Cookie Policy

This Statement Regarding Cookies and Other Technologies (this "Statement") describes the different types of Cookies and Other Technologies that may be used in connection with the websites and apps (the “Site”) owned or controlled by Tripos. This Statement also describes how you can manage Cookies and Other Technologies. We may change this Statement at any time. Please take a look at the "Last Updated" section at the top of this page to see when this Statement was last revised. Any changes in this Statement will become effective when we make the revised Statement available on or through the Site.

If you have any questions, please contact us at Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece.

OUR COLLECTION AND USE OF OTHER INFORMATION

Like many other websites, our Site may use "Cookies" or "Other Technologies" (such as "pixel tags," "web beacons," "clear GIFs", links in emails, JavaScript, device IDs assigned by Google or Apple, or similar technologies). Cookies and Other Technologies allow us and third parties to obtain information about your visits to the Site, including to analyze your visiting patterns. We use this information to process your reservations or requests and to deliver online and mobile advertisements, messages, and content for us and others that are specific to your interests.

Cookies are small text files that are stored on your computer or mobile device ("device") when you visit a website. Cookies alone cannot be used to disclose your individual identity to us, though in some cases we may tie Tripos or third-party Cookies to the personal information you have provided to us or that we have otherwise obtained about you. Cookies may be used on the Site in order to improve your experience. For example, we may use Cookies to:

• Remember your user name and password for future visits so that log-in is easier and faster
• Remember your language and other preferences
• Ensure you obtain all requested information
• Provide a safe and secure service for online transactions
• Track your response to advertisements and website or app content for analysis and the number of times we send you the same advertisement
• Measure how many people use the Site, and how they use it, so that we may keep it running quickly and efficiently and
• Help us and others deliver communications and content to you that are relevant and responsive to your interests and location

Below we explain the different types of Cookies that may be used on the Site

Essential Cookies. Essential Cookies are necessary for the Site to work, and enable you to move around it and use its services and features. Disabling these Cookies may make the services and features unavailable.

Functional Cookies. We use Functional Cookies to save your settings on the Site—settings such as your language preference, or booking information you have previously used when booking a hostel with us. We also use Functional Cookies to store such things as the last hostel you searched for so that you can easily find it the next time you visit. Some Functional Cookies are essential to viewing maps or videos on our Site. We may also use "Flash Cookies" for some of our animated content.

Session Cookies. These types of Cookies are stored only temporarily during a browsing session and are deleted from your device when you close the browser. We use Session Cookies to support the functionality of the Site and to understand your use of the Site—that is, which pages you visit, which links you use and how long you stay on each page. Persistent Cookies: These types of Cookies are not deleted when you close your browser, but are saved on your device for a fixed period of time or until you delete them. Each time you visit the Site, the server that set the Cookie will recognize the persistent Cookie saved on your device. We and others use persistent Cookies to store your preferences, so that they are available for your next visit, to keep a more accurate account of how often you visit the Site, how often you return, how your use of the Site may vary over time and the effectiveness of advertising efforts.

Advertising Cookies allow us and other advertisers to show you the most relevant products, offers, and advertisements on the Site and third-party sites, or through emails or other message platforms. For example, some Advertising Cookies help our service providers and other advertisers select advertisements that are based on your interests, including those expressed or inferred by visits to our websites or apps or across other websites, online services, and apps over time. Others help prevent the same advertisement from continuously reappearing for you. These types of Cookies also help us provide you with content on the Site that is tailored to your interests and needs.

As noted below, some Analytics Cookies and Other Technologies are used in part to facilitate advertising.

Advertising Cookies also include Social Plug-In Cookies. Social Plug-In Cookies are used to share content from the Site with members and non-members of social media networks such as Facebook, Twitter, YouTube, Instagram and Pinterest. These Cookies are usually set by the social networking provider, enabling such sharing to be smooth and seamless. Analytics Cookies collect information about your use of the Site and enable us to improve the way it works. These Cookies give us aggregated information that we use to monitor site performance, count page visits, spot technical errors, see how users reach the Site, and measure the effectiveness of advertising (including emails we send to you). Other Technologies may be used for the same purposes as our Cookies, to allow us and third parties to know when you visit the Site, and to understand how you interact with emails or advertisements. Through Other Technologies, non-personal information (e.g., your operating system, your browser version, and the URL you came from) or aggregate information may be obtained and used to enhance your experience and understand traffic patterns.

