SUBJECT ACCESS REQUEST STATEMENT                                                  

Protection of personal data of our customers is of paramount importance to us. One of the main principles as per new General Data Protection Regulation is the principle of accountability and in order to assist you to exercise your fundamental rights as individuals here at Belvedere Hotels we have created this statement to assist you submitting a Subject Access Request in order to investigate the following regarding your personal data:

  • Know if Belvedere Hotels hold any personal data about you
  • Receive from the Hotel a description of all information (if permissible and practical, a copy) held about you
  • Be informed of the purpose(s) for which that data is being processed, and from where it was received.
  • Be informed whether the information the hotel has as the initial recipient is being disclosed to anyone else; and if this is the case the identity of the recipient/s.
  • You can ask that your personal data be transferred to you or a third party in machine readable format (Word, PDF, etc.).  This can happen if:
  • 1) you have provided the personal data to the Company,
  • 2) your data is processed automatically and
  • 3) your data is processed on the basis of your consent or for fulfilment of a contract between the hotel and you.
  • If the data is being used to make automated decisions about you (profiling etc)

The hotel will provide to you a response to you regarding your data within 30 calendar days of receiving the Subject Access Request unless local legislation dictates otherwise.

You can download your Subject Access Request form here complete it and send it through email to dpo@belvederehotels.net, or through postal mail to the Attention of the Data Protection Officer of  Royal & Imperial Belvedere Hotels Hersonissos, Crete, P.C. 70014, Greece

In order for the Hotel to respond promptly to your SAR within the abovementioned time limit you should submit the SAR using the form of Belvedere Hotels, and provide the Hotel with sufficient information to validate your identity and  to ensure that you are entitled to receive the personal data concerning you or somebody else. (If you are not the data subject, written confirmation that you are authorized to act on behalf of the data subject is required).

We reply to SAR, submitted in writing (email, post, fax etc) and we reserve the right not to reply to a SAR  in cases where the resources required to identify you and retrieve your data are excessively difficult or time-consuming.  Customers are requested to make specific and targeted at particular information requests.  You can assist us narrowing the scope of our search by including identifying elements referencing a specific department of the Hotel, narrowing the time period in which the information was generated or processed, or specifying the nature of the data t (e.g. a copy of a particular form or email etc).

This document is valid as of May 2018 and the owner is the Data Protection Officer of the Hotel, who periodically checks and, if necessary, updates it at least once a year.