Privacy Policy

TERMS OF RETENTION AND PROCESSING OF PERSONAL DATA

The general partnership with the name “GEORGIOS BALAFOUTAS AND CO. EE”, which will be referred to herein for brevity as the “Company”, is fully compliant with the requirements arising from EU and national legislation, as applicable, regarding the processing of personal data of its counterparties. The following are the main characteristics of the method of collection, processing and storage of personal data as well as the rights that each user of the Company’s Website (www.balafoutas.gr) has. The user of the website, who will send any message through the special tab of the Website, expressly declares that he has taken note of the following terms, that he agrees with them fully and unreservedly and that he has understood them completely.

For any information, you can contact us by email at:

info@balafoutas.gr

The Company is committed to responding to requests as soon as possible and in any case within the time limits set by applicable legislation.

1. Scope of provision of personal data, purpose and duration of their retention

The Company stores the information you provide when sending your message, without creating a profile. This information optionally includes your name, telephone number, home or business address, email address and any other information you choose to send.

The same information is included if you create a profile, so the same applies.

In the event that you refer to a third party for any reason, you declare that you have received their consent to the disclosure of their personal information to the Company.

Naturally, and in accordance with the applicable legislation, the concept of personal data processing only includes all the above elements, if they concern a sole proprietorship, an individual or any type of company, if from its name or distinctive title, conclusions can be drawn as to the existence of a natural person. In any other case, the processing of personal data is covered by the general provisions of law, which are in force and applied in Greece.

Your personal data and in general all your information are stored for a reasonable period of five (5) years from the last day of the calendar year in which you sent a message to the Company. The Company may send you periodic electronic messages via e-mail or to the mobile numbers you have stated, in order to inform you about new available goods, services or its activities in general. You have the option to choose not to receive such information. After the end of the above period, the Company immediately deletes all your personal data.

It is clarified that the concept of processing of personal data includes any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

The Company will never request the provision of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or membership in a trade union, as well as the processing of genetic data, biometric data for the purpose of unequivocal identification of a person, data concerning the sexual life of a natural person or sexual orientation.

2. Sharing personal data

The Company does not share your data with third parties, except for:

  • public authorities, if they receive such a request,
  • to collaborating lawyers, in order to exercise its rights, within the framework of the law and
  • To collaborating companies – suppliers, if deemed necessary by the Company, for a thorough response to your message.

3. Personal data security

The Company takes all appropriate measures to prevent access to your personal data by unauthorized persons, which consist of both physical and electronic – technical barriers. For example, personal data protection techniques include the following:

  • Aggressive use of firewall protection and network isolation in its infrastructure.
  • Access to the Company’s server systems from a public internet access point is not permitted.
  • No person is allowed access to the Company’s server system, both physically and remotely, except those specifically authorized for this purpose.
  • Any security flaws in any “library” used by the Company are monitored and fixed as soon as an updated version is released.
  • The Company’s server systems are located in a suitably configured room, with provisions for its safe operation even in the event of flooding or power outages.
  • Use 2-factor authentication on all sensitive Enterprise accounts.
  • The Company will notify users of any breach of their data no later than 24 hours after the breach becomes apparent to it.

4. User rights

Your rights regarding your personal data, in addition to those listed above, are the following: access, correction or deletion of personal data (“right to be forgotten”) or restriction of processing concerning you or objection to processing, as well as data portability, the right to be notified regarding the correction or deletion of personal data or restriction of processing, the right to lodge a complaint with a supervisory authority and the right to data portability.

5. Other information

The lawfulness of the collection and storage of personal data is based on full and unreserved consent to the processing of personal data, for the purposes of paragraph 1 hereof, as a necessary condition for the use of the website and the services of the Company. Otherwise, you cannot use its services.

You may freely withdraw your consent to the processing of personal data at any time in writing. This means that all information you have provided to the Company will be deleted as soon as possible and that you will no longer be able to make purchases or use any of the Company’s services.

The collection and storage of personal data takes place in Greece.

The processing of personal data by the Company has been subject to a Data protection impact assessment and has not hired a Data Protection Officer (D.P.O.), as it is not required, according to applicable legislation.

The controller of personal data is the company named “GEORGIOS BALAFOUTAS AND CO. EE”.

In case you consider that your rights are violated, despite the efforts that the Company may make to satisfy your requests, you can contact the Personal Data Protection Authority, based in Athens, at 1-3 Kifissias Street, P.C. 115 23, telephone 210 6475600, email address contact@dpa.gr

For any dispute, the competent Courts are those of Thessaloniki.

 

TERMS OF RETENTION AND PROCESSING OF PERSONAL DATA OF INDIVIDUAL BUSINESSES AND OTHER PERSONS

The limited liability company with the name “GEORGIOS BALAFOUTAS AND CO. EE”, based in Thermi, Thessaloniki, on plot no. 334 of Nea Radestou, with VAT number 997612586, which will be referred to herein for brevity as “BALAFOUTAS”, is fully compliant with the requirements arising from EU and national legislation, as applicable, regarding the processing of personal data of its counterparties. The main characteristics of the method of collection, processing and storage of personal data as well as the rights that each counterparty has are as follows. The counterparty expressly declares that it has taken note of the following terms, that it fully and unreservedly agrees with them and that it has fully understood them.

