Privacy Policy
LAST UPDATE: 30/10/2020
GAP, hereby referred as “GAP” or “we” (Agisilaou 46, Athens, 17341, Greece, phone: 210-9310980-4) collects and processes your personal data for the purposes described below on its behalf, acting as the controller and follows a strict policy regarding the protection of its webiste’s users privacy, http://www.gap.gr/.
This Privacy Policy’s purpose ("Policy") is to inform you about how we ensure the protection of your personal data and your related rights.
When you visit our website, you are obliged to fully acknowledge our Privacy Policy. We may change the present Privacy Policy at our discretion. Any changes are effective upon their publication on our website.
LEGAL FRAMEWORK
On May 25, 2018, the General Data Protection Regulation (“GDPR”) on the protection of the natural persons against the processing of personal data and the free flow of the data, came into effect.
GAP is committed to take all necessary measures arising from the GDPR and Law 4624/2016 on the protection of personal data and the applicable legislation for the protection and security of your personal data.
WHAT PERSONAL DATA WE COLLECT
We may collect the following categories of your personal data provided only by you via our website:
- Device data.
- IP address data.
- Browsing data.
- Data analytics.
- Identification data and contact details (such as postal and electronic address, landline or/ and mobile number) of users via communication form.
- Communications data, such as comments and website users’ requests.
PURPOSES OF DATA PROCESSING
In the context of the provision of our Website and its applications as well as in the context of our legal interests, we process your personal data for the following purposes:
- Proper function of the Website.
- Improvement of user’s experience on the Website.
- Website traffic log.
- Security of networks and data.
- Submission and response to users’ requests.
- Exercise of our legal obligations.
SECURITY OF YOUR PERSONAL DATA
GAP implements appropriate organizational and technical measures for the security of your data, their processing and their protection against accidental or unauthorized destruction, accidental loss, alteration, prohibited dissemination or access and any other form of unfair processing.
PERSONAL DATA TRANSFER
In pursuit of the purposes of the processing and whenever required, GAP will transfer your personal data to third parties, who perform processing on its behalf. We further reserve the right to disclose information about you, if required by law, or if such disclosure is required by the competent supervisory, audit, independent, judicial, public or other authorities.
Moreover, we may share your personal data with third parties outside of European Economic Area (E.E.A.), for business purposes, on condition that there is a European Commission's adequacy decision or appropriate safeguards for the protection of personal data are provided, such as corporate binding rules or standard contractual clauses of the European Commission. You may contact us and request a copy of those entities if you wish so.
In any case, no automated decision-making is carried out.
DATA RETENTION PERIOD
We retain your personal data for as long as the purposes for which they were collected and are listed above remain in force. In any case, your data are not stored for more than 5 years from their collection.
At the end of the retention period, we will securely destroy and delete your data.
COOKIES
Our website uses cookies. For more information please visit the relevant website regarding the cookies’ use.
YOUR RIGHTS
Each user of our website has the following rights regarding his personal data that GAP has collected, and processes:
- Right of Access: You have the right to be informed about whether and to what extent your personal data are being processed, such as the purpose of the processing, the relevant categories of the personal data, their recipients, the retention period, the right of submitting a complain to the supervising authority, the source of the data and the purpose of any possible automated processing.
- Right to Rectification: You may request to complete or correct your personal being processed, in case you consider that they are inaccurate or incomplete.
- Right to Data Portability: You may require a copy of the personal data that you provided us electronically and transfer the data that third parties provided in case their processing will take place by GAP with automated means.
- Right to Object: Any time, you may object to the processing of your personal data that takes place in the context of the achievement of our legitimate purposes, unless GAP demonstrates that there are overriding compelling and legitimate reasons of such processing.
- Right to Erasure: You may request for the erasure of your personal data from the register of the GAP provided their processing is not necessary for the achievement of the purposes for which they have been collected and there is no legitimate reason for their retention.
We may take any possible measure to satisfy your request within one month since its receipt and may inform you in writing about its satisfaction or the reasons that prevent its satisfaction. The deadline may be extended for two more months in case we inform you, provided we receive high volume and complicated requests. The requested information may be provided by GAP, without its burden, except for respective requests when you may be burdened with a reasonable fee for its answer.
You may submit a report at the Hellenic Data Protection Authority (Kifisias 1-3, 11523 Athens, [email protected]) any time, if you consider that the processing of your personal data by GAP violates your rights.
CONTACT US
For any further detail or request regarding this Privacy Policy, you may contact our Data Protection Officer (DPO) via the following email gap@gap.gr or via post at the following address: Agisilaou, Athens,17341, Greece.