Aegean Blue Afitos
Ελληνικά

How We Protect Your Data

Privacy Policy

Last updated: January 2025

Notification on the processing of personal data

Introduction

We would like to assure you that for us, Sofia Tsiotsiou & Sia EE, the protection of the users' personal data is of paramount importance. Therefore, we implement all the appropriate measures in order to protect the personal data that we process and ensure that the processing of the personal data not only by the company but by third parties as well that are likely to process the personal data on behalf of the company, always takes place in accordance with the obligations set out by the legal framework.

Data Controller – Personal Data Officer (DPO)

The company Sofia Tsiotsiou & Sia EE located in Afytos, Halkidiki, email: aegean-blue@hotmail.com, Tel: +30 (2374) 091500, website: www.aegeanblueafitos.gr, states that for the purpose of implementing the project, it shall process personal data of its employees, customers, suppliers according to the applicable national legislation and the European Regulation 2016/679 on the protection of natural persons against the processing of personal data and the free movement thereof (General Data Protection Regulation, hereinafter the "Regulation"), as applicable.

You shall directly contact the Data Protection Office (DPO) on any matter that relates to the data protection processing as follows:

PKG Law Firm K. Parigoris & Partners

Postal address: Fragkon 3, Thessaloniki

Email: info@parigoris.com

Telephone: 2310 554145

Fax: 23210 20269

What is the purpose of the processing and how are your personal data used

The personal data that you provide to the company in any way (e.g. full name/name of the sole entrepreneurship/partnership, father's name, ID card number or passport, capacity/profession, email, mobile number/fixed line number, full address for sending monthly statements, credit card number, vehicle's registration plate, CCTV footage, curriculum vitae, etc.), will be processed by the company only when there are legal grounds for the said process.

The legal grounds for the processing of your personal data are but not limited to:

  1. The safeguard and protection of the legal interest not only yours but the company's as well. So we use close circuit television systems (CCTV) and security cameras in order to be able to ensure the smooth operation and protect the safety of the natural persons, goods, materials, facilities.
  2. The compliance with any obligations that are imposed by law, the determination of any criminal behavior in general that might endanger public safety or/and health or the smooth operation.
  3. The safeguard of our vital interests such as the provision of emergency care and in general any assistance in case of an accident.
  4. The consent you provide us with in order to receive notifications on products, services, offers of the company that you may withdraw at any time you wish by contacting the Data Protection Officer of the company.

Recipients of personal data outside the company

Our company transfers your personal data to third parties to whom it has assigned the processing of the personal data on its behalf. Moreover, our company stores the personal data that arise from the execution of the contract. Finally, the company works with informatics companies that provide relevant services such as maintenance of information systems services and security system services. In the course of the provision of said services, the informatics companies are likely to have access to the personal data and in certain cases carry out processing activities that are necessary for the provision of the relevant services.

In such cases our company remains responsible for the processing of your personal data and determines the respective specifications of the processing, signs the special contract with third parties to whom it assigns the performance of the processing activities in order to ensure that the processing takes place according to the applicable legal framework and that any natural person may freely and unconditionally exercise his rights arising from the legal framework.

Furthermore, the company transfers the personal data to the competent government authorities when it is provided by the applicable legal framework and the performance of their duties that are carried out in order to serve the public interest or in the course of exercising public authority assigned to them.

Storage time limit

The storage time limit for the data is decided based on the following special criteria on a case-by-case basis:

  • When the processing is provided by an obligation set out in the applicable legal framework, your personal data are stored for as long as the relevant provisions determine.
  • When the processing is carried out based on a contract, your personal data are stored for as long as it is necessary for the performance of the contract and the substantiation, exercise or/and defense of legal claims arising from the contract.
  • In the course of marketing activities, your personal data are stored until your consent is withdrawn. You may withdraw it at any time. The withdrawal of your consent does not affect the validity of the processing that had been carried out based on your consent during the time period prior to your withdrawal.

In order to withdraw your consent, you shall contact the Data Protection Officer (DPO) of the company, PKG Law Firm K. Parigoris & Partners at: Postal address: Fragkon 3, Thessaloniki, email: info@parigoris.com, telephone: 2310 554145, fax: 23210 20269. You may also use the deregistration option by clicking the respective link on our electronic communications.

Your rights in relation to your personal data

Each natural person whose personal data are being processed by the company enjoys the following rights:

Right to access

You have the right to be aware and verify the validity of the processing. So you have the right to access your data and ask for supplementary information on their processing.

Right of rectification

You have the right to study, rectify, update or amend your personal data by contacting the Data Protection Officer (DPO) at the following contact details.

Right to erasure

You have the right to file an erasure request on your personal data if and under the condition that the company processed them based on your consent or in order to safeguard its legal interests. In any other case, the said right is subject to certain restrictions or does not exist at all depending on the circumstances.

Right to restriction of processing

You have the right to ask for the restriction of processing of your personal data when: (a) you question the accuracy of your personal data; (b) you object to the erasure and ask for restriction instead; (c) the data are no longer needed for processing purposes but are necessary for legal claims; (d) you object to the processing pending verification of overriding legal grounds.

Right to object

You have the right at any time to object to the processing of your personal data in case that it is necessary for legal interest purposes that the company may pursue as Data Controller.

Right to portability

You have the right to receive your personal data without charge in a structured, commonly used, machine-readable format, and to ask the company to transmit those data directly to another controller where technically feasible.

To exercise any of the abovementioned rights, contact the Data Protection Officer (DPO): PKG Law Firm K. Parigoris & Partners, Postal address: Fragkon 3, Thessaloniki, email: info@parigoris.com, telephone: 2310 554145, fax: 23210 20269.

Right to file a complaint with the Hellenic Data Protection Authority

You have the right to file a complaint with the Hellenic Data Protection Authority (Call center: +30 210 6475600, Fax: +30 210 6475628, email: contact@dpa.gr).

Personal Data Security

The company implements the appropriate technical and organizational measures for the secure processing of your personal data and the prevention of any incidental loss or destruction and the unauthorized and/or illegal access thereto, use, modification or disclosure thereof. In order to ensure the appropriate level of security against any risk and the selection of the appropriate technical and organizational measures, the company takes into consideration the latest technological and other developments, the implementation costs, the nature, the framework and the purposes of the processing, as well as on one hand how likely it is and how big the risk is for any incident to occur regarding the loss or destruction and the unauthorized and/or illegal access to the personal data, and on the other hand how serious the consequences will be on the rights and the freedoms of the natural persons.