REGARDING OUR COMPANY AND PERSONAL DATA PROTECTION
ES Systems is committed to protecting the rights of individuals in line with the General Data Protection Regulation (reference EU2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (hereinafter referred as : ‘GDPR’) as well as each applicable national Personal Data protection laws and regulations (collectively referred as “Data Protection Laws and Regulations”). Data protection is of a particularly high priority for ES Systems. The use of the Internet pages of the ES Systems is possible without any indication of personal data; however, if you want to use personalized company services via our website, processing of your personal data could become necessary.
The processing of your personal data, such as the name, address, e-mail address, or telephone number shall always be in line with the Data Protection Laws and Regulations, and in accordance with the country-specific data protection regulations applicable to the ES Systems. By means of this data protection policy, our company would like to inform you of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, you are informed, by means of this data protection policy, of the rights to which you are entitled.
What is Personal Data?
Personal Data is information that can be used to identify a person either directly or indirectly (hereinafter referred as : ‘Personal Data’). A ‘personal identifier’ is a piece of information that can identify an individual. This definition covers a wide range of personal identifiers to constitute Personal Data, including name, address, email address, identification number, location data or online identifier.
Which sources and what Personal Data do we use?
When you use this website, ES Systems will collect, use and process any Personal Data you provide us (e.g. your name, business title, address, company name e.t.c.) and any information generated as a result of using the Website, such as IP address, the date and length of visit to the site, the pages you view e.t.c.
What are the purposes of the processing of your Personal Data?
By using the website, ES Systems will collect and process your Personal Data in accordance with this Policy. Your Personal Data may be used for the following purposes (hereinafter referred as: the ‘Purposes’):
- Website Browsers / Administration.
We use your Personal Data for administrative purposes, including to help us better understand how our customers access and use our website; to provide reports to prospective partners, service providers, regulators, and others; to implement and maintain security, anti-piracy, fraud prevention, and other services designed to protect our customers, partners and us; and to enforce our policies, directives and processes.
To the extent permitted by law, we may use your Personal Data for marketing and promotional purposes, including communications through email or equivalent electronic means. For example, we use your Personal Data, such as your email address, to send news and newsletters, promotions or to otherwise contact you about services or information we think will interest you.
We use your Personal Data to communicate with you, including responding to requests for assistance. We can communicate with you in a variety of ways, including email and via your social media accounts if you have agreed, and/or text message.
- Customer service.
We use your Personal Data for customer service purposes, including providing services to you, for technical support or other similar purposes and to establish and maintain customer accounts.
- Research and development.
We use your Personal Data for research and development purposes, including improving our website, services, and customer experience and for other research and analytical purposes dedicated to improving our products, services, businesses, operations and processes.
- Legal compliance.
We use your Personal Data to comply with applicable legal obligations, including responding to an authority or court order or discovery request.
- To protect us and others.
Where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person or violations of policies, terms, and other policies.
What is the basis for processing of your Personal Data?
We process your Personal Data in accordance with the provisions set out in the GDPR and the relevant applicable Data Protection Laws and Regulations. The legal basis for processing your Personal Data are:
1. To comply with contractual obligations.
When you subscribe to a particular service through this website, the purposes of processing your Personal Data are primarily determined by that service and we will process your information so that we can provide that service to you.
2. As a result of your consent.
When you have consented to the processing of your Personal Data by us for certain services through the website, you can withdraw consent at any time by following the instructions provided in the application process or by contacting us at email@example.com. For further information on the right of withdrawal, please see below relevant section.
3. Within the scope of a legitimate interest.
On occasion we may not need your consent to use your data, given our legitimate interest to do so but we must inform you that we do this; examples of this are:
- For the analysis and optimisation of the Website.
- For ensuring IT security and the IT operation of ES Systems.
- For prevention and investigation of criminal acts.
4. On the basis of ES Systems’ legal obligations or in the public interest.
ES Systems, as any other company, is subject to legal obligations and regulations. In some cases the processing of your Personal Data will be necessary for ES Systems in other to fulfil these obligations.
Who will receive your Personal Data?
- Authorised persons working for or on behalf of ES Systems;
- Our agents, service providers and advisers (e.g. Third party service providers and advisers providing the variety of products and services we need such as IT maintenance and support, procurement services, compliance and security services, etc.);
- Law enforcement or government authorities where necessary to comply with applicable law.
