Privacy Policy

Website privacy policy

Introduction

This Privacy Policy (hereinafter the “Privacy Policy” or “PPP”) concerns our website and its use by visitors/users entering it.

On May 25, 2018, the General Data Protection Regulation came into full effect. For the implementation measures of the Regulation, N. was issued in Greece. 4624/2019. The company with the name “ZAMPOURIS BIOTEKHNIKI KAZATSKEVI TRAILER VEHICLES – ADVERTISING SA” and the distinguishing title “ZAMPOURIS S.A.” (hereinafter for the sake of brevity the “Company”) recognizes and respects the right to protect the personal data of internet users, in accordance with European Regulation 2016/679 (“Regulation”), Law 4624/2019 and N. 3471/2006 and attaches great importance to the lawful processing, security and protection of your personal data when browsing our website. For this reason, it has drawn up this Personal Data Protection Policy, in order to inform users about the processing of their personal data, which are collected in the context of its operation. The visitor to our website and/or user of our services must carefully read this Privacy Policy.

What is your personal data – Definitions

Personal data: Your personal data includes any information on paper or electronic media that relates to an identified or identifiable natural person (“data subject”) and that can lead, either directly or in combination with others, to your unique identification or tracing as a natural person. Identifiable is defined as a natural person whose identity can be ascertained, directly or indirectly, in particular by reference to an identification element, such as a name, an identification number, location data, an online identifier (IP address, e-mail, etc.) .) or to one or more factors that characterize his physical, physiological, genetic, psychological, economic, cultural or social identity. This category includes, as the case may be, information such as your name, email addresses, identifiers of your equipment or terminal devices, computer, smartphone, tablet, your online search history (log files, cookies, etc.), your physical and electronic addresses , your landline and mobile phone numbers, calling and called phone numbers, recipients of SMS/MMS messages, VAT number, AMKA, bank / debit / prepaid card details, and any other information that allows your unique identification according to the provisions of the General Personal Protection Regulation of Data (GDPR 2016/679), of Law 4624/2019, of the currently applicable Greek legislation as well as of the decisions of the Personal Data Protection Authority (PDPA).

Special categories of personal data: Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of indisputable personal identification, data relating to health or data relating to a natural person’s sex life or sexual orientation.

Personal Data Subject: An identifiable natural person is one whose identity can be ascertained, directly or indirectly, in particular by reference to an identifier such as a name, an identity number, location data, an online identifier or one or more factors that characterize the physical, physiological, genetic, psychological, economic, cultural or social identity of the natural person in question. In this case, the Data Subjects are the visitors / users of the website.

Controller: The natural or legal person, public authority, agency or other entity that, alone or jointly with others, determines the purposes and manner of processing personal data. In this case, the Data Controller is the Company with the name “ZAMPOURIS BIOTECHNIKI KANASKEVI OF TRAILER VEHICLES – ADVERTISING COMPANY” and the distinguishing title “ZAMPOURIS S.A.” based in Thessaloniki (Kalochori, Real Estate Area, Echedorou / Thessaloniki, P.K. 57009), with no. G.E.MI. 038404605000 and with A.F.M. 099774621, tel: +30 2310753551)

Data Protection Officer

The Company has appointed a Data Protection Officer, who is responsible for monitoring compliance with the Regulation, cooperating with the Personal Data Protection Authority (“Authority”) and being a point of contact with the Authority, as well as with data subjects .

The contact details of the Data Protection Officer are as follows:

E-mail: [email protected]

Tel.: +30 2310753551

Processor: The natural or legal person, public authority, agency or other entity that processes personal data on behalf of the Processor.

Recipient: the natural or legal person, public authority, agency or other body to which the personal data is disclosed, whether it is a third party or not. Public authorities that may receive personal data in the context of a specific investigation in accordance with Union or Member State law are not considered recipients.

Supervisory Authority: The Personal Data Protection Authority (PDPAH).

