Privacy Policy

Privacy and Personal Data Protection Policy

We respects and protects your personal data by following and applying the provisions of the General Data Protection Regulation – GDPR (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 «on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC».

Please read our Privacy Policy carefully to learn how we use, share and protect your personal information, your choices and your rights with respect to your personal data.

Attention: We will never ask you to provide personal data through third parties, unless these third parties are expressly and in writing authorized for this purpose. In the event that any third party requests the provision of such data, we invite you, on the one hand, to refuse to provide them and, on the other hand, to notify us of the fact in order to take the relevant measures.

 

  1. Definitions

(1) ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

(2) ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

(3) ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

(4) ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

 

  1. Controller

Controller is Sergios Manarakis. For questions about our Privacy Policy and any issues related to the processing of your Data and the exercise of your rights, you can mail us at manarakis@donthate-mediate.gr

 

  1. When, why and how we collect and process personal data

We collect solely the personal data we receive from you and process them only and to the extent that such collection and / or processing is necessary for the performance of the contract between us, ie to offer you mediation services.

 

  1. What personal data we collect

We collect the minimum required data only to the extent strictly necessary to achieve the intended purpose and in particular:

  • Identity and Contact Information of yours or of third parties to whom you have obtained explicit consent (name, surname, father’s name, mother’s name, business title, telephone number, home address, head office address, contact address, e-mail, activity, occupation etc. .), and/or
  • Financial Information (VAT, Tax Code, Hellenic Business Registry Number, Bank Account Numbers, Credit Card Details, Payment Receipt, etc.).

If you choose to contact us using a contact form or an email link, none of the data you provide will be stored to our site or transferred or processed by any third party data processor. Instead, these data will be sent to us via an SMTP protocol (Simple Mail Transfer Protocol). Our SMTP servers are protected by a TLS security protocol (also known as SSL), meaning that email content is encrypted before being sent over the Internet. The content of the email is decrypted by our local computers and devices.

 

  1. How long are personal data kept

We retain your personal data only for the period necessary to achieve the intended purpose, that is, the performance of our contract and / or compliance with our legal obligation and / or the pursuit of our legitimate interests. It is clarified that these include the satisfaction of legal, tax, accounting and other receivables. As a result, your data will be retained for as long as our contractual relationship lasts and in any case (even if the contract is terminated sooner) until the expiry of the relevant claims and for as long as required by tax or other legislation, the applicable legal and regulatory framework, and approved codes of conduct. In the event of a pending litigation (legal or extrajudicial) beyond this timeframe, we will keep your data until the dispute is settled by an extrajudicial settlement or irrevocable court order.

 

  1. Transmission of personal data

We only transmit your personal data to the extent necessary to achieve the intended purpose, that is, the performance of our contract and / or the compliance of our company with a legal obligation and / or the pursuit of our legitimate interests and only to related people with the achievement of the above objectives.

In this context, we inform you that we may transmit your personal data:

(a) to employees cooperating with us in the execution of our contract;

(b) to third parties not related to us (e.g. lawyers, tax consultants, business consultants, audit firms, etc.) where required for our legitimate business and business needs and / or the protection of our legal rights,

(c) Judicial, Public Prosecutor’s, Police, Tax (e.g. Independent Public Revenue Authority (IPRA), Insurance (e.g. Single Social Security Entity (SSSE) and other Public Authorities and / or Services)

(d) Independent Authorities, such as the Consumer Advocate, the Consumer General Secretariat, the Personal Data Protection Authority.

 

  1. Personal data security

We take and apply appropriate technical and organizational measures where appropriate to ensure an appropriate level of security to safeguard the security of personal data with the aim of safely storing it and preventing accidental loss or destruction and unauthorized and / or illegal access, use, modification or disclosure thereof.

We also take and enforce measures to ensure that personal data is processed only by people authorized to do so in accordance with this Policy, this Directive and the Law.

 

  1. Hyperlinks (links)

Websites and / or webpages and / or applications of all kinds at donthate-mediate.gr, may include links to, or receive information from, third party websites, websites, etc. We bear no responsibility for the policies and / or compliance of them with third parties.

 

  1. Rights of the Data Subject

We respect and satisfy all of your rights to the protection of your personal data as set forth in Directive 2016/679, and in particular you have:

  • Access Right, to obtain information about the type of personal data being processed, the purposes of the processing, any recipients thereof, the storage period, the information on your related rights.
  • Right to Rectification, to correct any inaccurate data or to fill in gaps.
  • Right to Erasure (“right to be forgotten”), for deleting personal data provided that such data is no longer necessary for the purposes for which it was otherwise collected or processed, there is no other legal processing basis (such as when they are prescribed by tax law), there are no compelling and legitimate reasons for processing (such as when they are necessary to protect our legitimate interests before the Court or other Authority)
  • Right to Restriction of Processing,
  • Right to data Portability, to obtain personal data relating to it, provided by the controller in a structured, commonly used and machine-readable format, and the right to transmit such data to another controller if the processing is (a) based on consent or (b) necessary for the performance of the obligations and for the exercise of specific rights of the controller or data subject in the field of labor law and social security and social protection law or c) based on a contract or d) processing is carried out by automated means.
  • Right to Object, to discontinue the processing of personal data relating to it, including profile development, for reasons related to its particular situation, unless such processing is based on compelling and legitimate reasons that outweigh the interests, rights and the data subject’s freedoms or for the foundation, exercise, or support of legal claims.
  • Right to lodge a complaint with the Supervisory Authority. The competent authority in Greece is the Personal Data Protection Authority, which is based in Athens, Kifissias str. 1-3, tel.: 2106475600, fax: 2106475628, complaints email: complaints@dpa.gr, website: www.dpa.gr.

The prerequisite for filing a complaint is prior communication with us and make a specific request. You can send your request at the email: manarakis@donthate-medtaite.gr or submit it in writing in our office at 31 Alopekis Str., Athens Attica. We kindly request that you have complete contact details and a detailed description of the right that you believe has been infringed and your request in order for us to be able to take the appropriate action. We may contact you for further information. We will respond to your request within one month of receiving it.

 

If you have any questions feel free to contact us.