The sole proprietorship of Theofanis Dimitriadis of Konstantinos with the distinctive title “ Gall é“, which is based in Kavala, 113 Omonias, PC 65302 (“ Business“) takes users’ privacy very seriously and undertakes to fully comply with applicable law (Regulation (EU) 2016/679 – hereinafter “GDPR” regulation> »).
Data controller and DPO
The Data Processing Officer is Theofanis Dimitriadis of Konstantinos, resident of Kavala, 113 Omonias, PC 65302 (“ Processor“).
You can contact the Data Protection Officer (“DPO”) at the following address: firstname.lastname@example.org (e-mail).
The Data we process
The following data can be processed:
the normal personal data that you may provide when using the Website features, including browser data or requests to use the services offered on the Website (e.g. registration in restricted areas, contests and other initiatives that may be available on the Website, use of Applications, requests for information and reports also submitted through contact forms, etc.), as well as data collected by cookies as defined in the Cookies Policy;
Why and how we process your personal information
With your consent, the Company may process your usual personal data to ensure that you can take advantage of the services and functions available and to optimize their performance, collect usage statistics, and manage requests and reports received through the Website and to manage your registration in any restricted areas and initiatives (eg tenders) that may exist on the Website in accordance with Article 6.1.a of the GDPR. The Company may also process your personal data in order to fulfill its obligations under European Union laws, regulations and law: the legal basis for such processing is Article 6 (1) (c) of the GDPR.
In addition, with your voluntary consent, your usual personal data may also be used in the official publications of the Company or in advertising activities (marketing), ie in the context of sending advertising material and / or commercial communications concerning the services of the Company in the contact details. reported using traditional methods and / or communication methods (eg mail, telephone, etc.) or automated media (eg Internet, fax, e-mail, text messaging, mobile applications, such as smartphones and tablets, social media accounts, eg Facebook or Twitter, etc.). The legal basis for this purpose is Article 6 (1) (a) of the GDPR.
Finally, the Company can process your usual and sensitive personal data to protect its rights in litigation.
All your data is processed using automatic and electronic tools that are suitable to fully ensure security and confidentiality.
Required editing and optional editing
The forms that must be completed on this Website require you to provide the personal data that is absolutely necessary for the processing of your messages and requests. This data is marked with an asterisk [*], ie the required fields. If you do not wish to produce them, we will not be able to process your messages / requests.
On the other hand, some forms may provide the possibility of providing personal data that is not absolutely necessary for the processing of your requests: the provision of such data is optional and non-submission has no consequences.
Links to other sites
How we store data and for how long
Pursuant to Article 5 (1) (c) of the GDPR Regulation, the computers and software used by the Company are set up in such a way as to minimize the use of personal data and identification data. This data is processed only to the extent necessary to achieve the objectives set out in this Policy and will be stored for as long as is absolutely necessary to achieve the specific objectives pursued. In any case, the criterion used to determine the storage period is based on compliance with the deadlines allowed by law and the principles of data minimization, storage limitation or rational management of our files.
How we ensure the security and quality of your personal data
The Company undertakes the obligation to ensure the security of the user’s personal data and to comply with the security provisions provided by law for the prevention of data loss, illegal or irregular use of data or unauthorized access to data, with special but not exclusive reference to Articles 25-32 of the GDPR. The Company uses many types of advanced technologies and security procedures to protect the user’s personal data. For example, personal data is stored on secure servers located in facilities with protected and controlled access. The user can help the Company to update and correct his personal data, announcing any change of address, qualifications, contact details, etc.
People who have access to the data
Individuals in the following categories are authorized to process user data: technical and administrative staff, IT staff, product managers, and other staff members who must process the data in order to perform their duties.
The Data may also be disclosed to third countries: (i) institutions, authorities, public bodies for institutional purposes; (ii) professionals, independent consultants – or working