Introduction
This text, called “Privacy Policy”, explains in simple terms how we process the personal data that we collect from you or that you voluntarily provide to us in the context of your transactions or communication with our company.
The following company is responsible for personal data processing:
NAME: GIOVAS SA – Commercial, Technical, and Touristic S.A. (GIOVAS GROUP OF BRANDS S.A.)
ACTIVITIES: Commercial, Technical, and Touristic Company
VAT No.: 094383055
ADDRESS: 22 Konteri Str., Piraeus
TELEPHONE: +30 210 4832684
EMAIL: info@giovasgroup.com
which is legally represented.
Our priority is the legitimate processing of this data and your comprehensive and clear knowledge about it. For any questions, do not hesitate to contact us.
Privacy Policy Contents
• FIRST SECTION: General Information
1) What is personal data?
2) What is Personal Data Processing?
3) Is the processing of personal data that concerns you obligatory?
4) When and how do we collect your data?
5) Which principles do we follow when processing data?
• SECOND SECTION: Processing Analysis
Α. Categories of PD (Personal Data) that we process
Β. Processing Purposes – Legal grounds for processing
C. Time-Storage of PD
D. Your rights
• THIRD SECTION: Other Information
FIRST SECTION: General Information
1. What is personal data?
The term “personal data” (hereinafter “PD” or “data”) refers to any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one whose identity can be ascertained, directly or indirectly, in particular by reference to a characteristic element of identity, such as a name, an identity number, an address, or a telephone number, but also by reference to one or more factors that characterize the physical, physiological, genetic, psychological, economic, cultural, or social identity of the natural person concerned.
In a few words, PD is any information that is related to and concerns a natural person, whether it immediately reveals its identity to us or can reveal it.
2. What is Personal Data Processing?
Any act or series of acts carried out with or without the use of automated means, on personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, information query, use, disclosure by transmission, dissemination, or any other form of disposal, association or combination, restriction, deletion, or destruction.
So, almost any action, from the moment PD is created to the moment it is destroyed (or completely anonymized), constitutes a processing act.
Processing PD is a legitimate act, as long as it is carried out within the framework defined by the relevant legislation, i.e., the national law 4624/2019 but also the European General Data Protection Regulation (GDPR) 679/2016/ΕU.
3. Is the processing of personal data that concern you obligatory?
Providing some of your data to our company is necessary when you transact or communicate with us.
With this policy, we inform you about the processing rules we follow.
If you don’t provide us with the data listed below, we may not be able to complete the transactions you request, generally provide you with our products and services or respond to your contact request or other request.
4. When and how do we collect your data;
We collect your data at the following times:
Α. When you contact us
Β. When you request to digitally receive updates about our news, offers, and events, i.e., by registering on the newsletter recipient list
C. When you visit our website
5. Which principles do we follow when processing data?
When processing your data, we accept, adopt, and apply the processing principles according to Art. 5 GDPR, i.e., your data:
a) are processed lawfully and legitimately in a transparent manner in relation to the data subject (“lawfulness, objectivity, and transparency”),
b) are collected for specific, express, and lawful purposes and are not further processed in a manner incompatible with those purposes (“purpose limitation”),
c) are appropriate, relevant, and limited to what is necessary for the purposes for which they are processed (“data minimization”),
d) are accurate and, where necessary, updated; all reasonable steps are taken to promptly delete or amend personal data that is inaccurate, in relation to the purposes of the processing (“accuracy”)
e) are kept in a form that allows the identification of the data subjects only for the time period necessary for the purposes of processing the personal data; (“storage period limitation”),
f) are processed in a way that guarantees the appropriate security of personal data, including their protection against unauthorized or illegal processing and accidental loss, destruction, or damage, utilizing appropriate technical or organizational measures (“integrity and confidentiality”).
SECOND SECTION: Processing analysis
Α. Categories of PD that we process
Our company basically collects and then processes (stores, etc.) the categories of personal data (PD) mentioned below:
• Name, surname, date of birth, home address/area, telephone number (fixed/mobile), email address
• browsing data and internet protocol address (IP address) of your terminal when you browse our site
B. Processing Purposes – Legal grounds for processing
We collect and process the above PD categories for the following purposes:
1. Customer service (information about products-services, customer record keeping)
2. Defense of Legal Claims
3. Legal Compliance
4. Mailing newsletters
Legal grounds for processing
We inform you that the processing for the aforementioned purposes takes place:
• under the legal grounds of art. 6 par. 1 case B of GDPR 679/2016/EU (i.e., processing is necessary for the performance of a contract in which the data subject is a contracting party) and
• under the legal grounds of art. 6 par. 1 case C of GDPR 679/2016/EU (i.e., processing is necessary to comply with a legal obligation of the responsible party).
