Last Updated: 31/08/2021
The protection of your personal data is a key priority for us.
Personal Data: Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person shall be one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
Processing: Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data Subject: The data subject is any identified or identifiable natural person whose personal data are processed by the controller in question;
Controller : The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for his or her appointment may be provided for by Union or Member State law;
Processor: The natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller;
Consent: Any freely given, specific, explicit and informed indication of the data subject's intention to express his or her agreement, by a statement or by a clear affirmative action, to the processing of personal data concerning him or her;
Recipient: The natural or legal person, public authority, agency or other body to which the personal data are disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the context of a particular investigation in accordance with Union or Member State law shall not be considered as recipients; such data shall be processed by those public authorities in accordance with the applicable data protection rules depending on the purposes of the processing;
Third: Any natural or legal person, public authority, agency or body, with the exception of the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process the personal data;
Special Categories of Data: 'genetic data' means personal data relating to the genetic characteristics of a natural person inherited or acquired, as resulting, in particular, from an analysis of a biological sample of that natural person and which provide unique information on the physiology or health of that natural person;
'biometric data': personal data resulting from specific technical processing related to the physical, biological or behavioural characteristics of a natural person and which allow or confirm the unambiguous identification of that natural person, such as facial images or dactyloscopic data;
'health-related data': personal data relating to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her state of health;
Profiling: any form of automated processing of personal data consisting in the use of personal data to evaluate certain personal aspects of a natural person, in particular to analyse or predict aspects relating to the performance at work, financial situation, health, personal preferences, interests, reliability, behaviour, location or movements of that natural person.
2. What data do we collect about you?
We only collect data that is strictly necessary, that is relevant and appropriate for the intended purpose. The personal data we collect and process belong to the following categories and may not concern you in their entirety. Specifically, we collect:
a) Identity data (e.g. first name, surname).
b) Contact data (e.g. e-mail address).
c) Data collected through Cookies, e.g., your computer's IP address, browser type and operating system, the speed of your connection and information about the software programs installed on your computer, basic information about the connection to the server and information collected through Cookies.
Special categories of data, such as information about religion, political opinions, health or sexual orientation, are not collected unless you choose to provide such information.
3. What are the purposes for collecting your personal data and on what legal bases?
We collect and process your Personal Data:
a) To answer questions you have asked us about the activity of our company or to resolve problems you may be facing regarding the use of our website. Legal basis of the processing: The processing of your data is necessary in order to respond to your request.
The website https://www.crethidev.gr/ contains information allowing for quick electronic contact, as well as direct communication with us, it also contains a general e-mail address (e-mail address). If a data subject contacts the controller by e-mail or through the contact form, the personal data transferred by the data subject shall be automatically stored. Such personal data that are voluntarily transmitted by the data subject to the data controller shall be stored for the purpose of processing them or of communicating with the data subject. Such personal data shall not be transferred to third parties, subject to a legal obligation to provide the data or where their transfer serves the purpose of criminal prosecution.
As data controller, we provide, at any time, information to each data subject upon request of the type of personal data held about the subject. Moreover, as we must, we correct or delete personal dataat the request or suggestion of the data subject, to the extent that there is no legal obligation to keep them, and in this respect we are at the disposal of the data subject as contactor communication.
b) When we accept relevant warrants of courts or public authorities, the controller has the right to disclose any personal information of yours in order to respond to such requests. Legal basis of the processing: Compliance with our legal obligations (Art. 6(1)(c) of the GDPR).
5. Who are the Recipients of your data?
Access to your Data is available to our absolutely necessary staff, who are committed to confidentiality in order to carry out their duties. Your data may be disclosed to our technical support companies, our lawyers, for any claim of our legal claims.
6. How do we ensure that our partners respect your Data?
Our partners have agreed and are committed to maintain confidentiality, not to send your Data to third parties without our written permission and to take appropriate technical and organizational measures to protect them.
7. Do we transfer your Data outside the EU?
The website https://www.crethidev.gr, in the event that data are to be transferred to third countries outside the European Economic Area, for which there is no decision of the European Commission or to international organizations, all appropriate safeguards provided for in the applicable data protection legislation on transfers to third countries will be taken and the relevant information will be received and posted on our website.
8. When do we delete your data?
Your data is kept by us only for as long as necessary to fulfill the purpose for which you have communicated it to us unless an extension of this time is required due to our legal claims or legal obligations.
For the retention time of the Data collected through Cookies you can be informed by the Cookies Policy.
9. Personal data of minors
Our services are not directed to anyone under the age of 15. As a result, children's personal data are not processed and stored. For the processing of personal data of minors under the age of 15, the consent of a person with parental responsibility is required.
10. Security of your data
Ensuring your privacy is a key priority for us, for this reason we have taken all appropriate technical and organizational measures which for the protection of your Data which are reviewed and modified whenever necessary due to technological development.
12. What are your rights?
Right of access to your data: You can be informed by us about which Data are being processed, the purpose of the processing, the type of your Data we store, the storage period and whether automated decision-making takes place.
Right to correct inaccurate data: This means that if you have the right if you find that there is an error, to ask us to correct the inaccurate data as well as to fill in incomplete data (e.g., correction of name, e-mail address). In this case, we will need to verify the accuracy of the new data you will provide to us.
Right to delete your data: You can request the erasure of your personal data. This enables you to request that we delete or remove personal data in the event that there is no reason for us to continue processing it. Please note, however, that this right of yours may in certain cases not be possible for specific legal reasons that will be communicated to you, where applicable, at the time of your request.
Right to portability of your data: You can ask us to receive in a readable form the Data you have provided or ask us to transfer it to a third party.
Right to restriction of processing: You can request restriction of processing of your personal data. In particular, you can ask us to stop processing your personal data on the following cases:
(a) If you want us to redefine the accuracy of your personal data;
(b) when you believe that the use of your data is abusive, but you do not want us to delete your data;
(c) when we need to keep your data, even if we no longer require it from you, in order for you to be able to use it in case of your possible exercise of your rights.
Right to withdraw/object to the processing of your Data: You may object at any time to the processing of your Data or withdraw your consent, where it has been required at any time and we will stop processing your Data if there are no other compelling and legitimate reasons that override your right or if they are no longer necessary for the above-mentioned processing purposes.
13. How can you exercise your rights?
In case you wish to exercise any of the above rights please contact us at the e-mail email@example.com . Download the application file by clicking here.
Furthermore, we inform you that you have the right to lodge a complaint with the competent Authority for the Protection of Personal Data in case you believe that your rights have been affected by the processing of your personal data by us.
14. When do we respond to your requests?
We will respond to your requests free of charge and without delay, and in any case within (1) one month from the time we receive your request. However, if your request is complex or there is a large number of your Requests, we will inform you within the month if we need to receive an extension of another (2) months within which we will respond to you. If your requests are manifestly unfounded or excessive, in particular because of their repetitive nature, we may charge a reasonable fee, taking into account the administrative costs of providing information or performing the requested action, or refuse to act on the Request by justifying the reply to you.
15. Do we make use of automated decision-making/ including profiling when processing your Data?
We do not take decisions or do profiling, based on automated processing of your Data, except in the case of the use of "cookies" on our website, always after informing you and consenting.
16. What is the applicable law with regard to the processing of your Data by us?
The applicable law is Greek law, as formulated by the General Data Protection Regulation 2016/679/EU, and in general the applicable national and European and legislative and regulatory framework for the protection of personal data.
17. How will you be informed of any changes to this Policy?
18. Communication on issues of Personal Data Protection
For any issue regarding the processing of your personal data you can contact us at the following e-mail address: firstname.lastname@example.org