Object of the Privacy Policy. The company GOLDEN CARS SERVICES based in Chalkokondyli 35 Athens 10432 with Tax Identification Number: 801438046 - A Tax Office of ATHENS, with the present Civil Data Protection Policy aims to inform the users of this website https://goldencars.gr/ on the manner and purpose of processing their personal data. Our Company, as the Processor, collects and processes personal data of the users of the Website, only if it is absolutely necessary, for clear and legal purposes, in accordance with the existing legislation on personal data protection.
Definitions
For the purposes of this Policy, the following terms have the following meaning:
any information relating to an identifiable or identifiable natural person ("data subject"); location data, online identity or one or more factors that characterize the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
"Special categories of personal data":
personal data disclosing racial or ethnic origin, political views, religious or philosophical beliefs or trade union affiliation, as well as the processing of genetic data, biometric data for the purpose of concerning the sexual life of a natural person or sexual orientation.
"Processing":any operation or series of operations performed with or without the use of automated means, on personal data or on personal data sets, such as the collection, registration, organization, structure, storage, adaptation or modification, retrieval , the search for information, its use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
"Anonymize":the processing of personal data in such a way that the data can no longer be attributed to a specific data subject.
"Nickname": the processing of personal data in such a way that the data can no longer be attributed to a particular data subject without the use of additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that it cannot be rendered to an identified or identifiable natural person.
"Processor":the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and manner of processing personal data; where the purposes and manner of such processing are determined by Union law or the law of a Member State, the controller or the specific criteria for his appointment may be laid down by Union law or the law of a Member State. In this case, the Company acts as the Controller.
"Person performing the processing":the natural or legal person, public authority, service or other body that processes personal data on behalf of the controller.
"Processing Subject":the natural person whose personal data are being processed. In this case, every user of our Website is considered as the subject of processing.
"Consent"of the data subject: any indication of will, free, specific, explicit and fully aware, with which the data subject expresses that he agrees, with a statement or with a clear positive action, to process the personal data concerning him.
"Violation of personal data":breach of security that results in accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed.
"Existing legislation":The respective national and EU legislation on personal data protection and specifically the General Data Protection Regulation (EU) 2016/679 (hereinafter "GKPD"), Law 4624/2019 as well as the Decisions, Instructions and Opinions of the Personal Data Protection Authority (hereinafter referred to as "APDPX").
Personal Data We Collect and Process, Purpose of Processing and Legal Basis.
A.1) Personal data collected through live chat "How can we serve you?"
The specific service aims at the immediate service of the user, through live chat that is available through the option "How can we serve you?". If the user wishes to use this service, he must accept the Terms of Use and this Privacy Policy.
A.2) Purpose of Processing and Legal Basis.
The purpose of the collection and processing of such personal data is the immediate and best service to users. The legal basis for the processing of personal data is the legal interest of the Company to provide high quality services to its customers and users of the Website.
B.1) Personal data collected through the contact form.
Through the contact form, the user has the opportunity to contact the Company for any requests, questions, clarifications, complaints, etc. In case the user wishes to use the service, he must fill in the relevant fields the name, email the subject, the relevant message and to accept the Terms of Use and the present Privacy Policy.
B.2) Purpose of Processing and Legal Basis.
The purpose of the collection and processing of such personal data is the optimal response and service of the user. The legal basis for the processing of personal data is the legal interest of the Company to provide high quality services to its customers and users of the Website (GCP article 6 par. 1f).
C.1) Personal data collected through the Company's evaluation form.
By filling in the evaluation form of the Company "Your Opinion Matters" and by accepting the Terms of Use and the Privacy Policy of the Company, the user can express his opinion about the quality of the services provided by the Company.
C.2) Purpose of Processing and Legal Basis.
The purpose of the collection and processing of such personal data is to improve the services provided by the Company. The legal basis for the processing of personal data is the legal interest of the Company to improve the services it provides to its customers and users of the Website (GCP article 6 par. 1f).
D.1) Personal data collected from the use of cookies.
While browsing our site we may collect some essential information related to the traffic to the respective website, such as the web address (IP address) and the type of browser used by the user, etc. For more information on by using the cookies on our website, you can refer to the Cookies Policy of our Company.
D.2) Purpose of Processing and Legal Basis.
The purpose of collecting and processing this data is to improve the functionality of the Website and the services provided as well as the analysis of its traffic. The legal basis for the processing of personal data is the consent of the user (GCP article 6 par. 1a) which is provided by the acceptance of these cookies, with the exception of the absolutely necessary cookies which are permanently installed and are absolutely necessary for its operation. isotope, for which the legal basis of processing is the legal interest of the Company (GCP article 6 par. 1 f).
