Follow us

Image Alt

Marketing Privacy Policy

Notice

on the Protection of Personal Data in the context of marketing and communication activities

Version 1.0

01.04.2026

 

This Notice describes the manner in which the companies “KLEOVOULOS S.A.” (Lindos Royal Resort, Lindos Village), “IOANNIS MINETTOS S.A.” (Lindos Imperial), “LINDOS HOTELS S.A.” (Gennadi Grand Resort) and “LINDIAN HOTELS SINGLE MEMBER S.A.” (Lindos Grand), hereinafter jointly referred to as “LINDOS HOTELS”, “we”, “us” or “our”, process personal data in the context of marketing and communication activities.

The companies of LINDOS HOTELS may contact you through various communication channels, depending on the contact details you have provided to us, including, indicatively, by email, telephone, SMS and social media.

The companies of LINDOS HOTELS are committed to processing your data lawfully, fairly and transparently, with respect for your rights and in full compliance with personal data protection legislation.

The term “Personal Data Protection Legislation” or “Legislation” means the entirety of the applicable national and European legislative, regulatory and administrative provisions relating to the processing of personal data, privacy and data security, including in particular the General Data Protection Regulation (EU) 2016/679 (“GDPR”), Greek Law 4624/2019, the European legislation on privacy in electronic communications (ePrivacy), as well as any relevant opinion, decision or guideline issued by the competent national and European supervisory authorities.

We recommend that you read this Notice carefully and keep it for future reference, so that you clearly understand how and why we collect your personal data, how we use it, how long we retain it, with whom we may share it, how we protect it, and what rights you have under the Legislation.

JOINT CONTROLLERS

In the context of the collection and processing of personal data for marketing and communication activities, the above companies act as Joint Controllers, jointly determining the purposes and means of the relevant processing.

These companies operate under common business interests and share a common business object. For this reason, they jointly process personal data related to marketing and communication activities for the purpose of serving common business objectives and by using common or coordinated means of processing.

 

KLEOVOULOS S.A.
Tax Registration Number: 094068381
Lindos Royal Resort
Vlycha, Lindos, Rhodes, 85107, Greece
Tel.: +30 22440 32000 (Hotel)
Tel.: +30 22410 61786 (Head Offices)
Email: [email protected]
https://www.lindosroyal.gr		 Lindos Village
Vlycha, Lindos, Rhodes, 85107, Greece
Tel.: +30 22440 32000 (Hotel)
Tel.: +30 22410 61786 (Head Offices)
Email: [email protected]
https://www.lindos-village.gr

 

IOANNIS MINETTOS S.A.
Tax Registration Number: 094196409
Lindos Imperial
Kiotari, Rhodes, 85109, Greece
Tel.: +30 22440 29200 (Hotel)
Tel.: +30 22410 61786 (Head Offices)
Email: [email protected]
https://www.lindos-imperial.gr		  

 

LINDOS HOTELS S.A.
Tax Registration Number: 998113248
Gennadi Grand Resort
Gennadi – South Rhodes, 85109, Greece
Tel.: +30 22440 43043 (Hotel)
Tel.: +30 22410 61786 (Head Offices)
Email: [email protected]
https://www.gennadigrandresort.com

 

LINDIAN HOTELS SINGLE MEMBER S.A.
Tax Registration Number: 800545155
Lindos Grand
Vlycha, Lindos, Rhodes, 85107, Greece
Tel.: +30 22440 40770 (Hotel)
Tel.: +30 22410 61786 (Head Offices)
Email: [email protected]
https://www.lindosgrand.com		  

 

SCOPE

This Notice concerns the processing of personal data by the companies of LINDOS HOTELS in the context of marketing and communication activities.

PERSONAL DATA WE COLLECT AND PROCESS

We collect and use personal data, namely information which, either on its own or in combination with other information, can identify you or can reasonably be associated with your identity, exclusively for the purposes described in this Notice.

The companies of LINDOS HOTELS process personal data that you voluntarily provide to us, either through your participation in marketing and communication activities or when visiting our websites. In addition, certain data may have been collected in the context of previous transactions or the provision of related services.

The data we may process include in particular:

  • Full name
  • Email address
  • Telephone number
  • Date of birth
  • Home address
  • Details of queries or requests you submit to us
  • IP addresses
  • Data collected through trackers (cookies)

We recognize the importance of protecting the privacy of minors, especially online. Our websites are not addressed to persons under the age of 18 and we request that minors do not use them. We do not knowingly collect data relating to minors. If it is established that such data has been collected, we will take the appropriate steps to delete it from our records.

Please also note that social media platforms, such as Facebook and Instagram, may collect information about you in accordance with their own privacy policies. We recommend that you consult the relevant privacy notices of such providers in order to be informed about how your data is collected and used.

