For any questions regarding the Policy in question, please do not hesitate to contact us and if you wish to discuss any matter concerning the processing of your Data and the exercise of your rights, you may also contact the Data Protection Officer (DPO) by sending an email to: firstname.lastname@example.org. The Data Protection Officer mediates between the Company and you and is in charge of our Company’s compliance actions.
- What is personal data?
The term “personal data”, as used in this Policy, refers to a natural person’s information such as their full name, postal address, e-mail address, telephone number, etc. that establish or may establish your identity, hereinafter referred to as “Personal Data or Data “.
- What is the processing of personal data?
Any action or set of actions carried out with or without the use of automated means, in personal data or in sets of personal data such as the collection, registration, organization, structure, storage, adaptation or alteration, recovery, search for information, use, disclosure by transmission, dissemination or any other form of availability, association or combination, limitation, erasure or destruction.
- Which of your data do we collect?
The Data we ask for and process is the minimum necessary for you to acquire our services and for us to be able to serve you. That is why you must state the following
– Identity information (indicative name, surname, home address, date of birth, status – business or individual) and unique identifiers (VAT no., ID no., Passport no.),
– Depending on Service requested, your software / service installation details may also be collected (address of physical location),
– contact information (phone, landline and mobile, email)
- For what purpose do we process your data?
The purpose of processing your Data is to smoothly perform the services in accordance with applicable law, as well as to service you during our contractual relationship. This purpose includes the following:
– Provide technical support services for your services.
– Provide pricing services for your services and information.
– Answer your questions and contact you to offer information on our services.
– Process your account balance and payments.
– Comply with applicable regulatory requirements, including legislation on the protection of communications secrecy and crime verification, in particular when responding to requests from public authorities.
– Handling complaints and requests.
– Protect our Company’s operation, but also confidentiality, your security, and strive to efficiently address the problems that may arise.
- What is the Company’s legal basis for processing your Data?
Processing of your Data is performed in accordance with:
– the terms of our contractual relationship,
– the regulatory framework of legislation for services provision.
- Who are the recipients of your data?
The recipients of the data are the following entities:
– Our Company and its employees in the framework of their competence.
– Our agents and / or subcontractors with the aim to support promote and execute our contractual relationship.
The competent authorities and the competent police institutions, as well as the judicial authorities.
– Debtor Information Companies, for overdue debts.
– Our services’ technical support partners.
– Our partners who support our Network’s software and equipment.
– Depending on the service, any providers with which our networks have been interconnected to serve your contract.
Our Company has a number of associates who are included in the above mentioned categories. In any case, depending on the subject you are interested in, you may request specialized information on our website and by sending an email to: email@example.com. .
- How do we ensure that our partners respect your Personal Data?
Our associates / subcontractors / agents have agreed upon and are contractually bound in writing with the Company to:
- treat in confidence, just like their employees, any personal data they know,
- not transfer data to third parties without our written authorization,
- take organizational and technical security measures for data processing that protect its logical and physical security, such as secure software and physical protection, pseudonymization, encryption
- design their systems, so that by design and by definition it can be ensured that they will be able to meet these obligations.
- immediately inform us of any incident involving the violation of your personal data.
- Comply with our registered orders, the legal framework for the protection of personal data, and in particular the General Data Protection Regulation (GDPR) as processing operators.
- Do we transmit your data abroad?
Your Personal Data can be stored and processed only within Greece. In the case of transferring your data abroad, the company ensures that the legal requirements of the General Data Protection Regulation are met.
- For how long do we keep your Data and when do we erase it?
Our company keeps your data in a physical or electronic file for the entire duration of the contract. After the expiration of the contract, your data will be retained for six (6) months, subject to individual time-limits provided for by applicable legislation (for instance, overdue debts or issues under liquidation) in respect of compliance until the final settling of your affairs or for an even longer period (tax returns). They are then completely erased without the possibility of recovery.
- Is Your Data Secure?
The processing of your Data in any manner is only permitted to authorized persons, employees and associates solely for the purposes stated above.
We have taken the necessary and appropriate organizational and technical measures for the security and protection of your Data from any form of accidental or fraudulent processing both on a physical level and on a logical security level (for example, physical security procedures, restricted access, and protection of IT, software and hardware).
These measures shall be reviewed and amended whenever necessary.
The Company maintains a Security Policy detailing the technical and organizational measures to protect the confidentiality of information and personal data protection.
