Personal Data Protection Policy
The respect and the protection of your personal data constitutes a commitment for the Company under the name “GIOVANOUDIS CHRISTOS AND ASSOCIATES SOLE SHAREHOLDER PC” (hereinafter the “Company”). We understand and take seriously into account the fact that you are aware and interested in the protection of your personal data.
The present Personal Data Protection Policy describes the information we collect and explains how the Company processes this information as well as how you can manage and control the use of your information, in accordance with the provisions of Greek and European Legislation on the protection of personal data, which are included in the General Data Protection Regulation (2016/679/EE), commonly known as “GDPR”.
The management and the protection of personal data of website visitor/user is subject to the terms of this Policy, as well as, to the provisions of national, European and international law regarding the protection of individuals from the management of the personal data, as applicable from time to time.
The Website responsibly encounters issues related to the protection of your personal data. The Website, as part of its operation, collects certain information about its visitors/members, that may lead to their direct or indirect identification.
For any information regarding the management of your data or the exercise of your rights, please contact us at [email protected].
The Website www.epidosis.gr belongs to the Societe Anonyme (S.A.) under the name “GIOVANOUDIS CHRISTOS AND ASSOCIATES SOLE SHAREHOLDER PC”. The Controller of Personal Data has been appointed the following company:
“GIOVANOUDIS CHRISTOS AND ASSOCIATES SOLE SHAREHOLDER PC”
Ethnikis Antistaseos, no. 173, P.C.: 55134, Kalamaria, Thessaloniki
Tax Identification Number: 800941778, Commercial Registration Number: 145409106000
Tel.: +30 2310 477725, e-mail: [email protected]
Changes in Policy and Information
Any possible future relevant regulation will relates to the subject-matter of this policy. In any case, the Website reserves the right to change the terms of personal data protection, in accordance with the applicable legal framework.
Therefore, these terms of personal data protection may be reviewed and updated at any time without any notice. The Website Users are kindly requested to check these terms at regular intervals for any changes, as the continuous use of the Website implies that they accept all possible modifications thereof.
This Personal Data Protection Policy may be amended at any time without any notice. Guided by the principle of transparency, we are committed to informing you of any significant changes in our policy. In any case, however, you should check our policy at regular intervals, as the use of our services implies your acceptance.
In the context of the protection of processed data, the Website implements a series of appropriate technical and organizational measures, adopts internal security policies, trains properly its staff, which is committed to maintaining confidentiality, while utilizing a number of technologies that ensure your data security (eg. SSL certificate, encryption, certified hosting providers). As the principles of information security and data protection requires, the technical and organizational security measures are regularly monitored and, if necessary, they are updated and adapted to new best practices.
Recognizing the importance of your Personal Data Security, we have taken all the appropriate organizational and technical measures for the security and the protection of your Data from any unauthorized access, misuse, alteration, prohibited dissemination, disclosure, loss or accidental/ unlawful destruction, and any other form of unlawful processing. These measures shall be reviewed and amended as necessary.
Our partners have agreed and committed:
- To maintain confidentiality,
- Not to send your Data to third parties without Company permission,
- To take the appropriate technical and organizational security measures,
- To comply with the legal framework for the protection of personal data and, in particular, in accordance with the Regulation 979/2016/ EU (otherwise known as ‘GDPR’).
What kind of data do we process
The Website collects personal information of its visitors / users, only when they themselves voluntarily provide it. Personal information is the information that can be used to identify or communicate with a person as well as other information relating to that person and information that is necessary for the best company response to its expression of interest and message etc. The data collected, depending on whether the user communicates on behalf of himself/herself or on behalf of a legal entity as well as depending on the specific characteristics of each legal entity, are the following:
- Regional Unit
- Company name
- Company Headquarters
- Corporate tax identification number – Tax office
- Legal form of the Company
- Company Activity
- Contact telephone
- Data collected via Cookies (eg. IP). For further information please read Cookies Policy (link)
We do not collect specific categories of data - such as information about your political views, religion, health or sexual orientation - unless you choose to provide such information (e.g. in the content of the message you send us).
Non – Personal Data:
Every visitor can browse epidosis.gr, without providing any personal information. Personal data will be needed only in case each visitor wants to become a member of the website so that it is possible to use its services. Any collection and processing of Personal Data will be carried out in a legitimate and lawful manner, based on Law 4624/2019.
Non-personal information may also include the type of browser used by the visitor / user, the type of computer, its operating system, ISPs and other information. In addition, the Website system automatically collects information about the sites visited by its visitor / user and about the links to third-party websites / web pages that they may select via the use of the Website.
The Website includes links to other websites which are under the responsibility of third parties (natural or legal persons). In no case is the Website responsible for the terms of protection of personal data followed by these websites.
