For the purpose of this Policy, the following terms shall have the following meaning:
“Governing law”: The respective national and Union legislation on personal data protection and specifically the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as “GDPR”), L. aw 4624/2019 as well as the Decisions, Instructions and Opinions of the Hellenic Data Protection Authority (hereinafter “HDPA”).
“Personal Data”: Any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identity card number, the location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
“Processing”: any operation or set of operations which is performed upon personal data or upon sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Controller”: a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; in case that the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for his nomination may be provided for by Union or Member State law. In this case, the Company acts as the Controller.
“Data Subject”: the natural person whose personal data are being processed. In this case, every user of the website is considered as the subject of the processing, if it is a natural person.
“Consent” of the data subject: any freely given, specific and informed indication of his wishes by which the data related person signifies his/her agreement, by a statement or by a clear affirmative action, to personal data relating to him/her being processed.
3.Personal data of the users that we collect and process.
3.1 Personal data we collect through the contact form.
|The immediate and optimal possible response/service/information of the users for the services provided by the Company.||The legitimate interest of the Company to provide high quality services to the users of this website|
|The improvement of the functionality, of the services provided to you, as well as the analysis of the website traffic.||your free explicit consent which you grant by accepting cookies, with the exception of the strictly necessary cookies which are permanently installed and are absolutely necessary for the operation of our website, while the legal basis of processing them being the legitimate interest of the Company.|
3.3 Personal Data we collect through the “Request a call back” field
|The immediate and optimal possible response/service/information of the users for the services provided by the Company.||The legitimate interest of the Company to provide high quality services to the users of this website.|
4. Personal Data of Minors
Our website is not intended for minors and does not wish to collect and process personal data of minors (i.e. persons under 18 years of age). However, as it is impossible to cross-check and verify the age of the users, we ask the parents/guardians of the minors, in case they find any unauthorized notification/provision of data by the minors, to immediately notify the Company, so that we can take the necessary measures (e.g. deletion of such data). In the event that we become aware of a collection of personal data of a minor, we undertake to delete it immediately and to take all necessary measures to protect such data.
5. Period of personal data record keeping
Your personal data is kept for a predetermined and limited period of time, depending on the purpose of processing, following which the data is deleted from our files. When processing is required or a specific retention period is provided for by law, your personal data is kept for as long as the relevant provisions require. When processing is based on your consent, your personal data will be kept until that consent is revoked.
6. Security of personal data
Taking into account the latest developments, implementation costs and the nature, scope, framework and purposes of processing, as well as the risks of different cause and severity regarding the rights and freedoms of users from processing, we obtain the necessary technical and organizational measures to protect your personal data. Although no transfer method via the Internet or electronic storage method is completely secure, we take all the necessary digital security measures for your data etc.
7. Transfer of personal data to third parties
Your personal data may be transferred to third parties, who have been entrusted with the processing of personal data on behalf of our Company. In any case, the third parties to whom the data of the users may be transferred, are contractually bound against us in order to ensure the obligation of confidentiality as well as all the obligations provided by the governing law. At the same time, your personal data may be transferred to public authorities, independent authorities, etc. during the exercise of their duties ex officio or at the request of a third party invoking a legitimate interest and in accordance with legal procedures.
8. Transfer of personal data outside the EU
The personal data collected through this website is generally not transfered to a Third country outside the European Union (EU) or the European Economic Area (EEA). However, in the event of transferring your personal data to a country outside the European Union (EU) or the European Economic Area (EEA), we will ensure that any of the special derogations provided for in the GDPR are met. Otherwise, the transfer to a third country is prohibited and the Company will not transfer your personal data to a country outside the European Union (EU) or the European Economic Area (EEA).
9. Your rights
As a user of this website you have the following rights:
1) Request for information about the processing of your personal data.
2) Request access to your personal data. More specifically, you can request a copy of your personal data kept in order to check the legality of the processing.
3) Request the correction of your personal data in case of incorrect or incomplete registration.
4) Request the deletion of your personal data if their retention is not based on any legal basis or legitimate interest.
5) Request a restriction on the processing of your personal data, under certain conditions.
6) Request the portability/transfer of your personal data either to you or to third parties.
7) Revoke at any time the consent you have given for the processing of your personal data, without this revocation affecting the legality of the processing performed until then.
8) Object to the processing of your personal data.
9) Object to a decision that concerns you and is based solely on automated processing of data, including profiling.
To exercise your rights, you can contact us via email at firstname.lastname@example.org. In case of exercising any of the above rights, we will respond immediately and in any case within one (1) month of receipt of your request and identification. For any complaints regarding this Policy or personal data protection issues, you may contact the HDPA in case we do not satisfy your request.