Regarding mailing newsletters, we inform you that this only takes place if there has been a prior provision of services between us or only if you have voluntarily subscribed to our company’s newsletter mailing list, i.e., with your consent.
In every newsletter you receive, we provide you with the possibility to stop receiving it at any time you wish, using the unsubscribe option.
Newsletters are sent only for the promotion of similar and related products or services of our company.
Your email address is not shared with third parties.
C. Time- Storage of PD
Processing of PD must be time limited, only for the period that is absolutely necessary for processing purposes.
Personal data that we process in accordance with the aforementioned is stored for a period of time that is necessary for legal compliance but also for safeguarding our legal claims and is stored at our company premises in physical or digital format.
D. Your rights
We process the above data in accordance with the aforementioned protection policy, and of course, we support and ensure the exercise of your rights through a suitable procedure.
Our response to your requests (whether regarding exercising rights or filing complaints) is free of charge, without delay, and, in any case, within (1) one month from reception of your request and confirmation of your identity. However, if your request is complex or a large number of requests are concurrently submitted to our company, we will inform you within the month whether we need to receive a time extension for another (2) two months, within which we will respond to you. The stated times of one (1) plus two (2) months (if required) are legal and provided in the GDPR.
If your requests are clearly unfounded or exaggerated, our company may impose a reasonable fee, considering the administrative costs of information provision or performance of the requested action, or finally refuse to respond to your abusively repeated request.
In particular, you have the following:
1. Right to be informed about all the aforementioned and any other issues related to the processing of your data.
2. Right to access, i.e., the right to receive a copy of the data you have provided to us.
3. Right to update/amend, in the event that any data is or becomes inaccurate, so that we can correct it. The update will be made within 7 working days from the date of filing your written request and confirming your identity.
4. Right to delete. This right may be subject to relevant restrictions due to the need to store some data in accordance with legal obligations.
5. Right to restrict processing when:
a) accuracy of the personal data is disputed by you, and for a period of time that allows us to verify the accuracy of the personal data,
b) processing is illegal and you object to the deletion of the personal data and request, instead, the restriction of their use,
c) we no longer need the personal data for the aforementioned processing purposes, but this data is required by you to establish, exercise, or support legal claims, and in related cases.
6. Right to portability, i.e., the right to receive the personal data concerning you that you have provided to us in a structured, common, and machine-readable format, as well as the right to transmit said data to another processing official without objection from us.
7. Right to withdraw your consent to newsletter mailing, i.e., the right to ask to stop receiving future newsletter messages from our company by e-mail, through the unsubscribe option in any such e-mail you have received.
8. Right to complain to the Data Protection Authority (dpa.gr) in case you believe that we are violating the relevant DP legislation regarding your data.
THIRD SECTION: Other information
Α. Our company applies contemporary and updated organizational and technical measures to prevent illegal intrusion, access, or dissemination of your personal data.
Β. We declare that we do not carry out automated individual decision-making or profiling.
C. Our website uses cookies to facilitate your connection to it, in order to collect statistical traffic data or for marketing purposes. For more information, visit “Cookies Policy”.
D. Contact form
Through the contact form, you can send us messages and receive information about our services. We urge you not to send us messages that contain sensitive information about you or third parties. In the event that you send us a message of this nature, we declare that we will delete it immediately and will not proceed with further processing or reply.
Ε. Mailing Newsletters
To register on our company’s newsletter recipient list, we will only ask for your name and email. Your email will be used solely to send you informational material about our news, services, and any special offers. We will not sell, give away, or share your email. You have the right to withdraw your consent at any time, using the “unsubscribe” option in the emails you receive or by email to: info@backmeup.gr
F. Privacy Policy Revisions
Our company reserves the right to periodically modify or revise this Privacy Policy, at its sole discretion. If changes are made, our company should record the date of amendment or revision in the new Privacy Policy and the updated Policy will apply to you from that date on. We encourage you to periodically review this Privacy Policy to check for any changes in the way we manage your personal data.
G. Contact – Requests – Complaints
If you have questions, comments, or complaints about the management or protection of your personal data or if you wish to exercise any of your rights, please contact us at the details above.
To file a complaint or protest regarding a breach of your personal data, you can contact the Data Protection Authority (1-3 Kifisias Ave., P.C. 115 23, Athens, Tel: 210 6475600, Fax: 210 6475628, e-mail for notification of a personal data breach event: databreach@dpa.gr, general e-mail: contact@dpa.gr
