4.Collection Methods of Your Personal Data
«CHRYSANTHOPOULOS CRANES PC» collects Personal Data in the context of a legal relationship (a) concerning its customers through the preparation of a relevant contract with them (sale, service, lease, etc.), (b) concerning employees through the conclusion of a relevant contract c) concerning its associates through the conclusion of a relevant service contract with them. Immediately after the preparation of the relevant contract, the declared data are registered in a special electronic card, which is kept in the central electronic database maintained by «CHRYSANTHOPOULOS CRANES PC», and the printed contracts are kept in the secretariat of our offices. The electronic file is kept encrypted and is accessible only to selected and specialized personnel, similarly the physical file is secured in a specially designed space and is accessible only to selected and specialized personnel. Our website has an additional level of encryption, which is secured through the third party service cloudflare SSL (secure protocol).
«CHRYSANTHOPOULOS CRANES PC» collects Personal Data in the context of traffic either during your communication with it or through the Contact Form available on the site, or by subscribing to the Newsletter, or during personal meetings (eg visit to offices of our company). In this case, for the collection of your data, your consent with positive energy is required and will be requested, before sending your message, before subscribing to the newsletter or before expressing interest in any of our products or services.
A special way of collecting personal data is the hyperlink payments.chrysanthopoulos.gr. This hyperlink will be sent to you in a personal e-mail upon your request, and in order to complete the preparation of the contract between us. In this case you will be asked to follow the hyperlink, enter your personal information (name, address, VAT number, Tax Identification Number, telephone and address). This information will be processed by us in order to create the debt identity, and then to cross-check the payment. We do not store or process data about your cards, as the entire payment process on your behalf takes place in a secure environment of a cooperating and approved banking institution or service. The hyperlink payments.chrysanthopoulos.gr. has an additional level of encryption, which is secured through the third party service cloudflare SSL (secure protocol). As for the other data collected, what is described above applies. «CHRYSANTHOPOULOS CRANES PC» automatically collects your IP address when visiting its website, even if as a page we can not identify you.
5.Purpose of Personal Data Collection:
The purposes for which the above personal data are processed are the following:
- A. The information of «CHRYSANTHOPOULOS CRANES PC» about the intention of the applicant (data subject) for the preparation of a relevant contract (sale, lease, services, work, etc.) with our company.
- B. The provision to the subject of the data reminders and instructions regarding the services of «CHRYSANTHOPOULOS CRANES PC» and the rights and obligations of the parties during the pre-contractual stage before the preparation of the contract.
- C. The conclusion and management of the relevant contract (sale, lease, services, work, etc.) throughout its validity or after its expiration, the communication and information of the subject, in the context of the execution of the contract.
- D. The compliance of «CHRYSANTHOPOULOS CRANES PC» with obligations imposed by the current legal and regulatory framework, including indicative of the fight against terrorism, compliance with court decisions and response to requests from public authorities outside the country (including of the subject).
- E. The analysis and management of other business risks, the management of complaints and comments, in the context of compliance of «CHRYSANTHOPOULOS CRANES PC» with a legal obligation, as well as customer satisfaction research.
- F. The establishment and exercise of legal rights of «CHRYSANTHOPOULOS CRANES PC» to defend its legal interests, in accordance with its internal policies and procedures, including those concerning the pricing of its products and services, data hosting and data analysis, file management and internal control procedures, in the context of satisfying the legal interests of «CHRYSANTHOPOULOS CRANES PC».
- G. The Protection of persons and / or goods. The purpose of protecting persons and / or goods is justified by the legal interest and / or our legal obligation to protect the site as well as the goods located in our area from illegal acts. The same applies to the safety of life, physical integrity, health as well as the property of third parties legally located in our supervised area. For more information you can find information in the relevant section: “Information on the use of video surveillance systems“.
- H. The commercial promotion of «CHRYSANTHOPOULOS CRANES PC», which will be able to send sms, e-mails and call the data subject by phone (provided he gives his consent) to inform him about new services or products he now has at the market.
