Personal Data Protection Policy
It is a priority for our company to protect your personal data which we process and to continuously comply with all data protection legislation.
We invite you to carefully read this Personal Data Protection Policy in order to be adequately informed regarding the type of data we process.
General information and controller
Hellas EAP LTD, located at 120 Sygrou Avenue in Athens, Athens, with VAT number 998947163, as legally represented (hereinafter “the Company”), is the controller for the collection, storage and general processing of users’ personal data, as collected and stored through this website and the social media pages linked to our website.
2.What personal data we collect and how we collect it?
We collect the following personal data:
-Information when you provide us with your e-mail address so that we can send you our newsletter.
We will use your e-mail address to inform you about the services we provide when you send us your e-mail address.
-Information when you visit our website
If you visit our website and have a question or comment, you can submit it to our Company by filling out the contact form available on the website. You will be asked to provide your e-mail address and information about your request/question/observation. We will only use this information to respond in relation to your query/observation. We will make a record of your request, your questions/observations and our respective responses and any other actions taken to manage your request/contact. All information will be retained for 12 months after your query or complaint is resolved or the case is closed.
-Information about the maintenance and optimisation of our website
Your personal data is also used for the maintenance and analysis of our website to resolve performance issues, improve availability and user experience. We record every use of our website. Logs of website usage will be deleted within 14 months of their creation.
-Information about your visit and use of our website
We automatically collect certain information when you visit our website, such as your IP address, device category, web browser type, usage information and statistics about your interaction with our website. All information will be retained for a maximum of 14 months.
3.Purposes of processing
a. Sending our newsletter : We will send you our newsletter when you have given us your consent to do so or when there has been a prior business relationship between us in accordance with the provisions of Article 11 par. 3 of Law 3471/2006.
Legal basis of processing: Your consent (when you fill in the relevant form on our website) or our legitimate interests (when you are already our customers). In any case, you will have the right at any time to declare that you no longer wish to receive our newsletter by sending a message to firstname.lastname@example.org , and your decision will be fully respected.
b. Response to your request/question/observation: We make every effort to respond to the request/question/observation you submit on your own initiative via the contact form.Legal basis for processing: The legitimate interest of our company to offer you the best possible quality of services
c. Support of information systems/improvement of services provided: We use your personal data in order to detect server problems and ensure the proper functioning of our website. The Company uses the personal data of users, which it collects through the website, in order to offer new services through the website or to improve the services already provided.Legal basis of processing: The legitimate interest of the Company to ensure the uninterrupted operation of its website and to improve the services provided by it.
d. Compliance with our legal obligations: When we receive relevant court or public authority warrants, we may process your personal data in order to respond to these requests.Legal basis of processing: Compliance with our legal obligations.
5. Rights of data subjects
You have the right to request an overview of your personal data processed by us or on our behalf. You have the right to correct, delete or restrict the processing (where applicable) of your personal data.
Please be aware that requests that do not meet the requirements set out in applicable law or the Company’s guidelines may be required to be redrafted or rejected, and that certain personal data may be exempt from such requests for access, rectification and erasure in accordance with applicable data protection and other laws and regulations.
You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, and in some cases we will, at your request, transfer your data to another controller where technically feasible.
You also have the right, in certain circumstances, to demand that we stop processing your personal data, but where there are compelling legitimate grounds, we will continue to process your personal data. In all cases, you have the right to object to our use of your personal data for direct marketing purposes, including profiling, and if you do so, we will comply with your request.
Your requests relating to the exercise of the above rights may be sent to the Company’s Data Protection Officer (“DPO”) at email@example.com. In case you are not satisfied with our response to your request, you may submit a complaint to the Data Protection Authority regarding the exercise of your rights (www.dpa.gr).
6.Retention of personal data
Users’ personal data are kept exclusively for the period of time required to fulfil the purpose for which they were collected, in full compliance with applicable legislation. When the purpose of processing your personal data is completed, they will be deleted.
7. How and with whom we share your personal data (recipients of personal data)
We may need to share your personal data with third parties who help us provide you with services/products and to administer our website e.g.IT service providers In such cases where the Company, as the controller, transfers your data to third party processors, the Company itself determines the individual elements of the processing (method, means, retention period, etc.) and signs a specific contract with the processors in order to ensure that the processing is carried out in accordance with the applicable legal framework, that appropriate measures are taken to protect the confidentiality and security of the personal data and that those third parties are established in the European Union or in other countries of the European Economic Area. Our Company does not transfer your data to countries outside the EEA.
Finally, we may need to provide personal data to law enforcement agencies in order to comply with a legal obligation or court order.
The Company assures users that it takes all appropriate technical and organizational measures to ensure the security of their personal data, to safeguard the confidentiality of its processing and to protect it from accidental or unlawful destruction/loss/alteration, unauthorized disclosure or access and any other form of unlawful processing.
Although every effort is made to protect personal data, the Company cannot guarantee the security of the data transmitted through its website, as the transmission of information via the Internet can never be completely secure.
9. Applicable law
The Greek Courts will have exclusive jurisdiction for any dispute arising from the use of this website.
11. Data Protection Officer
You can contact the Company’s Data Protection Officer for any issue related to the processing of your personal data at firstname.lastname@example.org