Book
Book

Privacy Policy

Effective Date: 1 September 2025

Introduction & Organizational Info

Loena Luxury Suites (operated by Christos Athan. Petkakis & Co E.E.) is dedicated to serving our customers and contacts to the best of our abilities. Part of our commitment involves the responsible management of personal information collected through our website loenasuites.com, and any related interactions. Our primary goals in processing this information include:

  • Enhancing the user experience on our platform by understanding customer needs and preferences.
  • Providing timely support and responding to inquiries or service requests.
  • Improving our products and services to meet the evolving demands of our users.
  • Conducting necessary business operations, such as billing and account management.

It is our policy to process personal information with the utmost respect for privacy and security. We adhere to all relevant regulations and guidelines to ensure that the data we handle is protected against unauthorized access, disclosure, alteration, and destruction. Our practices are designed to safeguard the confidentiality and integrity of your personal information, while enabling us to deliver the services you trust us with.

We have a designated Data Protection Officer (DPO). Should you have any questions or require further information about how we manage personal information, please see our contact information at the end of this policy.

Your privacy is our priority. We are committed to processing your personal information transparently and with your safety in mind. This commitment extends to our collaboration with third-party services that may process personal information on our behalf, such as in the case of sending invoices. Rest assured, all activities are conducted in strict compliance with applicable privacy laws.

Scope and Application

Our privacy policy is designed to protect the personal information of all our stakeholders, including website visitors, registered users, and customers. Whether you are just browsing our website loenasuites.com, using our services as a registered user, or engaging with us as a valued customer, we ensure that your personal data is processed with the highest standards of privacy and security. This policy outlines our practices and your rights related to personal information.

Data Storage and Protection

Data Storage

Personal information is stored in secure servers located in the European Union. For services that require international data transfer, we ensure that such transfers comply with all applicable laws and maintain data protection standards equivalent to those in our primary location.

Data Hosting Partners: We partner with reputable data hosting providers committed to using state-of-the-art security measures. These partners are selected based on their adherence to stringent data protection standards.

Data Protection Measures

  • Encryption: To protect data during transfer and at rest, we employ robust encryption technologies.
  • Access Control: Access to personal information is strictly limited to authorized personnel who have a legitimate business need to access the data. We enforce strict access controls and regularly review permissions.
  • Security Audits and Monitoring: Regular security audits are conducted to identify and remediate potential vulnerabilities. We also monitor our systems for unusual activities to prevent unauthorized access.

Data Sharing and Disclosure

At Loena Luxury Suites, we are committed to safeguarding your personal information and ensuring it is treated with the utmost respect. This commitment extends to how we handle the sharing and disclosure of your data. Below we outline our practices in this area:

Sharing Personal Information

Third-Party Service Providers: We may share your information with third-party service providers who perform services on our behalf. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential. These partners are prohibited from using your personal information for any purpose other than to provide these services to Loena Luxury Suites, and they are required to maintain the confidentiality of your information.

Data Processing Agreements

When we share your data with third-party service providers, we do so under the protection of Data Processing Agreements (DPAs) that ensure your information is managed in accordance with GDPR and other relevant data protection laws. These agreements mandate that third parties implement adequate technical and organizational measures to ensure the security of your data.

Transparency and Control

We believe in transparency and providing you with control over your personal information. You will always be informed about any significant changes to our sharing practices, and where applicable, you will have the option to consent to such changes.

Your trust is important to us, and we strive to ensure that your personal information is disclosed only in accordance with this policy and when there is a justified reason to do so. For any queries or concerns about how we share and disclose personal information, please see our contact information at the end of this policy.

