Job Openings            Contact Us

Data Protection Policy

I. Anthoula Maneta of Ioannis, resident of Chalandri, Attica, 6 Kifisou Street (VAT number: 140776844), (hereinafter referred to as the “company”), in her capacity as controller of the General Partnership under the name “MY IKIGAI O.E. » and the distinctive title “MY IKIGAI”, based at Melissia, Attica 2 Alkiviadou & Eschilou 1 street (VAT number: 802032740 / D.O.Y. Cholargou), as legally represented by herself, informs, in accordance with Regulation (EU) 2016/679 of the European Union and the provisions of the Greek legislation on the protection of personal data, the natural person – visitor to the website (hereinafter regardless of gender or status “Customer” or “Visitor”) that she or / and third parties, by order and on her behalf, will process personal data concerning him, in the context of his visit, use, stay and roaming within this website, as stated below: 

II. PERSONAL DATA PROCESSING DETAILS:

A. TYPE OF DATA COLLECTED:
The personal data that we collect relate to the Visitor, both with regard to any details that he voluntarily provides, as well as those that are technologically required for his visit, use, stay and roaming on this website, as well as in the context of any electronic transactions of parts.

These data relate exclusively to issues related to the above, i.e. indicatively:

(a) IP address, date and time of access, URL, access provider, browser, operating system,

(b) name, email, comments, contact details, management of any submitted request, query or complaint, etc.

B. DATA COLLECTION SOURCES:
The personal data we collect comes from the customer/visitor himself, either from forms/registrations that he fills in and uses at the start or during his visit and stay on the website, either by telephone or e-mail, or after sending messages on both sides, or in any other way required by modern technological means to achieve the purpose of the website and the entire process of visiting it, staying or roaming its visitors.

C. REASON FOR DATA COLLECTION AND HOW IT IS PROCESSED:
The personal data are collected for the purpose of safe and adequate operation of the website, the business, but also to know the necessary information of the visitor as a future customer of the business. They are also collected for the company’s advertising purposes, but also for its future communication with the visitor, sending advertising/information brochures, other forms, correspondence between the parties, future connection of the customer to the website, etc.

The processing of these data is related to the collection, registration, organization, structure and storage thereof, and is done exclusively by the “company” or its staff, or its partners, to serve the aforementioned purposes.

The “company” undertakes that it has taken all the necessary actions, applying the appropriate technical and organizational measures, for the legal maintenance, processing and safeguarding of the personal data it maintains, and undertakes to ensure and protect it with every way from its loss, leakage, alteration or improper processing by unauthorized persons.

The “company” undertakes that the above personal data is not granted to third parties unrelated to the commissioned project, and is not used for third party advertising purposes.

D. RECIPIENTS OF THE DATA:
The data stay at the knowledge of the “company”, or its staff, or its partners, related to the proper, legal and orderly operation of this website, in accordance with the purposes mentioned above, with the self-evident note that in each of them takes into account and processes only those data that are absolutely necessary for the performance of its duties.

E. SHELF TIME:
The above personal data are kept indefinitely, unless the customer/visitor expressly requests their deletion, either before or after the completion of the commissioned work, except for those data which must be kept indefinitely according to law, or current business practices. In any other case, data of any kind will be deleted twenty (20) years after the last contractual link between the parties, unless there are judicial, legal, procedural pending cases that necessitate their further observance, in which case the compliance period will be extended by two (2) years after special notification to the customer of the reason and time of the extension.

F. CUSTOMER RIGHTS:
(i) The customer has the right to receive from the controller confirmation as to whether or not the personal data concerning him is being processed and, if this is the case, the right to access the personal data and the following information:

a) the purposes and origin of the processing,

b) the relevant categories of personal data,

c) the recipients or categories of recipients to whom the personal data have been disclosed or are to be disclosed, in particular recipients in third countries or international organizations,

d) if possible, the period for which the personal data will be stored or, when this is impossible, the criteria that determine the said period,

e) the existence of the right to submit a request to the data controller for the correction or deletion of personal data nature or restriction of the processing of personal data concerning the data subject or the right to object to said processing,

f) the right to submit a complaint to a supervisory authority,

g) when the personal data is not collected from the customer, any available information about its origin,

h) the existence of automated decision-making, including profiling, and, at least in these cases, important information about the logic followed , as well as the significance and intended consequences of said processing for the data subject.

(ii) The customer has the right to demand from the controller without undue delay the correction of inaccurate personal data concerning him. Bearing in mind the purposes of the processing, it also has the right to request the completion of incomplete personal data, including through a supplementary statement.

