privacy policy

Effecttive Date: December 07, 2018

We wrote this privacy policy to inform you about your personal data we collect, how we collect them, how and why we use them, the duration of data storage and your rights about your data. We collect and process your personal data on the basis of the General Data Protection Regulation GDPR 2016/679, which is in immediate effect since May 25th 2018 in all members – States of the European Union. Please read carefully the following text before you use our website and our online services.

General Information

Personal data is any information related to an identified or identifiable individual (“Subject of the data”).

The web host of this website is responsible for collecting and processing your personal data (“Controller”). The web host is:

Konstantinos Kotsalis

Agiou Vasileiou 11, Thessaloniki, Kalamaria, Greece, Postal code 55133

Email: [email protected]

Telephone: 001 6469719275

On our web server a Security Sockets Layer (SSL) certificate is installed, which ensures a secure connection and a safe data transfer between the user’s browser and the website’s server. The SSL certificate encrypts the data, which are transferred and prevents the interception of your data from hackers. You can confirm it by looking the first part of our website’s address above, which is changed from the standard http to https.

A child who is under the age or 16 years old (article 8 paragraph 1 GDPR) should not use our website or our online services without parent’s consent or the consent of the person who has the child’s parental custody.

When you visit our website

When you visit our website without using any of our online services, information is sent automatically from your device (laptop, tablet, etc.) to the server of our website. The following information is collected and stored on a log file:

  1. Date and time of access

  2. IP address (Internet Protocol Address) of the requesting device

  3. Browser type/version used

  4. Operating system used

  5. Website from which access is made (referrer URL)

  6. Name of your access provider

  7. Name and URL of the file

  8. Amount of data sent in bytes

We are using this information for the following purposes:

  1. To ensure a smooth connection

  2. To provide you a comfortable use of the website

  3. To continuously improve our website’s function

  4. To evaluate our system’s security

  5. To detect and prevent of attacks on our website

The legal basis of data processing is the article 6 paragraph 1 section f GDPR. The legitimate interest follows the above mentioned purposes.

Duration of data storage: Your data are temporally stored on a log file. As soon as you exit our website, your data are deleted automatically.

Recipients and third parties: We do not allow the disclosure of your data to third parties.

Contact form

You can request from us any further information you need about our services. In this case, we collect the personal data you provide us voluntarily. Specifically, we collect and process the following data:

  1. First and last name

  2. Telephone number

  3. Email address

The purpose of the data processing is the direct response to your request.

The legal basis of data processing is the article 6 paragraph 1 section a (consent) GDPR.

You can withdraw your consent at any time. The processing of your data which was based on your consent is lawful for the time period before the withdrawal of your consent. You can request the deletion of your data via email (see the paragraph 11).

Duration of data storage: We store your data for as long as it is necessary for our communication and for 24 months after our last contact. Of course we can delete it earlier if you request it.

Recipients and third parties: We do not allow the disclosure of your data to third parties.

e-shop

In our website’s e-shop, you can buy informational technology (IT) services. You can place your order via our website, but you have to provide us with the following information:

  1. Your first and your last name

  2. Country of residence

  3. City of residence

  4. Postal address

  5. Telephone number

  6. Email address

  7. VAT ID

We need this information because i) we are able to identify you as a client and ii) this information is necessary for the payment processing.

The legal basis of data processing is the article 6 paragraph 1 section b of GDPR. Your information is necessary for the fulfillment of the contract.

Duration of data storage: We store your data for as long as we are obliged to due to tax or legal reasons.

Recipients and third parties: We do not allow the disclosure of your data to third parties.

Payment with Viva Payments or with Paypal

It is your choice. Your transaction is safe in any case.

  1. Viva Payments

It is a licensed e – money institution for money transactions inside European Union’s area.

After you have entered the above mentioned information, there is a link that redirects you to Viva Payments’ website.

In Viva Payments’ website, you have to give your credit card’s details. You do not need to have or create an account. We do not have access to this information so we are not responsible for it. Viva Payments is responsible for the process and the protection of your data. You can read Viva Payments’ privacy policy by visiting its website.

  1. Paypal

Paypal is an American company which offers an online payment system worldwide. It makes transactions and money transfers easier. Paypal’s headquarters are located in San Jose, California, U.S. Paypal Europe’s headquarters are located in Luxemburg (22-24 Boulevard, 2449 Luxemburg).

After you have entered the above mentioned information, there is a link that redirects you to Paypal’s website.

In Paypal’s website, you have to give your credit card’s details. You do not need to have or create a Paypal account. We do not have access to this information so we are not responsible for it . Paypal is responsible for the process and the protection of your data. You can read Paypal’s privacy policy by visiting its website.

