PRIVACY AND DATA PROTECTION POLICY

1. A brief overview of our policy

Our company (henceforth referred to as the “Company”) provides private security services. The company is based in Athens (Christou Lada 5-7, postcode: 10561) and has a web page (https://www.group1.gr/) through which it promotes the services it provides and maintains a communication form (henceforth referred to as the “Website”).

The present Privacy Policy of the Company, in its capacity as a Data Controller, applies exclusively to natural persons conducting business with the Company and pertains to the Processing of personal information, in accordance with the General Data Protection Regulation (EU) 2016/679 (henceforth referred to as “GDPR”), the relevant applicable Greek legislation and the decisions and recommendations of the Hellenic Data Protection Authority.

The term Personal Data encompasses any piece of information which may lead to the identification of a natural person (e.g. a name, an identity card number, etc.) (henceforth referred to as “Personal Data”). Our Company processes (i.e. collects, stores and uses) non-sensitive Personal Data, which you have voluntarily imparted or are going to impart, solely for the provision of its services and for the promotion of the (new) services it delivers. Your explicit consent is required for the collection, storage, transfer and use of your Personal Data. 

The Company guarantees that your Personal Data are securely stored and that they are not forwarded to third parties. At any given time, you have the right to inquire about and have access to your Personal Data, to update and/or correct them, to request their partial or complete deletion, to restrict processing in general or for commercial purposes and to withdraw your consent at any time via a statement addressed to the Company.

In regard to any issue concerning the processing (i.e. the use, collection, transfer and storage, henceforth referred to as “Processing”) of your Personal Data and relating to the Company’s Privacy and Data Protection Policy (henceforth referred to as “Privacy Policy”) you can contact the Company via telephone (+30 210 3211892), mail (Christou Lada 5-7, postcode: 10561) or email (GROUP1SEC@GMAIL.COM).

The Company reserves the right to amend, readjust and update this Privacy Policy periodically by posting a new version on its website.

If you do not endorse the conditions of personal data protection stipulated herein, you ought not to use the Company’s services. You are not obliged to impart the personal information which is requested, but if you choose to omit this action, in many cases we will not be able to do business with you and/or provide you with our services. 

2. The purpose of this Privacy Policy

The protection of your personal information is important to the Company. This Privacy Policy informs you of the Company’s data collection practices, including the categories of data it is likely to collect, maintain and process, the purpose of their collection, the categories of people to whom the data is imparted, as well as your rights. The Company makes every effort to protect your personal data, on condition that the personal information you provide is accurate and true.

In addition, it outlines some of the security measures taken by the Company in order to protect the confidentiality of the data and it offers certain guarantees regarding personal data categories and types of processing that the company has chosen not to employ.

3. The Company’s commitments

The Company considers that protecting the privacy and data of its clients is of the utmost importance and is therefore committed to providing all clients with personalised services which fulfil their requirements while safeguarding their privacy.

The personal information (personal data) collected is used exclusively by the Company and its authorised employees and associates in order to meet your requirements and better serve you, in accordance with this privacy policy. The people managing personal information have been trained in the use of appropriate procedures. The Company’s representatives and service providers keep your personal information confidential and do not use it for any purpose other than those that serve the provision of specific services by us.

The Company collects and uses information on the individuals with whom it does business in order to operate and perform its activities. These individuals may include the general public, former, current or future employees, clients, suppliers and people who use our services. The Personal Data in question are handled and treated in an appropriate and lawful manner, regardless of the method utitlised to collect, record and use them, whether in printed form or recorded on a computer or on other media.