User Rights and Choices

At Loena Luxury Suites, we recognize and respect your rights regarding your personal information, in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We are committed to ensuring you can exercise your rights effectively. Below is an overview of your rights and how you can exercise them:

Your Rights

  • Right of Access (Article 15 GDPR): You have the right to request access to the personal information we hold about you and to obtain information about how we process it.
  • Right to Rectification (Article 16 GDPR): If you believe that any personal information we hold about you is incorrect or incomplete, you have the right to request its correction or completion.
  • Right to Erasure (‘Right to be Forgotten’) (Article 17 GDPR): You have the right to request the deletion of your personal information when it is no longer necessary for the purposes for which it was collected, among other circumstances.
  • Right to Restriction of Processing (Article 18 GDPR): You have the right to request that we restrict the processing of your personal information under certain conditions.
  • Right to Data Portability (Article 20 GDPR): You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit those data to another controller.
  • Right to Object (Article 21 GDPR): You have the right to object to the processing of your personal information, under certain conditions, including processing for direct marketing.
  • Right to Withdraw Consent (Article 7(3) GDPR): Where the processing of your personal information is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint (Article 77 GDPR): You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable data protection laws.

Exercising Your Rights

To exercise any of these rights, please see our contact information at the end of this policy.

We will respond to your request in accordance with applicable data protection laws and within the timeframes stipulated by those laws. Please note, in some cases, we may need to verify your identity as part of the process to ensure the security of your personal information.

We are committed to facilitating the exercise of your rights and to ensuring you have full control over your personal information. If you have any questions or concerns about how your personal information is handled, please do not hesitate to get in touch with us.

Cookies and Tracking Technologies

At Loena Luxury Suites, we value your privacy and are committed to being transparent about our use of cookies and other tracking technologies on our website loenasuites.com. These technologies play a crucial role in ensuring the smooth operation of our digital platforms, enhancing your user experience, and providing insights that help us improve.

Understanding Cookies and Tracking Technologies

Cookies are small data files placed on your device that enable us to remember your preferences and collect information about your website usage. Tracking technologies, such as web beacons and pixel tags, help us understand how you interact with our site and which pages you visit.

How We Use These Technologies

  • Essential Cookies: Necessary for the website’s functionality, such as authentication and security. They do not require consent.
  • Performance/Analytics Cookies: These collect information about how visitors use our website, which pages are visited most frequently, and if error messages are received from web pages. These cookies help us improve our website.
  • Functional Cookies: Enable the website to provide enhanced functionality and personalization, like remembering your preferences.
  • Advertising/Marketing Cookies: Used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and help measure the effectiveness of the advertising campaign.

Your Choices and Consent

Upon your first visit, our website will present you with a cookie consent banner, where you can:

  • Accept All: Consent to the use of all cookies and tracking technologies.
  • Reject Non-Essential: Only essential cookies will be used to provide you with necessary website functions.

Customize Preferences: Choose which categories of cookies you wish to allow.

Changes to Our Cookie Use

We may update our use of cookies and tracking technologies to improve our services or comply with legal requirements. We will notify you of any significant changes and seek your consent where necessary.

For more detailed information about the cookies we use, their purposes, and how you can manage your preferences, please visit our detailed  Cookie Policy.

Should you have any questions or concerns about our use of cookies and tracking technologies, please see our contact information at the end of this policy.

Direct Marketing and Communications

At Loena Luxury Suites, we may use your personal information to send you direct marketing communications about our products, services, promotions, and other relevant information that we believe may be of interest to you. We are committed to ensuring that our direct marketing practices are transparent, lawful, and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the ePrivacy Directive.

Obtaining Consent for Direct Marketing

  • Explicit Consent: We will obtain your explicit opt-in consent before sending you direct marketing communications, where required by law. This means that you will have the opportunity to actively consent to receiving marketing messages from us before we send them to you.
  • Easy Unsubscribe Options: Every direct marketing communication we send will include clear instructions on how to unsubscribe or opt-out from receiving future marketing communications. You can exercise your right to opt-out at any time, and we will promptly honor your request to stop sending you marketing messages.

Types of Direct Marketing Communications

We may use your personal information to send you direct marketing communications via various channels, including email, and where applicable, WhatsApp, SMS text messages, and other digital communication platforms.

