Privacy Policy
WEBSITE PRIVACY AND PERSONAL DATA PROTECTION POLICY
The Website https://www.gepalift.gr, hereafter the “Website”, is managed by the P.C. under the trading name “GEPALIFT P.C.” that is based in the Ind. Area of Aridaia, Municipality of Almopia, Pref. of Pella, tel. 2384024040, which is the Controller of personal data collected from you when you visit our Website and use our web services, i.e. all information that identifies you as a person or can identify you directly or indirectly.
Data Controller shall mean a natural person or legal entity, public authority, service, or other entity that, either solely or jointly with others, determine the data processing purposes and method; when the purposes and method of this processing are determined by EU or Member State law, the data controller or special criteria for their appointment may be provided for by EU or Member State law.
Personal data shall mean any information that refers to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person whose identity can be determined, directly or indirectly, especially by reference to an identifier, such as name, ID card number, location data, online identifier, or one or more factors that are specific to the physical, physiological, genetic, mental, financial, cultural, or social identity of that natural person.
Personal data processing shall mean any activity or series of activities that take place with or without the use of automated means, on data or sets of personal data, such as collection, entry, organization, structuring, storage, adaptation or change, retrieval, information search, use, disclosure through transmission, transmission or other form of distribution, correlation or combination, restriction, and erasure or destruction, whether they are in electronic (electronic record) or print form (physical record).
Data Processor shall mean any natural person or legal entity, public authority, service, or other entity that processes personal data on behalf of the Data Controller.
The Data Controller has appointed a Data Protection Officer with responsibilities and duties that are described in the General Data Protection Regulation, whom you can contact through email at: dpo.officer@gepalift.com.
The Company takes the protection of your privacy and personal data very seriously and has taken all the necessary measures, in order to keep secure and confidential any information that refers to the visitors/users of its Website.
You are kindly requested to read carefully our Website Privacy and Personal Data Protection Policy herein, in order to be informed about any information that is collected from you, when you visit it and make use of its online services and information posted on it and using it, as well as about your rights.
This Policy serves to inform data subjects pursuant to article 13 of the EU General Data Protection Regulation 679/2016.
What personal data are collected by the website and for what purpose
Just browsing our Website does not require from a visitor/user to provide/enter any personal data. However, by just visiting and browsing the Website, it is possible that certain information is automatically collected that can be used to directly or indirectly identify you, such as: your computer’s internet protocol (ΙΡ) address, type of browser and operating system, websites that you visited right before and after visiting the website, connection speed and information about the software programs that are installed on the computer, key information about the server connection, and other information that is collected through HTML cookies, Flash cookies, web beacons, and other similar technologies. These data are used for statistical analysis. In order to learn more about how our Website is used by its users, we keep a summary and analyze the data that we collect. We may use this information, for example, in order to monitor and analyze the use of the Website, improve its functionality, and configure its content and design better and according to the needs of our visitors.
The Company also collects the following personal data: full name, email address, landline phone no., mobile phone no.
These data are solely and exclusively used for communication purposes. Collection takes place through the contact form that can be found on the website, in the “Contact” section, and can only take place if a user completes their data themselves by giving their consent to this data collection (there is a special consent button). In addition, on the same website, a visitor/user has the option of choosing to receive newsletters from the company directly to their email address, and they can unsubscribe from them at any time.
Legal Basis
In order for processing under the General Data Protection Regulation to be lawful, the Company relies on meeting the requirement of lawful processing, prior to proceeding with personal data processing. The legal basis for this processing is your consent.
With regard to information that is automatically collected from your browsing of our Website, you are kindly requested to refrain from visiting it, unless you want this information to be collected and processed.
Data retention period
The Company shall retain your personal data, which it collects through the Website, for a period of two (2) years.
Information security
The Company implements reasonable technical and organizational security policies, in order to protect your personal data and information from loss, misuse, change, or damage.
We are fully committed to ensuring the security of your personal data. In order to achieve this, we implement all up-to-date and appropriate technical and organizational measures for the purposes of processing, the responsiveness and efficiency of which, we monitor on a regular basis. The above measures include, indicatively and not limited to, the installation of protection systems from viruses (antivirus, firewall, etc.) and external malicious users.
The Company respects your right to protect your privacy and details about you, and for this reason, it uses this information for the previously mentioned purposes. Therefore, it shall not disclose, transmit, or make any information about you accessible to third parties, unless this is required, in order to meet the processing purposes previously described in this Policy.
Our company implements strict security rules with regard to handling personal data and providing access of third parties to its registers and records. The Company shall only share your personal data, if this is required, in order to perform applicable procedures or meet an obligation as required by law.
The recipients of personal data shall be any authorized employees of the Company, who are responsible for running your tasks on the Website and meeting its obligations, as required by law, natural persons or legal entities, indicatively but not limited to, such as IT and maintenance companies, etc., which are required to adhere to the legal framework.
Our Company may assign, from time to time, the processing of your data to third parties that are referred to as “Data Processor”. In this case, the relevant information to be transmitted shall be limited to the absolutely essential minimum and shall be used for this specific purpose. Furthermore, each Data Processor shall provide to our Company sufficient confirmations, that they shall process your personal data pursuant to the Regulation, safeguarding your rights, at the same time, as they result from the Regulation (e.g. by signing agreements to keep your data confidential and protect them).
