DATA PROTECTION POLICY
This describes our policy regarding the personal data we collect from the visitors of our pages (hereinafter “users”).
Responsible for Data Processing is the Societe Anonyme TZIMPOULAS INTERNATIONAL TRANSPORT SA, with d.t. TZIMPOULAS, based in VERIA, 8th km VERIA-NAOUSA, TAX, Tax Office. VERIA, E MAIL: info@tzimpoulas.gr (“Responsible for processing”).
In the daily activities of our business and our website we process data concerning natural persons, including:
Customers
Collaborators, performing the processing on our behalf.
Visitors of our website
Other interested parties (employees, suppliers)
Our company complies with the General Regulation of Data Protection (2016/679 EU GDPR) and any other European and national legislation concerning the protection of personal data,
electronic communications, etc. and is committed to ensuring the protection of your Data at all times:
The data are collected for specific, clear and legitimate purposes and are not further processed in a manner incompatible with those purposes.
We collect the necessary, for each purpose of processing personal data and process them legally, fairly and in a transparent manner in relation to the data subjects.
We ensure that they are as accurate and up-to-date as possible and that we maintain them only for the period of time necessary for the purposes for which they are processed.
In any case, the criterion we use to determine the storage period is based on and takes due account of the need to comply with any relevant legal requirements as well as the principle of data minimization.
We process the Data electronically and manually and take all appropriate measures to protect personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
Collection, purpose, legal basis of the processing and retention time of your dataDATA PROTECTION POLICY
This describes our policy regarding the personal data we collect from the visitors of our pages (hereinafter “users”).
Responsible for Data Processing is the Societe Anonyme TZIMPOULAS INTERNATIONAL TRANSPORT SA, with d.t. TZIMPOULAS, based in VERIA, 8th km VERIA-NAOUSA, TAX, Tax Office. VERIA, E MAIL: info@tzimpoulas.gr (“Responsible for processing”).
In the daily activities of our business and our website we process data concerning natural persons, including:
Customers
Collaborators, performing the processing on our behalf.
Visitors of our website
Other interested parties (employees, suppliers)
Our company complies with the General Regulation of Data Protection (2016/679 EU GDPR) and any other European and national legislation concerning the protection of personal data,
electronic communications, etc. and is committed to ensuring the protection of your Data at all times:
The data are collected for specific, clear and legitimate purposes and are not further processed in a manner incompatible with those purposes.
We collect the necessary, for each purpose of processing personal data and process them legally, fairly and in a transparent manner in relation to the data subjects.
We ensure that they are as accurate and up-to-date as possible and that we maintain them only for the period of time necessary for the purposes for which they are processed.
In any case, the criterion we use to determine the storage period is based on and takes due account of the need to comply with any relevant legal requirements as well as the principle of data minimization.
We process the Data electronically and manually and take all appropriate measures to protect personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
Collection, purpose, legal basis of the processing and retention time of your data
1. Data that we collect automatically through our website
The website https://www.tzimpoulas.gr/ uses the SSL (Secure Sockets Layer) protocol which uses methods to encrypt the data exchanged between two devices (most commonly Computers), establishing a secure connection between them via the internet, which results in the protection of your personal data.
When you visit our website, our server collects the so-called log files of the server, (log files) and specifically:
• Date and time of entry to the site.
• The volume of data sent in bytes.
• The browser and operating system you used to access the site.
• Internet Protocol address (IP address) when you log in to the site. The IP address is personal data along with the date and time of your visit, although we cannot identify you with this data alone.
The legal basis on which we collect your IP address and keep it in special files (log files) is our legitimate interest in the processing of this data in order to ensure the security of networks, information and services from accidental events or illegal or malicious actions compromising the availability, authenticity, integrity and confidentiality of stored or transmitted data (eg ddos ”denial of service” attacks), as well as our legal obligation to provide a more secure environment for processing your personal information (GDPR Article 6 (1) indents f and c). The data will not be transferred or used in any other way. However, we reserve the right to check server logs (server logs) if specific indications of unauthorized use are detected.
2. Customer Data
When you visit our business, we collect your personal data such as name, patronymic, E-mail, postal address, gender, age, occupation, address, and any other information related to the provision of our services to you.