It is expressly stated that the subject is entitled not to provide his consent for this (under G) processing purpose (commercial promotion), regardless of any consent for any of the above processing purposes. The provision of personal data of the subject is necessary. for the conclusion and subsequent execution of the relevant contracts of the contract for the supply of products or services, the contract for the supply of materials or services, or the employment contract. The subject is not obliged to provide them, but is informed that the non-provision of personal data that is absolutely necessary for the conclusion or execution, respectively, of any form of contract, may mean that the contract may not be concluded or executed in any of the aspects of it (eg non-payment of an allowance, if the existence of a child is not declared).
6.Legal Basis of Processing
According to the applicable legislation for the protection of personal data, the legal bases on which the data are processed are, as the case may be, the following:
– article 6 (1) of the GDPR, ie the consent of the subject to the processing of personal data concerning him, if and when the subject provides it in writing,
– article 6 (1) (b) of the GDPR, since processing is necessary for the performance of the contract of which the customer is the data party,
– article 6 par. 1 f of the GDPR, ie the service of the purposes of the legal interests of «CHRYSANTHOPOULOS CRANES PC» for its effective operation, as these legal interests are described in the purposes
7.Transfer of Personal Data & Categories of recipients
«CHRYSANTHOPOULOS CRANES PC» may transmit the data (absolutely necessary each time) to other organizations if this is necessary for the execution of your contract, as in the case where in part or in whole the contract is executed by another provider, or a license is required to provide a service, or combined transport by ship. It will transmit the data, also to the State as well as to Judicial and Prosecutorial Authorities, when required by law. In addition, it will transmit the data to the collaborators with «CHRYSANTHOPOULOS CRANES PC» providers within the legal operation of the contract, insurance company to cover our liability, lawyers, accountants, bailiffs. It is mentioned that the relevant transmission to public bodies is a legal obligation of «CHRYSANTHOPOULOS CRANES PC» according to article 6 par. 1 c of GDPR.
8.Manner and Duration of Personal Data Retention
Your data is stored in the company’s system and we take care of their safe keeping. The management of the server is carried out with the appropriate methods, exclusively and only by strictly limited staff of the Company itself, without the mediation of third parties. As a general principle, we keep your data exclusively for a period of time, which is necessary for each purpose processing. There are clearly certain storage periods for each category of data and it depends on our relationship (eg the provision of our service to you, if you are a member of our website), your wishes (eg if you requested their deletion ), the existence of a legal obligation (eg tax information). The rules for determining the retention period arise from ensuring the rules for data protection, the principle of limiting the storage period, the best practices of the space and the preservation of the smooth operation of the Company. However, beyond the parameters set by the same Company, there are conditions set by the competent authorities that must be taken into account. If, for example, we have provided a service to you, we retain the relevant tax information, as required by law, for a period of at least five years. Please note that even if you request the deletion of your data, we may retain some of it solely because of legal obligations or for the establishment, exercise and support of our legal claims.
9.Subject Rights and How to Exercise
Based on the General Regulation for Data Protection you have a number of rights in relation to the processing of your data by the Company. Specifically, regarding «CHRYSANTHOPOULOS CRANES PC», you have the:
Right of access, ie to submit a request to be informed if we process data and, if so what is it, and some more information, such as e.g. the purpose of processing, the recipients, etc ..
Right of correction, ie to request the correction or completion of your data.
Right of deletion, ie to request, under certain conditions, the deletion of your data.
Right of restriction of processing, ie to You ensure, under certain conditions, the restriction of the processing of your data by us.
Right of objection, ie to oppose at any time the processing of your data based on our legal interest (commercial promotion).
Right to data portability, ie to request the data you have provided to us in a structured, commonly used and machine-readable format, if this is deemed technically feasible under the provisions of the GDPR.
Finally, in case of data breach, which may pose a high risk your rights and freedoms and if this does not fall within one of the exceptions provided for in the GDPR, we have an obligation to We inform you without undue delay.
