1. Who is the Data Controller?
1.1. The Controller of your personal data is the “N.GERENTES SA”, with its registered seat in Olympis str. Metamorfosis 14452, Greece with Tax Registration Number 094032777 Tax Authority of FAE Athinon Telephone 2106818310 e-mail address: firstname.lastname@example.org (hereinafter referred to as “the Association“).
1.2. Contact details of the privacy liaison for Data Protection: N.Gerentes SA, email@example.com
A) By Phone: 2106818310 Monday to Friday 9am to 5pm
B) By Email: firstname.lastname@example.org
C) By post: N.Gerentes SA, Olympias str, Metamorfosis 14452, Greece
2. What personal data does the Association process and how?
Your personal data includes any information that allows, either alone or in combination with others, for your unique identification, in accordance with the provisions of the General Data Protection Regulation (GDPR 2016/679 or the General Regulation), the applicable Greek law and the decisions of the Hellenic Data Protection Authority (HDPA).
We process your personal data when you navigate into the Website, when you communicate with the Association through the contact form available on the Website, or otherwise, when we collect various types of personal data for you, either directly from you or from third parties, and / and by automated means.
Indicatively, we collect the following personal about for you:
- Identity data: (full name) you provide to us when you complete the contact form on the Website.
- Contact Information: (email address and, optionally, your mobile phone number) provided to us when you complete the contact form on the Website.
3. What is the purpose and legal basis of each processing?
The Association and its trained personnel apply all principles of processing pursuant to the General Regulation (indicatively lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality and accountability). The Association protects and safeguards all of your rights pertaining to the use of your personal data. The above apply indiscriminately to all processes carried out by the Association through the Website.
Purpose of Processing
Legal Basis of Processing
Communication with the Association at the Website User’s initiative
We are processing your data:
(a) in order to handle the communication request you voluntarily submit to us through the contact form available on our Website and
(b) to communicate with you further to your request through the contact form pursuant to the above
Your full name
Your email address and mobile phone number (optionally provided to us)
Information you provide us contained in your message:
The contact form available on the Website includes a field where the User can optionally fill in his / her message to the Association.
We encourage you to provide us only with information which is strictly necessary in order to communicate with the Association and not include in your message, indicatively but not limited to, specific categories of personal data (eg health data) or any other information that is not absolutely necessary for the purpose of communicating with the Association.
We cannot (and have no obligation) to control the legality of the content of your message and the Association will not be held liable if the content of your message is illegal and / or if you provide us with personal data that are either unrelated or are more than what is absolutely necessary for the purpose of communicating with you.
Your consent to the processing of your personal data for the purpose of processing your request through the contact form and to communicate with you.
You may withdraw your consent at any time by contacting the Association through the contact details referred to in Article 1.
It is specified that sending us any communication request does not constitute any subscription to a newsletter basis.
4. How long do we keep your personal data?
4.1. We will retain your personal data for as long as you continue to interact with us and for as long as this data is necessary to fulfill the processing purposes described herein (e.g. when communicating with the Association through the Website, the data will be retained only for as long as it is necessary for the communication between us).
4.2. Furthermore, we retain your personal data for our legal coverage in the event of a dispute related to the use of the Website and for the management of any legal claims by the Association (e.g., extra-judicial disputes, any disputes and litigation before the competent courts and/or prosecutor and/or other authorities), for the period during which any liability for the processing may arise, in accordance with the applicable law.
4.3. In determining the retention time of your personal data, we take into account the nature of your data, the amount, the purpose of its processing, their security, etc. You have the right to ask us to delete your data provided that the legal rights of the Association are not affected and / or there is no legal obligation to retain your information according to the above. For the exercising of your right, please refer to the relevant section of this Policy. [link για την Παράγραφο 5 του κειμένου]
4.4. In any event, as long as we retain your data, such information it is securely stored, in accordance with the security measures set forth in Article 8 below.