What personal data do we collect and for what purpose

We collect, process and protect in accordance with the law your personal data when you browse our website and when you contact us to receive information or services or to make purchases. When visiting and navigating our website, we collect your personal data by accepting the terms of use and the present one during your browsing on the website, such as:

• When you visit our websites through which we collect, with your express consent, through cookies, information from your terminal device, such as your Internet Protocol (IP) address, the operating system you use, the type and version of your browser (browser) etc.
• When you send us an email, or fill out an application or order
• When you contact our offices or our customer service staff, and our call center, either for purchases or to express your opinion, complaints, or comments.
• When you send us your invoice or proof of service mailing address and home delivery details of your order.
• When you purchase a product and/or service to check your age and determine whether you are legally allowed to enter into a valid contract with us or whether your parents’ and guardians’ consent or signature is required.
• When you voluntarily subscribe to print or electronic directories to receive print, electronic or SMS newsletters or other marketing materials or to update your preferences or when participating in contests, questionnaires and surveys.
• When we receive documents, requests, orders, writs, warrants, etc. from third parties, such as supervisory, prosecutorial, judicial, tax authorities, for the investigation of crimes and your protection against fraud or fighting any form of crime and preventing infringement of legal goods (protected intellectual works, software, music).

In addition, cookies are collected, to the processing of which you have consented. The data is processed in order to provide you with access to the information on our website.

Provided you have given us written consent, we may use your personal data together with other information we have collected, after human intervention by our commercial department, to display advertisements relevant to your apparent preferences, on our website or on another website.

Unsolicited commercial communication

The Company does not permit the use of our website or services to transmit bulk or unsolicited commercial e-mail (spam). Furthermore, we do not allow the sending of messages from and to our customers that use or contain invalid or falsified headers, invalid or non-existent domain names, techniques to hide the origin of each message, false or misleading information or violate the website terms of use. We do not in any way allow the collection of email addresses or general information of our customers and subscribers through our website or services. We do not permit or authorize any attempt to use our services in a manner that could damage, disable, overburden any part of our services or interfere with anyone who wishes to lawfully use our services.

If we believe that there is any unauthorized or inappropriate use of any of our services, we may, without notice, at our sole discretion, take appropriate measures to block messages from a particular domain, server emails, or an IP address. If we believe that there is any unauthorized or inappropriate use of any of our services, we may, without notice, at our sole discretion, take appropriate measures to block messages from a particular domain, server emails, or an IP address.

Links to third party websites

Our website may include links (“links”) that lead to other websites of third parties, independent entities, such as, for example, telecommunications companies, content providers, entertainment producers, professionals, transport service providers, payment service providers, etc., which are operated and maintained exclusively by them, and which we do not control, as we mentioned above. Therefore, we are not responsible for the content, actions or policies of these websites. Please read carefully the respective data protection policies on the websites you visit, as they may differ significantly from ours.

Legal basis for processing personal data

The legal basis for processing your personal data is article 6 par. 1 pc. f of the Regulation, as this data is necessary for the operation of our website, but also for its optimization and ensuring the security of our information systems. We always use your information for the lawful purposes of processing (according to Article 6 GDPR), as the case may be, with your express consent which you can freely withdraw at any time, or to perform a contract or pre-contractual relationship with you , or to serve a legitimate interest us or to protect your vital interest. Thus, during the processing of your personal data according to the above and in the aforementioned cases, the legal basis for processing your personal data may, depending on the case, be based on one of the following legal bases, as the case may be, and subject to more specific provisions of of applicable legislation:

a) Processing is necessary for the Company’s compliance with obligations imposed by applicable legislation.

b) The processing is necessary for the fulfillment of a task performed in the public interest.

c) The processing is necessary for the performance of a contract.

d) The processing is necessary to carry out actions at the request of the Data Subject during the pre-contractual stage.

e) The processing is based on the consent of the Data Subject.

Receivers

Our Company transmits data to other public and/or private entities only to the extent required to satisfy your request, perform its legal obligations and duties, and to achieve the purposes described in this policy. The processing of your Data in any way is permitted only to persons authorized by us, employees and partners (official staff, technical support and customer service partners, software and service providers related to our website) exclusively for the above mentioned purposes, with whom there is a written contractual relationship and who are committed to maintaining confidentiality and protecting your personal data. In addition, we have taken the necessary and appropriate organizational and technical measures for the security and protection of your Data from any form of accidental or unlawful processing.

Data Security

We take appropriate technical and organizational measures to ensure the confidentiality, integrity and protection of your personal data. To protect the personal data of our website users and visitors, we use a secure connection (https://) and digital data security measures (antivirus, firewall) to prevent the risk of loss, misuse, unauthorized access and sharing of your personal data information. These measures are reviewed at regular intervals and modified when deemed necessary.

Data retention time

The retention time of personal data depends primarily on the purpose of the processing. The personal data concerning the visitors / users of our website are kept for the minimum possible period, depending on the purpose of the processing, after which time the data is deleted from our files unless a different mandatory retention period is provided by the applicable legislation . Thus, with regard to your browsing data and the response to submitted requests, the relevant information is kept for a period of six (6) months from the processing of the request. As regards the financial data processed, they are kept for a period of ten (10) years, unless otherwise specified by the provisions of the tax legislation.

