PRIVACY POLICY FOR THE PROTECTION OF PERSONAL DATA

The corporation « UncleStam » (“corporation”, “we”, “us”, “our”) recognizes that the protection, security  and management  of your personal data is extremely important and is committed to operate without violating them.

This Privacy Policy for the Protection of Personal Data (“Policy”) presents how the corporation uses your personal data collected through the website https://katsikisgroup.com/ as well as the measures it has taken to protect and securely retain and process your data in general. The Policy applies to you, if you receive services from us, or interact in any way with us, including by using our corporate website or by contacting us through social media in order to get informed about the type of data we collect from you, the purpose and the manner of collecting and processing your data; their recipients and the purpose of processing on their behalf, as well as your rights and options in your personal data.

Questions and Comments

You may contact us at the contact details mentioned above and submit to us your comments, questions, comments or any complaints regarding this Policy and the collection and processing of your personal data in general. You have the right to submit any complaint regarding issues of protection of your personal data that may arise from the processing of these by the corporation, to the Hellenic Authority for the Protection of Personal Data, which is the supervisory authority in our country. For more details visit www.dpa.gr .

Amendments

This Data Protection Policy is drafted according to the provisions of both the Greek and the European law regarding the protection of individuals from the processing of their personal data. Any possible future modification in the above regulatory framework will be mentioned in this Policy. We therefore reserve the right to make modifications in this statement and to implement any change in your data and in our practices regarding the collection and the processing thereof, in accordance with the provisions of the law, and/or to modify or replace the whole and/or part of this Policy in our sole discretion.

If there are material changes to this Policy or if our practices regarding the collecting of your data change in the future, we will notify you by sharing the changes in our website. However, if you want us to clarify or provide information regarding the changes, or if you have any disagreement, reservation or question regarding them (modifications), you may contact us at the details set out in the section below. Please note that any information/ clarification provided to you in accordance with the above, regarding any changes to this Policy, does not constitute a replacement, substitution or any modification of this Policy.

If you continue navigating on our website, or using our services, it is automatically and unconditionally implied that you accept the amended terms of this policy. In case you do not agree with the modifications, you must refrain from any further action or use of the site and you are entitled to terminate the contracts with us and request the deleting of your data. In any case, if you wish any further information or clarification, you may contact us, as you retain your rights regarding your personal data, as they are described in detail in Section 6 below.

 

  1. Get to know us

The purpose of this Policy is to inform you about the type of personal data that is collected by the corporation, the reason and the manner of their processing (collection, storage, use, transmission), the security measures we take, as well as the rights of the subjects of the personal data that is collected in a reliable and transparent manner. Given the collection and processing of the personal data, the corporation maintains a commitment to process them in accordance with the General Data Protection Regulation (GDPR), the Hellenic data protection laws and any other relevant law and code of conduct for data protection (hereinafter collectively referred to as “Personal Data Protection Laws – PD”).

The corporation « UncleStam » is supervised by the Hellenic Data Protection Authority (HDPA) for the collection and processing of the data it carries out.

 

  1. The data we collect


2.1. Information collected automatically during your visit and interaction with our Website

Our Website has informative content about the companies of our Group.  By simply browsing it (without sending a request) it is not required by the visitor to provide/enter personal data. However, by visiting and browsing the Website alone, certain information may be automatically collected, which can identify you directly or indirectly, such as:

  • the Internet Protocol (IP) address of your computer;
  • the browser type and the operating system,
  • the websites you visited immediately before and after your visit to the site,
  • the speed of the connection and information about the software programs installed on the computer,
  • basic server connection information, and
  • information collected through HTML cookies, Flash cookies, web beacons and other similar technologies (see below in the Cookies section).

Based on the information that is automatically collected from your browsing of our Website, if you do not wish us to collect and process this information, please refrain from visiting it.

 

2.2. Information you provide to us directly:

-Contact

In case you wish to contact the Group through the communication platform, you are invited to fill in and submit the corresponding contact form, during the submission of which the Website collects and processes, with your consent, the following personal data:

  • name
  • email

 

Legal bases for processing

We collect and process the personal data you provide to us on the following legal bases:

  • Legitimate business interest as required for the fulfillment of the services provided
  • Conventional and pre-contractual stage
  • Legal Obligation to comply with applicable laws and regulations
  • Your consent, which you can withdraw as you have the right

We do not process personal data without your consent or without you having given your data to the corporation yourself.

We do not collect or process personal data of children under the age of 15. Our services are directed exclusively to people who are at least 15 years of age or older. In case you are under the age of 15, do not use or provide any information to us, do not register in our contact form or give any information about yourself to us, including your name, address, or contact information (phone, email etc.). If we determine that we have collected or received personal data from a person under the age of 15, we will delete it immediately unless consent has been given by a parent or a guardian. If you think that we may have information from or about a person under the age of 15, please contact us.

We collect only the necessary personal data for the proper and complete provision of our services, such as name, surname, telephone, e-mail, address, etc. so that you get in touch with us.

Processing Purpose

The purpose of processing personal data is statistical scientific market research and public relations and other ancillary functions. In order to achieve the above purposes, we collect and process non-sensitive personal data, especially those of whomever submits to us a request for communication or for complaints, whether it is one of our principals or our assignors, our partners and consultants or our suppliers. The non-sensitive personal data we collect and we process is identification data (personal data) and data regarding the goods and services offered by the individual. The above personal data are disclosed by their subjects themselves, either in order to enable their service and/or get information by our corporation.

We collect, process and store your data with legitimate interest for the purpose of analyzing our business performance as well as for further purposes that we will share with you, or that they will be identified.