The purpose of the processing of your data is to provide you with the requested services and the legal basis of the processing is the execution of the contract between us (article 6 par. 1b ‘and 9 par. 2dGGPD), as well as our compliance with legal obligations. Retention time of your data is the required and possibly longer if legal claims arise.
It is clarified that we do not have a publicly accessible list of e-mail addresses of our subscribers / users. Therefore, any personal data (eg usernames, etc.) that appears anywhere on the pages and services of the Processor’s website are intended solely to ensure the operation of the respective service and may not be used. by any third party, without complying with the provisions of the legislation on the protection of personal data processing, as it applies at any time. The Editor acts in accordance with applicable law and aims to best practice good practice regarding the Internet. Your personal information is kept secure for as long as you are registered in a service of the Processor and is deleted after the end of your business relationship with the Processor in any way.
3. Data we collect via email and the Contact Form
In the context of communication between us via email and the Contact Form, we collect your name, email address and any other information you provide to us. This data is stored and used solely to meet your request. The legal basis for the processing of your personal data is your consent (GPA, article 6 par. 1a). Your data will be deleted after the final processing of our communication. This will happen after the completion of the purpose and scope of our communication, provided that there are no legal requirements for the storage of such data.
4. Send newsletter
With your consent we will collect your E-mail in order to send you a newsletter with the news of our Company and articles that you may find interesting. The legal basis for the processing is your consent (GIP, article 6 par. 1a) and you have the right to revoke it at any time.
5. Supplier data
For the execution of the contract between us we collect the data of our suppliers such as name, address, contact details, shipping details, financial data, which you provide to us yourself. The legal basis for the processing of your data is the execution of the contract and our compliance with legal obligations (GCP article 6 par. 1b and c), and we maintain them for a period of up to twelve years from the last provision of services, or as required by tax and any other relevant legislation.
Who has access to your data. Data transfers.
Your data is accessible by our employees as well as by any other person authorized to process your data during his duties. In addition, we work with third parties, natural or legal, professionals, independent consultants, etc. who provide us with commercial, professional or technical services (eg web hosting, accounting services, transport services) for the purposes mentioned above, and support our business in whole or in part, in relation to our activities. Where applicable, such natural / legal persons will act as Joint or Independent Processors, Processors or persons authorized to process personal data for the same purposes as above, with the same security measures and in accordance with applicable legal liabilities.
Before the third party receives the Personal Data, we must: (1) complete the privacy check to assess the privacy practices and risks associated with these third parties (2) obtain contractual guarantees from these third parties that Personal Data will be processed in accordance with our instructions and in accordance with this Policy and applicable law, that they will immediately notify Our company of any Personal Data Protection or Security events, failure to comply with the standards set out in this Policy and existing legislation , that they will work together to remedy any such incident, that they will help us meet the rights of the individuals defined below, and that they will allow the Controller to oversee their processing of compliance with these requirements.
Finally, the data can be further transmitted to public authorities and institutions, as well as to our legal assistants (legal and insurance companies), for legal purposes.
Apart from the above, the Data will not be disclosed to third parties, individuals or legal entities and will not be disseminated.
Our company does not transfer Personal Data outside the EU, and if necessary (for example, in order to use Cloud services) this will be done under the terms and conditions set out in Articles 44 et seq. standard contractual clauses approved by the European Commission or in countries considered safe by the European Commission.
Use of cookies
For the better operation of the website and your better navigation, as well as for the better provision of our services, we use cookies. Cookies are text files with information, which the web server (web server of the Editor) stores on your computer when you visit this website. In this way, the site remembers your actions and your preferences for a period of time, in order to have, for example, personalization of online ads, traffic analysis or other statistical analysis, and provision of the services you have requested. This way you do not have to enter these preferences every time you visit the site or browse its pages. Only the Processor and its specially authorized associates have access to any information regarding cookies.
You can control and / or delete cookies depending on your wishes. Details can be found at: aboutcookies.org. In case you choose to disable cookies on the website https://www.tzimpoulas.gr/ the functionality of some pages may be lost or reduced.
See here which Cookies we use:
1) Google Analytics – to collect traffic statistics
2) Facebook – for the proper functioning of Messenger on our website
More information on the use and management of cookies on the website can be found on the websites:
About cookies and their management:
http://www.aboutcookies.org/default.aspx
http://www.whatarecookies.com/
About Google Policy:
https://www.google.com/about/company/user-consent-policy.html
https://www.google.com/policies/technologies/cookies/
http://www.google.com/intl/en/policies/privacy/partners/
Data Security and Integrity
The Controller implements reasonable technical and organizational security policies and procedures in order to protect personal data and information from loss, misuse, alteration or destruction.
