DATA CONTROLLER/ PERSONAL DATA PROCESSOR
This Privacy Policy governs the manner in which the web site rrepavliscorfuvilla.com
The above mentioned responsible party for the processing of personal data is dedicated to protecting your privacy & personal data during your browsing experience over our website.
By using this site or/and our services, you consent to the Collection, Processing and Using of your Personal Data as described in this Privacy Policy and according with the General Data Protection Regulation (GDPR).
Please note that this privacy policy may be periodically amended and/or updated, without prior notice, in order to be improved and in compliance with possible amendments on the law. We strongly advise that you should check our privacy policy from time to time.
The kind of personal data we collect about you, the means through which we collect your personal data, the purposes for which we collect and use your personal data, the period for which we retain your personal data, about the third parties (individuals, legal entities and/or organizations) with which we share your personal data, about the countries to which your personal data may be transferred, about the means by which your personal data remain protected, about your rights regarding your personal data, about the cookies we use in our website
Contacting us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at : [email protected] or you can call +302661023032
The personal data we collect about you
We may collect, store and use personal data about you, as indicatively are: your first and last name, address, telephone number, profession, fax number, e-mail address, profession, your ID/Passport number and TIN number and general contact details, information about your activities on your website and about the device used to access it, i.e. your IP address and geographical location;
We also may use any other personal information shared with us. For instance, personal data may be collected when you fill out the “Contact Us” form, sign up for our newsletter, post comments on our blogs, or otherwise provide us directly with personal data when you require our services.
Data protection law recognizes certain categories of personal data as sensitive and therefore requiring greater protection, i.e information about your health, ethnicity, religious confession, genetic data, criminal records.
We do not usually collect sensitive data about you unless there is a legitimate reason for doing so in order to provide efficiently our expertise services. If you choose to provide sensitive information to us for any reason, the act of doing so constitutes your explicit consent, where such consent is necessary and valid, for us to collect and use that information in the ways described in this Privacy statement or as described at the point where you choose to disclose this information.
Personal data collected directly by you
The information we collect about you from you includes:
– Basic information, such as your first and last name, your profession and your title or position;
– Contact information, such as your postal address, email address and phone number(s);
– Financial information, such as payment-related information;
– Information required in the context of our Know-Your-Client Policy for our clients’ identity authentication and verification, which may include special categories of data as the law requires (according to L. 4557/2018 and Directive (EU) 2015/849);
– Technical information, such as information from your visits to our website or in relation to materials and communications we send to you electronically;
– Other information related to your request or inquiry, or that you provide when you communicate, engage or otherwise interact with us in the course of providing services to you, which may include special categories of personal data;
– Preliminary information regarding your case in order to assess the latter, check for any potential conflict of interests and provide you with our quotation for the establishment of our relationship;
– Data included in the client’s file: All data provided by your end upon the establishment of our business relationship and the signing of any services agreement.
– Any other information relating to you which you may provide to us.
Non-personal identification information
We may collect non-personal identification information about users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the internet service providers utilized and other similar information.
Personal data received indirectly from third parties
We may collect or receive information about you from third parties, such as our clients, representatives and professional advisers, content providers, government authorities and public sources and records; associate website portals through which you request information; subcontractors acting on our behalf who provide us with technical, payment or delivery services, our business partners, advertising networks analytics providers and search information providers.
Personal data automatically collected
We use cookies, log files, pixel tags, local storage objects and other tracking technologies to automatically collect information when users access or use the services or visit our Site, such as an IP address, general location information, domain name, page views, a date/time stamp, browser type, device type, device ID, Internet service provider (“ISP”), referring/exit URLs, operating system, language, clickstream data, and other information about the links clicked, features used, size of files uploaded, streamed or deleted, and similar device and usage information. Further information, can be found under the Cookies Policy below.
MEANS through which we collect your personal data
We collect your data in the following ways:
When you fulfill our contact form “Contact Us”, we collect your first name, last name, your email address, your phone number & the data disclosed voluntarily by your end in order to describe your inquiry. The fields “First Name”, “Last Name” and “Email Address” are compulsory in order for us to be able to communicate with you regarding your enquiry.
When you subscribe to our Newsletter, we collect your first name, last name, your email address and your interest in particular practice areas in order for us to be able to send you newsletters, updates and informative emails. Remember that you may unsubscribe from the Newsletter at any time without cost through the “Newsletter” section of our website;
When you communicate with us through any means as indicatively are: email, phone etc we collect the personal data voluntarily disclosed by your end in order for you to describe your inquiry and further information that may be requested by our side in order for us to assess your case;
Upon engaging with the client, we request the fulfillment of a certain form concerning the client’s identity authentication and verification in compliance with the requirements set forth by L. 4457/2018 and the Directive (EU) 2015/849.
If the client denies or fails to provide us with such a piece of information, then we may not be able to provide and deliver the requested services;
We collect data in the course of providing consulting services to you.
PURPOSES for which we collect and use your personal data
We collect and process your personal data for the following purposes:
– To provide the services you asked for;
– To reply to the inquiries, you address to us through any means;
– To send you informative emails, newsletters, updates, invitations to events etc
-To carry out our obligations under any contracts/agreements entered into between you and us;
– To keep a record of your relationship with us;
– To conduct analysis research so we can understand how we can improve our services;
– To notify you of changes to our services;
– To send you communications (campaigns, promotions etc) that may be of interest to you;
– To ensure our compliance with applicable laws, regulations, both domestic and European, as in force, including the anti-money laundering and terrorist financing requirements and sanctions screening;
– To establish, exercise, defend our legal rights
– Any other legitimate reason.
