulations.
When do we collect your personal data?
We may collect personal data about you in various cases, such as for example:
When you or your business seek our products or services or use any of our online client services;
When you or your organisation make an enquiry through our website, in person, over email or over the telephone;
When you attend a MUSKITA seminar or other events we may organise, or sign up to receive communications from us, including training;
When a corporate entity engages us to provide services and you hold an office or an interest in or have certain relationships with that entity (e.g. as a director or employee); or
When you or your organisation provide services to us, or otherwise offer to do so.
How will we use your personal data?
We will use your personal data for the following purposes (Permitted Purposes):
To fulfil our contractual duty towards you on the basis of our agreement with you.
To provide you with services or other things you may have requested, including our online service portal, as instructed or requested by you or your organisation;
To manage and administer your or your organisation’s business relationship with us, including processing payments, accounting, billing and collection or support services;
For compliance with our legal or tax obligations (such as audit or tax reporting);
To analyse and improve our services and communications to you;
To process complaints in relation to our products; and
To communicate with you through the channels you have approved to keep you up to date on the latest developments, announcements, and other information about our services, products and technologies at MUSKITA as well as events and projects we may organise.
Where you have expressly given us your consent, we may process your personal data also for the following purposes:
For customer surveys, marketing campaigns, market analysis, contests or other promotional activities or events; or
To collect information about your preferences to create a user profile to personalise and foster the quality of our communication and interaction with you (for example, by way of newsletter tracking or website analytics).
With regard to newsletters, legal updates and other general communications, you will always have the option to opt out of receiving such communications at any time.
Legal grounds for processing
Depending on which of the above Permitted Purposes we use your personal data for, we may process your personal data on one or more of the following legal grounds provided for under applicable data protection legislation:
Because processing is necessary for the performance of a contract with you or your organisation;
To comply with our legal obligations (e.g. to keep pension records or records for tax purposes); or
Because MUSKITA or MUSKITA’s contractors have a legitimate interest to process your personal data.
We may also process your data based on your consent where you have expressly given that to us.
How will we share your personal data?
We may share your personal data in the following circumstances:
We may instruct service providers within or outside MUSKITA, domestically or abroad, e.g. IT services or server providers, to process personal data for the Permitted Purposes on our behalf and in accordance with our instructions only. In certain case, this may also mean that your personal data may be transferred to locations outside the EU or European Economic Area (“EEA”). MUSKITA will retain control over and will remain fully responsible for your personal data and will use appropriate safeguards as required by applicable law to ensure the integrity and security of your personal data when engaging such service providers;
We may also use aggregated personal data and statistics for the purpose of monitoring website usage in order to help us develop our website and our services.
We will otherwise only disclose your personal data when you direct us or give us permission to do so or otherwise as required by law, such as for meeting legal and tax obligations.
How do we keep your personal data safe?
We take the appropriate technical and organisational measures to keep your personal data confidential and secure, in accordance with our internal policies and procedures regarding storage of, access to and disclosure of personal data. We may keep your personal data in our electronic systems, in the systems of our contractors, or in paper files.
Personal data we receive from you about other people
Where you provide us with the personal data of other people, such as your employees, directors of your companies, or other persons you may have dealings with, you must ensure that you are entitled to disclose that personal data to us and furthermore that, without being required to take further steps, we can collect, use and disclose that data in the manner described in this policy.
Transfers of personal data
In certain cases, we may transfer the data we collect from you to any of our suppliers or service providers (see above section on ‘How will we share your personal data?’), and your data may therefore in certain cases be processed at a destination outside the EEA by our suppliers or providers.
In each case we take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and when making such transfers, we will ensure that they are subject to appropriate safeguards in accordance with applicable data protection legislation. Please get in touch at dataprotection@muskita.com.cy if you wish to obtain further information on the appropriate safeguards which we are adhering to.
How long do we keep your personal data?
We delete your personal data once it is no longer reasonably necessary for us to keep it for the Permitted Purposes, or, where we have relied on your consent to keep your personal data, when you withdraw your consent for us to do so, and we are not otherwise legally permitted or required to keep the data. For further information on how long we may keep your data for please get in touch at dataprotection@muskita.com.cy.
What rights do you have?
Subject to certain conditions under applicable legislation, you have the right to:
request a copy of the personal data which we hold about you;
have any inaccurate data we hold about you corrected;
object or restrict our use of your personal data;
submit a complaint if you have concerns about the way in which we are handling your data.
To do any of the above, please contact us at dataprotection@muskita.com.cy. To enable us to process your request, we may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification – this is to protect the personal data we hold from unauthorised access requests and comply with our security obligations.
Corrections, updates and complaints
Where any personal data you have provided us with has changed, or where you believe the personal; data we hold is inaccurate, or where you wish to make a complaint regarding our handling of your personal data, please let us know at dataprotection@muskita.com.cy.
In relation to complaints, we will promptly respond to your requests and complaints. In the event that you are unhappy with our response, you may submit a complaint to the relevant privacy regulator. We can provide details of the relevant privacy regulator upon request.
Changes to our Privacy Policy
This Privacy Policy was last updated on May 22nd 2018. We have the right to update the contents of this Privacy Policy from time to time to reflect any changes in the way in which we process your personal data or to reflect legal requirements as these may change. In case of updates, we will post the revised Privacy Policy on our website. Changes will take effect as soon as the revised version is made available on our websites.
We can provide a copy of this Privacy Policy in Greek upon request at: dataprotection@muskita.com.cy.