In addition, we strive to ensure that access to your personal data is restricted to those who need to be aware of it. People who have access to the data are obliged to maintain the confidentiality of this data.
Please note that the transmission of information over the internet is not completely secure. Although we make every effort to protect your personal data, we cannot guarantee the security of the data transmitted on our site. After receiving your information we will implement strict security procedures and functions to try to prevent unauthorized access.
We make every reasonable effort to keep the personal data we collect from you only for the period for which we need this data for the purpose for which it was collected or until its deletion is requested (if this occurs earlier), unless we continue to we comply with them as provided in the current legislation.
Links to other sites
Our website may contain links to other websites, which are governed by other privacy statements, the content of which may differ from this Privacy Statement. Please review the privacy policy of each site you visit before submitting any personal information to it. Although we strive to provide links only to sites that share our high standards and respect for privacy, we are not responsible for the content, security or privacy practices of other sites.
Minority data
When we need to process data of minors (eg data of minor patients), ie, according to the GDPR, those who have not completed the 15th year, the processing is done only with the written and explicit consent of the persons who have the parental care of the minor . In any case, we make reasonable efforts to verify that the consent is given or approved by the person who actually has the parental responsibility of the child, ie by authentication and any other available information.
Rights of Subjects
You can contact us by mail or e-mail at the addresses referred to in paragraph (1) above, to exercise your rights in accordance with Articles 15 et seq. You can, for example, request an up-to-date list of people who have access to your data, get confirmation of whether or not we process personal data related to you, check their content, source, accuracy and location (also in relation to any third country), request a copy, request their correction and restrict their processing, and even delete them, if applicable. Likewise, you can always report comments and submit complaints to the Hellenic Data Protection Authority, 1-3 Kifissias Ave., GR 115 23, Athens, Call Center: + 30-210 6475600 or at http://www.dpa.gr/
Changes to this Policy
The Controller frequently reviews this Policy and may modify or revise it periodically at our discretion. When we make any changes, we will record the date of modification or revision in the Policy. The updated Policy will apply to you and your details from this date. We encourage you to periodically review this Policy to determine if there are any changes to the way we handle your personal data. This Statement was last updated in December 2020.
Contact us
If you have any questions, comments or complaints regarding the management or protection by us of your personal data or if you wish to modify your personal data or exercise any of your rights as a data subject, please contact us at EMAIL: info @ tzimpoulas.gr
Statement of Personal Data
Statement of the Controller “On the Protection of Personal Data”
Increasing economic and scientific collaborations as well as mutual provision for data processing services result in the exchange of personal data, a trend reinforced by the increasing use of modern telecommunications media.
For these reasons, it is necessary to process the data carefully.
The Controller states that compliance with the principles governing data protection for their processing is its purpose as it is committed to respecting the individual rights and privacy of individuals. The Data Controller handles personal data with special care and always in accordance with EU Regulation 2016/679, the applicable National Law and applicable law.
For the purposes of this Directive, the following definitions shall apply:
Data Subject: any natural person whose personal data are processed by or on behalf of the Company
Personal Data: any information relating to a designated or identifiable natural person relating to his or her physical, physiological, psychological, emotional or economic status, cultural or social identity.
Processing: processing of personal data (“processing”), any work or series of tasks performed on personal data, such as the collection, registration, storage, modification, analysis, use, association, commitment ( lock), deletion or destruction.
1. Data Controller and DPO
The Data Processing Officer is the Societe Anonyme TZIMPOULAS INTERNATIONAL TRANSPORT SA, with d.t. TZIMPOULAS, based in VERIA, 8th km VERIA-NAOUSA, TAX, Tax Office. VERIA, E MAIL: info@tzimpoulas.gr (“Processor”).
2. The Data we process
With your consent, we process the following usual and sensitive personal data that you provide when you interact with the Website https://www.tzimpoulas.gr/, and use the services and functions it provides. This data includes in particular the name and surname, contact details, address and content of your specific requests, updates or reports as well as additional data that may be obtained by the Data Controller, including from third parties, in the context of conducting of its business activity (“Data”).
