Privacy Policy

Introduction

This policy applies to the company “VENETIS ANONYMI VIOMICHANIKI AND EPORIKI ETERIKI TROFIMON”, hereinafter referred to as VENETIS.

VENETIS is committed to protecting the personal information collected when you use our website and other services. This Privacy Policy defines the commitment of VENETIS to protect personal data and how this commitment applies in relation to the collection, use, transfer and retention thereof. This policy applies when we determine the purposes and means of processing, thereby acting as a data controller.

Collection of Personal Data

VENETIS has designed a standardized contact form on its website in order to facilitate communication with any interested party. This form is used for any queries or requests and directs them to the appropriate department or staff member. In some cases, our website may be used by prospective partners, in which case the subject should take note of the Subject Information – Job Applicants. In addition, we provide the company’s phone numbers for a more direct communication if this is required.

In order to manage and respond to your inquiries and requests, we may collect and store your full name, email, address, contact details and any other information you may have provided to us. This information is used strictly to satisfactorily respond to your inquiries or requests and will not be disclosed to third parties except as stated in this policy or where disclosure is required or permitted by law.

For the lawful processing of your data under Regulation (EU) 2016/679, we recognize a lawful basis before processing the personal data. In this case, the legal basis for the processing of the data on our part is the granting of your express consent to the processing, by submitting the respective form only in case you agree with this policy

Transfer of Personal Data

VENETIS may disclose personal data collected from suppliers or subcontractors to the extent that this is reasonably necessary to manage your questions and requests. Such transfers will be protected by appropriate safeguards (e.g. intra-group personal data disclosure clauses, subcontractor personal data disclosure clauses, third party supplier personal data disclosure clauses, personal data disclosure clauses necessary for legal compliance, etc.) . In addition, we may disclose personal data when such disclosure is necessary to comply with a legal obligation to which we are subject.

Retention of Personal Data

VENETIS undertakes not to retain personal data for a period longer than necessary and we will ensure that we delete it securely. For additional information regarding the punch-out period and deletion period, please see the Contact section.

Rights of Subjects

In this section VENETIS arranges the rights arising from Regulation (EU) 2016/679 and how data subjects can access these rights. For further clarification please refer to the Contact section.

Right of Access

VENETIS considers that the personal data collected directly from the subjects will be accurate and complete. Individuals can access their own personal data using the Subject’s Rights Request.

Right to Correction and Erasure

The data subject may request the updating, erasure or removal of any information held about him, and any third party who processes or uses the data must also comply with this request. An erasure request can only be refused if an exception applies. The right to Erasure can be requested using the Subject Rights Exercise Request.

VENETIS is obliged to delete personal data when any of the following applies:

  • the personal data are no longer necessary for the purposes for which they were collected or processed
  • the data subject withdraws their consent and there is no other lawful basis for processing
  • the data subject objects to the processing carried out on the basis of the legitimate interests of the Data Controller and there are no other overriding legitimate grounds for the processing
  • the personal data has been processed unlawfully.

If the request to delete the personal data has been received, the identification has been confirmed, the request meets one of the above requirements and there is no legal reason to object to the processing, VENETIS must delete the relevant data in its entirety. The request should be registered in the Data Subject Request Record File.

If VENETIS cannot delete the personal data, it will ensure that:

  • cannot or will not attempt to use the personal data to justify any decision about an individual or in a way that affects that individual in any way
  • does not give any other organization access to personal data
  • protects personal data with appropriate technical and organizational security, and is committed to the permanent deletion of information if, or whenever, it becomes available.

Right to Restriction of Processing

The data subject has the right to request from the administrator, restriction of processing using the Subject’s Rights Exercise Request.

Right to Object

The subject has the right to object, at any time and for reasons related to his particular situation, to the processing of personal data concerning him using the Application for the Exercise of Subject Rights.

Right to Data Portability

Upon request, the data subject should have the right to receive a copy of the personal data in a structured format using the Data Subject Rights Request.

These requests should be processed within one month, provided that there is no undue burden and it does not compromise the privacy of individuals. A data subject may also request that their data be transferred directly to another system. This request must be implemented free of charge.

If VENETIS cannot fully respond to this request within 30 days, the Competent Employee of the company should nevertheless provide the following information to the Data Subject, or to their legally authorized representative within the time period that has been determined:

  • An acknowledgment of receipt of the request.
  • Any information found to date.
  • Details of any information or amendments that have been requested, which will not be given to the data subject, the reason(s) for the refusal, and any procedures available to appeal the decision.
  • An estimated date by which the remaining responses will be provided.
  • An estimate of any costs to be paid by the data subject (e.g. where the request is excessive in nature).
  • The name and contact details of the person in charge.

Amendments

In the event that VENETIS chooses to change this Privacy Policy, we will post the changes here. Where the changes are significant, we may also choose to email the affected users with the new details. Where required by law, we will obtain your consent to make these changes.

Contact

If you have any concerns or complaints about this policy, please contact us at: dataprotection@venetis.com.gr