Regarding the information that Users provide on the Website, the Company processes this data, at the request of the User for communication with the Company in order for the Company to take the appropriate measures before contacting the User, as well as to fulfill its contractual obligations (Article 6 par. 1B GDPR).
The Website may also use this information for informational purposes or for the purpose of making suggestions for new subscription services to the user, unless the latter so wishes. The Website will not make available for sale or otherwise transfer or publish personal data of the visitors / users of the Website to third parties, not related to it (the Website), without the consent of the visitor / user, except the application of relevant legal dictates and to the competent authorities only.
The Website may process part or all of the data submitted by visitors / users for statistical purposes and in order to improve the services - information provided.
Indicatively we mention that we may use your data in order to:
- Respond to your requests for information about the services we provide.
- Send you newsletters, information or other material you may be interested in.
- Collect traffic statistics for the page.
- Detect, prevent and deal with fraud or other illegal activities.
- Evaluate the effectiveness of our events and other promotions.
- Maintain (via updates) our contact list.
In any case, the processing will be based on one of the following legal bases:
- the contractual relationship between us or measures undertaken during the pre-contractual stage.
- your consent, when required, for example in case there is no previous transaction and you wish to receive a newsletter. You can withdraw your consent at any time.
- the legal obligations of the Company. In some cases we may have a legal obligation to use or retain your Data because it is required by law, such as tax law.
- the legal interest of the Company. In some cases it is necessary to understand our visitors, to promote our services and to effectively use our websites to create, publish and distribute news and related journalistic content both electronically and in print. For example, we rely on our legitimate interest when we analyze the content that is displayed on websites in order to understand how they are used.
The visitor / user can contact the Website in order to cross-check the existence of any personal file, the correction, the change or the deletion of it.
Who are the recipients of your data
The Website, in order to be able to provide its services, forwards some of your data to partner companies. These companies (performers of the processing) process your data only for the purposes mentioned above and only on behalf of the Company, with the exception of any legal obligations. When transmitting your data, the Website takes all necessary technical and organizational measures, in order to ensure the best possible level of security.
These companies are located entirely within the European Union and have been selected based on, inter alia, the ability to securely process your data. These companies undertake through a contract concluded with the Website that they provide necessary guarantees for Personal Data protection and take the appropriate technical and organizational measures so that the processing is legal and to ensure the protection of your data and rights.
These companies provide us with (a) services for the provision of Website web hosting (b) services for the commercial promotion of our services to you and (c) services for the promotion of messages in communication and social media applications outside the website (e.g. viber).
Where and foe how long do we store your data
Your data is stored in the company's system, while any backups are kept in databases within the European Union. In any case, appropriate organizational and technical measures are always required to avoid any violation.
Your statement of consent for sending a newsletter (newsletter) is kept for as long as a newsletter is being sent to you by the Company and in any case not more than six months from the cessation of sending it.
The data is stored exclusively for a period of time, which is necessary for each processing purpose.
If your account on the Website remains inactive for more than two (2) years, the Website will proceed to inform you and if there is no response, will delete it and all data concerning you, except those deemed necessary for compliance by legal obligation or for the exercise of claims.
Which are your rights regarding your data and how can you exercise it?
Based on the relevant legal framework, you have a number of rights in relation to the processing of your data by the Website.
Specifically, among others you have the right to:
- Request correction of your data (right of correction),
- Request, under certain conditions, deletion of your data (right of deletion),
- Request, under certain conditions, the restriction of your data processing (right of restriction of processing),
- To object, under certain conditions, to your data processing by us (right of objection),
- Request the data you have provided us in a structured, commonly used and readable format (right to data portability), if this is deemed technically feasible.
- In case of data breach, which may endanger your rights and freedoms and if it does not fall under one of the exceptions provided in the GDPR, the Website undertakes to inform you of the violation without undue delay.
You can exercise your rights by sending a relevant e-mail to [email protected].
Compliance with the legal framework for data processing and, in this context, the exercise of your rights, is a priority for the Website. For this reason, we have the right to request additional information, which is necessary in order to confirm your identity, before exercising your rights.
In principle, the Website is obliged to respond to your request immediately and within one month at the latest. If necessary, taking into account the complexity of the request and the number of requests, this deadline may be extended by a further two months. In any case, the Website will inform you as soon as possible and, in any case within one month from the submission of your request, about its development and the reason for the possible delay of its satisfaction.
In case your requests are manifestly unfounded or excessive, in particular because of their repetitive nature, the Website may either charge a reasonable fee, taking into account the administrative costs of providing the information or the announcement or execution of the requested action, or refuse to follow up on your request.
Contact an Epidosis representative immediately and get personalized tax planning and accounting advice for your business.