At "EUROTEL HOSPITALITY S.A." and at "EUROTEL HOSPITALITY CYPRUS LTD" we are committed to protecting and respecting your Personal Data

Our general privacy statement regarding Personal data Protection is presented below and informs you about how we use and protect the personal information you provide to us or that we collect about you, when you use our site or our application (app), when we exchange information or offer each other services while doing business. We also notify you of your rights under the data protection legislation and the relevant General Data Protection Regulation (GDPR).

Separate privacy statements apply to employees and job seekers. By using our site, and the services provided through it, you agree to the application of this policy.

WHO WE ARE

“EUROTEL HOSPITALITY S.A.” and "EUROTEL HOSPITALITY CYPRUS LTD" are under GDPR terminology, the "data controller" for the personal information it collects and processes. This means that we are responsible for deciding how to process (i.e. collect, preserve, use and disclose) your personal information. We are "Eurotel Hospitality - Hospitality Management - Products and Services SA" with the distinctive title "EUROTEL HOSPITALITY SA", and "EUROTEL HOSPITALITY CYPRUS LTD" for Cyprus, which are leading Greek & Cypriot IT companies specialized for more than 25 years in providing technological solutions in the hospitality and catering industry.

Our company’s identification data in Greece are the following:

EUROTEL HOSPITALITY S.A.,

11, Velestinou Str, N. Iraklio

14122, ATHENS

TEL: +30 210 6595000

EMAIL: info@eurotel.gr

You can reach the person in charge of Data protection issues at dataprotection@eurotel.gr

Our company’s identification data in Cyprus are the following:

EUROTEL HOSPITALITY CYPRUS LTD,

United Nations 50, Thekla Conteati Properties 6042,

Offices 21 & 31, Larnaca

TEL: + 357-24-813826

EMAIL: info@eurotel.com.cy

You can reach the person in charge of Data protection issues at dataprotection@eurotel.com.cy

WHAT INFORMATION WE HOLD FOR YOU and THEIR SOURCE

“EUROTEL HOSPITALITY S.A.” and "EUROTEL HOSPITALITY CYPRUS LTD" are committed to protecting the privacy and security of your personal data. By personal data we mean information which, either alone or in combination with other information available to the company, can be used for your recognition.

Personal information may include, but is not limited to, your name, address, telephone number, date of birth or your age, your occupation, possibly tax details (Tax ID number) stored in the archives of “EUROTEL HOSPITALITY S.A.” and "EUROTEL HOSPITALITY CYPRUS LTD", which may include electronic files, letters, emails, photos and video recordings. It does not contain information where your identity has been removed and you cannot be identified (anonymous information).

We may collect personal information directly from you or from other individuals or organizations.

SUBSCRIPTION TO NEWSLETTERS, EXPRESSION of INTEREST

Your subscription to the Newsletter by submitting your e-mail address or completing your information in a form of interest is at your own initiative and implies that you have accepted the terms of this Privacy Policy. If you do not accept these terms, please do not provide this information to us or withdraw your membership in our newsletter recipient list.By submitting your email to the Newsletter and your details in the interest form, "EUROTEL HOSPITALITY S.A." and "EUROTEL HOSPITALITY CYPRUS LTD" as Controller may use your personal data for marketing purposes and process these as follows:

To send to you information about products and services that may be of interest to you. This can happen directly from "EUROTEL HOSPITALITY S.A." and "EUROTEL HOSPITALITY CYPRUS LTD" or through companies and other third parties that can provide relevant marketing services on our behalf. In this case "EUROTEL HOSPITALITY S.A." and "EUROTEL HOSPITALITY CYPRUS LTD", may share your personal data with these partners

For statistics and analysis purposes of market preferences and trends.

SURVEILLANCE SYSTEMS

In the conduct of our business activities and mainly for safety reasons, the company monitors and records directly or indirectly the activities of its employees, visitors, facilities and premises, such as via surveillance cameras.Surveillance cameras are generally located in high-risk areas or work sites and aim to physically protect the company's premises as well as employees, visitors and assets within. Recorded images are overwritten by most recent ones after a few days, while access to them is strictly limited and occurs only when a specific need (theft, security incident, etc.) emerges.