Job opportunities – Send us your CV

We will process it and if you are the perfect candidate for a job opening, we will inform you within 5 days from the day you sent your CV.

The legal basis of data processing is the article 6 paragraph 1 section a (consent) of GDPR.

You have the right to withdraw your consent at any time. The process of your data which was based on your consent is lawful for the time period before the withdrawal of your consent. You can request the deletion of your data via email (see the paragraph 11).

Duration of data storage: i) In case you start working with us, we will keep your CV for as long as you are working with us. ii) In case we don’t have a job opening for you at that time we will keep your CV in our files for 24 months since the day you sent it. Of course we can delete it earlier if you request it.

Recipients and third parties: We do not allow the disclosure of your CV to third parties.

External Associates

If you are interested in being one of our external associates, you can fill the form which you can find on our website. You have to provide us with the following data:

  1. First and last name

  2. Country of residence

  3. City of residence

  4. Postal address

  5. Email address

  6. Telephone number

  7. Website

  8. Company’s name

We need this information in order to contact you and answer at your request.

The legal basis of data processing is the article 6 paragraph 1 section a (consent) of GDPR.

You have the right to withdraw your consent at any time. The processing of your data which was based on your consent is lawful for the time period before the withdrawal of your consent. You can request the deletion of your data via email (see the paragraph 11).

Duration of data storage: i) If you will eventually be an external associate, we will retain your data for as long as you work as an external associate. ii) If we reject your application at that time, we will retain your data for 24 months in case something changes. Of course we can delete it earlier if you request it.

Recipients outside from European Union

Only in the case of Google Analytics (U.S.A) (see our cookies policy), your data are transferred to third countries or international Organizations, but after your IP’s anonymization, you cannot be identified. In any other case and under any circumstance, we do not transfer your data to third countries or international organizations.

Data Subject’s Rights

You have the following rights:

  1. Right to withdraw your consent: When the processing of your data is based on your consent, you can withdraw it at any time and without any cost (article 7 paragraph 3 GDPR).

  2. Right to access your personal data: You have the right to obtain confirmation (from the controller) as to whether or not your data are being processed. You also have the right to get information about: the processing purposes, the categories of data concerned, recipients or categories of recipients to whom the data are disclosed, the duration of data storage, the existence of rights to rectify or to erase personal data, or to restrict personal data processing, the existence of the right to lodge a complaint with the supervisory authority, the existence of any automated processing data (article 15 GDPR).

  3. Right to rectification: You have the right to ask from the controller to rectify without delay your inaccurate personal data. You have also the right to have incomplete personal data completed including by means of providing a supplementary statement (article 16 GDPR).

  4. Right to erasure (right to be forgotten): You have the right to have your personal data erased. The controller should erase it in the following cases: when the data are no longer necessary regarding the purposes for which they were collected or otherwise processed, when you withdraw your consent on which the processing is based and there is no other legal ground for the processing, when you object the processing and there are no overriding legitimate grounds for the processing, when your data have been unlawfully processed, your data have to be erased for compliance with a legal obligation Union or Member State Law to which the controller is subject, when your data have been collected concerning the offer of information society services to children pursuant to Article 8 of the GDPR (article 17 GDPR).

  5. Right to restriction of processing: You can request the controller to restrict processing in the following cases: when the accuracy of the personal data is contested, when the processing is unlawful and the data subject requests that the use of the personal data be restricted instead of erased, when the data must be kept for the exercise or defence of legal claims, when you have objected to processing pursuant the Article 21 paragraph 1 pending the verification whether the legitimate grounds of the controller override those of the data subject (article 18 GDPR).

  6. Right to data portability: You have the right to receive you personal data which you have provided to the controller and you have the right to transmit those data to another controller without a hindrance from the previous controller. This right applies in situations where your data are processed by automated means on the basis of consent or where your data processing is necessary for the performance of a contract and is carried out by automated means. You can request the controller to have your data transmitted directly to another controller if this is technically feasible.

  7. Right to object: You have the right to object to us processing your data where the legal basis for the processing is the controller’s performance of a task carried out in the public interest (articl6 paragraph 1 section e GDPR), or where the processing is based on the controller’s legitimate interests (articl6 paragraph 1 section f GDPR). You can also ask us to stop using your data, when we use them to send you marketing emails. We will send marketing emails, only if you agree to it.

How you exercise your rights

You can contact us by email in the following email address at [email protected]

Right to lodge a complaint

The supervisory authority in Greece is Hellenic Data Protection Authority (www.dpa.gr.)

If you are of the opinion that the way we process your data violates data protection regulations, you can complain to a supervisory authority in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement (article 77 GDPR).