For how long will your Personal Data be stored?
We process and store your Personal Data as long as it is required to meet our contractual and statutory obligations. If your Personal Data is no longer required for the performance of the contractual or statutory obligations, these will be erased on a regular basis unless further processing is necessary, for instance, for preserving particular evidence under the applicable Data Protection Laws and Regulations, or in the context of legal statutes of limitation.
Where we store your Personal Data?
The data we collect from you is stored in ES Systems facilities in Greece or its trusted service providers. However, said data may, at any moment, be transferred to, accessed from, and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff members operating outside the EEA who work for us or for one of our service providers.
ES Systems transfers personal data outside of the EEA only in a secure and lawful way. As some countries may not have laws governing the use and transfer of personal data, we take steps to make sure that third parties adhere to the commitments set out in this Policy. These steps may include reviewing third parties’ privacy and security standards and/or entering into appropriate contracts (based on the template adopted by the EU Commission).
We use technical and organisational security measures in order to protect the data we have under our control against accidental or intentional manipulation, loss, destruction and against access by unauthorised persons. Our security procedures are continually enhanced as new technology becomes available.
What are your rights and how to exercise them?
You may at any time exercise your data protection rights:
- Right to access/obtain a report detailing the information held about you: You have the right to obtain confirmation as to whether or not your Personal Data is being processed by ES Systems and if so, what specific data is being processed.
- Right to correct Personal Data: You have the right to change any inaccurate Personal Data concerning you.
- Right to be forgotten: In some cases, for instance, when the Personal Data is no longer necessary in relation to the Purposes for which they were collected, you have the right for your Personal Data to be erased.
- Right to stop the processing of your data: You have the right to restrict the processing of your Personal Data by ES Systems, for instance when the processing is unlawful and you oppose the erasure of your Personal Data. In such cases, your Personal Data will only be processed with your consent or for the exercise or defense of legal claims.
- Right to data portability: Under some circumstances provided by law, you have the right to receive the Personal Data concerning you in a structured, commonly used and machine-readable format and/or transmit those Personal Data to another data controller.
- Right to object and to withdraw consent: Your withdrawal may occur at any time and you will be made aware of this right before giving consent. It is “as easy to withdraw as to give consent” and we make the withdrawal process clear from the outset.
If you have any inquire on the above or you wish to raise an objection to the processing of your Personal Data, please contact ES Systems in writing either by e-mail at the following address: firstname.lastname@example.org or at ES Systems S.A., 57 I. Metaxa str., P.C. 194 41, Koropi, Greece, Phone: 2162000500
Can I ask for assistance to the competent authorities?
If you remain unsatisfied, then you have the right to apply directly to the Hellenic Data Protection Supervisory Authority:
Hellenic Data Protection Authority (HDPA)
Postal Address: Data Protection Authority Offices: Kifissias 1-3, 115 23 Athens, Greece
Call Centre: +30210 6475 600 Fax: +30210 6475 628
- What are cookies ?
Personal details can be saved in cookies, provided that you have consented. For example, cookies may be used to facilitate secure online access so that you do not need to enter your user ID and password again.
- How can you disable or delete cookies?
If you choose not to accept cookies, you can still access and use our website. Most browsers automatically accept cookies. You can prevent cookies from being stored on your device by setting your browser to not accept cookies. The exact instructions for this can be found in the manual for your browser. You can delete cookies already on your device at any time. However, if you choose not to accept cookies that are strictly necessary for the provision of our services provided by our Website, it may result in a reduced availability of such services.
For the purpose of statistical analysis, we use analytics tools such as Adobe Analytics, or Google Analytics. You may object at any time to the collection and analysis of statistical data regarding your access to and use of our website by contacting us using the “contact us” function within our Website.
LINKS TO THIRD PARTY SITES AND SOCIAL LOGIN
Our website may from time to time contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we are not responsible or liable for these policies. Please check these policies before you submit any personal data to these websites.
SOCIAL MEDIA AND USER GENERATED CONTENT
Please remember that any content submitted to one of our social media platforms can be viewed by the public, so you should be cautious about providing certain personal data e.g. financial information or address details. We are not responsible for any actions taken by other individuals if you post personal data on one of our social media platforms and we recommend that you do not share such information.