The company PORRA ELISAVET AND CO LTD is responsible for processing your personal data. The company is registered at El. Venizelou 83, Ampelokipoi, PC 561 21 Thessaloniki, Tel: 2310 737745, E-mail: firstname.lastname@example.org TIN: 999830390.
In the daily activities of our Company we process data concerning natural persons, including:
- Other involved parties (employees, suppliers)
Our Company complies with the General Data Protection Regulation (2016/679 EU GDPR) and with any other European and Greek legislation concerning the protection of personal data and electronic communications, etc and is committed to ensuring your Data is protected at all times:
- Data is collected for specific, clear and lawful purposes and is not further processed in a manner incompatible with those purposes.
- We collect the personal data which is absolutely necessary for each processing and process this in a manner which is legal fair and transparent in respect of the data subject.
- We ensure that this data is as accurate and up-to-date as possible and that we only retain it for the period of time which is necessary for the purposes for which it is processed.
- In all cases, the criterion we use to determine the period the data is retained for is based on and takes due account of the need to comply with any relevant legal requirements, as well as the principle of data minimization.
- We process the Data electronically and manually and take all appropriate measures to protect personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
Collection, purpose, legal basis of the processing and retention time of your data
Data that we collect automatically through our website
The website https://www.porra.gr/ uses the SSL (Secure Sockets Layer) protocol which uses methods to encrypt the data exchanged between two devices (usually computers), establishing a secure connection between them via the internet, which results in your personal data being protected.
When you visit our website, our server collects the server log files, specifically:
- Date and time of entry to the site.
- The volume of data sent in bytes.
- The browser and operating system you used to access the site.
- the Internet Protocol address (IP address) when you log in to the site. The IP address is personal data, as is with the date and time of your visit, although we cannot identify you with this data alone.
The legal basis on which we collect your IP address and retain it in special files (log files) is our legitimate interest in the processing of this data in order to ensure networks, information and services are safe from accidental events or illegal or malicious actions compromising the availability, authenticity, integrity and confidentiality of stored or transmitted data (eg ddos ”denial of service” attacks), as well as our legal obligation to provide a more secure environment for processing your personal information (GDPR Article 6 (1) subparagraphs f) and c). The data will not be transferred or used in any other way. However, we reserve the right to check server logs if specific indications of unauthorized use are detected.
Visitor / Customer Data
When you visit our Company, we collect your personal data such as name, E-mail, contact details, address and any other information related to providing services to you.
The purpose of processing your data is to provide you with the services you request and the legal basis of the processing is the execution of the contract between us (Article 6 Par 1b and Article 9 Par 2 of the GDPR) . The retention time of your data is that required by Law.
With your consent, we may also post photos from your events (such as your wedding) on our blog and the legal basis of the processing is consent (Article 6 Par 1a of the GDPR).
Data we collect via email
As part of our email communication, we collect your name, email address and any other information you provide to us. This data is stored and used solely to meet your request. The legal basis for processing your personal data is your consent (GDPR, Article 6 par 1a). Your data will be deleted after the processing of our communication has been completed. This will happen after the purpose and scope of our communication have been completed, provided that there are no legal requirements to store this data.
Sending our newsletter
With your consent, we will collect your E-mail so we can send you a newsletter with our news and articles that you may find interesting. The legal basis for the processing is your consent (GDPA, article 6 par. 1a) and you have the right to revoke this consent at any time.
Social Media Pages
Our Company maintains Pages on the social networking platforms “Facebook”, “Instagram”, “YouTube”. You can contact us through our pages to receive more information about our services by sending a message. So we can answer your questions, we collect and process your Social Media username, as well as other information that is publicly available through your profile. You sending a message for the purpose of communication between us, implies your consent to the above processing of your data.
If you choose to “connect” to our page (by clicking “add”), this means that you give your consent to see the news and promotions (via newsfeed) carried out by our Company through its page in the social media network. If you do not wish to receive such updates, you can click “Delete”, “Unfollow” etc. at any time.
We take all security measures (technical and organizational) to ensure data processing through Facebook and other Social Media is secure, including restricting the people who have access to manage our account on Social Media. Our Company is not responsible for the way or means by which social networking platforms process your data. You can learn about how your data is processed on social networking platforms from Facebook, Instagram, YouTube.