We collect, process and store your data to handle any complaints you may have as well as to prevent and deal with fraud issues and other illegal activities so that we ensure the public and our staff’s safety, including the use of a video surveillance system. In addition, the purpose of collecting, processing and storing your data is also to measure the effectiveness of the Group’s presentation and promotion on third party websites and to use data analysis tools in order to improve the website and our relations with the public.

  1. Transmission and disclosure of your personal data

We do not trade or transfer your personal data to third parties except as set out in this Privacy Policy as well as within the scope of the requirements of the law. In particular, in order to provide our services, we may share your personal data with certain third parties acting at our interest (as processors) for the purpose of providing an optimal service to you (e.g.transport services, providing communication and marketing services, providing accounting, consulting or auditing services, etc.).  The corporation ensures the processing of your personal data by its partners-third companies with contractual clauses limiting the purpose of processing and complying with the technical and organizational measures in accordance with the GDPR for the proper and secure processing of your personal data.

We do not transfer your personal data to third countries and/or outside the European Union.

Our website  (https://katsikisgroup.com)  collects, but does not transmit to third parties, information that describes your previous internet browsing) such as cookies (cookies   are files stored in your browser and contain information about your previous activity on the Internet). More specifically, we use cookies with the sole purpose of creating a safer and more user-friendly environment for our visitors, as well as for providing advertising content tailored to their interests and needs. We also use “cookies” to understand how our visitors browse the website in order to improve its structure and content. More information about cookies can be found here.

  1. Protective measures

UncleStam corporation we take all the necessary measures for the protection and security of information, and more specifically we have developed and implemented the best technical and organizational mechanisms for the security and protection of information in order to protect their integrity, availability and confidentiality.

  1. Duration of data retention

We collect and retain your personal data for as long as required by laws in the context of the contractual relationship we have with you.

 

  1. Your rights

We recognise and safeguard your following rights:

  • The right to get informed about your rights (Art. 12, 13, 14 GDPR).
  • The right to access (Article 15 GDPR) the personal data we have collected from you – You can ask us to confirm whether we are processing your personal data, to give you access to any data that you do not have at your disposal as well as provide you with other information about your personal data, such as what type of data we have, why we use it, to whom we disclose it, whether we transfer it abroad and how we protect it, how long we keep it, what are your rights, how you can file a complaint, where we got your data from, to the extent that no information has already been given in this Policy.
  • The right of rectification (Article 16 GDPR)- to rectificate the inaccurate personal information we have about you.
  • The right to erasure (‘right to be forgotten’) (Article 17 GDPR) of the Member-User and the information we have about you. It should be noted that the exercise of the right to delete all your data as an active subscriber implies our inability to continue to provide the services you have requested. Therefore, you can ask us to delete your personal data at any time when it is no longer needed for the purposes of which it was collected or when it has been unlawfully processed. However, it is noted that we are not required to comply with your request to erase your personal data if the processing of your personal data is necessary either to comply with a legal obligation or to fulfil another legitimate purpose or other legal basis or to establish, exercise or defend legal claims.
  • The right to restrict the processing of your personal data (Art. 18 GDPR) when this is possible – You can ask us to restrict (i.e. to retain but not to use) your personal data when its accuracy is contested (see the Right of Correction), so that we can verify its accuracy or in the event that the processing is unlawful,  but you do not want them to be deleted or when it is no longer necessary for the purposes of which they were collected, but we still need them to establish, exercise or defend legal claims or there is another legitimate purpose of processing or other legal basis
  • The right to object (Article 21 GDPR) to the processing of your personal data – You may object any time to any processing of your personal data, which is based on the legitimate interest of the corporation or the performance of a duty performed in the public interest.
  • The right to withdraw your consent already given (Article 7 GDPR), i.e. to withdraw your consent at any time. The lawfulness of the processing of your data is not affected by the withdrawal of consent until the time you requested the withdrawal as the withdrawal of consent is for the future.

You can exercise your rights by sending an email to info@katsikisgroup.com or by letter to the address 40,2 Km Attiki Odos, Paiania, P.C. 19002.We require that your requests be accompanied by the appropriate proof of personal identification, with the expressed complaint to the corporation. We may request the provision of additional information in order to identify and confirm your details.

 

  1. Supervisory Authority

You have the right to lodge a complaint to the local supervisory authority about the processing of your personal data. In Greece, the supervisory authority for the data protection is the Hellenic Data Protection Authority – DPA (www.dpa.gr).

Postal Address: 1-3 Kifissias Avenue, P.C. 115 23, Athens

Call Center: +30 210 6475600

Fax: +30 210 6475628

Email: contact@dpa.gr

 

  1. Identity

 

We take seriously the confidentiality of all records containing personal data and reserve the right to ask you for proof of your identity if you make a request regarding such records.

 

 

  1. Costs

We will not incur any cost to you for exercising your rights in relation to your personal data, unless, as provided by law, your request for access to information is unfounded or excessive, in which case we may charge a reasonable fee under these circumstances. We will inform you of any charges before completing your request.

 

  1. Schedules

Our goal is to respond to any valid requests no later than one (1) month after receiving them, unless it is very complex or you have made several requests, in which case we aim to respond within three months. We will let you know if it will take us more than one (1) month for the reasons listed above. We may ask you if you can tell us exactly what you want to receive or what exactly it is that concerns you. This will help us to act more quickly on your request.

In any case, you must report specific and true data and / or facts in order for us to be able to respond and / or accurately satisfy your request, otherwise we reserve the right for any errors that are beyond our control. Also, our corporation may repel the requests that are unfounded or excessive or abusive or in bad faith or generally illegal, within the framework of the provisions of the law.