Note that, to the extent that information collected through Cookies and Other Technologies constitutes personal information, the provisions in the Global Privacy Statement apply and complement this Statement. Please note that at this time we do not honor Do Not Track and similar signals.

ONLINE AND MOBILE ADVERTISING; MOBILE APPS

We and third parties engage in interest-based advertising provided by vendors in order to deliver advertisements and personalized content that we and other advertisers believe will be of interest to you. To the extent third-parties are using Cookies or Other Technologies to perform these services, Tripos does not control the use of this technology or the resulting information for online, mobile, or email advertising, and is not responsible for any actions or policies of such third parties. Advertisements, emails, and other messages may be delivered to you by Tripos or its service providers based on your online or mobile behavior (on Tripos and non-Tripos sites), your search activity, your geographic location or other information that is collected by us or obtained from third parties. For example, if you go to the Site to book a hostel room, you may later see an advertisement from us when you visit another website. These advertisements may appear on our sites, third-party websites or on mobile platforms. You may also see advertisements for third parties on the Site, other websites or properties, or on your mobile device, based on your visits to, and activities on, the Site, other sites and our apps and third-party apps. Some of our vendors and we may use our own or third-party aggregated or anonymized personal information, demographic data, and other inferred commercial interests to assist in the delivery of our advertisements to you. As stated in our Global Privacy Statement, in some instances we may combine Other Information with personal information. If we do combine any Other Information with personal information, the provisions in the Global Privacy Statement apply and complement this Statement.

We comply with the Digital Advertising Alliance’s (DAA) Self-Regulatory Principles for Online Behavioral Advertising and related DAA Principles and Guidelines.

CROSS-DEVICE TECHNOLOGIES

We and our business partners use third parties to establish deterministic or probabilistic connections among devices (such as smartphones, tablets, and computers) to deliver more relevant advertising to you and for advertising analytics and reporting purposes. This means that information about your use of websites or applications on your current device may be combined with information from your other devices. We also may share this information and other inferences with third parties to allow them to target advertising, personalize content, or analyze behavior. This allows, for example, advertisements you see on your tablet to be based on activities you engaged in on your smartphone.

These business partners may share and combine information from cookies with identifiers (such as device IDs assigned by Google or Apple) and IP addresses to make connections among related devices. This also allows for a more personalized experience across our services and applications. For example, Tripos may through its vendors match your devices if you log into Tripos on multiple devices or web browsers, or if your devices share similar attributes that support an inference that they are used by the same person or household.

To opt out of our cross-device linking vendors, go to <www.aboutadvertisements.info/choices> and perform a global opt-out on each browser and device that you would like to be opted out on. Opt out means that the browser on the device from which you opt out will no longer receive interest-based advertisements from information collected on devices linked to it, that devices linked to it will not receive interest-based advertisements based on information collected from the opted-out device, and that the vendor will not transfer data collected from the opted-out device to a third party. If, in the future, we work with cross-device vendors who have a proprietary opt-out, and for whom the DAA opt-out is not effective as described above, we will provide a link to those vendors’ proprietary opt-outs.

MANAGING COOKIES AND OTHER TECHNOLOGIES

If you want to remove or block Cookies from your device at any time, you can update your browser settings (consult your browser's "help" menu to learn how to remove or block Cookies). Tripos is not responsible for your browser settings. You can find good and simple instructions on how to manage Cookies on the different types of web browsers at <www.allaboutcookies.org>.

You can also find a good summary of how to manage Flash Cookies at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager0 7.html.

Please be aware that rejecting Cookies may affect your ability to perform certain transactions on the Site, and our ability to recognize your browser from one visit to the next.

You can also control tracking Cookies by installing browser extensions like Ghostery: https://www.ghostery.com/products/.

