Data Subject: any natural person whose personal data is processed by or on our behalf.
Personal Data: any information relating to a designated or identifiable natural person relating to his or her physical, physiological, psychological, emotional or economic status, cultural or social identity.
Processing: processing of personal data (“processing”), any work or series of tasks performed on personal data, such as the collection, registration, storage, modification, analysis, use, association, commitment (lock), deletion or destruction.
3. The Data we process
With your consent, we process the following common and sensitive personal data that you provide when you interact with the Website and use the services and functions it provides. This data includes in particular the name and surname, contact details, address, financial details, and the content of your specific requests, updates or reports as well as the additional data that may be obtained by the Data Controller, in the context of conducting the activity of (“Data”).
In order to be able to fulfill the requests you submit through the contact form and / or to provide updates on the side effects, it is necessary to consent to the processing of the data marked with an asterisk (*). Without these mandatory data or your consent we can not proceed further. On the other hand, information requested in fields not marked with an asterisk and your consent to download information material is optional, failure to provide it has no consequences.
In any case, even without your prior consent, the Data Controller may process your data to comply with legal obligations under EU law, regulation and law, to exercise rights in legal proceedings, to exercise its own legitimate interests and in all cases provided for, where applicable, in Articles 6 and 9 of the GDPR.
The processing is carried out both with the use of computers and in printed form and always implies the application of the security measures provided by the current legislation.
4. Why and how we process your data
The data are processed for the following purposes:
(i) to handle requests you make with the “Contact Form” and the “Payment Form”. The legal basis for the processing of personal data for this purpose is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation) and the performance of the contract to which you are a party to the data subject. ·
(ii) to manage adverse reaction reports submitted through the Website or Forms. The legal basis for processing for these purposes is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR), as well as the pursuit of any public interest (Article 9 (2) (i) of the Regulation). GDPR) and legal obligations;
In addition, but only with your voluntary consent which is the legal basis for processing in accordance with Article 6 (1) (a) of the GDPR:
(iii) to receive promotional material (direct marketing) from us – newsletters.
In the latter case, the informative emails will be able to be deleted from the relevant recipient list at any time, following the instructions contained in each communication. If you decide to unsubscribe from a service or communication, we will try to delete your data as soon as possible, although we may need some time and / or information before we can process your request.
By selecting the appropriate boxes you agree to the processing of your data for these purposes.
Your data may in any case be processed, even without your consent, for compliance with laws, regulations, EU law (Article 6 (1) (c) of the GDPR), for obtaining statistics on the use of the Website and its proper functioning (Article 6 (1) (f) of the Rules of Procedure).
Personal data is entered into our computer system in full compliance with data protection legislation, including security and confidentiality profiles, and is based on principles of good practice, legality and transparency regarding processing.
The data are stored for as long as it is absolutely necessary to achieve the purposes for which they were collected. In any case, the criterion used to determine this period is based on compliance with the deadlines set by law and the principles of data minimization, storage limitation and rational file management.
All your data will be processed in printed or automated media, ensuring in each case the appropriate level of security and confidentiality.
5. Principles applicable to processing
We are allowed to process your personal data in order to provide personalized services, based on the law (Article 6 (1b) of Regulation (EU) 2016/679) and the relevant National Implementing Law. Your personal data is not used for purposes other than those described herein, unless we obtain your prior permission, or unless otherwise required or permitted by law.
Personal data should be processed in a manner compatible with the purpose for which it was collected.
The principle of proportionality applies to the processing of personal data. Among other things, it creates the obligation not to collect personal data for no reason.
The personal data used should be accurate and up to date.
Personal data used that is no longer accurate and complete should be corrected or deleted.
Except in cases where there is a legal obligation to keep them for a longer period of time, personal data should not be kept for longer than is necessary for the purposes for which they were collected or processed.
The processing of personal data should be done in accordance with the principles of good faith. This means that data subjects can rely on the processors to show due diligence in all data processing matters.
Subjects whose personal data has been processed will be informed accordingly, upon request. In particular, they have the right to be informed of the purposes for which their data are processed, the type of data to which they relate, as well as the identity of the recipients of the data. Where necessary, data subjects also have the right to request the correction, non-transmission or deletion of their data.
The above rights can be restricted only if this restriction is provided by law. This is especially true when conducting scientific research.
In particular, personal data is protected against unauthorized disclosure and any unlawful processing. The measures implemented ensure a level of security commensurate with the nature of the data to be protected and the risks that may arise from its processing.
Our employees who deal with the processing of personal data are accordingly informed and trained. Procedures for the processing of personal data by third parties upon agreement will be set out in writing, ensuring that the contracting third party processes the personal data securely and complies with the principles set out in this Policy and the GDPR EU. In the event that the third party is deemed unable to ensure a satisfactory level of personal data security, we will terminate the cooperation with it.
