Privacy Policy and Statement of Personal Data Protection
PRIVACY POLICY AND STATEMENT OF PERSONAL DATA PROTECTION
This document describes in detail the actions for compliance with the General Data Protection Regulation 2016/679, also known as GDPR . This Privacy Policy and Privacy Statement applies when we act as a data controller and describe how we process your personal data.
- Purposes of this Privacy Policy
- Principles that dictate tha data processing
- How we use your personal information
- Ways of data collection
- Security
- Purpose of processing personal data
- The company collects data
- Recipients of the data
- Processing of personal data by third parties
- User Rights
- Exercise of your rights
- Service Improvements and Measurements
- IP Address
- Cookies Policy
- Cookies Category used by our company
- Tranmission to non-EU countries
- Amendments
Import
The societe anonyme under the name N. LAKASAS - P. ARVANITIDIS S.A and with the distinctive title "OLYMPIA ELECTRONICS", which is located at the 72 km Old National Road of Thessaloniki - Katerini, and legally represented by Mr. Nikolaos Arvanitidis and Mr. Dimitrios Lakasas, the company which owns this website and its entire content, processes the personal data in accordance with the European Regulation EU 2016/679 as well as the relevant national legislation on personal data protection, from which is fully committed.
For the purposes of this Privacy Policy and Statement of Privacy:
-
"Personal data" means information relating to an identified or identifiable physical person. An identifiable physical person is one whose identity can be ascertained, directly or indirectly, in particular by reference to an identifier, such as name, identity number, location data, or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that physical person.
-
"Processing" means any act or set of operations carried out with or without the use of automated means of personal data or personal data sets, such as the collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, search of information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, erasure or destruction.
-
'Controller' means a physical or legal person, a public authority, a service or another entity which, alone or jointly with others, determines the purposes and means of the processing of personal data.
-
"Processor" means a physical or legal person, a public authority, a service or another entity processing personal data on behalf of the controller.
-
"Recipient" means a physical or legal person, a public authority, a service or another entity to which personal data are disclosed, whether third or not.
-
"Third party" means any physical or legal person, public authority, service or entity, with the exception of the data subject, the controller, the processor and the persons who, under the direct supervision of the controller or the person processors, are authorized to process personal data.
-
"User" means any person visiting our web site.
-
"Consent" of the data subject means any indication of will, free, specific, explicit and in full knowledge, by which the data subject expresses that he or she agrees, with a declaration or with a clear positive action, that the personal data that concern him/her will be the subject of procession.
Principles that dictate the data processing
The Company, when processing your simple personal data on its website, complies with the principles governing lawful data processing (No. 5 GDPR), namely:
1) The principle of legality, objectivity and transparency, according to this particular principle, the data are submitted in a fair and lawful manner in a transparent manner.
2) The purpose limitation principle that data is collected for specified, explicit, and legitimate purposes and is not further processed in a manner incompatible with those purposes.
3) The principle of proportionality, "minimizing data", according to which the data processed are relevant and necessary for the purposes of processing.
4) The principle of data accuracy, according to which the data is accurate and when necessary updated.
5) The principle of integrity and confidentiality, according to which the data are processed in a way that guarantees their security and protection against unlawful processing, loss, destruction or deterioration.
6) The principle of determining the length of the processing period, "storage period limitation", according to which data must be kept in a format that allows the identification of data subjects only for the time necessary to achieve the purposes of the processing .
7) The accountability principle of the controller, according to which the controller is responsible and should be able to demonstrate compliance with the Regulation before the supervisory authorities and the courts.
How we use your personal information
We then describe the categories of personal data we can process in the case of personal data that we did not obtain directly from you, the ways of collecting them, the purposes for which we can process the personal data and the legal bases of the processing.
As part of the use of our web site, we collect the following personal data:
- Identity data provided by used devices or applications, such as an IP address and cookie data, which alone or in combination with unique identifying information may be used to identify a person
- Communication data such as email address, fixed and mobile phone.