If you want to clean out all of the Cookies left behind by the websites you have visited, here are links where you can download programs that clean out tracking Cookies:

• http://www.lavasoft.com/products/ad_aware_personal_security.php
• http://www.spybot.info/en/download/index.html

You can learn more about interest-based advertising and opt out of our vendors' and other advertisers' use of Cookies to tailor content or advertising to you by visiting http://www.networkadvertising.org/managing/opt_out.asp and http://www.aboutads.info/choices.

 

Global Privacy Statement

This privacy statement (“Statement”) applies to Tripos. At Tripos, we strive to deliver outstanding products, services, and experiences in Greece and around the world. We value your business and, more importantly, your loyalty. We recognize that privacy is an important issue. We have developed this Statement to explain our practices regarding the personal information we collect from you or about you on this site or via our apps, through written or verbal communications with us, when you visit one of our properties, or from other sources. While this Statement broadly describes the practices we have adopted across Tripos, local laws vary and some jurisdictions may place restrictions on our processing activities (e.g., certain jurisdictions may require affirmative consent to send marketing messages). Therefore, our actual practices in such jurisdictions may be more limited than those described herein in order to enable us to comply with local requirements. If you are a resident of the European Economic Area (EEA), please see Appendix A for additional information regarding Tripos use of your personal information.

By using any of our products or services and/or by agreeing to this Statement, e.g. in the context of registering for any of our products or services, you understand and acknowledge that we will collect and use personal information as described in this Statement.

Please note that this Statement does not apply to our processing of personal information on behalf of and subject to the instructions of third parties such as airlines, car rental companies, and other service providers, companies that organize or offer packaged travel arrangements, marketing partners, or corporate customers.

PERSONAL INFORMATION WE COLLECT

We collect personal information at every touch point or guest interaction, and in conducting every aspect of our business, we may collect personal information. This personal information may include: your name, mailing address, billing address, email address, phone number, information related to your reservation, stay or visit to a property; participation in a membership or loyalty, participation in a contest, sweepstakes, or marketing, information related to the purchase and receipt of products or services; personal characteristics, nationality, income, passport number and date and place of issue; travel history; payment information, such as your payment card number and other card information, as well as authentication information and other billing and account details associated with mobile billing; guest preferences; marketing and communication preferences; information about vehicles you may bring onto our properties; reviews and opinions about our property (if they are identified or associated with you); frequent flyer or travel partner program affiliation and member number, airline and rental car packages booked; groups with which you are associated for stays at our hotel; information provided on membership and account applications; and other types of information that you choose to provide to us or that we may obtain about you.

We may ask for details on joint travelers, including their names and frequent flyer numbers, and the age of the driver of the rental car. We may also collect information related to conversations, including recording or monitoring customer service calls for quality assurance and training purposes, and other communications such as in-app messages and SMS.

In addition, we collect other personal information in certain cases, such as:

