Why shall the Company process Data of Personal Type (DPT) and the Special Category Data of Personal Type (SCDPT)?
With the purchase of services / products that the Customer carries out through the Company’s website, they state that they wish for the Company to handle the completion of a task or the mediation between the Customer and some third party for the completion of a task with the Company’s function being an Internet service provider. The Company, based on information / data the Customer declares in its website / ordering form, should integrate such into a homogeneous category and calculate, based on said declarations, the product/ service which is suitable and relevant for the Customer.
For such to happen, the Customer needs to fill in the particular DPT and/or SCDPT noted in the relevant fields of the ordering form. This data is objectively essential to the implementation and function of the provided service. The proper and complete information for data the Company requests are considered obligatory of the Customer, according to law. It is possible that inaccurate or incomplete data the Company requests to find, cause for the Company to demand even the cancellation or report of the provided service, at any time.
For however while the contract for service provision remains in effect, the Company shall process Customer data which are necessary for its function based on the present contract with which the Customer consents to should they proceed in carrying out an ordering of service / product from the Company.
In what kind of data processing shall the Company proceed to?
After the Customer proceeds in the ordering a product / service and has filled in all necessary fields in the order form, the Company shall, for the reasons already noted, carry on with any action or series of actions processing the Customer’s data with assistance of automated means like, for example gathering, input, organizing, rectifying, storage, adjustment, shift, recover and searching of information as well.
The Company makes use of automated means for the fulfillment of the order and providing the service. Through said means, the Company can reach decisions quicker, with greater accuracy, transparency and consistency. However, in those cases, regular relevant checks are made from pertinent Company employees.
The Company, in the name of safeguarding legal interests, often runs checks, through automated procedures to prevent scams against it.
In particular, the following individual audits are made towards compliance of the Company with instruction from european and greek legislature.
• Audits (and automated ones) are conducted for preventing the use of products in money laundering and / or the funding of terrorism.
• Audits are conducted and files and data are sent towards compliance of the Company with the administrative cooperation of European Union member-states.
• Audits are conducted and files and data are sent towards compliance of the Company with the multi-part agreement of Pertinent Authorities for the automated trade of information in regards to financial matters. For how long shall the Company hold the Customer’s data in a file? The Company shall hold on to the Customer’s data for however long a contractual relation is maintained between them, either in written or electronic format. In a case of, for whatever reason, this is interrupted the Company shall hold on to such for however long of a time is left for any relevant claims to become time-barred. What rights does the Customer have in regards to the processing of their data? The Customer, may, as appropriate, exercise the following rights:
• The right of access (learning which data of theirs the Company is processing, for what reasons and its recipients)
• The right of amendment (rectifying any inaccuracies or lack of data)
• The right of deletion / right of oblivion (purge from Company files, should their presence, however, no longer be necessary)
• The right of restricting processing (In case of doubt being presented so as to the accuracy of data etc.)
• The right of portability (for the Customer to receive their data at a structured and commonly used format)
Such rights are exercised sans cost for the Customer, with the sending of relevant postage or email to the Data Protection Officer, unless they are repeated often and due to volume, they possess administrative weight for the Company, hence the Customer shall be burdened with the relevant cost. Should the Customer exercise any of those rights, the Company shall undertake any possible means for the satisfactory conclusion of such a request within thirty (30) days from receiving the relevant request, after the Company notifies such either for its execution, or the subjective reasons which prevent it. Beyond such, the Customer, may, at any time, be set against the processing of their DPT and SCDPT for the purposes of the contract service provider, withdrawing their consent. However, this will lead to the termination of the Customer’s contract services provided from the Company because (according to the above) no service works without processing of the Customer’s DPT and/or SCDPT (concerning data). How is the Customer’s data security safeguarded? Data security is, to the Company, an absolute commitment. To achieve such, all modern and suitable means are implemented for purposes of technological processing (for example, encryption, anonymity) as well as organizational measures, the effectiveness of which the Company checks at regular intervals. Where shall the data be transferred? The Customer’s data will be transferred to Company departments pertinent to the execution of the provided service and for the proper and hurdle-free implementation of such. For example, the Technical Support department, Legal, Accounting etc. The Customer’s data might be transferred and made accessible for legal entities and / or persons with which the Company occasionally maintains contracts for the proper provision of offered services. Furthermore, in regards to the Customer’s safeguarding contract, such data might be transferred to various services, public authorities etc. However, in this case, the legal entities or persons will process the Customer’s personal data solely for provision of services towards the Company and not for personal gain, acting as executors for the processing. In every transfer, the Company always undertakes any possible measure to ensure the transferred data are always the minimum required and the conditions are for legal and desired processing. Shall the Company process the Customer’s data for commercial purposes? For the duration of processing noted above, the Company might process your DPT data (but not your SCDPT). The Customer may be set against processing of their data (for commercial purposes) through the sending of a relative request to Data Protection Officer. In such a case, the Customer’s data will no longer be subjected to processing for commercial purposes.
The Company handles a Customer’s security, trust and respect. The safeguarding of Customer personal data is particularly important. Hence, the Company communicates the above to its visitors and/or Customers:
• The Company website is a communication system to the public, with which information and services are offered, through the Internet. Visitors of the Company website are able to inform themselves of any new products and services it offers, important announcements, new jobs and be notified of any service without offering any information.
• In case of gathering a Customer’s personal data is necessary, for the execution of some trade through the website, the following shall take effect:
o The Company maintains a log and processes potential Customer personal data, the sole reason being the support, forwarding and implementation of the exchange with the Customer as well as the provision of high level services.
o Customer data are safeguarded by strict discretionary criteria and are forwarded on third-party companies only if necessary for an order’s implementation or the functionality of a Customer’s service.
Website software is designed for a maximum amount of security and trust. All information contained within requests submitted in the website and are related to payment of whichever service the Customer chooses, are secure. Only authorized employees, having received proper training so as to the processing of Customer information, shall have access to such information and only when necessary for implementing Customer requests.