Every Executive of the Company is responsible for observing this Privacy Policy within the scope of their functional or operational responsibilities, setting an example and giving instructions to the Data Users in their department. All Data Users are responsible for following the principles and rules stipulated in this Policy and are expected to be able to acknowledge whether they are collecting, processing, imparting or using personal Data. Data Users must be aware of the general conditions and principles governing the observance of confidentiality regarding Personal Data and they must know when to forward issues to the Data Protection Officer.
DETAILED INFORMATION

with regard to our Privacy Policy
Ι. Giving and Withdrawing your Consent The Company has obtained your consent to the collection, processing, usage and storage of your Personal Data. Your Personal Data will not be used for any purpose other than those that are described in this Privacy Policy, unless we have your prior permission or it is required or permitted by law. If you disagree with any part of this Privacy Policy, you are requested not to consent to the collection and processing of your Personal Data.

Keep in mind that you have the right to withdraw your consent at any time by means of a statement addressed to the Company either via mail (Christou Lada 5-7, postcode: 10561) or via email (GROUP1SEC@GMAIL.COM).
ΙΙ. Collecting and Processing Personal Data The Company processes (collects, transfers, stores and uses) your Personal Data, which you voluntarily impart when the Company provides private security services to you, when you contact us in order to secure our services for yourselves or for a third party, when you fill in the electronic form available on the Company’s web page (https://www.group1.gr) or when you email us in order to gain information or to use our services.

The Company is likely to collect, store and use the following Personal Data:

Ø Identification Data full name, date of birth, telephone number
Ø Contact information postal address, email address, telephone number
Ø Transaction Data TIN, type, place, time of provided products or services
Ø Contractual Relationship Data contractual documents, information and consent forms, opt-in forms
Ø Trading Behaviour Data information concerning interests, preferences and participation in events, competitions and surveys

The Company neither collects nor gains access to special categories of sensitive personal information of its clients, such as data that reveal one’s racial or national origin, political beliefs or participation in trades unions, religious beliefs, sexual orientation and sex life, as well as genetic data, health information and data regarding criminal convictions and offences.

The Client must not divulge such information relating to their person or to third parties. Should a Client divulge such information to the Company, it will be erased as soon as it comes to our attention. The Company is not accountable to clients or third parties for the provision and/or processing of sensitive information which is due to actions or omissions of clients in contravention of the above-mentioned obligation.

In addition, the Company neither collects nor processes the personal data of minors, unless there is a specific reason (e.g. a life and health insurance policy for its employees and their family members), in which case it will contact the child’s parent or guardian and secure their consent before proceeding.

For the purpose of providing security and surveillance services, the Company may record on video or audio tape or take photographs of public or private property subsequent to a written commission awarded by a competent private or public body. The collection of the above-mentioned personal data is regulated by the relevant GDPR directives regarding the protection of personal data, by the decisions and recommendations of the Hellenic Data Protection Authority and other relevant domestic laws and regulations and by this Privacy Policy; it is, at the same time, the responsibility of the party that awards the commission to the Company.
IΙΙ. The purpose of Personal Data use The Company collects, uses and stores your personal Data for the following reasons:

Ø Provision of services/ fulfilment of a contract: The Company uses your Personal Data in order to provide personalised information and to fulfil Contracts it has entered into with you (e.g. contracts with Clients, employees, associates, suppliers, etc.).

Ø  Transactions: The Company may use your personal data in order to conduct transactions with you, such as payments, etc.

Ø Promotion/ Information: The Company promotes and provides information on its (new) services and offers, mainly via its Website or by sending you special informational forms and/or brochures in print or as email messages.

Ø Legal use: The Company may collect, store, divulge and process your personal information when this is required by the General Data Protection Regulation and/or by law or when it is necessary in order to protect or defend its interests and your own.
ΙV. Personal Data Transfer Access to your Personal Data is granted exclusively to authorised employees and associates of the Company within the bounds of their responsibilities to allow the correct execution and fulfilment of the purposes of the use, collection and storage of these data, as stipulated herein.