• Tripos Loyalty Participation: When you enroll in our Hostel Loyalty program, you will receive an Tripos Loyalty number and we will ask you to create a user ID and password. We also collect information to administer the Tripos program and profiles, including transaction and correspondence details, and to provide you with our Hostel Loyalty App functionality (where available). The Tripos Loyalty App allows you to do such things as using your mobile device to check-in, select your room, receive a room key, and check out. When you manage your profile online, you have the opportunity to provide additional information, such as your preferred airlines and your loyalty program account numbers with them, your room type preferences, your language preferences, your payment card account(s), and your email subscription preferences for receiving news, offers and information from us and our partners. Also, when you book a reservation, we may ask for additional specific account information such as corporate account number, group or convention code or travel agent number. If you apply for a payment card or other account with one of our partners via one of our advertisements you may have the option to automatically add this information as part of your Tripos Loyalty profile.
• Surveys: We may request demographic data or other personal information in customer surveys.
• On-property Collection: We collect additional personal information during registration/check-in at our property, including such information as may be required by local laws. We may also use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our property (via keycards and other technologies). We may also use closed-circuit television and other technologies that record sound or video for the protection of our staff, guests and visitors to our properties where permitted by law . In addition, we may collect personal information in connection with on-property services, such as concierge services, health clubs, spas, activities, child care services, equipment rental, and our Digital Key functionality in the Tripos App (where available).
• Event Profiles: If you plan an event with us, we collect meeting and event specifications, the date of the event, number of guests, details of the guest rooms, and, for corporate events, information on your organization (name, annual budget, and number of sponsored events per year). We also collect information about the guests that are a part of your group or event. If you visit us as part of a group, we may have personal information about you provided to us by the group and may market to you as a result of your stay with a group or attendance at an event in accordance with your preferences as permitted by law. If you visit us as part of an event, we may share personal information about you with the event planners, as permitted by law. If you are an event planner we may also share information about your event with third-party service providers who may market event services to you as permitted by law.
• Social Media: If you choose to participate in Tripos sponsored social media activities or offerings, we may collect certain information from your social media account consistent with your settings within the social media service, such as location, check-ins, activities, interests, photos, status updates and friend list. We may also allow you to enter into contests to provide photos, such as of your stay with us, which you may share with your connections on social media for votes, shared offers or other promotions.
• Forward-to-a-Friend: From time to time, we may offer a feature that allows you to send an electronic postcard or otherwise share a message with a friend, whether via the Internet, a stand-alone kiosk or mobile device. If you choose to use this feature, we will ask you for the recipient's name and email address, along with the text of any message you choose to include. By using this feature, you represent that you are entitled to use and provide us with the recipient's name and email address for this purpose.
• Employment Applications: If you choose to apply online for employment with Tripos, please see our Applicant Privacy Notice.
• Hotel WiFi Service: When you use WiFi service at our properties, the personal data you provide for access and authentication may be collected and used by us and third parties such as authentication gateway partners and WiFi service providers to facilitate your use of the WiFi service; to remember your registration information; for technical support purposes; and for service improvements and analytics. The personal data collected may include name, room number, and device information (including operating system/version, hardware model and unique device identifiers such as MAC address). Absent your consent, personal data collected during this process will not be used for direct marketing purposes. In some countries, local laws may require that personal data collected during this process be shared with government authorities.

In addition to the information we collect from you directly, we may also infer information about you based on the information you provide to us or from Other Information we collect.

PERSONAL INFORMATION WE COLLECT FROM THIRD PARTIES

We may also collect information about you from third parties, including information from your airline, payment card, and other partners; from your social media services consistent with your settings on such services; and from other third-party sources that are lawfully entitled to share your data with us. We use and share this information (and may append this information to the other information we have on file for you) for the purposes described in this Statement.

USE OF PERSONAL INFORMATION COLLECTED ABOUT YOU

We use your personal information in a number of ways, including to provide and personalize the services you request and expect from Tripos, to offer you the expected level of hospitality in-room and throughout our properties, administer the Tripos Loyalty program, conduct direct marketing and sales promotions and as set forth below in more detail. We will collect your consent prior to processing your data where required by applicable law.

We are obligated to collect certain data, including your name, address, payment information, and, in certain countries, travel document information, in order to process your reservation. Failure to provide this information will result in our inability to process your reservation.

• Tripos Loyalty Program Members: If you are an Tripos Loyalty member, Tripos uses your information to administer the Tripos loyalty program, to personalize your experience across our Digital Key functionality (where available). Tripos also use your information to communicate news, promotional, and transactional materials across different Tripos services and to personalize advertising and content delivered to you through online, email, mobile, and display advertising, as well as on our website and applications and through our customer service call center in accordance with any communications preferences you have expressed.
• Service Administration: We use your personal information to administer programs in which you participate, including providing you with access to your account information, such as rewards status and offers for which you are eligible, to fulfil services that are part of such program.
• Meeting and Event Planning: We may use your personal information to provide you with information about meeting and event planning.
• Marketing and Communications: Where permitted we may use your personal information to provide or offer you newsletters, promotions and featured specials, as well as other marketing messages in accordance with any communications preferences you have expressed. We use your information to provide in-stay messaging, account alerts, and reservation confirmations; to send you marketing messages; and to conduct surveys, sweepstakes, prize draws, and other contests. We may provide these communications via email, postal mail, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app messaging, and other means (including on-property messaging, such as your in-room television). With your consent, we also use user-generated content (such as photos) from social media services to deliver display advertising or on our website and apps. We may also collect information from your payment card, which can be appended to personal information and used by Tripos to recognize what type of card you have, the bank or network of the card, and present and/or send you targeted marketing messages based on your payment method and in accordance with your communication preferences.
• Service Improvements: We may use your personal information to improve Tripos services and to ensure that our site, products, and services are of interest to you. We also use your personal information to provide you with the expected level of hospitality in-room.
• Data Correctness, Analytics, and Personalization: We may aggregate your personal information with data from third-party sources for purposes of keeping the information up to date and analytics. We also rely on information from third parties in order to provide better, more personalized service. For example, if you connect your social media services or other accounts to our services, we may use this information to make your experience with us more personal and social, or share and use it as described elsewhere in this Statement.

