Stavropoulou Architects, architectural practice based in 12, Martinegou, 11524 Athens, Greece, Registration no: 65881 TEE – TCG, tel: (0030) 210 7224 372, Email: email@example.com (hereinafter referred to as "business") is the legal owner of the website https://www.stavropoulou.archi (hereinafter referred to as the "website").
The company provides the necessary prior information to users, in order to understand the manner and conditions of processing their personal data. This is precisely the purpose of informing users with the utmost clarity and transparency about the processing of their personal data while browsing and using the services of the website. The terms and guarantees herein do not in any way cover the relationship between the users and any websites, third party services, which are not subject to the control and / or ownership of the company.
The access and use of the services of the website implies and from it is presumed the knowledge and the full and unconditional acceptance of the terms of the present and the consent of the user for the processing of these data according to the above.
Personal data collected.
The processing of personal data is done in accordance with the provisions of the General Regulation of Personal Data Protection (GKPD 2016/679), any more specific national and European legislation for certain areas, the current Greek legislation for the protection of personal data, as well as for the protection personal data and privacy in the field of electronic communications (Law 3471/2006, as applicable) and the decisions of the Personal Data Protection Authority (APDPX).
The personal data collected from the website or the visitor is required to provide the following, are the absolutely necessary, relevant and appropriate to provide the best navigation experience, the fulfillment by the company of the services provided to users through the website and the protection of other visitors / users.
A. The company collects the following personal information in case a visitor wishes to receive information about news, architectural spaces and designs we create, environmental strategies we propose, events that we might take part or organize via newsletters or invitations.
- Email address of the visitor / user.
- Registration code and confirmation of registration code.
- Technical data (cookies, IP Etc.)
The company will send information emails, if the user has specifically stated his consent. In case the user does not wish to receive the information e-mail and advertising material in general, may at any time request its deletion. The user has access to the contents of the statement of consent and revocation at any time of the given consent by following the link contained in each e-mail sent by the company.
If you are under 16, you MUST have your parents' consent before registering.
Each user / visitor guarantees the accuracy and authenticity of the personal data that concern them and that they submit to the www.stavropoulou.archi as well as for the right to submit such data.
Basis for the processing of personal data
The company, as the Controller, follows the legislation for the protection of Personal Data, as in force after the entry into force of Regulation (EU) 2016/679 of the European Parliament and of the Council. The processing of users' personal data is done under one or more of the following reasons:
1). Relevant consent has been given by the users.
2). Processing is necessary for the performance of a contract to which the data subject is a party or for measures to be taken at the request of the data subject prior to the conclusion of the contract.
3) For the fulfillment of a legal obligation of the Company, as among other things and if -beyond the law- it is required by a court decision or requested by any other state or regulatory authority.
4) For the fulfillment of the obligations of the company regarding the services provided to the users and for the pursuit of the legal interest of the company to preserve, improve and promote the services of the website, which include:
- the best customer service.
- the collection of information from users (feedback) on the services offered by www.stavropoulou.archi and their improvement based on the information collected.
- informing users about its new services www.stavropoulou.archi after their consent.
- the advertising and promotion of its services www.stavropoulou.archi remotely, with the consent of the users.
- market research and communication with users, after their consent.
-improving its visibility www.stavropoulou.archi.
- understanding and analyzing the use of the website, including its interaction with applications, advertisements, functions that are made available or linked or offered through it, and the collection of statistics, for research and for the improvement of its services.
The company does not make automated decisions, nor does it create profiles, based on automated processing of user data.
The company does not collect or gain access in any way through its website to specific categories of ("sensitive") personal data. The visitor has the obligation to refrain from providing such data, which concerns him or third parties. Otherwise, the data will be deleted as soon as they come to the notice of the company. The company does not bear any responsibility towards visitors or third parties for any provision and / or processing of such data, due to their acts or omissions in violation of the above obligation.
Duration of retention of personal data.
The duration of keeping the personal data collected amounts to ten (10) years. In case A) above (acceptance Newsletter), the retention period is ten (10) years or until their consent is revoked and their deletion is requested (if this happens earlier), unless for reasons of the current legislation it is required to continue their observance.
The personal data collected is limited to what is necessary for the purposes for which it is processed.
Security of personal data.
