COMPANY PRIVACY POLICY
A. DATA RESPONSIBLE
A.1 The company CHEMICRON IKE (hereinafter referred to as “The Company”) with headquarters in Thessaloniki, 10th Km Thessaloniki Athens, e-mail: info@chemicron.com, is responsible for the processing of your data.
A.2 The Company has appointed a Personal Data Protection Officer and for any matter concerning your rights you can contact the e-mail: info@chemicron.com
B. GENERAL PRINCIPLES REGARDING GDPR
B.1 The information you request from us, as well as the information in this document, is provided free of charge provided that it is reasonable, not excessive and will not be repetitive. Otherwise, the company may impose a charge with corresponding costs or refuse to provide the information of your request.
B.2 If the company has doubts regarding your identity when submitting a request to exercise your rights, it may request more information to confirm your details and process your request.
B.3 The Company will respond to your above rights within a period of one (1) month from the submission of the request or in four (4) months in special cases (e.g. complex request, request of a high degree of difficulty, large number of requests etc.). As long as the Company has legitimate reasons as defined in the General Regulation on the Protection of Personal Data (GDPR 2016/679), it has the possibility to refuse the provision of information. In case of a longer delay than stipulated or if you believe that your right is being violated, you have the right to submit a complaint to the supervisory authority with the following information: Personal Data Authority, Kifisias 1-3, PO Box 115 23, Athens, e-mail: contact@dpa.gr, tel. 2106475600. You have the right to withdraw consent by submitting a request to the Personal Data Protection Officer at e-mail: info@chemicron.com
B.4 The effective protection of personal data requires strengthening and the detailed definition of the rights of data subjects. The General Regulation on the Protection of Personal Data refers to the way of providing information in a “concise, transparent, understandable and easily accessible form” using clear and simple wording. The information can be provided either in writing or electronically.
C. PURPOSE OF DATA PROCESSING
C.1 Partners – Customers – Suppliers – Employees
For active customers, suppliers, partners of our company, the purpose of processing your data is only the execution of the contract between us and compliance with tax legislation.
The legal basis is the execution of the contract between us and compliance with applicable law. The retention time for your data is that set by tax law and beyond its expiration will be deleted.
C.2 Potential Partners – Customers – Suppliers
Regarding prospective partners, customers, suppliers, we are letting you know that your personal data (name, phone, e-mail, address, etc.) which you have made available to our company through a digital or printed contact form, e-mail, telephone etc. purpose is to investigate the possibility of cooperation or transaction between us. The legal basis is the legitimate interest of our company to enter into a commercial agreement with you. The retention period of the data is 12 months, after which it will be deleted.
C.3 Potential Employees
For potential employees, the purpose of receiving your CV is to evaluate your potential for employment by our company with your consent as a legal basis. The retention period is 6 months, after which they will be deleted.
C.4 Transfer of data outside the company
Transfer of your data outside the company is permitted if this is required by law (Labor Inspection, Insurance agencies, Tax Office, etc.). Additionally, data may be transferred to IT technicians and network, software providers for IT support of the company, as well as to any third parties cooperating with the company for its smooth operation (such as Accountants, Transport companies etc.)
D. RIGHTS
D.1 Right to information
You have the right to request information on the personal data we maintain and have collected from you.
D.2 Right of access – correction
Our company has the obligation, as long as it is requested, to give you access to the data we hold and which concern you, as well as to confirm whether or not your data is being processed, the purposes of the processing, the categories of data, the recipients, etc. a. You also have the right to request correction of the data in case they have been changed or entered incorrectly.
You retain the right to complain to the supervisory authority if the available information has not been made available by you and you detect the existence of profiling and automated decision-making.
D.3 Right to be forgotten – deletion
It is one of the flags of the regulatory reform effort.
In case that your personal data is not necessary for the purpose of their collection or you consider them illegal, you have the right to request their complete or partial deletion.
The company within a period of one month or in four (4) months in special cases (e.g. a complex request, a request of a high degree of difficulty, a large number of requests, etc.) is obliged to respond to you regarding the progress of your request.
In case of impossibility of erasure, you have the right to submit a complaint to the supervisory authority (Personal Data Authority, Kifissias 1-3, PO Box 115 23, Athens, e-mail: contact@dpa.gr, tel. 2106475600) or to bring legal action.
In the event that you consider the processing of the data illegal but do not wish to delete it due to a possible legal claim, question the accuracy of your data or consider that your rights override the reasons for processing by the Company, you have the right to request the restriction of the processing of personal data you (quantitatively, temporally and in relation to the purpose of processing).
You have the possibility to object to the use of the processed data by the Company for the purposes of commercial promotion and especially the profiling related to commercial promotion.
D.4 Right of portability
You have the right to receive and transfer your data to a third party without any objection from the company, as well as, upon your request, the ability of direct transfer without your own mediation.
E. DATA SECURITY – WARRANTIES
The Company takes all the necessary technical and organizational measures to protect your data as defined by law and exclusively for the above purposes.
The Company will not forward your personal data except in the cases required by law (Tax authorities, Insurance agencies, etc.) and to the service providers supporting the Company’s information systems.