Update on the Processing of Personal Data
We would like to inform you that for the iotsoft the protection of personal data is of paramount importance. For this reason, we take appropriate technical and organizational measures to protect the personal data we process and to ensure that the processing is always carried out in accordance with the obligations imposed by the legal framework, both by the company itself and by third parties that process personal data on behalf of the company.
This Privacy and Data Protection Policy applies to the services we provide to our customers, to communications and promotions for any interested party and to the website www.iotsoft.gr and its online services.
What is GDPR
The General Data Protection Regulation (GDPR) 2016/679 is the new regulatory framework of the European Union (EU) in this area. The object of the law is to establish the conditions for the processing of personal data, the protection of the rights and freedoms of natural persons, in particular the right to protection of personal data.
Controller or Processor
The company with the distinctive title "iotsoft", located at Poseidonos 6A, Panorama 25100 Aigio, with e-mail contact [email protected] and tel: +302102208768 as legally represented, informs that, for the purposes of carrying out its business activities, it processes the personal data of its customers in accordance with the applicable national legislation and the European Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as the "Regulation") as applicable. The company iotsoft, depending on the specific characteristics of the contract it signs with its customers, may act sometimes as controller and sometimes as processor.
When the company iotsoft determines itself the purpose and manner of processing of the personal data it manages (e.g. in relations with its employees, in the manner of processing the contact details of its customers) then it acts as a controller, in accordance with Art. 7 of the GDPR.
When the company iotsoft acts as a service provider to the customer by offering IT systems implementation and support services and thus processes personal data on behalf of its customer, then it is considered as a processor pursuant to Art. 8 of the GDPR, while its customer is considered to be the controller of the processing of personal data. The company is subject to the provisions of Article 4(4) of the GDPR. iotsoft, when acting as a processor is committed to its client-processor to take the necessary technical and organizational measures to be able to guarantee the protection of the personal data it processes, in accordance with the requirements of the GDPR.
For any matter relating to the processing of personal data, please contact the Data Protection Department and the Data Protection Officer (DPO) of iotsoft, to the following contact details:
email: [email protected]
Telephone: +302102208768
What categories of personal data we process and for what purpose
We process your personal data only for legitimate purposes.
The legal basis for the above processing is the performance of our contractual obligations (GDPR Article 6(1)(b)), in case there is a contract between us and the above service is provided in the context of that contract or in case we are in negotiations for the conclusion of a contract between us or your explicit and free consent (GDPR Article 6(1a)).
The legal basis for the above processing is the performance of our contractual obligations (GDPR Article 6(1)(b)), in case there is a contract between us and the communication is made in the context of the contract and the legitimate interest of our company (GDPR Article 6(1)(f)), which consists in the need to promote its business, when the communication is made to our potential customers.
The legal basis for the above processing is the performance of our contractual obligations (GDPR Article 6(1)(b)).
The legal basis for the above processing is the performance of our contractual obligations (GDPR Article 6(1)(b)).
Your subscription to the Newsletter is done through a double opt-in process, where your explicit contribution to the sending of newsletters about products-services, new companies and trends in the IT and Communications sector is guaranteed (as controller)The personal data registered in our information systems for the above purpose are: name, email, mobile/landline phone.
The legal basis for the above processing is your expressed and free consent (ΓΚΠΔ άρθρο 6 παρ.1ά)).
Read Cookies Policy
Νομική βάση για την ανωτέρω επεξεργασία είναι το έννομο συμφέρον της εταιρείας μας (ΓΚΠΔ άρθρο 6 παρ.1΄στ).
Η νομική βάση για τη συγκεκριμένη επεξεργασία, είναι η συμμόρφωση της εταιρείας με έννομη υποχρέωση (ΓΚΠΔ άρθρο 6 παρ.1΄γ) και συγκεκριμένα με φορολογική υποχρέωση.
Παιδιά
Με την παροχή της συγκατάθεσής σας δηλώνετε υπεύθυνα πως είστε άνω των 16 ετών. Εάν είστε κάτω των 16 ετών, μπορείτε να χρησιμοποιήσετε την ιστοσελίδα μας και τις υπηρεσίες της μόνο με τη συμμετοχή και την έγκριση ενός γονέα ή κηδεμόνα.
Πώς και γιατί χρησιμοποιούμε τα προσωπικά δεδομένα σας
Ενδέχεται να χρησιμοποιήσουμε τις πληροφορίες που συλλέγουμε για τους παρακάτω σκοπούς:
Πού κοινοποιούνται τα προσωπικά σας δεδομένα
Through the website, iotsoft ενδέχεται να διαβιβάζει τα προσωπικά δεδομένα που παρέχονται από τα φυσικά πρόσωπα σε τρίτους στις παρακάτω περιπτώσεις και για συγκεκριμένους σκοπούς.
Personal Data Storage Period
The period of data storage is decided based on the following specific criteria depending on the case:
When the processing is imposed as an obligation by provisions of the applicable legal framework, your personal data will be stored for as long as the relevant provisions impose.