Ways of data collection
The Company may collect your data in the following ways:
- From expressions of interest in the sale of our products.
- From all kinds of contracts that we conclude either with the data subjects themselves or with the legal or physical persons with whom the data subjects are directly or indirectly related.
- From sending a contact form
- Contact with a Company representative via email, telephone or mail
- Subscribe to a Company newsletter
- Cookies stored on your computer or mobile device when you visit our website on our site.
Security
The Company recognizes the importance of the security of Personal Data and Electronic Transactions and its related obligations, and takes all necessary measures, using the most up-to-date and advanced methods, to ensure maximum security for the User. All information relating to the User's personal data is secure and confidential. We only collect your personal data if you choose to provide it and expressly consent to it by its type of processing and the ways described in this Policy and Privacy Statement.
- Our Company has experienced and skilled staff and takes appropriate technical and organizational measures to ensure that your personal data is transferred, stored and processed in accordance with appropriate security measures (anonymization, pseudonymization, data encryption, firewalls, authorized employees, personnel training, limited access) and in accordance with the terms of this Policy and Statement of Protection and Personal Data Protection Regulation 679/2016.
- We implement data management and security systems to ensure data protection from loss, unauthorized transmission or access as well as any other form of illicit processing.
- Any employee or collaborator of our company has access to your personal data, uses them to serve the following purposes only.
Purpose of processing personal data
The Company collects, upon your explicit consent, only personal data that is absolutely necessary to meet your requests and provide you with the services you choose under the best conditions and in the most effective way. If any additional information is required, you will be informed at the time of the data collection and you will be consulted again.
The Company collects data:
- For communication,
- The issue of official written offers and relevant sales documents, in accordance with the applicable legislation and the requirements of the financial services (VAT, taxis, etc.).
- To investigate the probability / potential of training and contracting in the context of our business activity.
- For the execution of all kinds of contracts we sign.
- To promote and advertise our products and services
- To satisfy / document your various electronic requests in the context of our business.
- To comply with our legal obligations.
- To fulfill our legitimate interests.
- For our legal and judicial protection.
- For our legal and judicial protection.
The processing of your personal data is legal and is based on Article 6 (a), (b), (c), (d) of European Regulation 679/2016. The legal bases of data processing on our behalf are either divisive or cumulative, the consent of the data subject, the performance of a contract to which the subject is a party, compliance with our legal obligations, the fulfillment of our legitimate interests and the preservation the vital interest of the data subject or other physical person, the performance of a duty carried out in the public interest or in the exercise of public authority assigned to the controller.
If the processing of the above data is based on consent, we apply all the procedures provided for the legal acceptance of such consent as provided for in Article 7 of Regulation 679/2016
Your personal data is not used for purposes other than those herein and provided by you unless we obtain your permission or unless this is required or permitted by law such as the exceptions provided by article 25 of Law 4624/2019.
Recipients of the data
Data recipients are our processing staff who are bound by confidentiality and privacy protection clauses.
Physical or legal persons to whom we assign the performance of specific tasks on our behalf in the context of contracts we conclude (eg transport companies). These people are "data processors".
Banks and credit institutions based in Greece that have been legally licensed and licensed for the purpose of executing contracts or transactions.
Supervisory, auditing, independent, judicial, public and / or other authorities and bodies within the framework of their legal responsibilities, duties and powers in order to comply with our legal obligations and / or our legitimate interests.
Companies of financial advisers and statutory auditors within the framework of their legal responsibilities, duties and powers and for the purpose of fulfilling our legitimate interests.
Our employees, our suppliers, our partners for the fulfillment of our contractual obligations towards our customers.
