This Privacy Notice sets out how St. George Hotel Enterprises (hereinafter referred to as the “Company”, “We”, “Our”, “Us”) processes data, whether on individuals (including personal data in respect of individuals who are clients, intermediaries or other third parties that We interact with, or any individual who is connected to those parties) or otherwise. Where the data held are on individuals, this document also sets out the rights of those individuals in respect of that personal data.
This Privacy Notice has been prepared in accordance with the provisions of the EU General Data Protection Regulation (“GDPR”).
Any questions relating to this Privacy Notice or requests in respect of personal data should be directed to Our Data Protection Officer (DPO) at GDPR@stgeorge-hotel.com.
Who We are
St. George is a category 4 star hotel located on the beach of Chlolarakas, Paphos. It possesses 260 rooms including; 211 twin rooms, 25 superior rooms, 6 suites and 3 rooms suitable for guests with disabilities. In the food & beverage scope, the hotel manages five bars and three restaurants. In addition it operates a Wellness Centre with a fully equipped gym, indoor pools as well as a wide-ranging a la carte treatment menu.
Our aim is to provide friendly and hospitable service to our guest in order to create a unique experience, hence, our motto is the hotel is “Where pleasure…is served with pleasure”. Our vision is to establish the hotel as one of the greatest 4 star hotel in the island.
Our main offices are located at SAINT GEORGE HOTEL, Chloraka, Paphos, Cyprus.
We strive to protect personal data and apply high standards of conduct when it comes to privacy issues. We ensure that Our employees are provided with the appropriate training in order to handle personal data promptly and in accordance with the laws. Furthermore, We endeavor to ensure that any parties with whom We co-operate apply the same high standards when it comes to data protection and privacy as We do.
What data do We hold?
We process data in the context of providing Our services to the clients. The categories of data We may collect and process, according to each case, include:
•contact details (including names, postal addresses, email addresses and telephone numbers);
•Passport numbers, ID card numbers, driving licenses;
•information required by Us to meet legal and regulatory requirements, in particular in respect of anti-money laundering legislation, including information on source of funds and source of wealth;
•financial information, such as payment related information and credit/debit card information;
•meetings attended and visits to Our offices;
•any other information you may provide to Us.
Important notice on Special Category Data
In certain instances, the personal data that We process may include "Special Category Data" (which includes information on a person's race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data processed for the purpose of uniquely identifying a natural person, health data, data on a person's sex life or sexual orientation or data relating to a person's criminal record or alleged criminal activity). In such instances, legal bases for processing that data may include explicit consent (where the Special Category Data has been provided to Us by the data subject for any of the below-listed purposes) or the processing is being necessary for compliance with a legal obligation.
Why do We need them?
We ensure that the data collected and processed is relevant to one or more processing activities and that we do not collect or process more or less data than what is reasonably required for achieving the purpose of each processing activity. Furthermore, for each purpose of processing, there is always at least one lawful basis to secure that the rights of individuals are safeguarded by all means. The purposes of processing and the lawful basis of each processing activity are the following: