Политика конфиденциальности

1. DATA CONTROLLER

HOTELO.GR SINGLE MEMBER P.C.

Registered Office: 40 K. Karamanli Street, 60065, Platamonas, Pieria, Greece

Email: support@hotelo.gr

2. ROLE OF HOTELO IN DATA PROCESSING (CONTROLLER VS PROCESSOR)

Due to the nature of the Platform, HOTELO operates under a dual role:

As Data Controller:

For personal data collected for its own purposes, including the operation of the Platform, fraud prevention, analytics, and the management of its B2B partners.

As Data Processor:

For personal data of Guests entered during the booking process. In such cases, the respective Accommodation Partner acts as the Data Controller, and HOTELO processes such data strictly in accordance with its instructions (e.g., via the HOTELO Call Center, HOTELO Reception, or OTA Management services).

HOTELO undertakes not to use such data for direct marketing of its own properties without the explicit consent of the Guest.

3. CATEGORIES OF DATA COLLECTED

Depending on your capacity (Guest or Partner), we may collect the following categories of personal data:

From Guests:

• Full name
• Contact details (email, phone number)
• Booking data (stay dates, number of guests, special requests)
• Reviews and ratings
• Records of requests when using HOTELO Call Center services

From Partners (Accommodation Providers):

• Company details
• Tax identification details (VAT number, tax authority)
• Legal representative details
• Identification and compliance documentation (KYC)

Technical and Financial Data:

• IP addresses
• Browser and device information
• Tokenized payment data processed by third-party providers

4. PURPOSE AND LEGAL BASIS OF PROCESSING

We process personal data based on the following legal grounds, depending on the purpose:

Performance of a Contract:

For booking management, payment processing, and provision of support services.

Legitimate Interest:

For transaction security (fraud prevention), legal defense against claims, and statistical analysis to improve the Platform.

Compliance with Legal Obligations:

For compliance with applicable laws (e.g., AML/KYC requirements).

Consent:

For sending marketing communications, where required.

5. USE OF ARTIFICIAL INTELLIGENCE (AI) AND AUTOMATED TOOLS

HOTELO uses advanced Artificial Intelligence (AI) tools and automation technologies. In this context, data such as descriptions, requests, or booking details may be subject to automated processing for purposes including content generation or translation, optimization of listings, and the creation of automated responses and notifications to Guests.

6. DATA SHARING WITH THIRD PARTIES

We do not sell or trade personal data. Personal data is shared only with strictly necessary partners, including:

• Accommodation Partners, for the execution and confirmation of bookings
• Payment service providers: Electronic payments and partner verification are processed exclusively through Stripe Payments Europe Ltd, an authorized provider within the EU
• Technical partners and service providers: including cloud/hosting providers, email/messaging providers, AI tools, and Channel Manager / PMS systems

7. DATA SUBJECT RIGHTS

As a data subject, you have the following rights under the GDPR:

• Right of access
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to data portability
• Right to restriction of processing
• Right to object

To exercise your rights or for any inquiries regarding the processing of your personal data, please contact us at: support@hotelo.gr

8. DATA RETENTION

Personal data is retained only for as long as necessary to fulfill the purposes of processing. In particular:

• Booking and transaction data may be retained for at least five (5) years to ensure compliance with legal obligations and for the defense of the Company against financial or legal claims

9. CONTACT

For any matters related to this Privacy Policy, you may contact us at:

Email: support@hotelo.gr