Processing of personal data by third parties
We may disclose your personal data to service providers, business partners and third parties, in accordance with applicable law. The Company will disclose personal data only in compliance with this Privacy Policy / Privacy Statement when required by applicable law. Agreements with these corporate partners will limit the purposes for which your personal data may be disclosed and processed as set forth herein and will require the adequate protection of your personal data as provided for in Articles 44-49 of Regulation 679 / 2016.
User Rights
The User has access to his or her personal data collected and processed by the Company, except for the exceptions provided by article 33 of L.4624 / 2019, as well as the right to be informed about the existence of the processing act and its purposes (No. 13, 14 GPDR) upon request by sending an email to e-mail info @ olympia-electronics or a relevant fax at +30 23530 51486 except for the exceptions provided by articles 31.32 of L.4624 / 2019. It also has the ability to change, correct, supplement and delete its personal data except for the exceptions provided for in article 34 of Law 4624/2019 processed by the Company and for this reasonhe will be able to contact us by sending an email to info@olympia-electronics.gr or by signing a fax at +3 023530 51486. In addition, he is entitled to receive or request the transfer of his data in machine-readable format by us to another controller if he so desires. The User has the possibility to revoke this consent for the processing of personal data by sending an email to info@olympia-electronics.gr or by attaching a signed fax to +30 23530 51486. Upon consideration of the relevant request and identification of the individual , the Company will, within a period of one month, make its satisfaction, provided that the request is lawful and valid. For any questions or information regarding the processing and protection of personal data, you may contact the Company by sending an email to info@olympia-electronics.gr or by calling our Customer Support Department at +30 23530 51486. In case of non-compliance within one month, the User reserves the right to terminate the complaint to the Personal Data Protection Authority (Kifissias 1-3, PC 115 23, Athens, +30 210 6475600, contact@dpa.gr).
In particular, you have the following rights, in accordance with European Regulation 679/2016 (hereafter GPDR):
- Right to access the data: You have the right to request access to your personal data in accordance with Article 15 of the GPDR except for the exceptions provided by article 33 of L.4624 / 2019. With the access request, you may be informed about the purposes of the processing, the relevant categories of personal data, the recipients to whom the data have been or will be communicated, the length of time for which they will be stored, the right to correct or delete data limitation of their processing or the right to object to processing, information on the origin of the data and the existence of automated decision-making, including training and profiling about the logic followed.
- Right to rectification: You have the right to request the correction of inaccurate data as well as the completion of incomplete data concerning you, in accordance with Article 16 of the GPDR.
- Right to restriction of processing: You are entitled to obtain, restriction of processing of your personal data under the conditions of Article 18 of the GPDR.
- Right to object to processing: You have the right to oppose processing of your data at any time and for reasons related to your particular situation in the processing of your personal data when it is based on Article 6 (1) (e) or the GPDR except for the exceptions provided by article 35 of L.4624 / 2019.
- Right to be forgotten: If you no longer wish to process and maintain your personal data, you have the right to ask for their erase, provided that the data is not complied with for a particular legitimate and stated purpose, in accordance with Article 17 GPDR except for the exceptions provided for in article 34 of Law 4624/2019.
- Right to data portability: You are entitled to receive or request the transfer of your data in machine-readable format from us to another controller, if you wish, in accordance with Article 20 of the GPDR
Exercise of your rights
For the exercise of your rights, you can contact our offices at 72 km Old National Road Thessaloniki, Katerini
As part of your requests, you must:
- You give us all the necessary information to identify you, as well as provide us with the relevant supporting documents to confirm your identity.
- You are clearly informing us about the information regarding your request.
Our Company will make every effort, within the framework of and in good faith, to respond to any such request within thirty (30) days of its submission. If we need an extension of this period, due to the complexity of the request or the number of outstanding requests, we will notify you without delay.
Service Improvements and Measurements
In addition, the Company collects information when you visit us online, as well as through the emails we exchange, about how the User uses the services, such as the type of content being displayed or the frequency and duration of his activities. Furthermore, the Company collects information from or on the devices through which the User acquires access to the services, depending on the rights he has delegated. The Company may associate the information it collects from the various devices of the User, as this contributes to the consistency of the Services provided. The collection of these data allows us to personalize your online experience, improve the performance, usability and effectiveness of the site and evaluate the effectiveness of the marketing activities of our services.