FOR WHAT PURPOSE WE USE YOUR PERSONAL DATA

We use your personal information:

• to exchange information regarding products and services before entering into a contract
• to exchange information (commercial, financial, technical) and doing business in order to fulfill a contract’s terms
• to add your details in our newsletter recipients’ list
• to let you know about the organization of events related to our business and / or the Information Technology
• to handle your requests and complaints
• to comply with our legal, regulatory and other obligations (eg tax laws, accounting obligations, etc.) that result from our above-mentioned activities
• to ensure network and information security

HOW WE PROCESS YOUR PERSONAL DATA

Being aligned with the provisions of the GDP Regulation, we process your personal data in accordance with the following data protection principles:

• Lawfully, fairly and transparently
• We collect them only for valid purposes that you know or purposes we explained to you and do not use them in a way that is incompatible with these purposes
• We process them according to the above purposes only
• We collect and process the least and absolutely necessary information for the fulfillment of the above purposes
• We keep these data accurate and up-to-date as long as you keep us informed of any changes
• We only keep them for as long as necessary, based on the purpose
• We keep them safe. We take all reasonable steps to ensure your personal data from loss, unauthorized access or alteration.

LEGAL BASIS OF PROCESSING

According to the GDPR, processing must be based on a legitimate basis, i.e. a sound reason for collecting, storing, using and disclosing your personal information.

Our legal basis for this will depend on the services we provide to you and the type of information we process about you.

The basis we process your information may be one or more of:

• To fulfill a contract that we may have with you (providing to you products and / or services)
• to comply with a legal or regulatory etc. duty
• your consent when you consent or agree with it, such as when you choose to receive from us informational emails or newsletters
• out legitimate interests such as direct marketing, fraud prevention, security of network and information technology information technology, etc 16 and UNDER

It is not our purpose to collect personal information from children without the consent of their parents. If you are under 16, please get the consent of your parents or guardian before giving any information.

WITH WHO DO WE SHARE YOUR PERSONAL DATA

Your personal data is shared internally within our company, between its various departments, in order to produce the desired result and so that you receive the service you expect from us. This internal disclosure is done in the safest feasible way on a need to know basis.We may also share and receive your personal data from organizations and individuals outside of the organization.Additionally, your personal information may be provided to a third party by our company in order to provide a service to us or directly to you. These service providers are known as data processors and have also a legal obligation under GDPR and towards “EUROTEL HOSPITALITY” and "EUROTEL HOSPITALITY CYPRUS LTD", to take care of your personal data and use it only for the provision of this service. In cases where we share your data as data controllers with another data controller, the use of such information by that company will be subject to its own privacy policy. "EUROTEL HOSPITALITY S.A." and "EUROTEL HOSPITALITY CYPRUS LTD" make every effort to select partners who provide high quality, reliability, trust, protected and secure services but is not responsible for the use of information by these companies. These partners can use your personal information to communicate directly with you In the context of commercial, financial, and technical transactions and services, it is likely that contact details of customer personnel (commercial, financial, technical, legal, procurement, logistics, legal representatives etc.) may be shared with suppliers and / or manufacturers for the purpose of conducting and executing contracts with the highest possible benefits for the customer (bid improvement, warranties, direct technical support, product delivery, etc.). Your personal information may also be disclosed to external third parties such as employment bodies, insurance organizations or companies and other regulatory authorities. Beyond the above, your information will not be traded / leased or communicated to third parties for marketing purposes or others.

TRANSFER OF PERSONAL DATA IN OTHER COUNTRIES

Your personal data may be transferred outside of the European Economic Area. While some countries have been identified by the European Commission as having adequate legal of protection for personal data, in other countries it will be necessary to take extra measures in order to ensure adequate safeguards for the information. These may include the imposition of contractual obligations to ensure that these safeguards are applied.

FOR HOW LONG DO WE MAINTAIN YOUR DATA

We will retain your personal information only for as long as it is necessary to fulfill the purposes for which we have collected it, and for as long as it is required to satisfy any legal, accounting, etc. obligations.Where feasible, we can make your personal details anonymous so that they can no longer be associated with you. We can then use them without further notice.Once you no longer require services from us, we will maintain and safely destroy your personal information in accordance with the retention schedule.

PERSONAL DATA PROCESSING OF JOB APPLICANTS

By sending your CV and applying for a position at "EUROTEL HOSPITALITY SA" and "EUROTEL HOSPITALITY CYPRUS LTD", you accept the terms of this privacy statement as outlined in more detail in what follows.