PERSONAL INFORMATION WE SHARE

In order to offer you the expected level of hospitality and to provide you with the best level of service, we may share your personal information with our service providers and other third parties as set forth in detail below:

• Electronic Billing Program: If you receive an invoice by email, a summary detailing the goods and services provided to you during your stay will be shared with the payment card provider and, if you participate in a corporate billing program and use a corporate payment card, the payment card provider may share that summary with your employer. Additionally, if you participate in a special rate plan, we may share lists of Tripos Loyalty numbers that used the plan with the entity that provided the special rate plan to you. The privacy policies of your employer, the relevant payment card provider and card issuer apply once we have transferred your information.
• Group Events or Meetings: If you visit Tripos as part of a group event or meeting, information collected for meeting and event planning may be shared with the organizers of those meetings and events, and, where appropriate, guests who organize or participate in the meeting or event.
• Business Partners: We may partner with other companies to provide you with products, services, or offers based upon your experiences at our properties and
  may share your information with our business partners accordingly. For example, we may help to arrange rental cars or other services from our business partners and share personal information with our business partners in order to provide those services.
• Co-Sponsors of Promotions: We co-sponsor promotions, sweepstakes, prize draws, competitions or contests with other companies, and we provide prizes for sweepstakes and contests sponsored by other companies. If you enter one of these sweepstakes or contests, we may share your information with the co- sponsor or third-party sponsor.
• On-property Services: We may share personal information with third-party providers of on-property services such as concierge services, WiFi access providers, spa treatments, or dining experiences.
• Service Providers: We rely on third parties to provide services and products on our behalf and may share your personal information with them as appropriate. Generally, our service providers are contractually obligated to protect your personal information and may not otherwise use or share your personal information, except as may be required by law. However, our fraud detection service providers may use, but not share, your personal information for fraud detection purposes. We may use service providers to communicate news and deliver promotional and transactional materials to you on our behalf, including personalized online and mobile advertising in accordance with your preferences and applicable law. Please see our Cookies Statement for more information. Tripos will only work with parties that offer a method to opt-out of such advertising.
• Business Transactions: As we develop our business, we might sell, buy, restructure or reorganize businesses or assets, or cease being the manager or franchisor of a hotel that is currently part of our portfolio. In such circumstances, Tripos may transfer, sell or assign information collected, including, without limitation, Other Information (described below) and personal information, to one or more affiliated or unaffiliated third parties in connection with these business transactions. To the extent that local laws require it, we will provide notice of our intent to transfer personal data to a third party for this purpose, and explain how you can object to such transfer.
• Other: In addition, Tripos may disclose personal information in order to: (i) comply with applicable laws, (ii) respond to governmental inquiries or requests from public authorities, (iii) comply with valid legal process, (iv) protect the rights, privacy, safety or property of Tripos, site visitors, guests, employees or the public, (v) permit us to pursue available remedies or limit the damages that we may sustain, (vi) enforce our websites' terms and conditions, and (vii) respond to an emergency.

OTHER INFORMATION

When you visit and interact with Tripos website, we collect other information that does not directly identify you about your use of the site, such as a catalog of the site pages you visit, and the number of visits to our site (“Other Information”). We use Other Information, as well as data received from third parties, to deliver email, online (on our sites and other sites) and mobile advertisements. We may also use Other Information to recognize you as one of our customers when you visit Tripos website so that we may provide more relevant offers to you.