Managing Your Preferences

You have control over the direct marketing communications you receive from us. You can manage your communication preferences by using the unsubscribe link provided in our marketing emails, replying STOP to SMS messages where applicable, or adjusting notification settings for WhatsApp and other digital channels where we communicate with you.

Data Breach Notification Procedures

At Loena Luxury Suites, we understand the importance of protecting your personal information and take proactive measures to safeguard it. In the event of a data breach that poses a risk to your privacy rights and freedoms, we have established clear procedures for promptly identifying, assessing, and mitigating the impact of the breach. Our data breach notification procedures are designed to comply with applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR).

Detection and Assessment

  • Continuous Monitoring: We employ robust security measures and monitoring systems to detect and respond to potential data breaches promptly.
  • Impact Assessment: Upon discovery of a data breach, we will conduct a thorough assessment to determine the nature and scope of the breach, including the types of personal information involved and the potential impact on affected individuals.

Notification Obligations

  • Authority Notification: If required by law, we will notify the relevant data protection authorities of the data breach within 72 hours of becoming aware of it, following the procedures specified by applicable regulations.
  • Individual Notification: If a data breach poses a significant risk to your privacy rights and freedoms, we will notify you promptly, providing clear and concise information about the breach, the types of personal information affected, and the steps you can take to protect yourself.

How We Will Contact You

  • Website Notifications: We may post a notification on our website or through other appropriate means accessible to affected individuals.
  • Email Notifications: We will notify affected individuals by email using the contact information provided to us, if feasible and appropriate.

Support and Assistance

In the event of a data breach, we are committed to providing affected individuals with the support and assistance they need, including guidance on steps they can take to mitigate the potential risks associated with the breach.

Contact Information: If you have any questions or concerns about a data breach or believe you may have been affected, please see our contact information at the end of this policy.

Data Sharing with Third Parties

In order to provide our services and enhance your experience with us, Loena Luxury Suites may share certain personal data with trusted third-party service providers. These providers help us with various operational aspects of our business, including booking management, property access, and guest services.

We only share the minimum necessary information required for these services to function properly and to deliver the services you’ve requested.

Third-Party Service Providers

The following are the main third-party services we use and may share your data with:

Webhotelier Channel Manager / Booking Engine

Used to manage bookings and reservations. We may share your contact details, arrival and departure dates, and accommodation preferences.

Hotelizer Property Management System (PMS)

Used for property management and guest service coordination. We may share your booking details, contact information, and preferences to facilitate your stay.

Tourmie Guest Management App

Used to enhance guest experience and provide personalized services. We may share your contact details and stay information to facilitate communication and service delivery.

Welcome Pickups

Used for airport and other transportation services. If you request transfer services, we may share your arrival/departure details, contact information, and pickup/drop-off locations.

Data Protection Measures

We ensure that all third-party service providers comply with applicable data protection laws and maintain appropriate security measures to protect your personal information. These providers are only permitted to use your data for the specific purposes outlined above and in accordance with our instructions.

For more information about our data protection practices, please contact us.

Children’s Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children under 18 without verification of parental consent, we take steps to remove that information from our servers.

International Data Transfers

When we transfer your personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect your data. These safeguards include:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Transfers to countries with adequacy decisions from the European Commission
  • Binding corporate rules or certification schemes where applicable

We only transfer personal data to third countries or international organizations when adequate levels of protection are ensured.

Data Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and processed. The retention periods vary depending on the type of data:

  • Booking and reservation data: Retained for 7 years after the completion of your stay for accounting and legal compliance purposes
  • Marketing communications data: Retained until you withdraw consent or for a maximum of 3 years of inactivity
  • Website usage and analytics data: Retained for up to 26 months
  • Customer support communications: Retained for 2 years after the last interaction

After the retention period expires, we will securely delete or anonymize your personal information. In some cases, we may be required to retain certain information for longer periods due to legal obligations.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or need assistance with any privacy-related matters, please contact us:

Email: [email protected]

Phone: +30 6936850101

For data protection inquiries, you may also contact our Data Protection Officer at the above contact details.