PERSONAL DATA PROTECTION POLICY
The Company is responsible for the site www.aesthecathens-zarnavellis.gr that is the website of the Company (hereinafter referred to as the "site"). The personal data you provide to us during your registration or visit to our website is subject to processing and will be kept in a record under our Company's responsibility. In addition, any other personal data you grant to us is also processed and stored in a record under our Company's responsibility.
This Policy and its Terms may be updated at regular intervals and should therefore be regularly updated and checked for any changes.
1. DEFINITION OF PERSONAL DATA
The term "personal data", as it used in this Policy, refers to information of the data subjects, i.e. natural persons, either individuals or professionals, such as name, postal address, e-mail address, telephone number, etc. that can be used to identify the identity of a customer or visitor of the site.
2. DEFINITION OF PERSONAL DATA PROCESSING
The processing of Personal Data is the collection, registration, organization, storage, adaptation, modification, retrieval, searching information, use, transmission to third persons, dissemination, association, combination, restriction, deletion and destruction of Personal Data of individuals.
3. COLLECTION OF PERSONAL DATA
We collect information about you, among others, in the following cases:
A. When contacting us directly, through our call center to request information.
B. During your visit to the Website.
C. If you respond to our actions to promote or request information, e.g. by filling out an answer form or by entering your data online on our website via the contact form.
D. With your registration as a member and the opening of Account.
E. If you provide personal data on behalf of a third party, you should ensure that the third party has previously become aware of this Policy. If you are under 16, you should not provide us with any information for you unless you have the consent of the person in charge of your parenting. Please help us to keep your information up to date by informing us of any changes to your personal data.
4. WHAT WE PERSONAL DATA WE RECRUIT
The following categories of data relating to you may be collected and further processed through the various services and the media that have been described in this Policy:
A. Communication Data: e.g. name, telephone numbers, fax number, e-mail address, email address, zip code.
B. Website Use & Contact: IP, Browsing Items for Statistics.
C. Information about the reasons for contacting us: information regarding reasons of interest, support services, requests for our services, including complaints and claims.
We collect the above necessary information from you, which you voluntarily give us.
5. PROCESSING OF PERSONAL DATA
We do not take decisions or create profiles based on the automated processing of your data.
6. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
For your data, that have relation with the above actions, the legitimacy of your processing is based on your own consent.
7. PURPOSE OF PROCESSING OF PERSONAL DATA
The personal data that declared by the user/member anywhere on the Website are intended solely to ensure the operation of the services provided and the legality of the communications concerned and they do not be used by any third party that is not authorized in accordance with the provisions of the General Rules of (EU) 2016/679, the national legislation and the related acts of the Data Protection Authority, the Law 3471/2006 and the ePrivacy Directive (2002/58 / EC, amendment 2009/136 / EC) that has apply today for the protection of the personal data processing. Finally, using the services of the Site, other information may be requested or collected for statistical purposes, which are disconnected from the user's / member's personal data in accordance with the legislation on the protection of personal data.
The company operates according to the applicable Greek and Community legislation and it keeps your personal data in secure.
In summary, we ask, as much information as we need in order to enjoy a special browsing experience, services that are based on your needs and communication with you. We therefore collect your information for the purpose of supporting our visitors, providing our services and communicating.
In particular, we collect your information for the purpose of registering you as a member of the site and the communication with you for the providing of the services that you have requested or information about our services.
8. DETAILS OF DATA
The receivers of the Data are the absolutely necessary staff and associates of the Company, who are committed to maintaining confidentiality. We may share or disclose your data when you have requested it or when required by the law.
9. MAKING THE PROCESSING
Data processors have agreed and committed to the Company to:
• keep confidentiality,
• not send data to third parties without the Company's permission,
• take appropriate security measures,
• Comply with the legal framework for the protection of personal data, and especially with the GDPR Regulation.
10. DATE OF PROCESSING AND STORAGE OF DATA - TIME OF DESTRATION
The data provided by you will be retained / stored by us only for as long as it is required to fulfill the purpose for which you have communicated your data to us and in compliance with the applicable laws.
We restrict access to your data to the authorized persons who need to use them for that purposes.
11. DATA SECURITY
We are committed to protecting your Personal Data. We have taken appropriate organizational and technical measures to secure and protect your data from any form of accidental or fraudulent processing. The site has an SSL certificate installed in order to encrypt and securely manage your personal data and browsing data.
These measures will be reviewed and amended when it is necessary for the insurance of your personal data that would be kept in secure.
The processing of your Data in any way is only permitted by our authorized persons, employees and associates, for the purposes that have been stated above.
12. YOUR RIGHTS AS THE PERSON OF THE DATA
A. You have access to your personal data.
This means that you have the right to be informed by us about whether and which data we process. If we process any stored data you may ask to be informed about the purpose of the processing, the type of data that we keep, who give them to us, how long we store them, whether it is automated to make decisions, but also about your other rights, correcting, deleting data, limiting processing and submitting a complaint to the Data Protection Authority.
B. You have the right to correct inaccurate personal data.
If you find that there is an error in any personal data you have in your possession, you can apply for it to be corrected.
C. You have the right to delete / the right to oblivion.
You may ask us to delete your data if it is no longer necessary for the above mentioned processing purposes or you could to withdraw your consent if this is the only legal basis.
D. You have the right to transfer your data.
You may ask us to receive in a readable form the data you have provided to us or ask us to forward it to another controller.
E. You have the right to restrict your processing.
You can ask us to restrict your data processing for the duration of the processing of the consideration of objections for the processing of your data.
F. You have the right to objection in the processing of your data.
You may oppose in the processing of your data or take back your consent and we will stop the processing of your data unless there are other compelling and legitimate reasons that prevail over your right.
13. HOW TO APPLY YOUR RIGHTS
For the above purposes, your request should be addressed in writing to the company at: firstname.lastname@example.org.
For any questions or suggestions or statements related to these issues, please contact us by email or by using the contact form.
In the above ways, you can still contact us for more information about the routing of your request.
14. MANAGEMENT OF REQUESTS
We will respond to your requests free of charge, without delay, and in any case within (1) one month after we receive your request. However, if your request is complex or there are a large number of your requests, we will notify you within one month if we need to take another (2) two months extension within we will respond to you.
If your claims are manifestly unfounded or excessive due to their recurring nature, we may impose a reasonable fee, taking into account the administrative costs of providing information or executing the requested action or refusing to respond to the request.
15. APPLICABLE LAW
We process your Data in accordance with the General Personal Data Protection Regulation 2016/679/EU and in general with the current national and European legal and regulatory framework for the protection of personal data.
16. RIGHT OF YOUR APPLICATION
You have the right to submit a complaint in the Authority of Personal Data Protection (post office Kifissias 1-3, PC 115 23, Athens, tel. 2106475600, e-mail email@example.com) if you believe that your processing of your Personal Data violates the applicable national and regulatory framework for the protection of personal data.
17. MODIFICATION OF THIS POLICY
We will update this Policy whenever it is necessary. If there are any significant changes to the Policy or the way we use your Personal Information, we will notify you either by posting a notice at a prominent point before the changes take effect or with any other appropriate manner. We encourage you to read this Policy in order to know how could be protected your Data.
The Company is the responsible Data Processor that is processed.