The company with the name Dionysios Dimoulitsas - Petretin. Based in Corfu, Greece 51 Nikiforou Theotoki street hereinafter the Company, to the sole ownership of which the website www.petretin.com and all content processes the personal data of visitors / users in accordance with European Regulation 2016/679, also known as the GDPR (GDPR) as well as the relevant national legal framework for the protection of personal data (Law 4624/2019), by which is fully committed.
The Company respects and is committed to protecting the personal data and personal privacy of each visitor / user of the website. This Personal Data Protection Policy (hereinafter referred to as “the Policy”) sets out this commitment of the Company as it summarizes the data that the Company may collect or process, how to use them as well as information on the actions in which it may or the visitor / user of the site must proceed to the processing of his personal information during his visit to the site.
2. Principles Governing Data Processing
When processing your personal data on its website, the company complies with the principles governing the legal processing of data (no. 5 GKPD) and specifically:
The principle of legality, objectivity and transparency, in accordance with this specific principle, data shall be processed lawfully and in a transparent manner.
The principle of limitation of purpose, according to which data are collected for specified, explicit and lawful purposes and are not further processed in a manner incompatible with those purposes.
The principle of proportionality “data minimization”, according to which the data processed are appropriate, relevant and necessary for the intended processing purposes.
The principle of data accuracy, according to which the data is accurate and when necessary updated.
The principle of integrity and confidentiality, according to which data is processed in a way that guarantees their safety and protection from illegal processing, loss, destruction or deterioration.
The principle of determining the duration of processing “limitation of the storage period”, according to which the data must be kept in a form that allows the identification of data subjects only for the time required to achieve the purposes of processing.
The principle of accountability of the controller, according to which the controller is responsible and should be able to demonstrate compliance with the Regulation before the supervisory authorities and the courts.
3. Purposes of the Processing
The company collects with your explicit consent, only personal data, which are absolutely necessary in order to satisfy your requests and to provide you with the services you choose under the best conditions and in the most efficient way. If and where additional information is required, you will be informed at the time of data collection and you will be asked for consent again.
The company collects data:
For the execution of all kinds of contracts that it concludes with the visitors / users
The issuance of relevant sales documents, in accordance with applicable law
For the promotion and advertising of its. products and services
For compliance with its legal obligations or the fulfillment of its legal interests.
For its legal and judicial protection.
The processing of personal data of visitors / users is legal in accordance with European Regulation 679/2016. The legal bases for the processing of data by the company are either divisive or cumulative, the consent of the data subject, the execution of a contract to which the subject is a party, compliance with our legal obligations, the fulfillment of our legal interests and the safeguarding the vital interest of the data subject or other natural person, the performance of a duty performed in the public interest or in the exercise of public authority delegated to the controller.
If the processing of the aforementioned data is based on the consent, the company applies all the procedures provided for the legal acquisition of this consent as provided in Article 7 of Regulation 679/2016. The legal bases for the processing of data by the company are either divisive or cumulative, the consent of the data subject, the execution of a contract to which the subject is a party, compliance with our legal obligations, the fulfillment of our legal interests and the safeguarding the vital interest of the data subject or other natural person, the performance of a duty performed in the public interest or in the exercise of public authority delegated to the controller.
If the processing of the aforementioned data is based on the consent, the company applies all the procedures provided for the legal acquisition of this consent as provided in Article 7 of Regulation 679/2016
The personal data of the visitors / users are not used for purposes other than those mentioned herein, unless the company obtains their permission, or unless required or permitted by law such as the exceptions provided by Article 25 of Law 4624 / 2019.
4. Data we process
The personal data that we will process is the identification data that you provide to us directly, either through purchases or through other means, such as, for example, questions or complaints addressed to the Company.
Specifically, your personal data processed are included in the following categories: Identification data: name, surname, residence, email address, telephone number, number and details of personal identification documents.
Financial data: credit / debit card data or other payment data.
Location: If you use location-based features and have tracking services enabled in your PC or mobile settings, this is your real-time geographic location, IP address, and location of public Wi-Fi hotspots and antennas telephony. In any case, the Company is not responsible for the use of false, inaccurate, incomplete or uninformed information provided by the visitor / user.
The Company will be able to keep a file and process the personal data of the visitor / user, which will be contained in its knowledge, through the website. The collection and processing of personal data by the Company will be done only with the consent of the visitor / user, who will provide them voluntarily in order to provide access to the above applications or services that will be available through the website.
The registration of the data of the visitor / user during his registration in the website will imply his consent in the collection, use and transmission of these according to the terms of this Policy. The visitor / user, however, will be further specifically and explicitly requested to give their consent to this, accepting this Policy before completing the registration process.
In particular, the visitor / user will accept and consent as the Company under the terms of applicable law as in force, will keep a file and will process his personal data, which will be collected through the website, in order to access the provided electronic applications, its service, support and execution of the transaction relationship between the visitor / user and the Company, as well as for statistical purposes and for the purposes of information and promotion of the Company’s products and services with the specific consent of the Company.
It is clarified that the personal data processed by the Company, are intended exclusively to ensure the operation of the website and may not be used by the Company or any third party, without complying with the provisions of applicable law on the protection of personal data processing. , as it applies each time. The Company acts in accordance with applicable law and aims at the best application of good practice regarding the internet.
5. Data Collection
The company can collect your data in the following ways:
From expressions of interest for the sale of our products.
From all kinds of contracts that we conclude either with the data subjects themselves, or with the legal or natural persons, with whom the data subjects are directly or indirectly related.
From sending a contact form.
Communication with a company representative via e-mail, telephone or mail.
Subscribe to a company newsletter.