- What are your rights?
– You have the right to be informed.
FORTHcrs takes all necessary actions both during the collection stage and at any subsequent processing stage of your personal data, so that you may have the full capacity to exercise your legal rights, as described below.
At the stage of your data collection, from the beginning of our contractual relationship, you are made aware of the present policy at any time from the main page of our website www.forthcrs.com describing your rights to be informed of the following data, as described in detail above:
- our identity,
- the purposes of processing,
- the recipients of the data,
- any third party to whom the data is transmitted,
- your rights.
– You have access right to your personal data.
This means that you have the right to be informed by us on how and if we process your Data. If we process your Data, you may ask to be informed about the purpose of the processing, the type of your Data that we maintain, who we transmit it to, how long we store it, whether decision making is automated, but also about your other rights, such as data rectification, erasing, processing restriction and submission of a complaint to the Data Protection Authority.
– You have the right to correct any inaccurate personal data.
If you discover that there is an error in your Data, you can submit a request to have it corrected (e.g. name correction).
– You have the right to erasure.
You may ask us to delete your data, if it is no longer necessary for the above mentioned processing purposes or you wish to revoke your consent if you are required to grant it.
– You have the right to data portability.
You may request to receive from us the Data you have provided in a readable form or ask us to transfer it to another processing controller.
– You have the right to restrict the processing of your data.
You may ask us to restrict the processing of your Data for as long as your objection to the processing is pending.
– You have the right to revoke / oppose the processing of your Data.
You may object to the processing of your Data or revoke your consent, where required and we shall cease processing your Data, unless there are other compelling and legitimate reasons that take precedence over your right or if your data is no longer necessary for the above mentioned processing purposes.
- How can you exercise your rights?
For any request and exercise of a right, with regard to your personal data, you can contact our customer care service or send us an email at firstname.lastname@example.org. For your more immediate service, you must follow the steps below by completing the standardized Application, which is available on our Company’s website and submit it alternatively:
- electronically, by sending an email to: email@example.com
where you will send the signed application with your authenticated signature or you will attach a digitally authenticated electronic signature. You will receive our reply to the email address you have provided us, unless you have requested a different manner of communication.
- by post, after completing the Application, you must have your signature authenticated at a Citizen Service Center (KEP) or a Police Precinct and send it to 4, Atthidon, Kallithea, PC 17671.
- through your physical presence at our company offices at 4, Atthidon str., Kallithea. If you wish to deliver your Application yourself, you do not need to have your signature authenticated, but you will be asked to present your identity card or any other official identification document to the employee in charge, who will register your identification act. In any other case, an authorization will be required that shall describe your request.
- When do we respond to your requests?
We will reply to your Requests free of charge without any delay, and in any case within (1) one month after we have received your request. However, if your request is complex or there is a large number of requests, we will notify you within one month, should we need to take an additional two (2) month extension within which period we will respond to your request.
If your requests are manifestly unfounded or excessive, namely due to their recurring nature, the Company may impose a reasonable fee, taking into account the administrative costs of providing information or executing the requested action, or refuse to follow up to the Request by justifying its decision in its reply to you.
- How can you find out information on the progress of your requests?
For more information, please call +30 211 95 58 800
- Do we use automated decision making / including profiling when processing your Data?
The personalized information service is available from the Group and you can learn more about our policy here. Without obtaining your consent, we do not make any decisions, nor do we create a profile, based on an automated processing of your Data.
- What is the applicable law when we are processing your Data?
We process your Data in accordance with the General Personal Data Protection Regulation 2016/679 / EU and in general the current national and European legal and regulatory framework for the protection of personal data.
The Courts of Athens are competent to resolve any dispute arising from matters concerning your personal data.
- Where can you appeal to verify if your data rights have been respected?
You have the right to file complaint to the Personal Data Protection Authority (1-3, Kifissias str. PC 115 23, Athens, tel. +30 210 6475600, firstname.lastname@example.org) if you believe that processing of your Personal Data violates the current national and regulatory framework for the protection of personal data.
- How will you be informed of any changes to this Policy?
We update this Policy whenever necessary. If there are any significant changes to the Policy or the manner we use your Personal Data, we will post on our website the relevant update before such changes come into force and we shall notify you in any appropriate manner. We encourage you to read this Policy at regular intervals to know how your Data is protected.