PERSONAL DATA PROTECTION POLICY 


This website of the company with the name "Th. GIANNAKOS SINGLE-PERSON IKE", recognizes and respects the right to protection of personal data of internet users, in accordance with European Regulation 2016/679 and Law 3471/2006. This policy document describes the collection and processing of user data when visiting or using the services provided on our website. The visitor to our website and/or user of our services must carefully read the terms and conditions for the protection of their personal information mentioned here. 

Data Controller 

The controller is the company "Th. GIANNAKOS SINGLE-PERSON IKE" based in Karditsa at the 5th kilometer of Karditsa - Athens, Karditsa 43100, tel. 2441028438, fax: 2441062365, email: giannakosth@gmail.com  

What personal data do we collect and for what purpose 

When visiting and navigating our website, the user's web protocol address is automatically recorded, through which, however, no identifiable information about the user's physical identity is revealed, but these are used exclusively and only for statistical purposes of traffic. In addition, cookies are collected, the processing of which you have consented to. 

The data is processed in order to provide you with access to the information on our website. 

We also provide the possibility of communication by sending comments via a contact form, in which the name, e-mail address and telephone number of the user who wishes to contact our Company are registered. 

Legal basis for processing personal data 

The legal basis for processing personal data is consent when visiting our website and when using the contact form. 

Data recipients 

The personal data of visitors and/or users of our website services are not transferred to third party recipients. 

Data retention period 

Personal data concerning website visitors and/or users of our online services are collected and retained for the strictly necessary time and then deleted. 

Contact data for the contact form will be retained for six months for the sole purpose of communication. 

Data Security 

To protect the personal data of website users and visitors, we use a secure connection (https://) and data security measures to prevent the risk of loss, misuse, unauthorized access and disclosure of your personal information. 

Your rights 

Regarding the protection of your personal data, you have the following rights: 

  1. a) right of access, i.e. the right to be informed whether personal data concerning you are being processed, 
  2. b) right to rectification, i.e. the right to request the correction of inaccurate personal data, 
  3. c) right to erasure, i.e. the right to request that personal data concerning you to be erased, 
  4. d) right to restriction of processing where the accuracy of the data is contested, unlawful or for other reasons 
  5. e) right to portability, i.e. the right to request to receive the data concerning you in a structured, commonly used and machine-readable format and to transmit those data to another controller and 
  6. f) right to object to the processing of your personal data, unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms. 

To exercise your rights, you can contact our company's telephone numbers or by sending an e-mail to the e-mail address: giannakosth@gmail.com or by post, to our above address or by fax to the above number. 

Right to complain 

You have the right to appeal to the Personal Data Protection Authority for issues concerning the processing of your personal data. For the Authority's competence and how to submit a complaint, you can visit its website (www.dpa.gr) where detailed information is available. 

 

Privacy notice for the processing of personal data through a video surveillance system 

 

  1. Data Controller: 

Th. GIANNAKOS SINGLE-PERSON IKE, 5th km. Karditsa-Athens, tel. 30 24410 28438 

  1. Purpose of processing and legal basis: 

 

We use a surveillance system for the purpose of protecting persons and property. The processing is necessary for the purposes of legitimate interests pursued by us as a controller (Article 6 (1) (f) GDPR). 

  1. Analysis of legitimate interests: 

Within the framework of the safe operation of the company and its logistical infrastructure, a closed circuit of visual recording operates in certain areas of the company. 

Our legitimate interest consists in the need to protect our premises and the goods located therein from illegal acts, such as, for example, theft. The same applies to the safety of life, physical integrity, health and property of our staff and third parties who are legally present in the monitored area. We only collect image data and limit the recording to areas that we have assessed as having an increased probability of committing illegal acts, e.g. theft, such as in our cash registers and at the entrance, without focusing on areas where the privacy of the persons whose image is taken may be excessively restricted, including their right to respect for personal data. 

The data collected through this is never used for any purpose other than security. 

  1. Recipients: 

The material kept is accessible only by our competent / authorized personnel who are responsible for the security of the site. This material is not transmitted to third parties, with the exception of the following cases: a) to the competent judicial, prosecutorial and police authorities when it includes data necessary for the investigation of a criminal act, which concerns persons or goods of the controller, b) to the competent judicial, prosecutorial and police authorities when they request data, lawfully, in the exercise of their duties, and c) to the victim or perpetrator of a criminal act, when it concerns data that may constitute evidence of the act. 

  1. System Description: 

The system consists of ten (10) closed-circuit cameras which record only legally permitted areas, at the entrance of the building and at the entrances and exits of the ground floor areas, where there is appropriate signage. 

The persons who operate the system are the owners of the business and the respective authorized processors for this purpose. You can be informed at any time about who these individuals are from the management of the business by your verbal or written request. 

  1. Retention period: 

The data, provided that no incident occurs, are retained exclusively for a period of fifteen (15) days after which they are automatically deleted. In cases of a security incident, the relevant part of the recording is isolated and may be retained for an additional 30 days for the purpose of investigating the incident and initiating legal proceedings to defend our legitimate interests, while if the incident concerns a third party, we will keep the video excerpt for up to three (3) more months. 

  1. Rights of data subjects: 

Data subjects have the following rights: 

  • Right of access: you have the right to know whether we are processing your image and, where applicable, to receive a copy of it. • Right to restriction: you have the right to ask us to restrict processing, such as not deleting data that you consider necessary for the establishment, exercise or defence of legal claims. • Right to object: you have the right to object to processing. • Right to erasure: you have the right to ask us to delete your data. 

You can exercise your rights by sending an e-mail to giannakosth@gmail.com or a letter to our postal address or by submitting the request to us in person at the company’s address. In order for us to consider a request related to your image, you will need to specify to us approximately when you were within the range of the cameras and provide us with an image of you, to facilitate our identification of your data and the concealment of the data of third parties depicted. Alternatively, we give you the opportunity to come to our premises to show you the images in which you appear. We also point out that the exercise of the right to object or erasure does not entail the immediate deletion of data or the modification of the processing. In any case, we will respond to you in detail as soon as possible, within the deadlines set by the GDPR. 

  1. Right to lodge a complaint: 

If you consider that the processing of data concerning you violates Regulation (EU) 2016/679, you have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for Greece is the Data Protection Authority, Kifissias 1-3, 115 23, Athens, https://www.dpa.gr/, tel. 2106475600.