SECURITY AND PRIVACY POLICY – PRIVACY STATEMENT
Introduction
We treat the protection of your personal data with responsibility and believe that your data should only be collected and processed when absolutely necessary. For this reason, the website www.art4webdesign.com has been designed with appropriate operational and internal systems and complies with European data protection legislation (Regulation 679/2016 EU – GDPR).
This Privacy Policy sets the basis on which the company ANDRONIKI GEOR. EUSTRATIADOU PROVIDER OF INTERNET VIEWING SERVICES is legally represented (hereinafter, company), collects, uses, shares or otherwise processes personal data.
With this Privacy Policy, we aim to make it easier for you to understand what information we collect and why we collect it. We’ve also taken steps to improve the Privacy Settings Control and other controls we provide to secure your data and protect your privacy.
Nothing changes about your settings or how your data is processed. Instead, we’ve improved how we describe our practices and how we explain the choices you have for updating, managing, exporting and deleting your data.
We are making these updates as the General Data Protection Regulation (GDPR) comes into effect across the European Union. The General Data Protection Regulation (GDPR), designed to harmonize privacy laws across Europe, improves transparency rules on how companies describe their data processing. We are making some necessary updates to our Privacy Policy and are taking this opportunity to make improvements for our website users.
Responsible for processing your personal data
Address: 115 Prasinou Lofou, Heraklion, PO Box 14341.
Email Address: This email address is being protected from spambots. You need to enable Java Script to view it.
Our company manages the above website in its entirety, which has been designed with the appropriate operational and internal systems and complies with European legislation regarding data protection (Regulation 679/2016 EU – GDPR).
This Policy has been adopted by our company, which is also the controller of the personal data you provide us. Our company is responsible for protecting you every time you use the website and informing you of all the information you need, in accordance with articles 12, 13 and 14 of the new GDPR applicable from 25 May 2018 at the European level.
Personal data collected by our company
Personal Data is any information that refers to you, or can be attributed to you. Our company may collect simple personal data, such as (indicative) name, surname, e-mail address, telephone number and VAT number and D.O.Y. (if the T.P.Y version is required) as well as data that has a technical nature, such as email, which is processed according to what we analyze below.
In the event that we receive your personal data belonging to a special category (e.g. data related to your state of health), we undertake to process it even more carefully and only after your express consent, or in a manner permitted by the relevant legislation.
-Contact data: When you wish to contact our company, you provide us with your first name, last name, e-mail address and telephone number.
If you are under 18, you MUST have your parents’ consent before contacting the business.
Your above personal data is used by our Company in order to contact you after submitting a relevant request by you. We may collect your data either by phone (e.g. your phone call), online (e.g. your registration on the online communication platform), or physically (e.g. if you visit our office) in accordance with these terms of use and this statement, but also the data protection statement which is available at the company headquarters – our office.
We may also use both your e-mail and your telephone number to send you a message in case we have a problem communicating with you.
Our company collects, keeps and processes personal data of its partners, employees, such as for example name, address, date of birth, identity number, VAT number, etc., for the purpose of executing the employment contract, executing payroll and in accordance with the requirements of the relevant labor and tax legislation.
Also, our company may from time to time receive resumes of our prospective partners, where they disclose personal information about them, professional qualifications, work experience, etc. We collect this data, updating it whenever necessary, always observing the appropriate organizational and technical security measures and for as long as is necessary for the execution of the contract between us or if this is justified in view of our possible future cooperation.
Location Data and Online Data: Like most websites, this one, as you browse it, collects and processes personal data and information about you, either through third-party sources or directly from you who provide it to us.
The collection and processing of your personal data and information concerning you is carried out on the one hand for purposes directly related to the services you request from us and we offer you and/or for the purposes for which you have granted us your consent and always in accordance with the applicable laws and provisions regarding the protection of personal data. We keep your personal data for as long as is necessary to provide you with our services, and we keep some of them in accordance with our legal obligations as detailed below.
By browsing the website, the latter collects and processes personal data and information concerning you, mainly directly from you who provide it to us. Also, there is no automated way of collecting data, cookies, etc. during your navigation on the website. Our website does not hold a database of users so there is no encryption. For your navigation on our above-mentioned Website, your registration is not required, in which case the direct provision by you to us of your personal data or other information concerning you is not required.