Personal information that may be acquired or produced by us during the application or recruitment process may include, but is not limited to:

• your name, address, email address, telephone number and other contact information
• education, previous and/or relevant work experience, or other information you provide to us in support of an application while seeking a job
• information relating to any previous applications and/or employment history you may had with “CCS Learning”
• other personal information you may have reported in your CV and/or cover letter
• information from interviews and screenings you may have
• details of the type of your current employment or you are looking for, current and/or desired salary and other terms relating to compensation and benefits packages, or other job preferences
• any special category, sensitive and/or demographic information obtained during the application or recruitment process such as age, information about your citizenship and/or nationality, medical or health information and/or your race
• test results from tests you took as a means of our effort to evaluate your technical knowledges and skills, as well as your mental capabilities and behavioral style
• reference information and/or information received from tribunal or police checks (where applicable), including information provided by third parties

We will use this information for the purposes of carrying out the application and recruitment process that includes:

• assessing your skills, qualifications and interests against our employment requirements
• verifying your information and carrying out technical and/ or behavioral tests
• carrying out reference checks and/or criminal records checks (where applicable) if you are offered a job
• Communications with you about the recruitment process and/or your application(s), including likely future appropriate potential career opportunities at “EUROTEL HOSPITALITY” and at "EUROTEL HOSPITALITY CYPRUS LTD"
• complying with applicable laws and regulations, legal processes or enforceable governmental requests or in response to a legal process.

“EUROTEL HOSPITALITY S.A.” and "EUROTEL HOSPITALITY CYPRUS LTD" has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process.

The processing of your personal data throughout the recruitment process is necessary in order to assess and confirm a candidate's suitability for employment and decide to whom to offer a job. In some cases, we need to process data to ensure that we are complying with our legal obligations or in order to respond to and defend against legal claims.

We will retain your information for the following periods:

• Selected candidates: if you are offered and accept employment with “CCS Learning”, the information collected during the application and recruitment process will become part of your employment archives. Most of this information will be retained for 6 months after our collaboration comes to the end. For compliance and regulatory issues (e.g. accounting, tax, insurance matters), some information will be kept for at least 5 years.
• Interviewed candidates: if you have been interviewed, your personal information which will include additional data like test results, criminal records / police checks, interview notes and any other relevant information supplied by you will be kept for up to 12 months from the last contact we had with you
• Rejected candidates: if your application has been rejected from the early stages of the process, your data will be retained for up to 3 months after receipt of your initial application

AUTOMATED DECISION MAKING

In some areas, in order to improve the efficiency of our services, our company may use automated decision-making processes, including profiling. When an automated decision that is taken for you is important (one that may have legal impact or otherwise may significantly affect you), you will be warned about this from us, along with your rights to challenge this decision.

DATA ACCURACY AND YOUR RESPONSIBILITIES

It is important that the personal information we keep for you is accurate and up-to-date. For this reason, in case some of your information changes or is in error, please let us know as soon as possible so as to proceed to the necessary rectifications.

YOUR RIGHTS

Under the Regulation, you have the following rights:

• To be informed about the processing of your personal information. This is the purpose of this statement.
• To correct your personal information if it is inaccurate and have it in full if it is incomplete
• To oppose to the processing of your personal data
• To restrict the processing of your personal information
• To have your personal information deleted ("the right to be forgotten")
• to move, copy or transfer your personal data ("data portability")
• to be informed about, question or oppose to any automated decisions taken for you, including profiling
• Ask for access to your personal information and information about how we process them
• withdraw at any time any consent you have given to the processing of personal data

If you wish to exercise any of these rights, please contact the company's Data Protection person in charge (For Greece e-mail: dataprotection@eurotel.gr, tel:210 6549509 and for Cyprus dataprotection@eurotel.com.cy, tel: + 35724813826).

YOUR CHOICES

You have the option to choose whether or not you want to receive information from us. If you want to receive direct marketing messages from us, you can select the corresponding boxes on the form in which we collect your information.

We will not contact you for marketing purposes by email, telephone or text message unless you have given your prior consent. We will not contact you for postal marketing purposes if you have stated that you do not wish to be contacted. You can revoke your consent and change your preferences at any time by contacting us by e-mail:

For Greece: dataprotection@eurotel.gr or call at 210 6549509.

For Cyprus dataprotection@eurotel.com.cy, tel: + 35724813826

QUESTIONS or COMPLAINTS

Any questions regarding this Policy and our privacy practices should be sent:

For Greece, by email to dataprotection@eurotel.gr or by writing to EUROTEL HOSPITALITY, 11, Velestinou Str, 14122, ATHENS. Alternatively, you can call +30 210 6549509.

For Cyprus, by email to dataprotection@eurotel.com.cy or by writing to EUROTEL HOSPITALITY CYPRUS LTD, United Nations 50, Thekla Conteati Properties 6042, Offices 21 & 31, Larnaca. Alternatively, you can call + 357-24-813826.

You also have the right to submit any complaint at any time to the Data Protection Authority, the Greek Data Protection Supervisor:

Data Protection Authority,

1-3, Kifissias str.,

115 23 Athens, Greece

contact@dpa.gr

Tel: +30 210 6475600

Fax: +30 210 6475628