PURPOSES OF PROCESSING

Your data, in the context of marketing and communication activities, is processed for the following purposes:

  1. a) To send relevant communications, such as invitations to events, newsletters or other updates related to the services offered by the companies of LINDOS HOTELS. Such communications may be sent by post, email, telephone or text message.
  2. b) For the promotion and advertising of the activities of the companies of LINDOS HOTELS, we may process personal data collected during events, such as photographs and/or videos in which you may appear.

Marketing emails sent in the context of email subscriptions or newsletters may include pixel tags, web beacons and/or HTML email messages, which allow the companies of LINDOS HOTELS to monitor and receive information regarding recipients’ actions in relation to our emails, such as whether a message has been opened, read or deleted.

The companies of LINDOS HOTELS may also, through various tools and technologies, collect information about your interaction with us when you follow us, post comments or otherwise interact with us on our websites, social media channels or on advertising and promotional posts of the companies of LINDOS HOTELS on other websites or platforms.

The companies of LINDOS HOTELS will use your personal data only for the purposes for which it has been collected, unless they reasonably determine that it is necessary to use it for another purpose that is compatible with the original purpose of collection. If processing is required for a different and incompatible purpose, we will inform you accordingly and explain the relevant legal basis.

LEGAL BASES FOR PROCESSING

We will use your personal data for the above purposes only where one of the lawful bases for processing under the GDPR applies, and in particular in the following cases:

  1. a) Consent
    Where you have provided your consent for the processing of your personal data for communication and marketing purposes, pursuant to Article 6(1)(a) GDPR. If you no longer wish to receive such communications, you may withdraw your consent at any time by contacting the companies of LINDOS HOTELS at [email protected].
  2. b) Legitimate interest
    Where processing is necessary for the purposes of our legitimate interests, pursuant to Article 6(1)(f) GDPR, provided that your interests or fundamental rights and freedoms do not override those interests.

Our legitimate interests may, as the case may be, include the following:

  • improving, adapting, personalizing and enhancing our services and communications for your benefit,
  • gaining a better understanding of how visitors interact with our websites,
  • sending communications that we believe may be of interest to you,
  • assessing the effectiveness of promotional and advertising activities.

In any case, we will not process your data on the basis of the legitimate interests of third parties. If you wish to object to the processing of your data for the above purposes, you may contact us at any time at [email protected].

SOURCES AND METHODS OF DATA COLLECTION

We collect personal data in the context of marketing and communication activities, in particular in the following cases:

  • when you request to subscribe to newsletters,
  • when you contact us through the contact form available on our websites,
  • during the booking process,
  • when you browse our websites.

In the context of digital marketing, we use cookies and similar technologies. Further information regarding the use of cookies is provided in our Website Privacy and Cookie Policy.

In addition to your browsing of our website, we may also use these technologies to assess whether our emails are effective and relevant to you, through the tracking of pixel tags, web beacons and hyperlinks. Such processing is carried out only where you have provided the relevant consent, where such consent is required.

WHO HAS ACCESS TO YOUR DATA

Your data is accessible only to duly authorized members of staff of the companies of LINDOS HOTELS, within the scope of their employment duties.

In addition, your personal data may be accessible to duly authorized third-party service providers, who process such data on our behalf, under confidentiality obligations and only in accordance with the purposes and instructions of the companies of LINDOS HOTELS.

In the context of marketing and communication activities, the companies of LINDOS HOTELS may disclose your personal data to the following categories of third parties:

  • direct email marketing service platforms,
  • photographers,
  • newspapers and magazines,
  • publishers,
  • social media platforms,
  • external design agencies,
  • event organizing companies.

All third-party service providers and other recipients are required to respect the security of your personal data and to implement appropriate technical and organizational measures for its protection, in accordance with our policies and applicable law. Third-party service providers are not permitted to use your personal data for their own purposes.

WHERE YOUR PERSONAL DATA IS STORED

Your data is stored in various media and infrastructures, including physical files and IT systems, such as email systems. The data is retained in its entirety and in the form in which it is submitted, without unjustified interference with its content.

TRANSFER TO THIRD COUNTRIES OUTSIDE THE EUROPEAN UNION / EEA

If it is deemed necessary to transfer personal data to third countries or international organizations outside the European Union / European Economic Area for the purposes described in this Notice, such transfer will take place only where the conditions are met and the appropriate safeguards required by the Legislation are provided, in particular in accordance with relevant decisions of the European Commission, the existence of an adequacy decision, the execution of standard contractual clauses or the application of binding corporate rules, as applicable.