The above data and information that you provide our Company uses for the purposes of advertising and promotion of its products and services, statistical purposes, for market research purposes in order to optimize our services, to measure the effectiveness of the website, to improve and upgrading its content, adapting it to the demand and needs of visitors, as well as to measure the effectiveness of the presentation and promotion of our business on third-party websites.
In addition, email service providers (as mentioned below) may use cookies that enable them to detect and record visitor interests, and in these cases we refer to “performance” or “functional” cookies. cookies. These cookies and other similar tracking technologies are primarily used to track user behavior for analysis purposes.
Email service providers may use other, similar technologies from time to time, such as webbeacons, pixels (or “cleargifs”) and other tracking technologies. These are tiny graphic files that contain a unique identifier that enables providers to recognize whether someone, in the case of webbeacons, has opened an email sent to them.
Email service providers may automatically place singlepixelgifs, known as webbeacons, in each email sent to you. These are tiny graphic files that contain unique identifiers that enable them to recognize when you opened an email message or typed in certain hyperlinks. In the event that you wish to activate or deactivate the use of cookies from your browser settings, depending on your browser, visit the following websites to learn about the necessary related actions.
– Internet Explorer
–Firefox
–Chrome
–Safari
–Safari for iPad and iPhone
In the event that the users of our company’s website are directed to third-party websites through special links (links, hyperlinks, banners), our company is not responsible for the terms of management and protection of personal data that they follow.
Purposes of collection and processing of personal data by our company
Information-promotion purposes: We collect the aforementioned communication data for the purpose of promotion information regarding the company’s products and services.
In addition, the data is collected for communication with the company and its employees (in person, by phone, via email, sms, social media, etc.), sending advertising emails and bulletins (newsletter, etc.), sending informative sms purposes, our own (our company’s) and third party’s (contracted with our company’s) promotional actions, invoicing and other tax or other legal reasons.
Analytics purposes: On occasion, we may collect the aforementioned location data and online data in order to derive information for our informational and promotional materials.
Legal basis of data collection and processing by our company
Consent: In order to process your personal data as described above, we rely on your consent. You can withdraw your consent at any time by contacting us at the details listed at the beginning of this.
Contractual Binding: Our company collects personal data in the context of the execution of a contract between the company and the customer.
Legal obligation: We do not sell, share or rent your personal data to third parties unless you have given us your consent (see above) or are required by law. We may share your personal data in the event that this sharing is necessary to establish, exercise or defend against legal claims, whether or not these are pending before the judicial authorities or it is an out-of-court procedure (e.g. conducting a credit check), but always under conditions that fully ensure that your personal data does not undergo any illegal processing. Our company does not collect or process personal data of minor children, unless it has the express consent of their parents. Our Company will under no circumstances receive more personal data from you than is necessary for each purpose for which it is collected.
Recipients of your data
Our company may transfer the personal data it collects about you, in accordance with the terms herein, to third parties, but always under conditions that fully ensure that your personal data does not undergo any illegal processing, i.e. other than the purpose of transmission and always in accordance with our company’s prior written agreement with them.
These agencies are always carefully selected by us and comply with the relevant legislation. In addition, your data may be transferred to countries within the European Economic Area, where all security requirements are met. In the event that we need to transfer your data outside the EEA, this will only be done in accordance with international security requirements and with the maximum protection of your data in mind.
Also, your data may be processed by employees of our company, however, the employees who may process your personal data are properly trained. The data kept in our file may be communicated to the competent judicial, police and other administrative authorities upon their legal request and in accordance with the applicable legislative provisions. In addition, in the event of a legal provision, official order or official preliminary examination, the Company has the right without objection to make the relevant data available to the respective service.
In particular, we may transfer your data in accordance with the following:
To Google, in accordance with what we have already mentioned above, in particular for the use of GoogleAnalytics services or for promotional actions (re-marketing)
The above entity is based in the USA and complies with the international agreement known as EU-U.SPrivacyShield. It collects statistical data of a general nature and there is absolutely no personalization of the website user (number of views, browser, mobile device or computer, region/country of the visitor).
To service providers for database hosting, technical support and site management
To third parties who provide the site with services related to its operation, such as developers, data analysts, suppliers, data security service providers and subjects’ information, strictly for the purpose of processing their services to us.
Contract service providers who assist with parts of the business’ operations (eg marketing, technology services).
To credit institutions, to access our platform and complete your order directly from these credit institutions, as we have already described.