We use cookies and other technologies (such as “pixel tags,” “web beacons,” “clear GIFs”, links in emails, JavaScript, device IDs assigned by Google or Apple, or similar technologies) to collect this information. If you want to remove or block Cookies from your device at any time, you can update your browser settings (consult your browser's "help" menu to learn how to remove or block Cookies). Tripos is not responsible for your browser settings. You can find good and simple instructions on how to manage Cookies on the different types of web browsers at <www.allaboutcookies.org>. Note for EEA and UK-Residents: If you are based in Europe, you also can adjust your Cookie preferences by adjusting the Cookie Settings through the Cookie Consent Manager, which can be found under Cookie Preferences.

You can learn more about interest-based advertising and how to opt out of our vendors’ and other advertisers’ use of Cookies to tailor content or advertising to you by visiting http://optout.networkadvertising.org/#!/ and http://www.aboutads.info/choices.

At this time, we do not respond to Do Not Track signals or other, similar mechanisms. Please see our Cookies Statement for more information.

We may use the information we have collected and aggregated, or anonymized personal information received from third parties, to understand more about our users (for example, we may use the aggregated information to calculate the percentage of our users who have a particular telephone area code). This includes demographic data, such as date of birth, gender and marital status, inferred commercial interests, such as favorite products or hobbies, and other information we may collect from you or from third parties.

Because Other Information does not personally identify you, such information may be disclosed for any purpose where permitted by law.

SENSITIVE INFORMATION

The term "sensitive information" refers to information related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life,or sexual orientation, genetic information, criminal background, and any biometric data used for the purpose of unique identification.

We do not generally collect sensitive information unless it is volunteered by you or unless we are required to do so pursuant to applicable laws or regulations. We may use health data provided by you to serve you better and meet your particular needs (for example, the provision of disability access).

PERSONAL INFORMATION FROM CHILDREN

We do not knowingly collect personal information from individuals under 18 years of age. As a parent or legal guardian, please do not to allow your children to submit personal information without your permission.

LINKS TO THIRD-PARTY WEBSITES AND SERVICES

Our site may contain links to third parties' websites. Please note that we are not responsible for the collection, use, maintenance, sharing, or disclosure of data and information by such third parties. If you provide information on and use third-party sites, the privacy policy and terms of service on those sites are applicable. We encourage you to read the privacy policies of websites that you visit before submitting personal information.

Tripos may also partner with a limited number of Internet providers to offer Internet access to our guests. Your use of on-property Internet service is subject to the third-party Internet provider’s terms of use and privacy policy. You can access those terms and policies using the links on the service sign-in page, or by visiting the Internet provider’s website.

PROTECTING PERSONAL INFORMATION

Tripos will take reasonable measures to (i) protect personal information from unauthorized access, disclosure, alteration or destruction, and (ii) keep personal information accurate and up-to-date as appropriate. Tripos maintains a PCI compliance program. This compliance program generates audit reports concerning the adequacy and effectiveness of Tripos IT internal controls, including a PCI Attestation of Compliance signed by an external PCI Qualified Security Assessor and a SSAE16/SOC1 report addressing the IT general controls over systems that support certain accounting and financial reporting. In the event of a security incident, Tripos will notify regulators and/or consumers as required by applicable laws or regulations.

We also seek to require our affiliates and service providers with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information about you. For online transactions, we use reasonable technological measures to protect the personal information that you transmit to us via our site. Unfortunately, however, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.

For your own privacy protection, please do not send payment card numbers or any other confidential personal information to us via email.

We will not contact you by mobile/text messaging or email to ask for your confidential personal information or payment card details. We will only ask for payment card details by telephone when you are booking a reservation or promotional package. We will not contact you to ask for your Tripos Loyalty account log-in information. If you receive this type of request, you should not respond to it. We also ask that you please notify us at loyalty@athenshubhostel.com.

CHANGING AND ACCESSING YOUR PERSONAL INFORMATION

To the extent required by applicable law, you may be able to request that we inform you about the personal information we maintain about you and, where appropriate, withdraw your consent for certain data processing activity and/or request that we update, correct, delete, and/or stop processing your personal information. We will make all required updates and changes within the time specified by applicable law and as required by law. When permitted by law, we may charge an appropriate fee to cover the costs of responding to the request. Such requests may be submitted in writing to Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece. To protect your confidentiality, we can only respond to such requests to the email address that you have registered or otherwise provided to us. Please remember that if you make such a request, we may not be able to provide you with the same quality and variety of services to which you are accustomed.

