Privacy Policy
Introduction
This Privacy Policy is intended to inform you about the use of your personal information during your visit to www.benefitsingreece.com and to assure you that ‘Benefits In Greece’ (‘the comrany’) has taken all necessary measures to comply with the new General Regulation for the Protection of Personal Data but also in general with the Greek and Community legislation on the safeguarding of privacy.
This policy concerns only natural persons.
The company assures that it provides its services with full respect for the personal data communicated to it and guarantees that the processing of all data relating to natural persons is carried out in full compliance with the principles of lawfulness, transparency and accuracy of the information and with full security on the confidentiality, integrity and availability of such data.
Before proceeding with any communication, you must also accept the terms stated in this policy (mandatory) in addition to the terms of use.
Processing
- Collection
The site collects only the personal data you provide when you visit it, when you sign up for newsletters or in order to communicate with the company by e-mail.
Such data may include, depending on what you provide:- IP address
- Username
- Name(s)
- Address
- Email address
- Phone
The company has appointed a specific person responsible for managing the data.
- Collection
- Use
The personal data gathered from the use of the website are used only by the company and only for the fulfilment of its obligations or the promotion of newsletters. The company, after you have browsed its site, reserves the right to send you informative material. However, if you do not wish to receive any material from the company in the future, you can immediately send an e-mail here. The company does not promote your data to third parties. However, it is possible that you will receive promotional material due to the use of Google Analytics cookies. To delete the relevant cookies, read the Cookies Policy.
- Use
- Storage – security – deletion
The Company makes every effort to ensure that the personal data it collects are protected against accidental and illegal invasion, alteration and destruction and against any other illegal action.
The personal data transmitted by the user of the website are kept by the company for as long as you wish to communicate with the company. For ex. if you send the company an e-mail, your data will be kept in order for the company to come back to you or send you newsletters and will not be deleted unless you ask the company to do so. Once your data is deleted, it is permanently deleted and cannot be recovered.
In the case of “links” to other sites, the site is not responsible for the terms and conditions of management and protection of personal data they follow.
- Storage – security – deletion
- Disclosure
As stated above, the company does not disclose the data it collects to third parties. However, at the request of the competent authorities and provided they have followed the lawful procedure, access to the data held by the company may also be granted to them. The company will not use other processors for processing purposes. The company’s personnel and co-operators are all bound by confidentiality even after the expiration of the contract linking each employee to the company.The company does not transmit your data outside of the EEA.
3. What is the legal basis for processing your data from the company?
We process your data:- Because you gave us your consent (eg newsletter).
- Because we have to comply with the law.
- Because we have to fulfil our contractual obligations against you.
- Because we have to protect our legitimate interests.
Safety measures
The company takes all the physical, technical and organizational measures to securely process your data.
Questions, Requests, Complaints to the Company
Every natural person – data subject has the right to access his / her data. In addition, the subject has the right: a) to contest the validity of the data, b) to request suspension, withdrawal, prohibition, deletion of his or her personal data and to declare the withdrawal of his / her consent for their observance, c) and to learn the means of data protection, as well as all the details of their processing by the company as well as to request a copy of the data kept by the company, d) to request the portability of his data, e) to complain and to claim damages if (s)he proves that (s)he has suffered damage from keeping inaccurate, false, anachronistic and illegally collected data. (S)he also maintains the right to submit complaints to the Personal Data Protection Authority.
The company will attempt to respond as quickly as possible to the requests of each user / member. One week is considered reasonable.
Modification of the data protection policy
The company reserves the right to unilaterally change the privacy policy of the site but only in order to implement stricter security measures.
How to communicate
For any subject regarding personal data, you can contact the company in the following ways (phone, mail, etc.).
If you wish to change or delete data, you need to send us exactly the information you wish to modify / delete.
Jurisdiction
This policy is governed by the provisions of Greek and Community law. For any dispute that may arise in relation to personal data, only the courts of Athens are competent and only the Greek law is applicable.
ANNEX
Definitions
- ‘Personal data’ (or data) means any information relating to an identified or identifiable natural person (‘data subject’).
- ‘processing’ means any act or set of operations carried out with or without the use of automated means in respect of personal data or personal data sets, such as collection, storage, adaptation, alteration, retrieval, disclosure, erasure or destruction.
- ‘Data subject’ means the natural person whose personal data are collected. For the purpose of the present data subjects are the visitors of the website.
- ‘Controller’ means a natural or legal person, a public authority, a service or another body which, alone or jointly with others, defines the purposes and the manner in which personal data are processed. For the purposes of the present, the company is the only controller.
- ‘Subcontractor or Processor’ means a natural or legal person, a public authority, a service or other entity processing personal data on behalf of the controller.
- ‘Consent’ of the data subject means any indication of will which is free, specific, explicit and in full awareness, which is provided with a declaration or a clear positive action, by which the data subject demonstrates that (s)he agrees to the processing of their personal data. Consent can be given validly and digitally by clicking on a checkbox or by clicking on a link that says “I agree”.
- ‘Violation of personal data’ means a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to the personal data transmitted, stored or otherwise processed by the controller.
- ‘Purpose of processing’ means the reason for which the controller is processing the data under its control.
- ‘Authorities’ means all judicial and administrative authorities, whether independent or not, who have the right to request personal data from the company pursuant to EU law and the laws of Greece.
- ‘Third parties’ means any natural or legal person, public authority, service or body, with the exception of the data subject, the controller, the processor, the subcontractor and the persons under the direct supervision of the controller , the processor or the subcontractor that are authorized to process personal data.
- ‘Employees – co-operators’ means all natural and legal persons directly related to the company, either in an employment or a provision of services relationship, that are remunerated by the Company for the provision of work or services.