5. What are your rights and what are the procedures for exercising them?
5.1. You can exercise your rights using the Association’s contact details. [link για την Παράγραφο 1.3 του κειμένου]
5.2. The rights that you can exercise (where appropriate and subject to the conditions set out in the General Regulation) are: the right of access (Article 15), the right of rectification (Article 16), the right of erasure (Article 17), the right to restriction of processing (Article 18), the right to data portability (Article 20), the right to object (Article 21), the right to human intervention in automated individual decision-making, including profiling (Article 22).
5.3. We take under serious consideration the confidentiality of all files that contain personal data and we reserve the right to ask you to prove your identity if you exercise any of your rights with regard to those files.
5.4. We will not charge you for the exercise of your rights with respect to your personal data unless, as prescribed by law, your request for access to information is unfounded or excessive, in which case we have the right to charge a reasonable fee under specific conditions. In any case, we will notify you of any charges before processing your request.
5.5. Our goal is to respond to any valid requests within one (1) month after receiving them, unless it is particularly complex or you have made several requests. We will let you know if we are going to need more than one (1) month for the reasons listed above.
5.6. Report to a Supervisory Authority: You also have the right of complain to your local Supervisory Authority about the processing of your personal data after first contacting us to find a solution to any of your problems. In Greece, the Data Protection Supervisory Authority is the Hellenic Data Protection Authority – HDPA (www.dpa.gr), 1-3 Kifissias str., 11523 Athens, 2106475600, fax. 210 6475628.
6. Who are the third recipients of your data?
6.1. For the smooth and uninterrupted operation of the Website, the Association works with third parties who gain access only to such data as is absolutely necessary for the functional and technical organization of our Website, the optimization of the User experience, the submission of the contact form by the Users etc. Indicatively, our affiliated companies include the company that technically supports and hosts the Website, etc.
6.2. Upon transferring your data to such third-party companies, we ensure at all times the highest level of safety. As such, your personal data are transferred only to service providers and cooperating companies which have been diligently selected and which are contractually bound.
6.4.The Association generally stores the personal data mainly within the EEA. In case of a transfer of data to third countries outside the EEA, for which there is no adequacy decision, or to International Organizations, the Association implements all appropriate safeguards as provided by the applicable legal framework for the protection of personal data with regards to the transfer to third countries and all necessary information shall be made available at the Association’s website.
6.5. Finally, we may need to provide personal data to law enforcement authorities in order to comply with a legal obligation or a court order.
7. How is your data secure?
7.1. The Association implements all necessary security measures for the protection and safeguard of your personal data from accidental or unauthorized destruction / loss / tampering, prohibited transmission or access and any other form of improper processing (e.g. Firewalls, Access rights control, domain controller, lan segmentation, antivirus, partially encrypted information).
7.2. The information you provide to the Association is processed exclusively by specifically authorized personnel under the Association’s control and instructions, as well as the recipients of the personal data when necessary. For the processing, the Association appoints persons with the respective professional skills to provide appropriate safeguards in terms of technical knowledge and personal integrity to ensure privacy and protection of personal data. The Association, through the respective contractual commitments and its associates, implements all necessary security measures for protecting and ensuring privacy and confidentiality, as well as the integrity of personal data. In any case, the security of personal data in the platform environment is subject to factors beyond the Association’s sphere of control, as well as factors relating to technical, functional or other problems of the network or reasons of force majeure or events of chance.
8. Legal age verification
This Website is not intended for use by anyone under the age of 18. In order to determine your age, and before you are granted access to the Website, we ask you about your birth date. This information is required solely to confirm you are an adult, prior to allowing you access to the Website (within the legal obligations of the Association) and the Association does not store or use such information for any other purpose. You are kindly advised not to submit to us any personal information if you are under 18.
9. Applicable Law
Any dispute arising out of the use of this Website shall be subject to the exclusive jurisdiction of the Greek courts.