In addition, in some circumstances based on applicable law, you may request that we cease sharing personal information about you with our business partners or that Tripos cease using personal information about you by contacting us using the email or mailing address above. We will seek to honor those requests consistently with applicable law.

RETAINING PERSONAL INFORMATION

We retain personal information about you for the period necessary to fulfill the purposes outlined in this Statement unless a longer retention period is required or permitted by applicable law. We retain personal information collected in order to fulfill guest reservations for seven years after the stay is completed. We retain other personal information for shorter periods of time if possible and if permitted by law.

We will destroy your personal information as early as practicable and in a way that the information may not be restored or reconstructed.

If printed on paper, the personal information will be destroyed in a secure manner, such as by cross-shredding or incinerating the paper documents or otherwise and, if saved in electronic form, the personal information will be destroyed by technical means to ensure the information may not be restored or reconstructed at a later time.

CHOICES – MARKETING COMMUNICATIONS

If you have given us your contact information (mail address, fax number, email address or phone number), we may want to inform you in accordance with any preferences you have expressed, and with your consent where required, about our products and services or invite you to events via email, online advertising, social media, Viber, WhatsApp, Messenger, telephone, text message (including SMS and MMS), push notifications, in-app alerts, postal mail, our customer service call center, and other means (including on-property messaging, such as your in-room television).

You may change the communications you receive from us by logging on to your online account and managing your subscriptions, by writing to us (and including your email address) at Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece.

If you prefer not to receive email marketing materials from us, you may opt-out at any time by using the unsubscribe function in the email you receive from us. Opt-out requests can take up to ten business days to be effective.

For more information about cookies and interest-based advertising and to learn about how to manage these technologies, please see our Cookies Statement.

STATEMENT MODIFICATIONS

We may modify this Statement from time to time. When we make material changes to this Statement we will post a link to the revised Statement on the homepage of our site, and if you have registered for any of your products or services, will also inform you through a communications channel that you have provided. You can tell when this Statement was last updated by looking at the date at the top of the Statement. Any changes to our Statement will become effective upon posting of the revised Statement on the site. Use of the site, any of our products and services, and/or providing consent to the updated Statement following such changes constitutes your acceptance of the revised Statement then in effect.

CONTACT US

If you have any questions about this Statement or how Tripos processes your personal information, or if you wish to either provide a compliment or a complaint, please contact us by email at Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece.

 

APPENDIX A

ADDITIONAL PROVISIONS APPLICABLE TO PROCESSING OF PERSONAL INFORMATION OF EEA RESIDENTS

For individuals residing in the EEA, this Appendix outlines certain additional information that Tripos is obligated to provide to you, as well as certain rights you have with respect

to the processing of your personal information, pursuant to applicable local laws. This Appendix will control to the extent it conflicts with any provision in the main body of this Statement.

Controller: for more information on the Tripos entities that process your personal information, please write to: Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece.

Purposes and Legal Basis for Processing: Tripos processes your personal information for the purposes set forth in Sections 4 (Use of Personal Information Collected About You) and 5 (Personal Information We Share) of the main body of this Statement.

The legal bases for Tripos processing activities include processing such information as necessary to comply with our contractual obligations, compliance with our legal obligations, protecting the safety of our employees, guests, and others, for our legitimate business interests, and pursuant to your consent.

The particular legal basis for the processing of your personal information is based on the purpose for which such information was provided or collected:

