Last updated: February 13th, 2017
The processing of Users’ personal data is subject to the following terms and applicable personal data legislation (Greek laws 2472/1997, 3471/2006 etc), EU Directives and Regulations, as well as relevant decisions, guidelines and acts of the Data Protection Authority.
Considering the nature and volume of internet, the Company is by no means (including negligence) responsible for any kind of damage suffered by the User or the mobile application or the webpage. Users irrevocably accept that they access and use the website on their own responsibility.
1. Data Controller
The Company operating under the trade name “YALLOU P.C.” with registered offices in Athens (Armatolon & Klefton str. 34).
2. General Data Processing Terms
The Company takes all reasonably necessary technical and other means in order to ensure the confidentiality of the processing of personal data. Especially, the Company makes reasonable efforts to use any technical means available, using policies and practices ensuring the safety of the application and the website, in order to prevent incidental destruction, loss, unauthorized use or alteration of personal information, unauthorized access in sensitive data or use of personal data for a purpose not included in the purposes of collection and processing as set herein.
Access to Users’ personal data is given only to authorized, depending on the purposes of processing, employees or agents of the Company or / and to authorized personnel of third parties (data processors), which have entered into a data processing agreement with the Company and are bound by confidentiality obligations.
3. Purpose of the processing
The purposes of the processing of data collected through the mobile application or the websites are as follows:
a. Questions / Complaints etc
Personal data and any other information given by Users to the Company in the framework of communication regarding queries, complaints etc are processed by the Company only to the extent necessary for the Company, in order to understand the content of the query and give the appropriate answers and explications. Through this process, the Company can also improve its services. User’s date is deleted after the completion of the investigation as described above, unless the Company is allowed or obliged to keep such data in accordance with applicable law.
b. User’s account
Personal data and any other information submitted by Users, in order to get access to the services of the mobile application or the website, are processed to the minimum extent necessary for the Company to enable smooth operation of the services. Users warrant and represent that the information submitted is true, accurate, complete and valid and have gone through all necessary updates and corrections in order to reflect the truth. The Company takes all necessary steps in order to protect usernames and passwords created by Users. On the other hand, Users take all reasonable care in order to protect such data and are solely responsible for any activity of their account or any use of their username and password. Users may change their credentials when necessary in order to enhance security and protection of their account. The Company allows Users to use the “Log out” option, in order to minimize unauthorized use. The Company retains the right to suspend or deactivate users’ accounts without prior notice for safety reasons, as well as to deactivate accounts that have remained inactive for more than four (4) months.
The Company obtains Users’ consent to process data it receives from Users in order to for the Users to receive newsletters about products, initiatives, questionnaires, events and other information about the Company. By subscribing to the newsletter service, Users consent to the processing of their data for newsletters related purposes. The Company process data strictly to the extent necessary for the management of newsletter service.
The Company retains the right to send newsletters only to a selected number of recipients among subscribed Users or/and to remove Users from the newsletter recipients list in its sole discretion. The Company gives Users the possibility to unsubscribe from the recipients list. When subscribing and unsubscribing an email authenticity control process (“opt in”, “opt out”) takes place. Subscribed Users’ email addresses are only used for this particular purpose and are deleted when Users unsubscribe.
Users’ email addresses remains stored and is not disclosed to any third party, unless Users consent to such disclosure. The Company has no responsibility for personal data that Users voluntarily disclose on the mobile application or on the website and, therefore, are made available for processing to the Company’s partners and third parties.
d. Internet Protocol Address
The Company may collect from Users information, such as IP address, the type of browser used, internet connectivity etc, in order to be able to provide upgraded services through the mobile application and the website. The Company also uses such data for statistics and analysis.
4. Data Recipients
The Company may not disclose, publish, sell, exchange or distribute Users’ personal data with or without compensation to third parties, whether individuals or legal entities, except for the cases mentioned below. The Company keeps such data only for statistics, communication and improvement of services related purposes.
Exceptionally, the Company may disclose Users’ personal data in the following cases:
(α) provided that it has obtained User’s consent to that effect;
(b) when the Company is obliged or entitled to disclose such data to public and independent authorities, judicial authorities and public officers, by virtue of a contract, legislative provision, judgment and administrative act and;
(c) when such data is necessary in order to ensure quality and/or safety of the Company’s services.
The Company may disclose, forward and share certain information (sex, age etc) with its business partners on an anonymous basis. In no event does the Company share personal data with the abovementioned recipients. In any case, data is disclosed on an anonymous basis, while the Company gives Users the possibility to object to such disclosure in writing and request the Company to exclude them form such disclosure.
5. Access and Correction Rights
Users have the right (a) to know if their personal data have been processed by the Company (access right, article 12, Greek law 2472/1997) and (b) to object at any time to the processing of their data, including the right to request the deletion of their data (right to object, article 13 of Greek law 2472/1997).
Users may also request at any time the deletion of their personal data, as well as of any other information collected by the Company. In this framework, Users have the possibility to update, correct or deactivate any service received through the mobile application or the website.
Users may address access and correction requests, as well as any other query related to personal data processing, to email@example.com.
Users may configure their browser’s settings in a way so as to receive notifications on cookies on certain parts of the website or to exclude cookies in any case. In that case, User may not be able to enjoy the entire content of the services and information on the website.
The Company does not intend to collect personal data from minors accessing the website. However, since it is not practicably possible for the Company to ensure such data is not collected, minors accessing the website or the mobile application, are obliged to obtain their parents or custodians’ authorization.