Compliance with the legal framework for data processing and, in this context, the exercise of your rights, is a priority for the Company. For this reason, we have the right to request the provision of additional information, which is necessary to confirm your identity before exercising your rights. In principle, we are obliged to respond to your request immediately and within one month at the latest. If necessary, taking into account the complexity of your request and the number of pending requests, this deadline may be extended by another two months. In any case, we will inform you as soon as possible and, in any case within one month from the submission of your request, about its development and the reason for the possible delay of its satisfaction. In case your requests are manifestly unfounded or excessive, especially due to their repetitive nature, the Company may either impose a reasonable fee, taking into account the administrative costs for providing the information or the announcement or execution of the requested action, or refuse to follow up on your request. In case you consider that we do not comply with the legislation on personal data protection, you have the right to file a complaint to the competent supervisory authority (in Greece the Personal Data Protection Authority). For any question or issue you face regarding the protection of your data by us, please do not hesitate to contact us at [email protected].
Cookies are pieces of information in the form of very small text, stored in the browser you use on your PC on your Smartphone & tablet (Chrome, Mozilla Firefox etc), helping the most efficient operation of our site. Cookies do not in any way cause harm to users’ computers or to the files stored on them. The information stored in cookies is used for identification & optimization purposes, and is categorized as follows:
A. Necessary Cookies: They allow the execution of basic functions of the site for the provision of the internet service. Our page uses: _cfduid: This cookie is set / placed by Cloudfare. Used to identify individual clients behind a shared IP address and apply security settings per client. Does not match any user IDs in the web application and does not store personally identifiable information. It keeps for four weeks. This does not require the consent of the visitor. PHPSESSID: this cookie is native to php applications. The cookie is used to store and identify the unique user login ID in order to manage the user login to the site. It is a session cookie and is deleted when all browser windows are closed.
B. Functionality cookies: These cookies “memorize” your preferences when you browse our site, so we can recommend the right products based on your needs. We do not collect cookies in this category unless you specifically provide us with your consent, and at any time you have the option to change the selection settings (remove your consent) .pll_language: this cookie is set by add polylang for sites supported by WordPress. The cookie stores the language code of the last page. Stored for one year.
C. Statistical Cookies: Statistical cookies or analytics cookies are a subset of functionality cookies and enable us to evaluate the effectiveness of the various functions of our site in order to continuously improve the experience we offer you. We do not collect cookies in this category, unless you specifically provide us with your consent, and at any time you have the opportunity to change the selection settings (withdraw your consent).
D. Promotion Cookies: Promotion cookies are used to promote ads that are more relevant to the user and his interests. They are also used to send targeted advertising aimed at reducing bulk, unwanted and pointless advertising messages. We do not collect cookies in this category, unless you specifically provide us with your consent, and at any time you have the opportunity to change the selection settings (withdraw your consent).
Our content and services are aimed solely at people over the age of 18 and we do not knowingly collect any information about people under this age limit. If you are under 18 years old, you are not allowed to submit your information to us in any way. As it is not technically possible to effectively control your age in all cases, we undertake, in the event that the submission of personal data concerning minors is reported and verified, to delete all relevant information immediately. This deletion is without prejudice to the need to comply with the data in case of establishment, exercise or support of our legal claims, or the provision of consent by a guardian.
13.Changes in policy and information
If you have any questions about our Policy or how we process your data in general, we have designated Vassilios Chrysanthopoulos as the person to whom the Subjects may contact and you can contact him at the email: [email protected] or by phone +302610.990500 or (by appointment) at the address Rio Patras, Thrakis Street, number 1. In case the Company does not respond to any request of the subject or the subject is not satisfied with the answer of the Company, the subject reserves the right to appeal to the Authority Personal Data Protection (www.dpa.gr), Offices: 1-3 Kifissias, PC 115 23, Athens, Call Center: + 30-210 6475600, Fax: + 30-210 6475628, email: [email protected].