• On-property Collection:
  • When you make a reservation and when you stay at one of our hotel properties, we process your name, address, contact information, along with the details of your stay (arrival and departure day and time, vehicle information and information regarding others traveling or staying with you), on the basis of our contractual relationship with you. We also process such data for our business interests, including for marketing, service improvements, administration of our e-billing program, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).
  • We collect certain additional personal information during registration/check-in at our property (such as national ID or passport information), as necessary to comply with our legal obligations.
  • We use closed-circuit television and other security measures at our property that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via keycards and other technologies) for the protection of our staff, guests and visitors to our property.
  • We process personal information in connection with on- property services (such as concierge services, health clubs, spas, activities, child care services, equipment rental, and our Digital Key functionality), in order to provide the services to you
    and for our business interests including for marketing, service improvements, administration of our e-billing program, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).
• Event Profiles: We process the personal information obtained in connection with your event on the basis of our contractual relationship with you and for our business interests, including for marketing, service improvements, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).
• Social Media: Participation in Tripos -sponsored social media activities and offerings is voluntary - we process information obtained from social media participation on the basis of your consent and in furtherance of our related business interests, including for marketing, service improvements, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).
• Promotions and Sweepstakes: Participation in sweepstakes, contests, and other promotional offerings is voluntary – we process the information obtained from such participation based on your consent and as necessary to administer the offering. We also use certain data for our business purposes, including for marketing, service improvements, administration of our e-billing program, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).
• Direct Marketing: We use your personal information to send you marketing messages on the basis of your consent. You may withdraw your consent for direct marketing communications at any time by contacting us at Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece.

Retention: We retain personal information about you for the time necessary to accomplish the purpose for which such information was collected, usually for the duration of any contractual relationship and for any period thereafter as legally required or permitted by applicable law. Our retention policies reflect the applicable statute of limitation periods and legal requirements.

Data Subject Rights: Residents of the EEA have the following rights:

Access, Correction and Erasure Requests: You have the right to:

• ask us to confirm whether we are processing your personal information
• receive information on how your data is processed
• obtain a copy of your personal information
• request that we update or correct your personal information
• request that we delete personal information in certain circumstances

Right to Object to Processing: You have the right to request that Tripos cease processing of your personal information:

• for marketing activities, including profiling
• for statistical purposes
• where such processing is based on our legitimate business interests, unless we are able to demonstrate a compelling legitimate basis for such processing or we need to process your personal information for the establishment, exercise or defense of a legal claim

Right to Restrict Processing: You have the right to request that Tripos limit the processing of your personal information:

• while Tripos is evaluating or in the process of responding to a request by you to update or correct your personal information
• where such processing is unlawful and you do not want Tripos to delete your data
• where Tripos no longer requires such data, but you want us to retain the data for the establishment, exercise or defense of a legal claim
• where you have submitted an objection to processing based on our legitimate business interests, pending our response to such request

Where we limit the processing of your personal information pursuant to your request, we will inform you prior to re-engaging in such processing.

Data Portability Requests: You have the right to request that we provide you or a third party that you designate with certain of your personal information in a commonly used, machine-readable format. Please note, however, that data portability rights apply only to personal information that we have obtained directly from you and only where our processing is based on consent or the performance of a contract.

Submitting Requests: your requests may be submitted by writing to the Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece. You may also update your personal information as provided in Section 12 (Changing and Accessing Your Personal Information) of the main body of this Global Privacy Statement.

We will respond to all such requests within 30 days of our receipt of the request unless there are extenuating circumstances, in which event we may take up to 60 days to respond. We will inform you if we expect our response to take longer than 30 days. Please note, however, that certain personal information may be exempt from such rights pursuant to applicable data protection
laws. In addition, we will not respond to any request unless we are able to appropriately verify the requester’s identity. We may charge you a reasonable fee for subsequent copies of data that you request.

If you have concerns about our data practices or the exercise of your rights, you may contact Tripos at Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece or the supervisory authority in the Member State of your residence.

Right to Withdraw Consent: You have the right to withdraw your consent to any processing that we conduct solely based on your consent (such as sending direct marketing materials to your personal email account). You may withdraw your consent to marketing activities by following the instructions on any marketing emails. For any other activities for which you have previously consented, you may contact Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece to withdraw such consent.

International Data Transfers: We may transfer the personal information we collect about you pursuant to the purposes described in this Statement to countries that have not been found by the European Commission to provide adequate protection.

We use appropriate safeguards for the transfer of personal information among our affiliates in various jurisdictions, and where required, we have implemented European Union controller-to- controller standard contractual clauses or other such safeguards for such purposes. To obtain a copy of these clauses or additional information on transfers, you may send your request to Dataprotectionoffice@tripos.com or Tripos, Data Protection Office, Salaminias 9,177 78, Tavros, Greece.