General data protection principles

When processing personal data, we consistently apply the following general principles, according to which:

When processing personal data, we consistently apply the following general principles, according to which:

b) Personal data are collected only for limited, clearly defined and legitimate purposes, and their processing must not be carried out in a manner incompatible with these purposes (“principle of purpose limitation”).

c) Personal data are appropriate, relevant and not excessive in relation to the purpose justifying their processing (“principle of data minimization”).

d) Personal data are accurate and updated when necessary (“principle of accuracy”).

e) Personal data are not kept for a period of time longer than is necessary for their processing (“principle of the limitation of the storage period”).

f) The processing of personal data is carried out with respect to the rights of the Subject of processing, in particular to the right of information, access and objection of the Subject to the data concerning him (“principle of transparency”).

g) With respect to personal data, appropriate security measures are taken to protect either from unauthorized or illegal processing or from accidental loss, destruction or damage (“principle of integrity and confidentiality”).

h) Personal data are not transferred to other countries, which do not provide an adequate level of protection of the rights of the Subject (“principle of secure transfer”).

Rights of data subjects

The Company facilitates the Data Subjects to exercise their rights which are briefly explained here:

Access right:

The Data Subject has the right to receive, at any time, confirmation of whether and to what extent his personal data are being processed and, in the affirmative, may request a copy of them or to be informed of the purpose of the processing, the type of data being processed, their recipients, their storage period, if automated decision-making takes place.

Right of rectification:

The Data Subject has the right to request the correction of inaccurate or out-of-date personal data concerning him. He also has the right to request the completion of incomplete personal data. Further, we undertake to communicate any correction of personal data to each recipient to whom the personal data was disclosed, unless this proves impracticable or involves a disproportionate effort. We undertake to inform the Data Subject about the recipients in question, if requested by him.

Right to erasure (“right to be forgotten”):

The Data Subject has the right to request under the conditions of art. 18 of the GDPR and no. 34 of N. 4624/2019 the deletion of personal data concerning him in certain cases.

Right to restrict processing:

The Data Subject has the right to request the restriction of the processing of personal data concerning him under the conditions of no. 21 GDPR. If the processing of personal data is restricted, such personal data, apart from storage, is processed only under specific conditions.

Right to object:

The Data Subject has the right to object, at any time, to the processing of personal data concerning him, in the event that this is necessary for the fulfillment of a task performed in the public interest or when the processing is necessary for the purposes of the legal interests that are pursued by the Company. Once the right to object has been exercised, the personal data are no longer processed, unless it is demonstrated that there are legitimate and compelling reasons for the processing, which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or support of legal claims.

Right of portability:

The right to data portability applies when its processing is based on the subject’s consent or on a contract or is carried out by automated means.

Contact – Exercise of right

For any question related to this Policy, visitors / users can contact the Data Protection Officer at [email protected] or by phone at +30 2310753551. You can exercise the above rights, with the limitations set by the legislation and especially the GDPR and Law 4624/2019, by submitting a relevant request to the e-mail address [email protected]. If you exercise the right to access your personal data you should give us some time to collect it. Any copies of your data are shared with you at no cost, unless we determine that your requests are repetitive and abusive.

In case of exercising any of the above-mentioned rights of the member, the Company will take every possible measure to satisfy your relevant request within (1) one month from the date of its valid submission, while if we need more time, we will notify you accordingly. It is clarified that in order for the exercise of the above rights to be considered valid, your identification may be required, in order to ensure that the personal data, for which any of the above actions are requested, actually belong to the natural person exercising the specific right.

Right of termination:

In the event that you are dissatisfied with the way we process your personal data and consider that your rights regarding the protection of personal data have been violated, you have according to Regulation no. 679/2016 the right to submit a complaint to the Personal Data Protection Authority, which is based in Athens (Kifisias 1-3, P.O. 115 23) and at the telephone number 2106475600 and fax 2106475628 or at the electronic mail address (e-mail) : [email protected]. More information is available on the website of the Hellenic Personal Data Protection Authority: www.dpa.gr.

Privacy Policy Updates

The Company (“ZAMPOURIS VIOTEKNIKI KAZASKEVI VEHICLE TRAILERS – ADVERTISING ANONYMOUS COMPANY”) reserves the right to modify this Policy, either in whole or in part, at its absolute discretion and to post this modification here.