In order to be able to fulfill the requests you submit through the contact form and / or to provide updates on the side effects, it is necessary to consent to the processing of the data marked with an asterisk (*).
Without these mandatory data or your consent we can not proceed further. Instead, the information requested in fields not marked with an asterisk and your consent to the download of information material is optional and non-provision has no consequence.
In any case, even without your prior consent, the Data Controller may process your data to comply with legal obligations under EU laws, regulations and law, to exercise legal rights, to exercise its own legitimate interests and in all cases provided for, where applicable, in Articles 6 and 9 of the GDPR.
The processing is performed both with the use of computers and in printed form and always implies the application of the security measures provided by the current legislation.
3. Why and how we process your data
The data are processed for the following purposes:
(i) to handle requests you make to the Form, to contact you later or to provide information through it. The legal basis for the processing of personal data for this purpose is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation) and the performance of the contract to which you are a party to the data ·
(ii) to manage adverse reaction reports submitted through the Website or the Forms. The legal basis for processing for these purposes is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation), as well as the pursuit of any public interest (Article 9 (2) (i)) of the GDPR Regulation) and legal obligations;
in addition, but only with your voluntary consent which is the legal basis for processing in accordance with Article 6 (1) (a) of the GDPR:
(iii) to receive promotional material (direct marketing) from us.
By selecting the appropriate boxes you agree to the processing of your data for these purposes.
Your data may in any case be processed, even without your consent, for compliance with laws, regulations, EU law (Article 6 (1) (c) of the GDPR), for obtaining statistics on the use of the Website and its proper functioning (Article 6 (1) (f) of the Rules of Procedure).
The personal data is entered into the computer system of the Controller in full compliance with the data protection legislation, including the security and confidentiality profiles and is based on principles of good practice, legality and transparency regarding the processing.
The data are stored for as long as is absolutely necessary to achieve the purposes for which they were collected. In any case, the criterion used to determine this period is based on compliance with the deadlines set by law and the principles of data minimization, storage limitation and rational file management.
All your data will be processed in printed or automated media, ensuring in each case the appropriate level of security and confidentiality.
4. Principles applicable to processing
We are allowed to process your personal data in order to provide personalized services, based on the law (Article 6 (1b) of Regulation (EU) 2016/679) and the relevant National Implementing Law. Your personal data is not used for purposes other than those described in the Declaration, unless we obtain your prior permission, or unless otherwise required or permitted by law.
Personal data is processed in a manner compatible with the purpose for which it was collected.
The principle of proportionality applies to the processing of personal data. Among other things, it creates the obligation not to collect personal data for no reason.
The personal data used should be accurate and up to date.
Personal data used that is no longer accurate and complete should be corrected or deleted.
Except in cases where by law there is an obligation to keep them for a longer period of time, personal data are not stored for a longer period of time than is necessary for the purposes for which they were collected or processed.
The processing of personal data is done in accordance with the principles of good faith. This means that data subjects can rely on the fact that processors will show due diligence in all data processing matters.
The subjects whose personal data have been processed will be informed accordingly, upon request. In particular, they have the right to be informed of the purposes for which their data are processed, the type of data to which they relate, as well as the identity of the recipients of the data. Where necessary, data subjects also have the right to request the correction, non-transmission or deletion of their data.
The above rights can be restricted only if this restriction is provided by law. This is especially true when conducting scientific research.
In particular, personal data is protected against unauthorized disclosure and any unlawful processing. The measures implemented ensure a level of security commensurate with the nature of the data to be protected and the risks that may arise from its processing.
The controller is responsible for the compliance and implementation of EU Regulation 2016/679 and the National Implementing Law.
Our employees who deal with the processing of personal data are accordingly informed and trained. Procedures for the processing of personal data by third parties upon agreement will be set out in writing, ensuring that the contracting third party processes the personal data securely and that it complies with the principles set out in this Declaration and the GDPR EU. In the event that the third party is deemed unable to ensure a satisfactory level of security of personal data, we will terminate the cooperation.
5. People who have access to the data
The Data is processed by electronic and manual means in accordance with the procedures and practices related to the aforementioned purposes and is accessible by the staff of the Processor who is authorized to process the Personal Data and the supervisors and in particular the employees belonging to the following categories: technical staff, Information and Network Security staff and administrative staff as well as other staff members who have to process the data in order to perform their duties.
