Purpose of the Personal Data Protection Policy
"ELTA COURIER SA." (hereinafter "Company") with headquarters in Agia Paraskevi Attica, 395 Mesogeion Avenue, ID No. Μ099759170 D.O.Y FAE ATHENS, (hereinafter called the Company) ,with this Policy Personal Data Protection aims to inform the users of its website https://www.elta-courier.gr/ (hereinafter "the Website") regarding the manner and purpose of processing their personal data. Our Company, as an analyst, collects and processes personal data of its users only if it this is absolutely necessary, for clear and legitimate purposes, in accordance with relevant legislation on the field of personal data protection.
Definitions
On this policy basis, the terms found below have the following meanings:
"Personal Data": any information related to an identified or identifiable natural individual ("data subject"); an identifiable natural person is one whose identity can be ascertained, directly or indirectly by reference to an identifier such as a name , identity card, in location data, in an online identifier, or in one or more factors ensuring physical, physiological, genetic, psychological, economic, cultural or social identity of this particular individual.
"Special categories of private data": are considered to be personal data about racial or ethnic origin, political opinion, religious or philosophical beliefs or trade union participation, as well as genetic- biometric data analysis, aiming to identification of a person or health or sexual orientation data.
"Analysis": any act or acts done with or without use of automated means, on personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or modification, recovery, information research, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
"Anonymization": personal data analysis in a way that date cannot be attributed to a specific person.
"Pseudonymization": personal data analysis in such a way that these data can no longer be attributed to a specific person related to this information without the use of additional information. It is prerequisite that such additional information is separately stored subject to technical and organizational measures in order to ensure that they are not attributed to a certain or identifiable individual.
"Analysis Responsible": is an individual or a legal person, any public authority, service or other entity which separately or jointly with others, determines the purpose and manner of processing personal data; when the purposes and method of such controlling are determined by European Union law or any law of a Member State, then the analysis responsible or the specific criteria for his appointment may be provided by Union law or the law of a Member State. In this particular case, the Company acts as Data Controller.
"Processor" an individual or legal person, public authority, service or other entity analyzing personal data on behalf of the controller.
"Processing Subject": refers to an individual whose personal data is processed. Any user of our website is considered to be subject of the processing procedure.
"Consent" of the data subject: any indication of will, free, specific, explicit and fully informed, by which the data subject agrees, by statement or by a clear positive action, that all data and the personal data of his concern, can be analyzed.
"Personal Data Breach": security breach resulting in an accidental or unlawful destruction, loss, modification, unauthorized disclosure or access of any personal data transmitted, stored or in any other way processed.
"Existing legislation": The respective national and EU legislation on personal data protection and specifically the General Data Protection Regulation (EU) 2016/679 (hereinafter "GDPR"), Law 4624/2019 as well as the Decisions, Guidelines and Opinions of Personal Data Protection Authority (hereinafter "PDPA").
Personal Data that we collect and process, purpose of processing and legal basis.
A.1) Personal data collected via the "Talk to us" live chat
This specific service aims to serve directly the user via a live chat available through the "Talk to us" option. In case the user wishes to use this specific service, he should fill in the relevant fields with his name, email and acceptance of the terms of use and also our Privacy Policy.
A.2) Purpose of Processing and Legal Basis.
Purpose of collecting and processing personal data is to provide immediate and better service to users. The legal basis of processing personal data is the Company΄s legal interest in providing high-level services to its customers and users of the Website (GDPR article 6 par.1f).
B.1) Personal data collected through the contact form.
Through the contact form, the user can contact the Company for any requests, questions, clarifications, complaints, etc. In case the user wishes to use this service, he should fill in the relevant fields with his name, email, the relevant message and accept the Terms of Use and Privacy Policy.
B.2) Purpose of Processing and Legal Basis.
The purpose of collecting and processing aforesaid personal data is the best response and service to the user. The legal basis for processing personal data is the Company΄s legal interest in providing high quality services to its customers and users of the Website (GDPR article 6 par.1f).
C.1) Personal data collected through the Company΄s evaluation form.
By completing the Company΄s "Tell Us Your Opinion" evaluation form and accepting the Company΄s Terms of Use and Privacy Policy, the user can express his opinion on the quality of the services provided by the Company.
C.2) Purpose of Processing and Legal Basis.
The purpose of collecting and processing aforesaid personal data is to improve services provided by the Company. The legal basis for processing such personal data is the Company΄s legal interest in improving the services provided to its customers and users of the Website (GDPR article 6 par.1f).
D.1) Personal data collected via the use of cookies.
When you browse in our website, we may collect some necessary information related to the users visiting the respective website, such as the internet protocol address (IP address) and the type of browser (browser) used by the user, etc. For more information regarding the use of cookies on our website, you can refer to our Company΄s Cookies Policy at the link: https://www.elta-courier.gr/cookie_policy/.
D.2) Purpose of Processing and Legal Basis.
Collection and processing purpose of aforesaid data is to improve the functionality of the Website and the services provided as well as the analysis of its visiting frequency. The legal basis for processing personal data is the user΄s consent (GDPR article 6 par.1d) provided by accepting cookies, with the exception of absolutely necessary cookies which are permanently installed and are absolutely necessary for the functioning of website, for which the legal basis of processing is the legal interest of the Company (GDPR article 6 par.1f).