Cookies stored on your computer or mobile device when you visit our Website.
6. Recipients of the Data
Recipients of data are the employees of the Company responsible for each processing, who are bound by confidentiality clauses and protection of personal data.
Natural or legal persons to whom we assign the execution of specific tasks on our behalf in the context of the contracts we conclude (eg transport companies). These persons are “performing the processing”.
Banks and credit institutions based in Greece that have been licensed and operate legally, for the purpose of executing contracts or transactions.
Supervisory, auditing, independent, judicial, public and / or other authorities and bodies within the framework of their statutory responsibilities, duties and powers for the purpose of our compliance with our legal obligations and / or fulfillment of our legal interests.
Companies of financial advisers and statutory auditors in the context of their statutory responsibilities, duties and powers and for the purpose of fulfilling our legal interests.
Our employees, our suppliers, our partners for the purpose of fulfilling our contractual obligations towards our customers.
7. Processing of Personal Data by Third Parties
8. Security of Personal Data
The Company has experienced and specialized staff and takes the appropriate technical and organizational measures to ensure that your personal data is transferred, stored and processed, in accordance with the appropriate security measures (anonymization, pseudonymization, data encryption, use of firewalls, authorized employees, training limited access), and in accordance with the terms of this Protection Policy and Declaration and Regulation 679/2016 on the protection of personal data. Any employee or associate of our company has access to your personal data, uses it to serve exclusively the following purposes.
We implement data management and security systems to ensure the protection of data from loss, prohibited transmission or access as well as any other form of unfair processing. We have adopted procedures that protect the personal data that users provide to the site or provide by any other means (eg by telephone). These processes protect users’ data from any unauthorized access or disclosure, loss or misuse, and alteration or destruction. They also help to ensure that this information is accurate and used properly. Your connection to the site is secure because it uses SSL (128bit) security protocol. SSL (Secure Dockets Layer) is universally accepted as the standard of Internet security, certifying web pages for users and encrypting data exchanged between web users and web servers. According to the SSL security system, the information exchanged between a user and a server is encrypted by the sending software and then decrypted by the receiver software, thus ensuring the protection of any personal information exchanged. In addition, all information sent under the SSL protocol is protected through a process that automatically detects any falsification of sensitive data during transport.
9. Duration of Data Maintenance and Deletion
We retain the data only for as long as it is necessary to fulfill the purpose for which it was collected.
The personal data, which will be collected by the Company, will be safely kept for as long as the visitor / user is registered in a service of the Company or is required based on the intended purpose and will be deleted if the processing reasons mentioned here in disappear, taking into account any obligations of the Company under applicable law. In any case if the visitor / user does not visit or does not use the website for a period of time 4 years his data will be deleted.
If by the end of the above period legal proceedings are in progress in which the Company is a party, the above time of data retention will be extended until an irrevocable decision is issued.
10. Right of Subject Personal Data
The visitors / users and regarding the processing of their personal data, which are required by the services of the Company, have the following rights:
Right of access: knowing what kind of data we process about your person. Right of correction: you can request a change of your data if it is inaccurate or untrue.
Right to delete (forget): you can request the deletion of your data when it is no longer necessary to process it.
Restriction right: the labeling of stored personal data in order to limit their processing in the future.
Right of objection: you can request the end of sending commercial updates.
Right to portability: allows the person concerned to receive his / her personal data in a structured, commonly used and machine-readable format to transfer, copy or transmit it to another person in charge.
Right to withdraw consent. You can withdraw your consent by notifying us by email at firstname.lastname@example.org.
In case of exercise of one of the above rights, the Company will take all necessary measures to satisfy the relevant request within the time limits provided by law by informing the visitor / user in writing of the satisfaction of the request, otherwise for the reasons that prevent the exercise. or the satisfaction of that right.
To exercise his rights, each visitor / user can contact the Company and submit his request in writing to the following email address email@example.com under the auspices of the Data Protection Officer.
Also, every visitor / user has the right to apply to the competent supervisory authority (Greek Personal Data Protection Authority), which examines written complaints in accordance with the instructions provided on its website (www.dpa.gr), in case of objection. in the processing by the Company of its data.
11. Travel Statistical Information
In some cases technical information that is not personally identifiable may be collected automatically (eg not through registration) when a visitor / user visits or uses the site. Examples of this type of information that can be collected are browser, computer operating system, domain name of the website from which it was connected, location.
Cookies are data files, which are transferred from a web server to the computer of the person visiting the website.
Cookies are an industry standard, used by most websites and facilitate the repeated access of visitors / users to a specific website and its use.
Cookies are not harmful to the visitor / user’s computer system or to its files and only the website from which a specific cookie was transferred to the visitor / user’s computer can be read, modified or deleted. In this way, the site remembers the actions and preferences of the visitors / users for a period of time, in order to have, for example, personalization of online ads, traffic analysis or other statistical analysis, and provision of the services they have requested. This way, each visitor / user does not have to enter their preferences every time they visit the site. The Company and its specially authorized partners have access to any information regarding cookies.
If you do not wish to collect information through cookies you can use the settings of most web browsers, with which you can delete existing cookies and choose whether to automatically reject future cookies or decide to reject them. or accept any specific cookies on your computer. It is noted that the rejection of cookies may have the effect of making it difficult or impossible to use certain parts of the Website.
13. Other Terms
The Protection Policy may be reviewed and / or updated at any time without notice. The Company will post the current version of the Policy, in order to inform the visitor / user, who will be considered to accept the new Policy by continuing to use the website or its services. For this reason, every visitor / user of the site is kindly requested to check the Policy at regular intervals.
If a visitor / user does not agree with the terms of the Policy provided in this section must not use the pages / services of the site.