Personal Data of Minors
The Company is not addressed to minors and does not wish to collect and process personal data of minors (ie persons under 18 years of age). However, as it is impossible to cross-check and verify the age of the users of our Website, we ask the parents / guardians of the minors, in case you find any unauthorized disclosure of data by the minors, to immediately notify the Company, as it undertakes the necessary measures (eg deletion of their data). In case the Company realizes that it has collected personal data of a minor, it undertakes to delete it immediately and to take any necessary measures to protect this data.
Transmission to Third Parties
The Company may transmit the above personal data to third parties, to whom it has entrusted the processing of personal data on its behalf (such as social media service providers, website developers, etc.). In any case, the third parties to whom the data of the users may be transmitted, are contractually bound to our Company in order to ensure the obligation of confidentiality as well as all the obligations provided by the Existing Legislation. At the same time, users' personal data may be transferred to public authorities, independent authorities, etc. (eg Police Departments, Prosecution, Tax, Customs, APDPH, etc.) in the performance of their duties ex officio or at the request of a third party legal interest and in accordance with legal procedures.
Transfer of Personal Data outside the EU
In case of transfer of personal data of users collected through our Website, in a country outside the European Union (EU) or the European Economic Area (EEA), the Company previously checks whether:
(a) The Commission has issued a decision of adequacy for the third country to which the transfer will take place.
b) The appropriate guarantees are observed in accordance with the Regulation for the transmission of this data.
Otherwise, the transfer to a third country is prohibited and the Company will not transfer personal data of users to it, unless one of the special derogations provided by the G.K.P.D. (eg the explicit consent of the user and informing him about the risks involved in the transmission, the transmission is necessary for the execution of a contract at the request of the subject, there are reasons of public interest, it is necessary to support legal claims and vital interests of the user coke).
Data Retention Period
The personal data of the users collected are kept for a predetermined and limited period of time, depending on the purpose of the processing, after the expiration of which the data is deleted from our files. When processing is required by the provisions of the applicable legal framework or a specific retention period is provided, your personal data will be stored for as long as the relevant provisions require. The personal data of the users that are collected and processed for the execution of the contract, are kept for as long as is necessary for the execution of the contract and for the establishment, exercise, and / or support of legal claims based on the contract. The personal data of users that are processed for marketing purposes after the consent of users (eg data from the subscription to the Newsletter) are kept until the withdrawal of consent, without such revocation affecting the legality of the processing.
Protection and Security of Personal Data
Taking into account the latest developments, the cost of implementation and the nature, scope, context and purposes of processing, as well as the risks of different probability of occurrence and seriousness for the rights and freedoms of users from processing, the Company receives the necessary technical and organizational measures to protect users' personal data. Although no method of transmission via the Internet or method of electronic storage is completely secure, the Company takes all the necessary digital data security measures (antivirus, firewall, backup) etc.
Personal Data Subject Rights
Our Company ensures that it is able to respond directly to the requests of users, to exercise their rights in accordance with Existing Legislation.
In particular, each user has the following rights:
a) To request information regarding the processing of his personal data by the Company.
b) To request access to his personal data kept by the Company. More specifically, he can request to receive a copy of his personal data kept and to check the legality of the processing.
c) To request the correction of his personal data in case of incorrect or incomplete registration by the Company.
d) To request the deletion of his personal data if their retention is not based on any legal basis or legal interest.
e) To request a restriction on the processing of his personal data, under specific conditions.
f) To request the portability / transfer of his personal data either to himself or to third parties.
g) To revoke at any time the consent he gave for the processing of his personal data, without this revocation affecting the legality of the processing until then.
To exercise your rights, you can contact the contact details of the Data Protection Officer (at emai info@goldencars.gr or on the phone 211 7154450. In case of exercise of any of the above rights, the Company provides the data subject with information on the processing operations following the relevant request submitted within one (1) month of receipt of the request and identification of the subject. This deadline may be extended by another two (2) months, if required, if the request is complex or there is a large number of requests. In this case, the Company is obliged, within one month from the receipt of the request, to inform the data subject about the delay, as well as the reasons for it. Within the above period, it also informs the data subject about any refusal to satisfy in whole or in part the submitted request, as well as the reasons for the refusal.
For any complaint regarding this policy or personal data protection issues, if we do not comply with your request, you can contact the Hellenic Personal Data Protection Authority. www.dpa.gr
Disclaimer for Third Party Websites
In the event that there are links on our Website that redirect users to third party websites, we inform you that our Company does not control or take responsibility for the content of these websites, nor for the way in which users' personal data is processed.
Updates on the Privacy Policy
This Privacy Policy may be amended / revised in the future, in the context of the Company's regulatory compliance as well as the optimization and upgrade of our Website services.