6. People who have access to the data
The Data is processed by electronic and manual means in accordance with the procedures and practices related to the aforementioned purposes and is accessible by the staff of the Processor who is authorized to process the Personal Data and the supervisors and in particular the employees belonging to the following categories: technical staff, Information and Network Security personnel and administrative staff as well as other staff members who have to process the data in order to perform their duties. Any personal data that you declare anywhere on the pages and services of the website yannistsitselikis.gr are kept exclusively for reasons related to your transactions with us, the improvement of the services provided and the assurance of the operation of the respective service and may not be used by any third party (except as provided by law to the competent authorities only).
The data may also be disclosed to countries outside the European Union (“Third Countries”): (i) institutions, authorities, public bodies for institutional purposes; (ii) professionals, independent consultants – whether working individually or collectively – and others. third parties and providers that provide the Data Controller with commercial, professional or technical services required for the operation of the Website (eg provision of IT services and Cloud Computing) for the purposes mentioned above and for the support of the Company in the provision of services you requested;
The mentioned recipients receive only the necessary data for their respective functions and duly undertake their processing only for the purposes mentioned above and in accordance with the data protection laws. The Data may also be disclosed to other legal recipients specified from time to time by applicable laws.
With the exception of the above, the Data will not be disclosed to third parties, natural or legal persons, who do not perform commercial, professional or technical duties for the Controller and will not be disseminated. The recipients of the data will process them, as appropriate, as Data Processors, persons that perform the data processing or persons authorized to process personal data for the purposes set out above and in accordance with applicable data protection law.
With regard to data transfers outside the EU, even in countries whose laws do not guarantee the same level of protection of personal data privacy as provided by EU law, the Data Controller informs that the transfer will in any case be carried out in accordance with the methods permitted by the GDPR, such as user consent, standard contractual clauses approved by the European Commission, selecting parties to participate in international programs for the free movement of data (e.g. EU-US Privacy Shield) or implemented in countries considered safe by the European Commission.
7. Your rights
If you wish, you can request at any time to exercise the rights of Articles 15-22 of the GDPR Regulation, to be informed about your personal data held by us, their recipients, the purpose of keeping and processing them as well as the modification, correction or deletion of them, by sending a relevant e-mail to the addresses shown above, from the e-mail address of which you have stated, completing the application by completing the corresponding application that may be granted by the beneficiary with an attached copy of your police ID. You also have the right to review the personal data we hold and in general to exercise any right provided by law for the protection of personal data.
The personal data that you disclose to the beneficiary of the website through yannistsitslikis.gr, either during your registration or at a later stage, are collected, used and processed in accordance with the applicable provisions on personal data protection of the new European General Data Protection Regulation (EU) 2016/679.
You reserve the following rights in detail:
- Right to be informed about your personal data: Upon your request, we will provide you with information about the personal data we hold about you.
- Right to correct and supplement your personal data: If you notify us, we will correct any inaccurate personal data concerning you. We will fill in incomplete data if you notify us, provided that this data is necessary for the purposes of processing your data.
- Right to delete your personal data: Upon your request, we will delete the personal data we hold about you. However, some data will only be deleted after a specified retention period, for example because in some cases we are required by law to retain the data, or because the data is required to meet our contractual obligations to you.
- Right to seize your personal data: In certain cases provided by law, we will seize your data if you request it. Further processing of bound data is done only to a very limited extent.
- Right to withdraw your consent: You may revoke your consent to the processing of your personal data in the future at any time. The legality of the processing of your data remains unaffected by this action, to the point of revoking your consent.
- Your right to object to the processing of your data: You may at any time object to the processing of your personal data in the future if we process your data on the basis of one of the legal grounds provided for in Article 6 (1e or 1f) of Regulation (EU) 2016/679. If you object, we will stop processing your data, provided there are no legitimate grounds for further processing.
8. Security of Personal Data
Giannis Tsitselikis applies specific technical and organizational security procedures in order to protect personal data and information from loss, misuse, alteration or destruction. Our partners who support us in the operation of this website also comply with these provisions.
Giannis Tsitselikis makes every reasonable effort to keep the personal data collected only for the period for which it is needed for the purpose for which it was collected or until its deletion is requested (if this happens earlier), unless it continues to comply with the provisions of the current legislation.
9. Links to other sites
10. Policy Reviews
We reserve the right to modify or periodically revise this Policy at our sole discretion. In the event of any changes, the date of modification or revision hereof shall be recorded and the updated version hereof shall be effective for you from that date. We encourage you to periodically review this Statement to see if there are any changes to the way we handle your personal data.
This is a Declaration of Conformity with the provisions of EU Regulation 2016/679 and the National Implementing Law.
Date of last revision: 10/02/2021