GDPR | General Data Protection Regulation
The Company informs you, in accordance with Regulation (EU) 2016/679 and the provisions of the relevant Greek legislation on the protection of personal data, in its capacity as controller, that it processes your personal data, collected or upon request for the provision of a service, either at a later date, including those resulting from the conclusion and operation of a contract (s) with the Company, or in the context of, generally, relations and transactions with the Company, as set forth below:
1. What personal information does the Company collect and from where?
a) Your contact details: email address, name etc. The data is collected directly from you.
b) Data from the use of the Company's electronic and / or digital services (eg cookies, IP addresses, site data or other online identifiers) in accordance with their specific terms.
If you provide us with personal data of third parties, you should have obtained their consent and have referred them to this Company Information.
2. Why the Company collects your data and for what purposes it processes it
The Company collects and processes your personal data: This processing of the following data serves purposes such as:
a) Your identification and communication with you during both the pre-contractual and the contractual relationship with you, as well as any other transaction with the Company.
b) The preparation of the contract with you, its execution and generally its smooth operation and the fulfillment of the Company's liabilities to you.
c) Providing ancillary services for your information. (Eg Weekly newsletter for our news etc).
d) For purposes of legitimate interests of the Company or a third party. Such processing of such data serves purposes such as the security of the Company's IT systems, facilities and assets, the protection of the Company's legal rights and interests, the updating and / or participation in promotions for news products and / or services, unless your consent has been lawfully selected for such processing. This treatment is preceded by a weighting that does not override your interests or fundamental rights and freedoms that impose the protection of your data.
e) With your consent. In cases where we have requested and obtained your consent, the processing of the following data is based on this consent. In such cases, you have the right to revoke your consent at any time, without prejudice to the legality of the processing based on your consent prior to revocation.
3. Who are the recipients of your dataWhen fulfilling the Company's contractual and legal / regulatory obligations, serving its legal interests, and where the Company is authorized or has obtained your consent, your data may, for example, be as follows:
a) The employees of the Company responsible for the evaluation of your claims, the management and operation of the contract (s) with the Company, the fulfillment of the obligations arising therefrom, and the related obligations required by law.
b) Supervisory, Independent, Judicial, Public Prosecutor, Public and / or other authorities or bodies or parties entrusted with the control / monitoring of the Company's activities within their jurisdiction.
4. Can the Company transmit your data to third countries (outside the EU)
a) The Company does not transmit any of your data to third countries outside the EU.
5. How long will the Company keep your data?
In the event that you enter into a contract with the Company, your personal data will be kept for the entire duration of the contract. In any event of termination of the contract, the Company may keep your personal data until it is completed in accordance with the statutory time limit for the general limitation of the claims, that is to say, twenty (20) years after any termination thereof.
6. What rights do you have to protect your data
You have the following rights: a) Know the categories of personal information we hold and process, their origin, the purposes of their processing, the categories of their recipients, their retention time, and your related rights (right of access) .
b) Request correction and / or supplementation of your personal data so that it is complete and accurate (correction right), providing any necessary documents that may result or need correction or supplementation.
c) Ask for restriction on the processing of your data (restriction right).
d) Oppose any further processing of your personal information we hold (right to object).
e) Request the deletion of your personal data from the files we hold (right to forgetfulness).
g) Request the transfer of your data from the Company to any other processor (right to data portability).
h) To file a complaint with the Personal Data Protection Authority (www.dpa.gr) if you believe that your rights are in any way infringed.
As for email newsletters that the company sends you regularly, you can opt out of receiving them by following the links in the emails.
Finally, when accessing the Site you can choose whether you wish to collect cookies for statistical purposes.
7. How you can exercise your rights
To exercise your rights, you may apply by email at info (at) estro.gr.
The Company will make every effort to respond to your request within thirty (30) days of submission. This deadline may be extended for an additional sixty (60) days, if deemed necessary at the absolute discretion of the Company taking into account the complexity of the request and the number of requests. The Company will notify you in any event of an extension within thirty (30) days.
The above service is provided by the Company free of charge. However, if the Client's requests are manifestly unfounded, excessive or repetitive, the Company may either impose a reasonable fee on the Client by informing him or refusing to respond to his request (s)
8. Data Protection Officer
You can contact the Data Protection Officer for questions regarding the processing of your personal information at info (at) estro.gr.
9. How the Company protects your personal data
The Company applies appropriate organizational and technical measures for the security of your data, the protection of confidentiality, their processing and their protection against accidental or unauthorized destruction, accidental loss, tampering, prohibited dissemination or access and any other form of unauthorized processing.
This update replaces, from 09.12.2018 (the date of entry into force of Regulation (EU) 2016/679 on the protection of personal data), any other prior general information on the processing of your personal data. The Information Sheet is also posted on the Company's website at www.estro.gr and is also available from the Company's offices.