In order to execute the contract between us we collect data from our suppliers such as name, address, contact details, shipping details and financial data, which you provide to us yourself. The legal basis for the processing of your data is the execution of the contract and our compliance with legal obligations (GDPR Article 6 par. 1b and c), and we retain the data for a period of up to twelve years from the last time we provide you with services, or as required by tax legislation and any other relevant legislation.
Who has access to your data? Data transfers.
Your data is accessible by our employees, as well as by any other person authorized, to process your data as part of their duties. In addition, we work with third parties, natural or legal, professionals and independent consultants, etc. which provide us with commercial, professional or technical services for the purposes mentioned above, and support our Company in whole or in part, in relation to our activities. Where applicable, such natural / legal persons will act as Joint or Independent Controllers, Processors or persons authorized to process personal data for the same purposes as given above, with the same security measures and in accordance with applicable legal liabilities.
Before the third party receives the Personal Data, we must: (1) complete the privacy check to assess the privacy practices and risks associated with these third parties (2) obtain contractual guarantees from these third parties that they will process Personal Data in accordance with our instructions and in accordance with this Policy and applicable law, that they will immediately notify our Company of any Personal Data Protection or Security events or failure to comply with the standards set out in this Policy and existing legislation , that they will work with us to remedy any such incident, that they will help us meet the rights of the individuals as defined below, and that they will allow the Controller in charge of processing to control their processing in terms of compliance with these requirements.
Finally, the data can also be transmitted to public authorities and institutions, as well as to our legal assistants (legal and insurance companies), for legal purposes.
Apart from the above, the Data will not be disclosed to third parties, individuals or legal entities and will not be disseminated.
Our Company does not transfer Personal Data outside the EU, and if this is necessary (for example, in order to use Cloud services) this will be done under the terms and conditions set forth in Articles 44 et seq. of the GDPR, such as with your consent, where standard contractual clauses approved by the European Commission are applied or to countries considered safe by the European Commission.
When it is necessary to process minors’ data, ie, according to the GDPR, data relating to those who have not reached age 16, the processing is done only with the written and explicit consent of the persons who have the parental care of the minor.
Cookies and related technologies
Cookies are small text files that are stored on the hard drive of the computer or other electronic device with which the user accesses the website. Cookies are unique to each web browser (eg Google Chrome, Mozilla Firefox, Internet Explorer, Opera, etc.) and contain anonymous information which concerns the websites you visit and the devices that you use.
Types of cookies we use:
a) Technical Cookies and Functional Cookies (necessary)
These cookies are responsible for the basic functions of our website and our application. They are necessary for you to browse our site and to access the various sections of it. The site cannot provide basic internet services without these cookies.
b) Statistical analysis and performance cookies
These cookies collect information about the way you use our website, such as the site from which you visited, the pages you visit most often, the browser you used, etc. We use this information to analyze the site traffic and to improve our website’s performance. They collect aggregate, anonymous statistical information, which cannot lead to the identification of the visitor.
Information on Google Analytics
You can block your data being collected altogether by Google Analytics by installing this add-on in your browser:
c) Marketing / targeted advertising cookies
You can decide to accept cookies individually or collectively during your visit to our website. You can also set up your browser to inform you about cookie settings and you can decide to accept or block them. Each browser differs depending on how it manages the cookie settings. This is described in the help menu for each browser, which explains how you can change your cookie settings. Follow the links below depending on your browser:
Please note that you must adjust the settings separately for each browser and each device you use. We would also like to inform you that restricting cookies in any way will prevent you from using some of our services fully and will not allow us to improve and personalize your experience on our website.
You can find more information about cookies at www.allaboutcookies.org and www.youronlinechoices.eu.
Alternatively, you can disable the use of third party cookies through the relevant service provided by the Network Advertising Initiative.
You can see the cookies we use in detail here.
Rights of Data Subjects
You may contact us by mail or e-mail at the addresses referred to in paragraph (1) above to exercise your rights in accordance with Articles 15 et seq of the GDPR. You can, for example, request an up-to-date list of people who have access to your data, get confirmation of whether or not we process personal data related to you, check the content, source, accuracy and location (also in relation to any third country) of this data, request a copy, request that the data be corrected and restrict their processing, and even delete them, if applicable. Similarly, you can always report comments and submit complaints to the Hellenic Data Protection Authority, 1-3 Kifissias Ave., GR 115 23, Athens, Telephone Center: + 30-210 6475600 or at http://www.dpa.gr/