Compliance with the requirements of EU Regulation 2016/679 (GDPR)
and the National Law 4624/2019 implementing Regulation 2016/679.
Updated on April 23rd 2020
- Is addressed to each and every one of you who has trusted us with his/ her personal data as a customer, prospect customer, supplier or visitor of our premises,
- Defines the measures we take to ensure that your information will stay safe and confidential and they will be used only for the purposes that it has been given to us,
- Provides to you the required information regarding how we handle your personal data as well as your rights arising from the current legislation on personal data (GDPR).
- How and why we collect and process your information.
- How this information helps us to meet your needs and requirements.
- With whom and why we share your information.
- Your choices regarding how we use your information.
- The security measures we take to keep your information safe.
- How you can contact us regarding privacy issues.
Information we collect
We collect as little information as possible to be able to provide services that fit your needs. Usually, this information includes:
- Contact details (name, email, address, home address, mobile and land line numbers).
- Tax information (name, VAT number, profession).
- Id information (name, date of birth, gender, Identity Card / Passport Number, Car license plate number).
- Geo-location data (Dates of arrival and departure, time of entry and exit from our premises).
- Family status (Names and ages of children).
- Health information which may be noted by you at the time of booking (e.g. food allergies).
- Data produced when you visit our website (e.g. from cookies).
The above-mentioned data are processed, recorded and stored in a confidential manner by the Controller, namely 180 SUNSET in compliance with the provisions of European law, as set out in the General Data Protection Regulation (GDPR).
How we use your Information
We would like to keep you always updated regarding collecting and using your personal data. We only ask for the minimum information required to satisfy your requests and to effectively communicate with you. In general, we collect information to:
- Book tables in response to a relevant request that you submit through our website.
- Answer your questions submitted through the Contact Form of our website.
- Address and generally manage your requests before arriving at as well as when you are in 180 Sunset Bar.
- Issue and file tax documents relating to transactions between us.
- Make and receive payments.
- Send you newsletters and other informational material.
- Satisfy your requirements and adapt our services to your personal preferences.
We collect your personal data when you fill in the reservation or the communication form in our web site.
We always ask for your consent when we intend to use your personal data for purposes other than these related to the provision of our services such as sending informational emails and newsletters.
With regards to the promotional messages and newsletters you can always opt out by simply clicking the link ”Unsubscribe” at the end of all the relevant emails.
In the event that you provide us with personal information of a third party, you are responsible for informing the person in question of the use of his data and for obtaining his explicit consent that this information is provided for the purposes described above.
Transfer of your Information
We never disclose your information to third parties, except when:
- You have given us your explicit consent.
- It is legally required by court order or at the request of any other competent governmental, judicial, police, administrative or regulatory authority, after a legal relevant request and in accordance with the applicable laws,
- It is required by a critical internal process (e.g. IT support, accounting services, etc.);
- There is an emergency situation, such as preservation of a person’s life, health or property.
When your information is transferred to third parties, we seek to minimize this information to the extent necessary to achieve the specific purpose.
Unless otherwise prohibited by any legal process, third parties are obliged and bound to protect your personal data in accordance with our policy and comply with applicable laws and regulations on privacy and personal data.
Retention & Erasure
- The time period we have a professional relationship with you.
- Whether there is a legal obligation to which we are subject (for example, tax laws require us to keep records of your transactions for a certain period).
- Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations).
After the end of retention period, your personal data are destroyed, deleted or anonymized.
You must know that according to General Data Protection Regulation, you have certain rights regarding your personal data under our possession. Specifically, you can ask us to:
- Give you a copy of your data.
- Correct your data, if you think they are not accurate.
- Erase your data, if there are specific reasons to do so.
- Limit the processing applied to your data.
- Give your data to you in an appropriate format and to transfer them to another Company.
- Stop processing your data, under certain conditions.
