Privacy and Security of Personal Data Policy
Clarifications on the processing of personal data
(as Responsible and Executor of the Processing, in accordance with the General Data Regulation EU 2016/679)
1. Why will the Company process the Customer’s Personal Data (PSD) and Special Category Personal Data (SPCD)?
By purchasing services/products made by the Customer through the Company’s website, he declares that he wants the Company to undertake on his behalf the completion of a task or to mediate between the Client and a third party for the completion of a task in its capacity as the Company as an internet service provider. The Company, based on the information/data declared by the Customer on its website/order form, should include him in a homogeneous category and calculate, based on his statements, the appropriate and proportional product/service for the Customer.
In order to do this, it is necessary for the Customer to declare the specific VAT and/or EDPC referred to in the relevant fields of the order form. These data are objectively essential for the fulfillment of the purpose and the operation of the service provided. The correct and complete information about the information requested by the Company constitutes an obligation of the Customer by law. It is possible that inaccurate or incomplete information on the information requested by the Company may establish the right to request the Company even to cancel or terminate the service provided at any time.
For as long as the service contract remains in force, the Company will process the Customer’s data necessary for its operation, based on the express consent that the Customer will grant us at this stage through the service/product order or in any other subsequent stage.
2. What kind of processing of my data will the Company carry out?
After the Customer places the product/service order, completed in all fields, the Company will proceed, for the reasons mentioned above, in each act or series of acts of processing the Customer’s data and with the help of automated means such as e.g. collecting, registering, organizing, correcting, storing, adapting, changing, retrieving, searching for information. The Company uses automated means to complete the order and provide the service. Through these automated means, the Company can make decisions more quickly, with greater accuracy, transparency and consistency.
However, in these cases, regular relevant checks are carried out by competent employees of the Company.
The Company, in the context of protecting its legal interests, frequently carries out checks, using certified automated means, for reasons of preventing fraud against it.
In particular, the following partial processing is carried out for the purpose of the Company’s compliance with the provisions of European and Greek legislation:
controls (and automated) to prevent the products from being used for money laundering and/or terrorist financing purposes.
checks are carried out and information and data are sent for the purpose of the Company’s compliance with the administrative cooperation of the member states of the European Union in the tax sector.
checks are carried out and information and data are sent for the purpose of the Company’s compliance with the multilateral agreement of Competent Authorities for the automatic exchange of financial account information.
3. For how long will the Company keep the Customer’s data on file?
The Company will keep the Customer’s data for as long as a contractual relationship is maintained between them, both in paper and electronic form. In the event that, for any reason, this is interrupted, the Company will keep them for as long as is required until the statute of limitations for any related claims has passed. However, in any case the Company will keep the data for a period of up to one (1) year from the end of the cooperation between them.
4. What rights does the Customer have in relation to the processing of his data?
The Customer may exercise, as the case may be, the following rights: the right of access (to find out which data we process, why and the recipients thereof), rectification (to correct any deficiencies or inaccuracies of the data), deletion (right to oblivion) (deleting them from the Company’s records, however, if their processing is no longer necessary), restriction of processing (in case of questioning the accuracy of the data, etc.), portability (that the Customer receives his data in structured and commonly used format).
These rights are exercised at no cost to the Customer, by sending a relevant letter or e-mail to the Data Protection Officer, unless they are repeated frequently and due to volume have administrative costs for the Company, since
the Customer will bear the relevant costs.
If the Customer exercises any of these rights, the Company will take all possible measures to satisfy the Customer’s request within thirty (30) days of receiving the relevant request, after the Company informs either of its satisfaction, or of the objective reasons that prevent its satisfaction.
In addition, the Customer can at any time object to the processing of his personal data and personal data for the purposes of the service contract, by withdrawing his consent. However, this will lead to the termination of the Customer’s contract and the non-provision of services by the Company, because (in accordance with what was mentioned above) no service operates without processing the customer’s (data subject) TIN and/or TIN.
5. How is the security of the Customer’s data ensured?
Data security is an absolute commitment for the Company. To achieve this, all modern and appropriate technical (encryption, anonymization, etc.) and organizational measures are applied, the response of which the Company checks at regular intervals.
6. Where will the data be transmitted?
The Customer’s data will be transmitted to the Company’s departments that are responsible for the completion of the service provided and for its correct and uninterrupted operation. Examples include the technical support department, the legal department, the accounting department, etc.
The Customer’s data may also be transmitted and made accessible by legal and/or natural persons with whom, from time to time, the Company maintains contracts for the proper provision of the services offered. Also, the data, in the context of the operation of the Customer’s insurance contract, may be transmitted to various services, public authorities, etc. However, in this case, these legal and/or natural persons will process the Customer’s personal data exclusively for the purpose of providing services to the Company and not for their own benefit, acting as processors.
In each transmission, the Company always takes every measure so that the data that will be transmitted is always the minimum necessary and that the conditions for legal and legitimate processing will always be met.
7. Will the Company process the Customer’s data for commercial purposes?
For the duration of the processing mentioned above, the Company may only process your TINs (but not those of EKDGIX). The Customer can object at any time to this processing of his data (for commercial purposes) by sending a request to the Data Protection Officer. In this case, the Customer’s data will no longer be processed for commercial purposes.
8. File a complaint/complaint?
For any matter concerning the processing of your data, you can contact the office of the Data Protection Officer (DPO) of the Company: tel. 00302811229000, email: [email protected]
Also, the Customer always reserves the right to address the competent authorities, where he can submit the relevant complaints. For Greece: Personal Data Protection Authority (Kifissias 1-3, Т.К. 115 23, Athens), or electronically (www.dpa.gr).
Additional clarifications on Cookies
1. What are cookies and why does the Company use them?
In addition, cookies help the Company to see the performance and traffic of its website, improving its presentation and content, according to the preferences of its visitors.
2. Which cookies are used?
Some or all of the cookies described below may be stored in the browser. The Customer can see and manage cookies in the browser (however mobile browsers may not offer this visibility).
3. Of the different types of cookies that exist, the Company uses the following:
Technically necessary cookies are essential for the proper functioning of the website, allowing the Customer to browse and use the functions