The Data may also be communicated to countries outside the European Union (“Third Countries”): (i) to institutions, authorities, public bodies for institutional purposes; (ii) to professionals, independent consultants – whether working individually or collectively – and others. third parties and providers that provide the Data Controller with commercial, professional or technical services required for the operation of the Website (eg provision of IT services and Cloud Computing) for the purposes mentioned above and for the support of the Data Controller in the provision of the services you have requested; (iii) to third parties in the event of mergers, acquisitions, transfers of undertakings or their branches, audits or other extraordinary operations;
The mentioned recipients receive only the necessary data for their respective functions and duly undertake their processing only for the purposes mentioned above and in accordance with the data protection laws. The Data may also be disclosed to the other legal recipients specified from time to time by applicable laws.
With the exception of the above, the Data will not be disclosed to third parties, natural or legal persons, who do not perform commercial, professional or technical duties for the Controller and will not be disseminated. The recipients of the data will process them, as the case may be, as Data Controllers, Processors or persons authorized to process the personal data for the purposes stated above and in accordance with applicable data protection law.
With regard to data transfers outside the EU, even in countries whose laws do not guarantee the same level of protection of personal data privacy as provided by EU law, the Data Controller informs that the transfer will in any case take place in accordance with with methods permitted by the GDPR, such as on the basis of user consent, on the basis of standard contractual clauses approved by the European Commission, selecting parties to participate in international programs for the free movement of data (e.g. EU-US Privacy Shield) or implemented in countries considered safe by the European Commission.
6. Your rights
If you wish, you can request at any time to exercise the rights of Articles 15-22 of the GDPR Regulation, to be informed about your personal data held by us, their recipients, the purpose of keeping and processing them as well as the modification , correcting or deleting them, by sending a relevant e-mail to the addresses shown above, from the e-mail address you have stated, completing the application by completing the relevant application that can be given to you by the Controller with an attached copy of your police ID . You also have the right to review the personal data we hold and in general to exercise any right provided by law for the protection of personal data.
The personal data that you disclose to the Controller through this Website, either during your registration or at a later stage, is collected and used and processed in accordance with the applicable personal data protection provisions of the new European ́ General ́ Regulation ΕΕ Data Protection ) 2016/679.
You reserve the following rights in detail:
Right to be informed about your personal data: Upon your request, we will provide you with information about the personal data we hold about you.
Right to correct and supplement your personal data: If you notify us, we will correct any inaccurate personal data concerning you. We will fill in incomplete data if you notify us, provided that this data is necessary for the purposes of processing your data.
Right to delete your personal data: Upon your request, we will delete the personal data we hold about you. However, some data will only be deleted after a specified retention period, for example because in some cases we are required by law to retain the data, or because the data is required to meet our contractual obligations to you.
Right to freeze your personal data: In certain cases provided by law, we will freeze your data if you request it. Further processing of blocked data is done only to a very limited extent.
Right to revoke your consent: You may revoke your consent to the processing of your personal data in the future at any time. The legality of the processing of your data remains unaffected by this action, to the point of revoking your consent.
Your right to object to the processing of your data: You may at any time object to the processing of your personal data in the future if we process your data on the basis of one of the legal justifications provided for in Article 6 (1e or 1f). ) of Regulation (EU) 2016/679. If you object, we will stop processing your data, provided there are no legitimate grounds for further processing. The processing of your data for advertising purposes is not a legitimate reason.
7. Security of Personal Data
The Controller implements specific technical and organizational security procedures in order to protect personal data and information from loss, misuse, alteration or destruction. Our partners who support us in the operation of this website also comply with these provisions.
The Processor shall make every reasonable effort to keep the personal data collected only for the period for which it is needed for the purpose for which it was collected or until it is requested to delete it (if this happens earlier), unless it continues. to comply with them as provided in the current legislation.
8. Revisions of the Declaration
We reserve the right to amend or periodically revise this Statement, at its sole discretion. In the event of any changes, the Editor will record the date of modification or revision in this Statement and the updated Statement will be valid for you from that date. We encourage you to periodically review this Statement to determine if there are any changes to the way we handle your personal data.
This is a Declaration of Conformity with the provisions of EU Regulation 2016/679 and the National Implementing Law.
31.12.2020