For any information regarding this, you can contact us via email at: info@balafoutas.gr

BALAFOUTAS is committed to responding to requests as soon as possible and in any case within the time limits set by applicable legislation.

This text concerns the processing of personal data of natural persons who operate either individually or for third parties and in general for any person who provides their personal data for any reason and for any occasion to BALAFOUTAS.

1. Scope of provision of personal data, purpose and duration of their retention

BALAFOUTAS stores the information you provide in order to collaborate with it. This information includes your name, email address, telephone number and your home or business address. Additionally, BALAFOUTAS may request your consent to provide additional information related to the obligation to comply with tax and insurance legislation as well as the law of legal transactions (such as your VAT number). It is possible that during the period of your contract with BALAFOUTAS you may need to provide additional documents in order for BALAFOUTAS to be able to comply with the provisions of applicable legislation.

Your personal data and in general all your information are stored for a reasonable period of five (5) years from the last day of the calendar year in which you carried out your last transaction with BALAFOUTAS. BALAFOUTAS may send you periodic electronic messages via e-mail or to the mobile numbers you have registered, in order to inform you about new available services or its activities in general. You have the option to opt out of receiving such information. After the end of the above period, BALAFOUTAS immediately deletes all your personal data.

It is clarified that the concept of processing of personal data includes any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

BALAFOUTAS will never request the provision of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or membership in a trade union, as well as the processing of genetic data, biometric data for the purpose of unambiguously identifying a person, data concerning a natural person’s sexual life or sexual orientation.

BALAFOUTAS may communicate by any appropriate means it deems appropriate (such as, for example, through its websites, through its social media channels, etc.) your business details (such as, for example, your brand name, distinctive title, address of your headquarters and your telephone number), in order to indicate to prospective customers your collaboration with BALAFOUTAS and therefore to suggest the purchase of goods from you.

2. Sharing personal data

BALAFOUTAS may share your data with third parties, including public authorities in the following cases:

  1. For health reasons in public or private treatment centers (e.g. hospitals, clinics, health centers, etc.), in case of need.
  2. For educational/entertainment purposes (e.g. purchasing named tickets for a theatrical performance, purchasing a personalized gift, etc.).
  3. For the purpose of verifying illegal activities against BALAFOUTAS.
  4. To collaborating accountants or auditors, for the purpose of tax compliance.
  5. To collaborating lawyers, for the purpose of exercising her rights, within the framework of the law.
  6. In any case, if there is a request from a public authority for any reason.
  7. For the case of application of the last subparagraph of the previous paragraph.

3. Personal data security

BALAFOUTAS takes all appropriate measures to prevent unauthorized persons from accessing your personal data, which consist of both physical and electronic-technical barriers. Indicatively, personal data protection techniques include the following:

  • Aggressive use of firewall protection and network isolation in its infrastructure.
  • Access to its server systems from a public internet access point is not permitted.
  • Any security flaws in any “library” used are monitored and fixed as soon as an updated version is released.
  • Use 2-factor authentication on all sensitive accounts.
  • BALAFOUTAS will notify its counterparties of any data breach no later than 24 hours after the breach is noticed by BALAFOUTAS.

4. User rights

Your rights regarding your personal data, in addition to those listed above, are the following: access, correction or deletion of personal data (“right to be forgotten”) or restriction of processing concerning you or objection to processing, as well as data portability, the right to be notified regarding the correction or deletion of personal data or restriction of processing, the right to lodge a complaint with a supervisory authority and the right to data portability.

5. Other information

The lawfulness of the collection and storage of personal data is based on full and unreserved consent to the processing of personal data, for the purposes of paragraph 1 hereof, as a necessary condition for your cooperation with BALAFOUTAS. Otherwise, you cannot contract with BALAFOUTAS in any way.

You can freely withdraw your consent to the processing of personal data in writing at any time. This implies that all information you have provided to P2D will be deleted as soon as possible and that your collaboration with the latter is terminated.

The collection and storage of personal data takes place in Greece.

The processing of personal data by BALAFOUTAS has been subject to a data protection impact assessment.

The controller of personal data is the company “GEORGIOS BALAFOUTAS AND CO. EE”. In case you consider that your rights are violated, despite the efforts that BALAFOUTAS may make to satisfy your requests, you can contact the Personal Data Protection Authority, located in Athens, at 1-3 Kifissias Street, P.C. 115 23, telephone 210 6475600, email address contact@dpa.gr

The courts of Thessaloniki are responsible for any claim arising from the application of this provision.

The initiation of cooperation by signing any document issued by the company named “GEORGIOS BALAFOUTAS AND CO. EE”, on which there is either this document printed or a hyperlink leading to this document, presumes full and unreserved acceptance of the above terms, which have been fully understood in their entirety.

ESPA