Privacy Policy
1. Introduction
This Privacy Policy applies to the processing of your personal data (“Personal Data”) when you visit the website https://morfeascityhotel.com (“Website”) or interact with us as a guest or prospect, operated by Just Central Hotel Rhodes IKE (“we”, “us”, “our”). We are committed to respecting and protecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and relevant Greek legislation.
Please read this Privacy Policy carefully to understand how we collect, use, disclose, and safeguard your personal information. This policy also explains your rights regarding the use, access, and correction of your personal data.
2. Data Controller
Just Central Hotel Rhodes IKE
Dilmperaki 20, Rodos 85100, Greece
Email: info@morfeascityhotel.com
Tel.: +30 22410 78200
Website: https://morfeascityhotel.com
3. What Personal Data We Collect
- Contact Form: Full name, email address, and your message. Submitted data is transmitted via email to info@morfeascityhotel.com and is not stored on the server or in any CMS database.
- Booking Search Form: Room type, check-in/check-out dates, number of adults, children, and infants. These fields are used solely to redirect you to our booking partner WebHotelier for availability and reservation purposes. No personal data is stored on our website during this process.
- Booking via WebHotelier: The booking process is handled via our external booking partner WebHotelier. You are redirected to their secure platform where any personal data (such as name, payment details) are collected and processed directly by us through their system.
- Booking Data Processing through WebHotelier: WebHotelier acts as a data processor on our behalf under a data processing agreement, in accordance with GDPR requirements.
- Cookies and Tracking Technologies: As detailed in our Cookie Policy, we may use functional and marketing cookies to remember preferences and track engagement (e.g. room favorites). No personally identifiable information is stored without your consent.
- Newsletter Sign-up: Email address only. Currently, no third-party newsletter service is integrated, but future use (e.g. Mailchimp) will be updated in this policy accordingly.
4. Purpose and Legal Basis of Processing
| Purpose | Legal Basis |
|---|---|
| Responding to contact form submissions | Your consent (Article 6.1.a GDPR) |
| Redirecting booking search to WebHotelier | Legitimate interest to provide booking functionality (Article 6.1.f GDPR) |
| Sending newsletters (when activated) | Consent (Article 6.1.a GDPR) |
| Managing cookie preferences and marketing consent | Legal obligation under ePrivacy (Directive 2002/58/EC) and Consent (GDPR) |
5. Data Sharing and Transfers
We do not share your personal data with any third parties except:
- WebHotelier, as a booking engine provider, which receives data directly upon redirection.
- Email transmission provider (e.g. our email server or hosting provider) for processing contact form messages.
- Future newsletter service provider (to be updated).
No personal data is sold, rented, or used for any unauthorized marketing.
6. Data Retention
- Contact Form Messages: Not stored on our systems. Kept in our email inbox for up to 12 months unless further communication is needed.
- Cookies: Stored according to cookie expiration (e.g. up to 365 days as detailed in the Cookie Policy).
- Newsletter Subscribers: Retained until unsubscribed or consent withdrawn.
- Booking Data via WebHotelier: Retained securely within the WebHotelier system in accordance with their data retention policy and our data processing agreement.
7. Data Security
We implement technical and organizational measures to secure your data, including:
- SSL encryption on the Website
- Minimal data collection
- Access control to email inbox and website systems
8. Your Rights
As a data subject, you have the following rights under the GDPR:
- Right to Access: Request a copy of your personal data.
- Right to Rectification: Request corrections to inaccurate or incomplete data.
- Right to Erasure: Request deletion of your data under certain conditions.
- Right to Restrict Processing: Request a temporary halt to data processing.
- Right to Object: Object to processing based on legitimate interest.
- Right to Withdraw Consent: Withdraw your consent at any time.
- Right to Lodge a Complaint: With the Hellenic Data Protection Authority at www.dpa.gr.
To exercise any of your rights, contact us at:
Email: info@morfeascityhotel.com
9. Updates to this Privacy Policy
This policy may be updated from time to time. We encourage you to review it periodically. The most recent version will always be available at:
https://morfeascityhotel.com/privacy-policy
Effective Date: June 24, 2025