To email and newsletter sending service providers and telephony – sms. Service providers can access the personal data required to fulfill their obligations and are not allowed to share or use this information for any other purpose. These providers are bound by written confidentiality and non-disclosure clauses and have adequate guarantees for the security of your personal data.
We may transfer and process your personal data worldwide to places where the processing activities take place. Today the systems (servers) where your personal data are stored are basically located in the United States of America. This means that your personal data may be transferred to, or processed in, the United States.
Any transfer of personal data by us to third countries (including the United States) will only take place to countries that have data protection legislation that provides an adequate level of protection as interpreted in accordance with European data protection legislation .
To the extent that an international transfer of personal data takes place, we will seek and obtain assurances that any information we may transfer is adequately secured and in accordance with our Privacy Statement and the requirements of applicable personal data law.
To data security service providers.
To accountants and tax experts with whom our company works to fulfill its tax and financial obligations.
In a premises security services company, given that our company’s premises have a security camera and alarm installation system.
To designated successors: In the event that our business undergoes a business change, such as a merger, JointVenture, acquisition by another business, or sale of all or part of its assets, it may transfer all Users’ information and data, including personal information, to the successor organization. If there are significant changes to our business’s privacy practices as a result of the business transition, our business will notify you prior to the transfer of your personal information.
In companies of the group, when notification is deemed appropriate for the provision of the company’s services.
To public authorities: In cases where we believe notification is necessary in connection with efforts to detect, prevent, or take action regarding illegal activity, suspected fraud, or other harmful activity, we may share your personal data with relevant public authorities. Also, your data is shared with public authorities for tax purposes.
Our company informs you that the above categories of recipients of your personal data and information are processors on our behalf and therefore as such do not process any data beyond the above purposes and always act in accordance with our express orders and instructions.
In any case, the employees and external partners of our company who have access to your personal data and Information are specific and properly trained, while unauthorized access to your data is prohibited.
Rights of the subject of personal data:
We are committed to providing you with the opportunity to exercise all of your rights under the GDPR,
More specifically, you have the right to:
to be informed about the processing of your personal data;
access your personal data;
request the correction of incorrect, inaccurate or incomplete personal data. You can review and update any inaccurate personal data. You can also request to complete your personal data if it is incomplete.
request the deletion of personal data when it is no longer necessary or if the processing is unlawful. You can ask us to delete any of your personal data that is no longer necessary in relation to the purposes for which it was collected or in cases where you have withdrawn your consent.
object to the processing of your personal data for marketing purposes or for reasons related to your particular situation;
You can withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing that took place on the basis of the consent for the period before its withdrawal.
to submit a request to restrict the processing of your personal data in specific cases. You can ask us to restrict the use of your personal data if such use is unlawful, or if you consider that your personal data is no longer needed for the above purposes.
to receive your personal data in a structured, commonly accepted and machine-readable format and ask us to transfer this data to another controller without any objection from us.
to submit a request so that decisions based on automated processing, concerning or significantly affecting you and based on your personal data, are made by natural persons and not only by computers. You also have the right in this case to express your opinion and appeal the decision.
Right to submit a complaint to the APDPH
Right of judicial appeal against a legally binding decision of the APDPH
Right to legal action directly against the person in charge or the processor, in case you consider that your rights deriving from the Regulation have been violated, as a result of the processing of the PD concerning you
The right to compensation of any person who suffered material or non-material damage as a result of a violation of the Regulation, directly from the person responsible or the processor, for the damage suffered.
In any case that you want to exercise any of your rights regarding any personal data held by us, you can write to our company at the above email and contact phone number. You can make a request to us for free access to your data, however depending on the amount of data our business holds about you, we may charge you the cost of our business providing information about your data or any other information we hold about you. Our company will respond to your requests without undue delay and at least within one month.
For any obstacle to complying with your request, we will let you know the reason. You may be asked to provide information to confirm your identity in order to exercise your rights.
These rights apply throughout the EU, regardless of where the data is processed and where the business is based. These rights also apply to goods and services offered by companies based outside the EU but operating in the EU.
In the event of a breach of your personal data, our company, complying with the obligation to notify the breach to the GDPR, has the appropriate means to notify, if possible within 72 hours from the moment it becomes aware of the breach of your personal data that may cause a risk to your rights, while in case of delay in notification beyond the above deadline, this will be justified.