Where the above conditions are not met, the companies of LINDOS HOTELS will avoid transferring personal data to third countries outside the EU or EEA, unless one of the specific derogations provided for by the GDPR applies, such as, indicatively, the explicit consent of the data subject, necessity for the performance of a contract at the data subject’s request, important reasons of public interest, or the establishment, exercise or defense of legal claims.

DATA SECURITY

We have established and implement appropriate technical and organizational security measures, both physical and digital, with the aim of preventing unauthorized or unlawful access, use, loss, destruction, alteration, disclosure or dissemination of your personal data.

At the same time, we restrict access to your personal data only to appropriately selected and trained personnel, and only to those who have a genuine business need to know such data, according to their role and responsibilities.

Indicatively, these measures include:

  • confidentiality and non-disclosure clauses in agreements with service providers and business partners,
  • data recovery plans,
  • maintenance of backup copies,
  • role-based access control,
  • maintenance and regular upgrading of hardware and software,
  • periodic security checks of systems and infrastructure,
  • physical security measures,
  • encryption, pseudonymization and anonymization, where feasible and necessary.

In addition, the companies of LINDOS HOTELS adopt and implement appropriate internal policies and procedures to ensure the application of best practices for the proper management of the personal data collected.

We have also established procedures for dealing with personal data security breach incidents and, where required by law, we will notify both you and the competent supervisory authority.

Your personal data will be processed by third-party processors only where they are contractually bound to comply with the requirements of the GDPR and to implement appropriate technical and organizational security measures. Processors process the data only on the basis of documented instructions from the controller and are subject to duties of confidentiality.

DATA RETENTION PERIOD

We will retain your personal data in our systems for a period of two (2) years, which begins either from the time you provide us with your personal data or from the completion of the relevant marketing and communication activity, where applicable.

After the expiration of the above retention period, we will proceed with the permanent, secure and irreversible destruction of your personal data, in accordance with our data destruction policy and applicable legislation.

AUTOMATED DECISION-MAKING

No decision concerning you is made solely on the basis of automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

YOUR RIGHTS

Subject to the conditions set out in the applicable Legislation, you have the following rights in relation to your personal data:

  • Right to information and transparency: to know who processes your data, what data is processed, for what purposes and by what means.
  • Right of access: to request confirmation as to whether we process your personal data and to obtain a copy thereof.
  • Right to rectification: to request the correction of inaccurate personal data or the completion of incomplete personal data.
  • Right to erasure (“right to be forgotten”): to request the deletion of your personal data, where the legal conditions are met.
  • Right to restriction of processing: to request the restriction of processing in specific cases.
  • Right to data portability: to request the transmission of your data to you or to another controller, where technically feasible and provided for by law.
  • Right to object: to object to the processing of your personal data. In particular, where processing is carried out for direct marketing purposes, you have the right to object at any time to the processing of your data for such purpose, including profiling related to direct marketing.
  • Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before such withdrawal.
  • Right to lodge a complaint with the supervisory authority: if you believe that the processing of your personal data violates the law, you have the right to lodge a complaint with the competent supervisory authority.

HOW TO EXERCISE YOUR RIGHTS

If you wish to receive further information regarding your rights or to exercise any of them, as well as for any question or concern regarding the processing of your personal data, you may contact us by the following means:

  1. By email at: [email protected]
  2. By email to the common Data Protection Officer at: [email protected]

If you exercise one or more of the above rights, the companies of LINDOS HOTELS will make every effort to satisfy your request within a reasonable time period and, in any event, no later than one (1) month from the submission of the request and your identification.

This period may be extended by two (2) additional months at most, if the request is particularly complex or there is a large number of requests. In such case, you will be informed within one month from your identification of the extension and the reasons for it.

Within the same period, you will also be informed of any inability to satisfy your request, in whole or in part, as well as the reasons for such refusal.

If you do not receive a response within thirty (30) days, or if you are not satisfied with our response, you have the right to complain or lodge a complaint with the competent national supervisory authority.

HELLENIC DATA PROTECTION AUTHORITY

1-3 Kifisias Avenue, P.C. 115 23, Athens, Greece
Tel.: +30 210 6475600
Fax: +30 210 6475628
Email: [email protected]
http://www.dpa.gr

DATA PROTECTION OFFICER

The companies of LINDOS HOTELS have appointed a common Data Protection Officer, whom you may contact at: [email protected]

AMENDMENTS TO THIS NOTICE

Based on their applicable personal data protection policy and within the framework of the applicable legal and regulatory environment, the companies of LINDOS HOTELS reserve the right to revise and update this Notice, as well as the related practices they follow, whenever this is deemed necessary.

The current updated version of this Notice will always be available on our website.

Whenever changes are made to this Notice, the revision date at the top of the text will be updated, and the amended Notice shall apply from that date.

We encourage you to review this Notice regularly so that you remain informed of any changes.

Last Update:  01.04.2026