Thessaloniki 24/02/2020
Data Protection Statement
This document describes in detail the steps to comply with the General Data Protection Regulation 2016/679, also known as the GDPR.
Definitions
The company: our company under the name “GALBENIS Konstantinos”, the exclusive ownership of which belongs the present website and all its content.
The user: any person who visits our website and any person who acquires a member account for use of the services offered.
Website: the website www.supercoolservice.gr, which, like all content, belongs in full and exclusive ownership to our company.
Import
Our company firmly believes in the protection of personal data, the principles governing the processing of data and specifically that:
All data shall be lawfully and fairly processed in a transparent manner.
The data collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes.
The data shall be appropriate, relevant and limited to what is necessary for the purposes for which they are processed.
The data shall be accurate and, where necessary, updated.
The data shall be retained in a form that allows identification of data subjects only for the time required for the purposes of processing.
The data shall be processed in such a way as to ensure their appropriate security.
Read carefully this Statement of Protection of Personal Data, in order to be informed about the personal data the Company collects and how it uses and protects your personal data, as well as for the related options and possibilities that you have.
How to collect personal data
The company may collect your personal data in the following ways (indicatively):
Subscribe to the website,
Send contact form,
Communications with the company,
Purchase of services,
Contact a representative of the company by e-mail, phone or mail,
Newsletter subscription,
Cookies stored on your computer or mobile device when you visit our website sites.
Security
The Company recognises the importance of the issue of security of Personal Data and electronic transactions and the related obligations and shall take all necessary measures with the most modern and advanced methods to ensure maximum safety of the User. All information related to the user's personal data is secure and confidential. We receive your personal information only if you choose to provide it and expressly consent to its processing by our company.
Safety is achieved by the following methods:
Recognition
Used two fields to identify the User: the login Id (email or username) and Personal Secret Security Code (password), which every time you entered provide access with absolute safety to the account. The User is the only one who has access to the information through the above password and is solely responsible for maintaining the secrecy and concealment by third persons. In case of loss or leakage, you should immediately notify the company, otherwise the company is not responsible for its use by an unauthorized person. The company recommends, for security reasons, that the user change his password at regular intervals and avoid the use of easily detectable passwords (P.Allah. date of birth or telephone). It is also recommended to use other than letters and numbers and symbols (e.g.Allah.gibberish!_ ) when creating the password.
Ensuring the confidentiality of the transfer of your personal data
To ensure the confidentiality of data transfer, the SSL encryption protocol with RSA 2048 bits (e 65537) is used. In addition, all backup systems we use have additional encryption (AES-256) before transmitting to an approved cloud provider via SSL connection as an additional data safeguard. The backup providers we use today to store the data are:
company infrastructure
Controlled Access
The website is hosted and installed in data Center infrastructures that have ISO 27001 security standards and meet the requirements of GDPR for data protection. The access to the systems of the Company (servers) is controlled by firewall, which allows the use of specific services from the users by prohibiting while access to systems and databases with confidential data and information of the Company. The web hosting provider we use today is:
Encryption
By using special software, the company's electronic system first decrypts the information received before processing it. The company's systems send information following the same encryption process. At any point of the website you enter personal data (password, email, addresses, phone numbers, credit card number etc.) there is SSL encryption with RSA 2048 bits (e 65537) key.
Transaction Confidentiality
Privacy is self-evident to us. The basic principles governing classical transactions also apply in the case of electronic transactions with the company. All the information transmitted by the User is confidential and the Company has taken all necessary measures in order to remain secure and be used only in the measure necessary for the service of the contract and the provision of the services.
The User to ensure the security of data, should he not disclose them, nor the data access to third parties.
Purpose of processing personal data
Your personal data is not used for any purposes other than those mentioned and provided by you, unless we obtain your permission, or unless required or permitted by law. The Company collects upon consent, your personal data that is absolutely necessary in order to meet your requests and to provide the services that you select in the best conditions and in the most effective way. If and where additional information is required, you will be informed about this at the time of data collection and will be asked again for consent.
The company collects data on communication, the issuance of official written offers and related sales documents, in accordance with the applicable legislation and the requirements of financial services (taxis, etc.).
Markets
The company collects data during the online ordering through the shopping cart available on our website. These data relate to personal data, such as shipping information, buyer information, as well as the products or services chosen by the visitor or user of our website. These data are used as in ordinary transactions, i.e. to safely complete them and inform the user, in the context of the performance of the contract.
We do not collect payment data, such as P.H. the bank account number, the credit or debit card number. If the user chooses "payment by card" the necessary payment card details should be entered on the secure website of the partner Payment Gateway and automatically redirected to complete the payment (redirect).
Provision Of Services
The personal data of the User as they arise during the provision of the services selected, will be stored and will be accessible for the execution of the contract and the provision of the services in an efficient manner, so that the charge and every strictly authorized partner, to be able to perform or to control the progress of each project.
Improvement of services and measurements
In addition, the Company collects information when you visit us online, as well as through emails that we may exchange, on how the User uses the services, such as for example the type of content displayed, or the frequency and duration of activities. Furthermore, the company collects information from or about the devices through which the user accesses the services, depending on the rights he has granted. The company can associate the information collected from the various devices of the user, as this contributes to the consistency of the services provided. The collection of these data allows us to personalize your online experience, to improve the performance, usability and effectiveness of the Website and we measure the effectiveness of promotional activities (marketing) of our services.
In particular, link information is collected, such as:
the name of the mobile or internet service provider (ISP),
browser language and time zone, the geographic location of the access device and its type (Google Chrome, Safari etc.)
the IP address of the electronic device through which you access the website.