PERIOD for which we retain your personal data
Your personal data are stored for no longer than is necessary for the purposes for which they are collected and processed.
Personal data which are collected in the context of anti-money laundering and terrorist financing compliance are stored in hard copies or digital form for a period of five (5) years after the termination of the business relationship with our firm or the date of the transaction. Upon the end of the above period, we delete your personal data, unless their retention for a longer period of time is allowed or imposed by a provision of the law or regulatory decision. In any case, the period during which your personal data are stored cannot be longer than ten (10) years.
ACCESS OF THIRD PARTIES (individuals, legal entities and/or organizations) to your personal data
Your personal data are shared and disclosed only among our members and partners, our external associates, employees, collaborators and trustworthy third parties – service providers with which we have established long-term and reliable cooperation only for the purpose set out on this policy such as service providers, associated portals/businesses for the purpose of completing tasks and providing services to you on our behalf.
We do not sell or rent your information to third parties and we do not share your information with third parties for marketing purposes.
We make sure that our external associates and trusted third parties – service providers comply with data protection requirements and implement all necessary technical and organizational measures to protect your personal data. Third parties are not allowed to use your personal data for their own purposes, unless you have requested us to do so, or we are required to do so by law, for example by a court order or for purposes of prevention of fraud or other crime.
Personal Data transfers OUTSIDE THE EU
Your personal data are used and transferred within the European Union and the European Economic Area. In case that your personal data are transferred to a third country outside EU or EEA, we ensure full compliance with the regulatory framework, taking into consideration the adequacy decisions issued by the European Commission and standard contractual clauses (SCC).
MEANS by which your personal data REMAIN PROTECTED
We adopt and implement all the necessary technical and organizational measures to secure the safe collection and use of your personal data and protect them from unauthorized access, use, disclosure, alteration or destruction.
Information that you provide us via telephone or direct communication by visiting our offices is registered in a CRM System. This system has passwords ensuring that the access will be provided only to our qualified employees.
While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us at your own risk over the web.
RIGHTS regarding your personal data
Right of access
You have the right to obtain confirmation as to whether or not personal data you are being processed, and, where that is the case, access to the personal data and the following information:
(a) the purposes of the processing;
(b) the categories of personal data concerned;
(c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations.
(d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period.
(e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
(f) the right to lodge a complaint with a supervisory authority;
(g) where the personal data are not collected from the data subject, any available information as to their source;
(h) the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Where personal data are transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards relating to the transfer.
Right to rectification
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you. If you change contact details or if you find any other information we hold as inaccurate or out of date, please contact us via email, telephone or post (see below)
Right to erasure (“right to be forgotten”)
You have the right to request and obtain the erasure of your personal data without undue delay where one of the following grounds applies:
(a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(b) you withdraw your consent on which the processing is based;
(c) you object to the processing and there are no overriding legitimate grounds for the processing;
(d) the personal data have been unlawfully processed;
(e) the personal data have to be erased for compliance with a legal obligation to which we are subject;
(f) the personal data have been collected in relation to the offer of information society services.
Right to restriction of processing
You have the right to obtain the restriction of processing where one of the following applies:
(a) the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;
(b) the processing is unlawful and you oppose the erasure of the personal data and requests the restriction of their use instead;
(c) we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
(d) you have objected to processing pending the verification whether our legitimate grounds override yours.
Right to data portability
You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where:
(a) the processing is based on your consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) of GDPR; and
(b) the processing is carried out by automated means.
You have the right to have your personal data transmitted directly from us to another controller, where technically feasible.
Right to object
You have the right to object, on grounds relating to your particular situation, at any time, to processing of your personal data which is based on point (e) or (f) of Article 6(1) of GDPR, including profiling based on those provisions. Under these circumstances, we have the right to process the personal data unless the we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.
You can exercise the above rights by sending an email to [email protected], or send us a post to “Compass Greece”- Homestory L.P., 3rd km Paleokastritsa, 49100 Corfu, Greece
COOKIES
Our website use “cookies” to improve your browsing experience. It is possible to switch off cookies be setting your browser preferences. In keeping with legal requirements, we may need to update the company’s cookie policy occasionally. A recent example of this is the EU General Data Protection Regulation. Users’ web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly.
By using our website, our social media (such as Facebook, Twitter, Linkedin and Instagram), subscribing to our services, you agree that, unless you disabled them within your internet browser, we can place cookies on your device and use that data in accordance with this Policy.
Any changes future change, will be posted on this website.
For more information, please read our Cookie Policy.
Competent domestic authority
The competent domestic authority for data protection is the Hellenic Data Protection Authority (www.dpa.gr). In case that you consider that our firm violates the applicable data protection legislation, you have the right to file a complaint before the Hellenic Data Protection Authority.
How we protect your information:
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users.
Sharing your personal information
We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.
Advertising
Ads appearing on our site may be delivered to Users by advertising partners, who may set cookies. These cookies allow the ad server to recognize your computer each time they send you an online advertisement to compile non personal identification information about you or others who use your computer. This information allows ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you. This privacy policy does not cover the use of cookies by any advertisers.
Google Adsense
Some of the ads may be served by Google. Google’s use of the DART cookie enables it to serve ads to Users based on their visit to our Site and other sites on the Internet. DART uses «non personally identifiable information» and does NOT track personal information about you, such as your name, email address, physical address, etc. You may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at http://www.google.com/privacy_ads.html
Changes to this privacy policy
oldithaki.com has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Villa Epavlis
Kommeno, Corfu, 49100
Tel.: +30 690 602 23 68
[email protected]