In particular, connection information is collected, such as:
- the name of the mobile phone provider or ISP,
- the language and the time zone of the browser,
- the geographic location of the access device, and its type (Google Chrome, Safari, etc.)
- the IP address of the online device through which you access the Website.
IP address
The IP address is a number assigned to your electronic device every time you access the internet and for information security and system diagnostics, this data is collected when you visit the website.
Cookies policy
Cookies are web-based tools for collecting and analyzing information that contain information stored in your computer's web browser when you browse our site to measure traffic, improve the functionality, content and overall appearance of our site and customized to the needs and preferences of our customers. Websites can only access cookies stored on your computer. Any website that you have accepted to store cookies in your browser can only access its own cookies, not cookies from other sites. They can also be removed at any time.
- In accordance with the European Directive E-Privacy 2009/136 / CC (to be replaced by a Regulation) and incorporated into Greek law by Law n.4070 / 2012, our website accepts the use of "cookies"
- By using our own website, and your prior consent that can be given through appropriate browser settings or other applications, e.g. with a pop-up window, you opt-in to process your personal data collected from social networks or search engines, e.g. Google Analytics, Facebook social plug-ins, Google+ etc. without any involvement, influence or control on the part of the Company.
Cookies categories used by our company.
1) Necessary Cookies
The necessary cookies allow you to perform the basic functions of the site. These cookies allow you to browse the site and use the features you've requested, such as access to secure sites on the Site. Without these cookies, we can not provide you with the services that allow this site to run.
2) Performance cookies
Performance cookies collect information about how visitors use the website. They allow us to see which pages visit more often or show us if they encounter a problem while navigating. These cookies do not collect information that identifies the visitor. All information collected by these cookies is aggregated and is used only to improve the way our site operates.
3) Function Cookies
These cookies "memorize" your preferences while browsing our site so that we can offer you the right products according to your needs. With these cookies you enjoy a personalized version of our site, so you can find what you're looking for much easier.
4) Cookies Analytics
It is a subset of the functionality cookies and allow us to evaluate the effectiveness of our site's various functions so that we can continually improve our experience.
We reserve the right to change this cookie policy at any time. Any changes to this Cookie Policy will apply as soon as the revised Cookie Policy becomes available on the Website.
Transmission to non-EU countries
We may transmit your personal data to non-EU countries. (third countries) only if:
- The European Commission has taken an "adequacy decision" on data protection laws in each of these countries or agreed with a body based in a third country standardized protection clauses issued by the European Commission or binding corporate rules or approved codes of conduct .
- The data subject has been specifically informed and has given his explicit consent to this and the other conditions of the applicable legal framework are met.
- This transmission takes place for the purpose of performing our contractual obligations and generally if one of the cases of Articles 44-49 of the GPDR is in force.
Retention and erasure of data
We only maintain the data for as long as it is necessary to fulfill the purpose for which it was collected.
- Delete inactive customer accounts: Every 12 months
- Deleting pending orders: Every 10 days
- Deleting failed orders: Every 10 days
- Deleted canceled orders: Every 10 days
- Deleting complete orders: Every 24 months
- If judicial proceedings in which we are parties are in progress until the end of the aforementioned period, the period of retention of the data will be extended until a final decision is taken.
- In the absence of a contract, the personal data will be kept for up to five (5) years from their collection, which is the legally prescribed time limit for non-contractual liability.
- The data will be kept for a shorter or longer period than the above if such a period is provided by the applicable legal framework.
Amendments
This Privacy Policy and Privacy Policy was published on 15/10/2019
We reserve the right to update this Privacy and Privacy Policy at any time by publishing the new version on our website.