We will promptly examine your request against the relevant requirements of the laws and regulations governing personal data protection and we will answer the latest within 30 days after receiving your request. It is possible to ask from you some kind of identification (e.g. photocopy of your identity card or passport) to avoid non-authorized reveal of your personal data. If, for reasons of complexity of the request or a multitude of requests, we are unable to respond promptly, we will notify you within 30 days of any delay, which in no case may exceed two months from the expiration of the 30-day deadline.
To ensure that your personal data are always accurate and updated, we recommend you keep us informed about your data, as needed (e.g. in case of a change in a street or email address).
If you feel that your rights regarding your personal data are being compromised, you have the right to submit a complaint to the competent Data Protection Authority: http://www.dpa.gr, Kifissias 1-3, T.K. 115 23, Athens, tel. 210 6475600, email: firstname.lastname@example.org.
What are cookies?
Also known as browser cookies or tracking cookies, cookies are small, often encrypted text files, located in browser directories. They are used by web developers to help users navigate their websites efficiently and perform certain functions.
Due to their core role of enhancing/enabling usability or site processes, disabling cookies may prevent users from using certain websites. Cookies do not damage your electronic equipment, nor can they read information from other files on your computer’s hard drive.
Cookies are created when a user’s browser loads a particular website. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the website’s server. Computer Cookies are created not just by the website the user is browsing but also by other websites that run ads, widgets, or other elements on the page being loaded. These cookies regulate how the ads appear or how the widgets and other elements function on the page.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission. You can at any time change or withdraw your consent from the Cookies Settings on our website.
What cookies do we use?
Our website is using statistics cookies and marketing cookies. Some cookies are placed by third party services that appear on our pages (e.g. Google analytics).
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously. Our website uses the following statistics cookies:
Name Provider Purpose Expiry Type
_ga Google analytics Registers a unique ID that is used to generate statistical data on how the visitor uses the web site. 2 years HTTP cookie
_gat Google analytics Used by Google Analytics to throttle request rate 1 day HTTP cookie
_gid Google analytics Registers a unique ID that is used to generate statistical data on how the visitor uses the web site. 1 day HTTP cookie
nrid 180.bar Registers a unique ID that is used to generate statistical data on how the visitor uses the web site 1041 days HTTP cookie
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers. Our website uses the following marketing cookies:
Name Provider Purpose Expiry Type
r/collect doubleclick.net This cookie is used to send data to Google Analytics about the visitor’s device and behavior. It tracks the visitor across devices and marketing channels. Session Pixel
UUID# 180.bar Unclassified Session HTTP cookie
You can delete cookies and stop them from being installed in your browser. There is no one standardized way to remove cookies since different browsers clear cookies using different procedures. This below links helps you manage cookies by instructing you on how to remove cookies on the Chrome, Safari, Firefox, and Internet Explorer browsers:
If you use a different browser, please follow the instructions provided by its manufacturer.
How you can manage cookies settings
We apply security technologies, data protection policies and other measures to protect personal data under our control from unauthorized access, inappropriate use, alteration, illegal or accidental destruction and loss. We also require from all our employees and any third party that have access to or are authorized to process your data, to be bound by a contract or a non-disclosure agreement to protect your privacy.
DISCLAIMER OF LIABILITY FOR THIRD PARTY WEBSITES
We may also provide social media features that allow you to share information on your social networks and interact with 180 SUNSET BAR on various social media sites. The use of these social media features may result in the collection or sharing of information about you. We recommend that you check the privacy policies and regulations of the social networking sites you interact with, so that you can be sure that you understand what information may be collected, used and disclosed by these sites.
We want you to contact us for issues related to your personal data and your privacy, such as for example:
- Updating your information.
- Changing the communication method.
- Asking us to stop sending you informational and promotional messages including newsletters.
You can contact us about the above and other related topics in any of the following ways:
180 Sunset Bar
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
‘data subject’ means a natural person with whom personal data is linked.
‘special categories of personal data’ means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.