Personal Data of Minor Users
The Company does not address minors and does not wish to collect and process personal data of them (i.e. persons under the age of 18). However, since it is impossible to cross-check and verify the age of any users of our Website, we ask their parents/guardians of minors, in the case where they find any unauthorized sharing of data by minors, to notify immediately the Company, so that it takes the necessary protective measures (e.g. deletion of their data). In the case that the Company realizes it has collected a minor’s personal data , it undertakes the responsibility to delete it and take all necessary measures to protect this data.
Transmission to Third Parties
The Company may transmit foresaid personal data to third parties, to whom it has entrusted the processing of personal data on its behalf (such as social media service companies, website developers, etc.). In any case, the third parties to which user data may be transmitted, are contractually bound to our Company to ensure the obligation of confidentiality as well as all obligations provided by the Existing Legislation. At the same time, users΄ personal data can be transmitted to public and independent authorities. (e.g. Police Departments, Prosecution Courts, Tax, Customs authorities, the APDPH, etc.) by applying their duties ex officio or upon request of a third party with legal interest and in accordance with the legal procedures.
Transfer of Personal Data outside the EU
In case of transmission of users’ personal data collected via our Website, to a country outside the European Union (EU) or the European Economic Area (EEA), the Company previously checks whether:
a) The Commission has issued a relevant adequacy decision for the third country to which the transfer will take place.
b) The appropriate guarantees for transmitting this data are observed in accordance with the Regulation.
In another case, transmission to a third country is prohibited and the Company will not transmit users΄ personal data to it, unless one of the special exceptions provided by the GDPR can be applied (eg the user΄s express consent and information about the risks involved in the transmission, the transmission is necessary for a contract execution upon concrete subject’s request, in this case there are reasons of public interest, necessary to support legal claims and vital interests of the user, etc.).
Data Retention Period
Users΄ personal data are collected and kept for a predetermined and limited period of time, depending on the purpose of the processing, after which data is deleted from our files. When processing is imposed by the applicable legal framework or a specific retention period is provided, then personal data will be stored for as long as the relevant provisions impose. Users΄ personal data collected and processed for an execution of contract are kept for as long as necessary for this reason and for the establishment, application and/or support of legal claims based on the contract. Users΄ personal data processed for marketing purposes following the consent of the users (eg data from the subscription to the Newsletter) are kept until the withdrawal of the consent, without this last withdrawal affecting the legality of the processing until then.
Protection and Security of Personal Data
Taking into account the latest situation, the cost of implementation and the nature, scope, context and purpose of processing, as well as the risks of different probability of occurrence and severity to the rights and freedom of users from the processing, the Company takes the necessary technical and organizational measures to protect users. Although no transmission method via Internet or electronic storage method is totally secure, the Company takes all necessary digital data security measures (antivirus, firewall, backup etc.).
Data protection Officer(DPO)
In order to ensure sufficient personal data protection, the Company has appointed a Data Protection Officer to whom data subjects can address their requests and questions regarding their personal data protection and this policy, at the following contact details: to the email dpo@elta-courier.gr or to the phone: +30 2106073215.
Rights of Personal Data Subjects
Our Company ensures that it is able to respond immediately to users΄ requests, for the exercise of their rights in accordance with the Existing Legislation.
In particular, each user has the following rights:
a) To request information about the processing of his personal data by the Company.
b) To request access to his personal data held by the Company. More specifically, he can request to receive a copy of his personal data held and check the legality of the processing.
c) To request the correction of his personal data in case of incorrect or incomplete registration by the Company
d) To request the deletion of his personal data if their retention is not based on any legal basis or legitimate interest.
e) To request restriction of the processing of his personal data, under specific conditions.
f) To request the portability/transmission of his personal data either to himself or to third parties.
g) To revoke at any time the consent he gave for the processing of his personal data, without this revocation affecting the legality of the processing until then.
To exercise your rights, you can contact the Data Protection Officer΄s contact details (email dpo@elta-courier.gr or phone: In case of exercising any of the above rights, the Company provides the data subject with information on the processing operations following the relevant request submitted within one (1) month of receipt of the request and identification of the subject. This deadline can be extended by two (2) more months, if necessary, if the request is complex or there is a large number of requests. In this case, the Company is obliged, within one month of receiving the request, to inform the data subject of the delay, as well as the reasons for it. Within the above timeline Within the above period of time, it also informs the data subject of any refusal to satisfy the submitted request in whole or in part, as well as the reasons for the refusal.
For any of your complaints regarding this policy or personal data protection issues, if we do not satisfy your request, you can contact the Hellenic Personal Data Protection Authority www.dpa.gr.
Disclaimer for third party websites
In case that our Website contains links redirecting users to third-party websites, we inform you that our Company does not control or is responsible for any content of these websites, nor for the way in which users΄ personal data is processed.
Updates to the Privacy Policy
This Privacy Policy may be modified/revised in the future, in the context of the Company΄s regulatory compliance as well as the optimization and upgrading of our Website services.
Last Revision: August 2020
Member of ELTA Group