The Met Hotel fully complies with the General Data Protection Regulation (GDPR), Greek Law 3471/2006, and the ePrivacy Directive. We respect your personal data and are committed to ensuring transparency and security in all our communications.
This policy has been designed in alignment with GDPR, the ePrivacy Directive, and relevant Greek legislation (Law 3471/2006). It is specifically tailored for the use of role-based emails and covers both commercial and non-commercial communications, taking into account requirements around tracking pixels and third-party service providers.
Use of Data
“Personal data” (Article 4.1 GDPR) refers to any information relating to an identified or identifiable natural person (“data subject”). An identifiable person is one who can be identified, directly or indirectly, in particular by reference to identifiers such as a name, identification number, location data, an online identifier, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.
Data clearly associated with a business—such as the business name, address, general contact number, and role-based email addresses (e.g., info@company.com, department@company.com)—does not fall under GDPR compliance rules. Specifically for ePrivacy, sending to these addresses is allowed for non-commercial communication. However, email addresses that include personal identifiers (e.g., john@company.com, js@company.com) may be considered personal data. These types of emails are not included in our lists unless we have your prior consent.
All data is processed by our company in full compliance with GDPR and in accordance with applicable data collection and management procedures.
Use of Role-Based Emails
1. Purpose of Communication:
We use role-based email addresses (e.g., info@company, sales@company) exclusively to:
-Share non-commercial information, such as invitations to free webinars or downloadable content.
-Conduct professional outreach relevant to your business activity, without direct commercial intent.
2. Legal Basis
-Non-commercial communications are based on our legitimate interest, supported by a Legitimate Interest Assessment (LIA) ensuring your rights are not overridden.
-Commercial communications are only sent if we have your explicit consent, or where there is a pre-existing business relationship.
3. Transparency and Consent
-We clearly communicate the purpose of each email.
-Every message includes a straightforward opt-out option to unsubscribe from future communications.
How We Collect Data
Corporate (role-based) email addresses are collected from publicly available business sources (e.g., websites, directories, or social media business pages).
Email addresses that may be considered personal are collected only through the following methods:
-Voluntary submission via forms you complete when interacting with our website, blog, corporate social channels, or Google Ads.
-Direct interaction with our company—through meetings, exhibitions, phone calls, or emails/messages you send us as a client or prospect.
How We Use the Data We Collect
We do not use email addresses containing personal names unless we have prior approval, such as through sign-up to one of our lists as described above.
We are not responsible for any email forwarding (redirects) from role-based emails to personal inboxes, as we cannot know your email routing settings or private addresses.
Collected emails are used for research, email marketing, and advertising/remarketing, only after obtaining verbal or written permission (if the email is personal) or otherwise as stated above.
We understand the importance of data privacy and GDPR compliance and are fully committed to responsible email marketing practices.
If you have any questions or concerns, please do not hesitate to contact us.
Compliance Principles
1. No Data Misuse:
We do not purchase data lists or share your data with third parties without your explicit consent.
2. Purpose Limitation:
Your data is used strictly for providing information, notifying you of free events, or promoting relevant services.
3. Transparency:
Every communication clearly states the sender and the purpose of the message.
4. Third-Party Providers:
Emails may be sent via third-party platforms that are fully GDPR-compliant and bound by strict Data Processing Agreements.
5. Cookies & Tracking Pixels:
Our emails may include tracking pixels or similar technologies to measure engagement (e.g., email opens or link clicks).
These technologies comply with the ePrivacy Directive and are only activated with your explicit consent.
You can disable them via your email client settings.
Your Rights and Opt-Out Options
1. Opt-Out:
Every email includes a clear unsubscribe link. Your request will be processed immediately, and no later than 72 hours.
2. Access & Data Management:
You can request access, correction, or deletion of your data at any time by contacting us.
3. Complaints:
If you believe your rights have been violated, you may lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr).
You may opt out of our communication lists at any time, whether for email marketing or advertising purposes. You also retain all rights under the GDPR regarding control over your personal data.
To unsubscribe, use the link provided in our emails or contact us directly at dpo@chandris.gr
with your request (e.g., to stop receiving email or advertising communications).
Commitment to Compliance and Responsibility
The Met Hotel is committed to upholding the highest standards of data protection and handling your data with full transparency and accountability.
For any inquiries regarding data processing, you can reach out to our Data Protection Officer (DPO) at:
Email: dpo@chandris.gr
Tel: +30 2310 017 000