When the processing takes place during a contract, your personal data is stored for as long as it is necessary for the execution of the contract and for the establishment, exercise, and/or support of legal claims based on the contract.
When the processing carried out is based on your consent, your personal data is kept until it is revoked. This can be done by you at any time. The withdrawal of consent does not affect the lawfulness of the processing that was based on the consent during the period before its withdrawal.
Personal Data Security
Through the website, iotsoft implements appropriate technical and organisational measures to ensure the secure processing of personal data and to prevent accidental loss or destruction and unauthorised and/or unlawful access, use, modification or disclosure. In any event, the way the Internet works and the fact that it is free to anyone does not allow guarantees to be given that unauthorised third parties will never be able to breach the technical and organisational measures in place, gaining access and possibly using personal data for unauthorised and/or illegitimate purposes.
In cases where, either due to the use of new technologies or due to the large-scale processing of special categories of data, it may entail a high risk to the rights and freedoms of our customers, the iotsoft before carrying out such processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data (DPIA).
Actions in the event of a breach of your personal data.
In the event that a breach of your personal data is detected and this breach may cause a risk to your rights and freedoms, iotsoft, when acting as a controller, undertakes to notify without delay and, if possible, within 72 hours from the moment that becames aware of the fact of the violation, to the Personal Data Protection Authority. When iotsoft acts as a processor, it undertakes to notify the incident of the breach of your personal data to the controller without delay. If it is indeed an increased risk to your rights, iotsoft will be quick to inform you about it, unless, using the appropriate technical and organizational means at its disposal, it manages to eliminate the risk.
What are your rights in relation to your personal data
Any person whose data is processed by the iotsoft has the following rights:
Right to Information:
You have the right to be informed about the identity and contact details of us, or our representatives, the contact details of the data protection officerDPO), the purposes of the processing for which the personal data is intended, as well as the legal basis for the processing, the recipients or categories of the recipients of the personal data. Within the framework of the principle of transparency that governs the operation of our company, you can contact us requesting further information on how your personal data is processed and how to exercise your rights by submitting the respective requests. Your requests will be answered without delay in any case within a month from your request. This time frame can be extended by two more monthsif necessary, taking into account the complexity of the request and the number of requests.
Right of access:
You have the right to be aware of and verify the lawfulness of the processing and to ask us for copies of the personal data processed. Therefore, you have the right to access the data and to obtain additional information about the processing. You also have the right to access more specific information on the content and how to exercise your individual rights.
Right to rectification:
You have the right to review, correct, update or modify your personal data
Right to erasure:
You have the right to request the deletion of your personal data when we process it on the basis of your consent or in order to protect our legitimate interests. In all other cases (such as, but not limited to, where there is a contract, an obligation to process personal data imposed by law, public interest), this right is subject to specific limitations or does not exist as the case may be (e.g. we are entitled to refuse to erase your personal data for the purpose of establishing, exercising or supporting our legal claims).
Right to restrict processing:
You have the right to request restriction of the processing of your personal data in the following cases: (a) when you dispute the accuracy of the personal data and until verification, (b) when you oppose the erasure of personal data and request the restriction of their use instead of erasure, (c) when the personal data are not necessary for the purposes of processing, but are necessary for the establishment, exercise, support of legal claims, and (d) when you object to the processing and until verification that there is no personal data.
Right to object to processing:
You have the right to object at any time to the processing of your personal data where, as described above, it is necessary for legitimate interests pursued by us as data controllers, as well as to processing for direct marketing purposes. In particular, you have the right to object to any decision taken solely on the basis of automated processing, including profiling, which produces legal effects concerning you or significantly affects you. By way of exception, you may object to automated decision making that concerns you, where that decision is either necessary for the conclusion or performance of the contract we have entered into with you or is based on your explicit and free consent.
Right to portability:
You have the right to receive, free of charge, your personal data in a format that allows you to access, use and process them by commonly used processing methods. You also have the right to ask us, where technically feasible, to also transmit the data directly to another controller. This right exists for data that you have provided to us and is processed by automated means on the basis of your consent or in performance of a relevant contract.
Right to withdraw consent:
Finally, the iotsoft informs you that where processing is based on your explicit and free consent, you have the right to freely withdraw it, without prejudice to the lawfulness of the processing based on your consent, before you withdraw it.
To withdraw your consent, you can contact the Personal Data Protection Department of iotsoft, to the following contact details:
email: [email protected].
In case you wish to contact the Data Protection Officer (DPO)
email: [email protected] and phone: +302102208768
You can also use the unsubscribe options by clicking on the corresponding link in our electronic communications.
Right to complain to the CPVO
In the event of a breach of your personal data, you have the right to lodge a complaint with the Personal Data Protection Authority (www.dpa.gr): Call Centre: +30 210 6475600,
Fax: +30 210 6475628,
E-mail: [email protected].
Update date: 12/08/2022
This will close in 0 seconds