Your rights
You may exercise, as appropriate, the following rights:
- Right to information/transparency: You have the right to information, i.e. know who processes your data, what these data are, and for what purpose, as we have stated above in plain language
- Right to invoke consent: You have the right at any time, to revoke your consent to the collection and processing of your personal data.
- Right to access data: You have the right to request to have access, i.e. be informed about the purposes of processing, relevant categories of personal data, recipients to whom the data were disclosed or are going to be disclosed, period of storing them, having the right to rectification or erasure of data or restriction of their processing or the right to refuse processing, information about the origin of data and having automated decision-making in place, including profiling and information about the reasoning followed.
- Right to rectification: You have the right to request the rectification of inaccurate data, as well as filling of incomplete data that refer to you.
- Right to erasure (right to be forgotten): You have the right to request to have your personal data erased from our records, provided, however, that their processing is no longer required, or it is not required to retain your data, in order to defend our rights before the Courts.
- Right to restriction of processing: You have the right to request the restriction of processing of your personal data.
- Right to portability: You have the right to have your rights transferred into a structured and commonly used format to another data controller.
- Right to object: You have the right to object the processing of your data at any time, and for reasons that are related to your special circumstances, with regard to the processing of personal data that refer to you.
- Right to human intervention You have the right to right to lodge objections, when a decision that affects you is solely based on automated processing, including profiling, and this decision has legal effects or affects you to a significant extent.
In order to exercise the above rights of yours, you may contact the Company, in writing, by sending a letter, to the address: Ind. Area of Aridaia, PC 58400, or by sending an e-mail message to the email address: info@gepalift.com.
The Company shall do its best to respond to any relevant request of yours within thirty days from receiving it. However, in the event that, due to the complexity of your request or due to the volume of information, it is not possible to grant your request within thirty days, the Company shall be bound to inform you within the above deadline, in writing, about the reasons of the delay, and do its best to grant your request as soon as possible, and in any case, within two further months.
The Company reserves the right not to grant your request, in the event that it is believed to be evidently groundless or excessive, informing you about the reasons for not granting it.
The Company has appointed a Data Protection Officer with the responsibilities and duties that are described in the GDPR, whom you can contact through email at: dpo.officer@gepalift.com.
In any case, you have the right to file a complaint with the Hellenic Data Protection Authority, in writing (1-3 Kifisias Ave., PC 115 23, Athens) or online (www.dpa.gr) or by email to the address: complaints@dpa.gr or in other ways that are listed in detail on the website of the Hellenic Data Protection Authority (www.dpa.gr).
This privacy policy and the rights and obligations emanating from it are governed by the provisions of Greek Law on the protection of personal data and regulation (EU) 479/2016 and its amendments through subsequent acts and directives
The Courts at the registered office of the company shall be exclusively competent to resolve any disputes arising from this privacy policy and its force and interpretation, and the operation of the Website. The company reserves all its statutory rights. If a term of the privacy policy is declared void or voidable, it automatically ceases to be valid, without, however, affecting the validity of the other terms.
Cookies POLICY
What are Cookies?
Cookies are small files containing data that a website requests from the visitor’s browser to store in the visitor’s computer or mobile device (smartphone, tablet, etc.). After cookies are stored in the visitor’s device, they allow that website to “remember” the visitor’s activities, as well as preferences. Each cookie performs a different function, since there are cookies that are essential for a website to run smoothly, while there are others, e.g. ads cookies, which are used for advertising purposes.
What cookies are collected and what purpose does each one of them serve?
In specific, cookies are used on the website to identify a visitor-user, and also, in order to remember the latter’s preferences (session cookies). Thus, when a visitor browses or visits the website at a later point in time, he or she will not have to enter information again. These cookies are solely used for the above purposes, and for the convenience of a user-visitor of the website.
Finally, third party cookies are also used, such as:
– Google Ads and Google Analytics cookies, Meta pixel cookies (Facebook, Instagram), MailChimp cookies, always upon express consent of the user: Google AdWords and Google Analytics cookies. These cookies are used to promote and advertise the website online, and are part of the Google Ads service and the Google Analytics application, which collect statistical data. However, through the Google Analytics application it is possible to make use of the option of anonymizing the visitor’s IP address, in order to make it impossible to identify the IP address of any user, and therefore making it impossible to identify the user.
– Meta Pixel cookies (Facebook, Instagram). These cookies are used to promote and advertise the website, so that we can get performance data on any advertising campaign of ours.
– MailChimp Cookies. They are essential for offering the option to a user to subscribe to newsletters of the company and identifying that person in case of unsubscribing.
How does the acceptance/installation and control/deletion of cookies take place?
The acceptance, rejection, or modification of cookies by a visitor takes place upon his or her first visit to the website, through a special mechanism that fully complies with the provisions of the GDPR. In specific, the cookies policy is displayed through an emerging window, on which, a user can choose to accept (in part or in full) the cookies used by the website, while he or she can also modify them later on, by opening the special options window. In any case, the cookies that exist in the computer of a user may also be deleted by the user himself or herself through the settings of the browser program that he or she uses, at any time, and regardless of the time of his or her visit to a specific website.
Changes to the Cookies Policy
Any change implemented on the Cookies Policy shall be notified to the visitors/users of the Website through this Cookies Policy.