DATA PROTECTION POLICY
- Visitors of our website
- Stakeholders (employees, suppliers)
Our company complies with the General Data Protection Regulation (2016/679 EU GDPR) and any other European and national legislation concerning the protection of personal data, electronic communications, etc. and undertakes that it will ensure the protection of your Data at any time:
- The data are collected for specific, clear and legitimate purposes and are not further processed in a manner incompatible with those purposes.
- We collect the necessary, for each purpose of processing personal data and we process it lawfully, fairly and in a transparent manner in relation to the data subjects.
- We make sure that they are as accurate and up-to-date as possible and only retain them for as long as is necessary for the purposes for which they are being processed.
- In any case, the criterion we use to determine the storage period is based on and duly takes into account the need to comply with any relevant legal requirements, as well as the principle of data minimization.
- We process the Data electronically and manually and take all appropriate measures to protect personal data, including protection against unauthorized or unlawful processing and against accidental loss, damage or destruction, using appropriate technical or organizational measures.
Collection, purpose, legal basis of processing and time period of retention of your data
- Data that we collect automatically through our website
- Date and time of entry to the website.
- The volume of data sent in bytes.
- The browser and operating system you used to access the website.
- The Internet Protocol address when you access the website. The IP address is personal data along with the date and time of your visit, although we cannot identify you with that data alone.
- Customer Data.
- Data we collect via e-mail and the Contact Form
- Mailing of Newsletter
- Suppliers’ data
Who has access to your data. Data transfers.
Your data is accessible to our employees, as well as to any other person authorized to process your data in the course of their duties. In addition, we cooperate with third parties, natural or legal, professionals, independent consultants, etc. who provide us with commercial, professional or technical services (e.g. web hosting, accounting services, transportation services) for the purposes mentioned above, and support our company in whole or in part, in relation to our activities. In this case, such natural/legal persons shall act as Joint or Independent Data Controllers, Data Processors or persons authorized to process personal data for the same purposes mentioned above, with the same security measures and in accordance with the applicable legal obligations.
Before the third party receives the Personal Data, we must: (1) complete the confidentiality review to assess the privacy practices and risks associated with these third parties (2) to receive contractual guarantees from these third parties that Personal Data will be processed in accordance with our instructions and in accordance with this Policy and applicable law, that they will immediately notify our company of any incidents of Personal Data Protection or Security, failure to comply with the standards set out in this Policy and existing legislation, that they will work together to rectify any such incident, that they will assist us to honor the rights of the persons set out below, and that they will allow the Data Controller Doctor to check their processing as regards compliance with these requirements.
Finally, the data can be further transferred to public authorities and institutions, as well as to our legal supporters (legal and insurance companies), for legal purposes. In addition to the above, the Data will not be disclosed to third parties, individuals or legal entities and will not be disseminated. Our company does not transfer Personal Data outside the EU, and if necessary (for example, in order to use Cloud services) this will be done under the terms and conditions set out in Articles 44 et seq. of the GDPR, including following your consent, the implementation of standard contractual clauses approved by the European Commission or to countries considered safe by the European Commission.
You can check and/or delete cookies according to your wishes. Details can be found on the website: aboutcookies.org. In case you choose to disable cookies on the website https://www.polimorfo.gr, the functionality of some pages may be lost or reduced.
Additional information on the use and management of cookies on the website can be found on the websites:
Regarding cookies and their management:
Regarding Google’s policy:http://www.google.com/intl/el/policies/privacy/partners/
Data Security and Integrity
The Data Controller implements reasonable policies and procedures for technical and organizational security in order to protect personal data and information from loss, misuse, alteration or destruction.
In addition, we try to ensure that access to your personal data is limited to those who need to be aware of it. Those who have access to the data are obliged to keep the confidentiality of this data.
Please note that transmitting information over the Internet is not completely secure. Although we make every effort to protect your personal data, we cannot guarantee the security of the data transmitted by our website. After receiving your details, we will implement strict security procedures and functions in order to try to prevent unauthorized access.
We make every reasonable effort to keep the personal data we collect from you only for the period of time we need this data for the purpose for which it was collected or until their deletion is requested (if this happens earlier), unless we continue to retain it in accordance with applicable law.