1. Company Details
Company’s details acting as Processing Manager in respect of the data collected by visitors or users of the official website www.frost-it.gr and processed for the provision of services, are as follows:
Name: FROST-IT S.A.
Headquarters: Tsimiski 2, Thessaloniki, 54625, Greece
VAT Number: 998306476
And the details of the Company’s Data Protection Officer (DPO) are:
Name: Christodoulos Polichronis
Address: Tsimiski 2, Thessaloniki, 54625 Greece
Phone: +30 2310952222
‘Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
‘Processing Person’ means a natural or legal person, a public authority, a service or another body which, alone or jointly with others, defines the purposes and the way personal data are processed; where the purposes and manner of such processing the law of the Union or the law of a Member State, the controller or the specific criteria for his appointment may be provided for by Union law or the law of a Member State.
3. How we collect personal data
3.1 “FROST-IT S.A.” (hereinafter referred to as the Company) collects information about visitors or users (hereinafter referred to as the User) of the website www.frost-it.gr (hereinafter referred to as referred to as a Website), which he gives us in the following two ways: (1) Filling out a registration form for newsletters, (2) Filling in a contact form of communication with the Company.
3.2 Specifically, the data collected by the Company through the Website in the ways listed above are: (1) Name, (2) Email or otherwise e-mail, (3) Telephone Number
4. Time of retention of personal data
4.1 The data collected by completing the contact form on the Website is retained for twelve (12) months from the date of completion and dispatch.
4.2 The data collected by completing the brochure registration form or newsletters on the Website is retained indefinitely. The User may request the deletion of these data by following the instructions contained in each newsletter e-mail.
5. Purpose of processing of personal data
The Company may process the personal data it collects from the Website as defined by the law if it is necessary for one of the following legal bases:
(1) for communicating with the User who has sent a message through the Website’s contact form.
(2) for sending e-mails in the form of newsletters.
6. User Rights in relation to the processing of his or her data
6.1 Users may exercise the following rights, as the case may be: the right of access (to learn what data we are processing and why they are recipients), correction (to correct any deficiencies or inaccuracies of the data), deletion (right to forgiveness – deletion from company records), limitation of processing (in case of questioning the accuracy of the data, etc.), portability (taking the user their data in a structured and commonly used format).
6.2 These rights are exercised at no cost to the Customer by sending a relevant letter or e-mail to the Data Protection Officer unless they are often repeated and due to volume have administrative costs for the Company, so the Customer will bear the relevant cost.
6.3 If the User exercises any of his rights, the Company will take every possible action to satisfy the User’s request within thirty (30) days of receipt of the request, after informing the Company either of its satisfaction or for the objective reasons that prevent it from being satisfied.
6.4 In addition, the User may at any time object to the processing of his or her personal data and specific personal data for the purposes of the provision of services, by withdrawing his / her consent. However, this will result in termination of the User’s service by the Company, because (in accordance with what has already been mentioned) no service is operated without processing the specific personal data and / or personal data of the User (data subject).
7. Securing of the User Data
Data security is the ultimate commitment of the Company. To achieve this, all modern and technically appropriate (encryption, anonymization, etc.) and organizational measures, the response of which the Company controls at regular intervals, are applied.
8. Transmitting User Data
8.1 The User data will be transmitted to the Company’s departments responsible for completing the service provided and for its proper and uninterrupted operation. Indicative mention is made of the technical support department, the legal department, the accounting department, etc.
8.2 The User’s data may also be transmitted and made accessible by legal and / or natural persons with whom, from time to time, the Company maintains contracts for the proper provision of the services offered. Also, data may be transmitted to various departments, public authorities, etc. in the context of the operation of the User’s insurance contract. However, in this case, these legal and / or natural persons will process the User’s personal data solely for providing services to the Company and not for the benefit of itself, acting as processors.
8.3 In every transmission, the Company always takes every measure so that the data to be transmitted is always the minimum necessary and that the conditions for lawful and lawful processing are always met.
9. Processing of User Data for Commercial Purposes
For the duration of the processing mentioned above, the Company may only process your IFRSs (but not those of the ECDC). The User may at any time object to this processing of his or her data (for commercial purposes) by sending a request to the Data Protection Officer. In this case, User data will no longer be processed for commercial purposes.
10. Submit a complaint / protest
For any matter concerning the processing of your data, you can contact the Company’s Data Protection Officer (DPO): +30 2310952222, email: firstname.lastname@example.org
Also, the User always has the right to contact the competent authorities, where he can make the relevant complaints. For Greece: Data Protection Authority (Kifissias 1-3, TK 115 23, Athens), or electronically (www.dpa.gr).