(iii) The customer has the right to ask the controller to delete personal data concerning him without undue delay and the controller is obliged to delete personal data without undue delay if one of the following reasons applies: a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, b) The customer revokes the consent on which the processing is based and there is no other legal basis for the processing, c) The customer objects to the processing and there are no compelling and legitimate reasons for the processing, d) the personal data has been processed unlawful, e) the personal data must be deleted in order to comply with a legal obligation under Union law or the law of a Member State to which the controller is subject, f) the personal data has been collected in connection with the provision of society services of the information referred to in Article 8 paragraph 1.

(iv) The customer is entitled to obtain from the data controller the limitation of the processing, when one of the following applies: a) the accuracy of the personal data is disputed by the data subject, for a period of time that allows the data controller to verify the accuracy of the personal data, b) the processing is illegal and the customer objects to the deletion of the personal data and instead requests the restriction of their use, c) the controller no longer needs the personal data for the purposes of the processing, but such data is required by the customer to establish, exercise or support legal claims, d) The customer has objections to the processing, pending of verifying whether the legitimate reasons of the data controller prevail over those of the data subject.

(v) The customer has the right to know and receive the personal data concerning him, and which he has provided to a controller, in a structured, commonly used and machine-readable format, as well as the right to transmit said data data to another controller without objection from the controller to whom the personal data was provided, when: a) the processing is based on consent or a contract and b) the processing is carried out by automated means. When exercising the right to data portability in accordance with the above, the customer has the right to request the direct transmission of personal data from one data controller to another, in case this is technically possible.

(vi) The customer has the right to object, at any time and for reasons related to his particular situation, to the processing of personal data concerning him, including profiling. The controller shall no longer process the personal data, unless the controller demonstrates compelling and legitimate reasons for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or support of legal claims claims. If personal data is processed for direct marketing purposes, the customer has the right to object at any time to the processing of personal data concerning him for such marketing, including profiling, if related to such direct marketing . When the customer objects to processing for direct marketing purposes, the personal data is no longer processed for these purposes. At the latest during the first communication with the customer, the above right is explicitly indicated to the customer and described clearly and separately from any other information. In the context of the use of information society services and without prejudice to Directive 2002/58/EC, the customer can exercise his right to object by automated means using technical specifications. When personal data are processed for scientific or historical research purposes or for statistical purposes, the customer has the right to object, for reasons related to his particular situation, to the processing of personal data concerning him, unless the processing is necessary for the performance of a duty exercised for reasons of public interest.

It is noted that the “business” has the right to refuse a request to limit the processing or delete the customer’s data if the processing or observance thereof is necessary for the establishment, exercise or pursuit of its legal interests, or for its compliance with legal obligations.

The exercise of the above rights by the customer acts only for the future, with a starting date on which the relevant request reached the “business” in any proven way.

The Customer has the right to submit a complaint to the Personal Data Protection Authority (www.dpa.gr), which is the competent supervisory authority for the protection of the fundamental rights and freedoms of natural persons against the processing concerning him, if he considers that his rights are violated in any way.

The customer may exercise the above, and all other, rights either by sending an e-mail, or by registered letter, or by an extrajudicial declaration, or by telephone or by physical correspondence to the data controller or the data protection officer of the company (see below), or at its official headquarters.

The “business” will make every effort to respond to the Customer within thirty (30) days, from the submission of his request, which may however be extended for an additional sixty (60) days if this is required due to any complexity of the request or number of requests . If the “business” does not act on the Customer’s request, it informs him without delay and at the latest within thirty (30) days of receipt of the request, of the reasons for not acting and of the possibility of filing a complaint and bringing legal action . The above service is provided free of charge. In the event, however, that the Customer’s requests are manifestly unfounded, excessive or repetitive, the Conservatory may either impose a reasonable fee on the Customer, informing him accordingly, or refuse to respond to these requests.

The “business” implements an information security management system to ensure the privacy, security of the processing of Customer data and to protect it from accidental or unlawful destruction, loss, alteration, prohibited dissemination or access and any other form of unlawful processing, including and special provision for the pseudonymization and encryption of the above data.

The above notification to the Customer is made in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council and the provisions of the Greek legislation on the protection of personal data that are adopted and applied in this context and replaces any previous notification that has been made in the context of Law 2472/1997 and possibly referred to in contractual or other documents of the Conservatory.

Regarding cookies, see here

G. CONTACT DETAILS:

RESPONSIBLE FOR PROCESSING and PROTECTION of the above data, the “company” has appointed Anthoula Maneta of Ioannis, resident of Chalandri, Attica, 6 Kifisou Street (VAT number: 140776844), telephone: 0030 694 733 1859 
e-mail: info@myikigai.gr