The company implements appropriate technical and organizational measures in order to ensure the appropriate level of security against risks, such as loss, looting, unauthorized use, alteration or destruction and the resulting violations of users' rights. Examples of these measures include pseudonymization and encryption, as well as the protection of its systems to ensure their confidentiality, integrity, availability and reliability, the timely return to a safe operating state in the event of a physical or technical event, as well as the continuous control and evaluation of the effectiveness of the technical and organizational measures applied, in order to ensure the uninterrupted safe processing.
Apart from those mentioned herein, the personal data of the users are not disclosed and are not shared with third parties and are not exploited in any way. It is clarified that the above does not include the content and data that the user chooses to make publicly available on the website (when and where this is provided) or chooses to share on social media services (generally third-party applications).
Recipients of personal data
The recipient of the personal data to be provided by the users of this website is the company which may forward it to affiliated companies, for reasons of functional and computer service of its transactional relations with the said users, as well as for statistical and historical reasons. Once the user / visitor has filled in the relevant field and has consented to the sending of information and advertising-promotional material, the company may, after informing the user / visitor, disclose their personal data to third parties for the advertising of the services it offers.
In the above context, the company informs the user that it is using the service MailChimp which provides marketing management services for newsletter and to which the user-filled e-mail addresses are notified. The MailChimp is based in the USA and is governed by the Interstate Agreement EU-US Privacy Shield.
The company reserves the right to use personal data in such a way that it is not possible to identify or reveal the person to whom they relate (in pseudonymized form) for statistical, promotional or research purposes, disclosing them to third parties, e.g., research companies responsible for completing the above objectives.
Ensure that only authorized employees have access to transaction information and only when necessary.
Information on the Rights of Users and the exercise of these rights.
The company informs users that it has implemented the necessary procedures to enable the exercise of their rights under EU Regulation 2016/679, which are as follows:
Right of access and information: Upon request, the user will be provided with information about the categories of personal data held by the company, the purposes of processing, the reasons that make their processing legitimate, the retention period of the data, the processor.
Right to correct and complete personal data: The company provides users with the opportunity to correct / update their personal information by notifying their request to the official media of the company mentioned at the beginning of this.
Right to delete personal data: The company further allows users to request at any time the deletion of personal data and information provided for connection to the services of the website and / or to request the deletion of those categories of data that are automatically collected by technical methods (online ID, IP address), subject to the obligation to retain such data for a certain period of time, based on the obligation of the company to comply with legal obligations and formalities to which it may be subject.
Right to portability. The users can receive or request the transfer of their data, in machine readable form, from the company to another controller, if they wish.
Right to withdraw the consent given: The users may at any time revoke their consent to the processing of personal data in the future. The legality of the data processing remains unaffected by this action until the point of withdrawal of consent.
Right to restrict and raise objections against data processing: The users can exercise the above rights for the future, if the users consider that their data is inaccurate or that it is subject to unauthorized processing or if despite the expiration of the reason that allows the processing, the user objects to their deletion, for the support of their legal claim. It may also object to the processing of personal data in the future, if the processing is carried out on the basis of one of the grounds provided for in Article 6 (1e or 1f) of the Rules of Procedure, provided that there are no legitimate grounds for further processing.
If the users wish to exercise any of the above rights as well as for any communication with the company, the users can contact the addresses and media mentioned at the beginning of this by sending a registered letter or email, a written request to the company entitled "Request to Exercise a Right", describing which right you want to exercise.
In case of request for the exercise of the above rights of the users, the company will respond to the relevant request within one (1) month from its submission. This deadline may be extended by another two (2) months, upon prior notification of the user by email, taking into account the complexity of the request and the number of requests being processed. The company's response to the above request is provided free of charge. However, if the request is clearly unfounded, excessive or repetitive, the company may either impose a reasonable fee by informing the user in advance, or refuse to respond to your request. The users can for any issue related to the above and if their considers that their rights are violated in any way to contact for information and complaint to the competent Supervisory Authority:
Postal Address: Kifissias 1-3, PC 115 23, Athens
Call Center: + 30-210 6475600, Fax: + 30-210 6475628
Email: get in firstname.lastname@example.org
The company may from time to time modify this Protection Policy to always comply with the legal requirements and the manner of conducting its business. In case of modification of this Protection Policy, the user will be informed about it by notification on this website.
The management and protection of the personal data of the visitor / user of the website is subject to the terms of the present as well as to the relevant provisions of the Greek legislation for the protection of the individual from the processing of personal data, as amended and supplemented by Regulation (EU) 2016 / 679 of the European Parliament and of the Council. In any case, the company reserves the right to change the terms of protection of personal data within the existing or possibly new legal framework after informing the visitors / users.