If you are the parent of a child under the age of 18 and you become aware that your child is providing personal data to our company, please contact our company in the above ways and you can request the exercise of your applicable rights. If we become aware that we have collected personal data from a child under the age of 18, we will take reasonable steps to delete the personal data.
Period of retention of your data
The communication data is stored for five (05) years, with the express reservation of any obligations from the applicable legal provisions, while your revoked consent for a period of five (05) years, with the express reservation of any obligations from the applicable legal provisions.
It is noted that your data will be kept on our database only for as long as we have a contractual or legal right or it is necessary to keep it, even if this exceeds the above mentioned duration. Since we cannot determine this in advance, the retention period may be different from visitor to visitor.
In the event that, for any reason, our contractual relationship is terminated, we may retain some of your data for as long as necessary (e.g. in the event of a tax liability) and in any case until the statute of limitations for any of our related claims.
Of course, all data we hold about you will be deleted if you ask us to delete your data from our database, unless we are required to keep all or some of it for a longer period of time by law (e.g. regarding with the tax documents of the services to you) or to safeguard your vital interest, (e.g. health-related reasons).
Although we may keep your data for a certain period of time necessary for the operation of our business, we will never contact you without your express consent or unless it is absolutely necessary to fulfill your order or to confirm of this one.
Data Security of the personal data website:
Once our business receives your information, security procedures and measures are activated to prevent unauthorized access to it. We are committed to protecting our users’ information and implement appropriate technical and organizational measures to protect the security of your personal data. However, keep in mind that no system is ever completely secure.
The security measures that our company has taken are the following:
Storage of Records in Physical Form: Our company may keep records in physical, paper form, which contain your personal data. We keep these records in secured areas protected by locks and accessible only to those of our employees or partners necessary for the purposes described in their employment contract.
Storage of Files in Electronic Format: Some of your personal information will be stored in the database of the website which is maintained by a specialized software management technician, as well as in the database (server) of our company. The e-mail accountsofinfo@ifeelmediagroup.gr are in “Thunderbird”, are protected by the measures taken by Microsoft for “Office 365” and are additionally controlled by the “FortiMail-FortiGuard” server (antivirus, antispam, etc. fortiguardservices). Also in the network (LAN/WAN) there are “FortinetFirewalls” (NGF) installed, while we have defined codes, which are provided only to those employees or partners who are required to access these files via the Internet. all the applications on the company’s computers are “Microsoft Office 365 BusinessPremium”, and the e-mails are “Ms Outlook”. Also, since the company is a member of a group, the connection to the central electronic systems in Cyprus is made through “Remote Site VPN connection” in “Fortinet Firewalls”.
File Transfer:. Our company has access to the database (server) of the website through access codes (admin) which are provided only to those of our employees or partners who are required to have access to these files via the internet.
Card Details: In addition, we do not store the details of your cards that you use at our business headquarters. At the same time, you must also take every possible measure to prevent third parties from gaining access to your account.
We will report any unlawful breach of the database of this website or the database of any third party data processor to all directly concerned, as well as to and authorities, within 72 hours of the breach, as long as it is apparent that the personal data stored in recognizable form, they have been stolen.
Changes to the privacy policy
This privacy policy may change from time to time in accordance with legislation or industry developments, without prior notice. That is why we invite you to check this policy regularly, as the continuous and uncomplaining use of the site means that you accept all possible modifications.
Right of complaint to the competent Authority
You have the right to submit a complaint regarding the way we process your personal data to:
Personal Data Protection Authority (PDPAH)
Postal Address: 1-3 Kifisias Ave., 115 23 Athens, Greece
Tel.: +30 210 6475600
Fax: +30 210 6475628
Email Address: contact@dpa.gr
Applicable Law – Jurisdiction
These terms and conditions, any amendments thereof, are governed by Greek Law. Any provision of the above terms that becomes contrary to the law, automatically ceases to be valid and is removed from this, without in any way affecting the validity of the other terms. The courts of Athens are designated as competent for any dispute that may arise.
Contact us
Before navigating the company’s Website or doing any transaction with us, we invite you to consult this Policy and make sure that you agree with the terms and conditions under which we collect and process your personal data.
However, in case you want any clarification or information regarding the terms of this Policy, or you have any disagreement, reservation or question, you can contact our Company, based on the above contact information