The Company neither transfers nor discloses your Personal Data to any third party (legal entity or natural person), unless this is required by domestic legislation or by the Judicial Authorities.
V. Personal Data Protection The Company has taken the appropriate legal, operational and technical measures to protect your Personal Data against loss, misuse, tampering, alteration, unauthorised dissemination or access, as well as illegal processing and use. Our security measures are regularly reviewed and reformed with the aid of the latest technological advances.
VI. Personal Data Retention Period The Company retains your Personal Data for as long as it deems necessary to fulfill the purpose for which they were collected, that is to say any length of time necessary for the provision of its services and/or the fulfilment of its business goals, as well as for legal purposes in accordance with applicable laws.
VII. Changes to this Privacy Policy The Company reserves the right to amend this Privacy Policy at its discretion in accordance with relevant legislation. In the event of any amendment to this Privacy Policy the Company will record the date of the amendment in question herein. In the case of significant amendments to this Privacy Policy, the Company will undertake to post a relevant announcement on its Website and to inform you via email.
VIII. Internet/ Website Use If you contact the Company via the Internet, we may occasionally email you regarding our services and products, provided we have obtained your consent to do so.

The Company’s website (https://www.group1.gr) does not keep records of data pertaining to its visitors. In addition, cookies (i.e. small text files usually stored in the visitor’s browser while they are browsing a website to record their activity) are not part of our policy regarding contact with visitors.

Contact via our web page: If a user contacts us via the contact form or in any other way, the provision of their personal data is voluntary and exclusively of their own volition. We will process these data only to the extent that it is necessary for communication purposes.

Special Categories of Data: You are kindly requested not to disclose sensitive personal information by email or via our website. The processing of personal data of this category does not serve the above-mentioned purpose of processing in any way.
ΙΧ. Receiving a CV

 

 

 

 

 

 

 

 

 

 

 

 

X. Your Rights as Data Subjects and How to Exercise them

 The data mentioned in the CV, the job application and accompanying documents are collected by the Company directly and only from the applicant, as they are indispensable for assessing his or her suitability for the post. Moreover, by voluntarily submitting or sending the personal data contained in the above-mentioned CV and accompanying documents, the applicant consents to the collection, storage, usage, processing and transfer of these data for the purposes explained in the present policy. The Company takes all necessary (technical and so forth) measures to ensure the secure processing of the applicant’s personal data contained in the submitted CV and job application.

Access to the personal data contained in the CV and in the application form is granted only to the Company’s authorised personnel. With reference to the personal data provided by the applicant upon sending in or submitting a CV and an application form, they are processed with the purpose of entering into a contract of employment at the request of the applicant, checking his or her qualifications prior to signing a contract, using the minimum amount of processing to assess the CV and whether its content is compatible with the requirements of the position, as well as defending the Company’s interests.

The data contained in CVs sent or submitted by unsuccessful applicants will be destroyed/ deleted/ anonymised securely and in no more than six months after the position has been filled, unless the Company is entitled or required by law to retain them.

As data subjects you have the following rights deriving from GDPR directives and the applicable legislation. More specifically, you have:

Ø The right to access your Personal Data, the purpose of the processing, the relevant personal data categories, the recipients or categories of recipients of these data, as well as the time frame for their storage.

Ø The right to correct inaccurate Personal Data and to fill in incomplete information.

Ø The right to erase any Personal Data relating to you.

Ø The right to restrict the processing of your Personal Data.

Ø  The right to lodge a complaint with the competent supervisory authority in relation to the protection of your Personal Data, namely the Hellenic Data Protection Authority (for further information please visit the website of the DPA www.dpa.gr). 

Ø The right to take legal action in case of a data breach affecting your Personal Data.

Ø The right to withdraw your consent regarding the processing of your Personal Data (without retrospective effect).

In other words, you have the right to receive free information regarding the stored Personal Data which concern you upon request, to raise objections to the processing of your Personal Data for future use, as well as to withdraw your consent. Moreover, you have the right to correct the data in question, to restrict their processing and transfer, to erase them and to lodge a complaint with a supervisory authority.

In order to exercise your rights you can send us a relevant request either via mail (Christou Lada 5-7, postcode: 10561) or via email (GROUP1SEC@GMAIL.COM) titled “The exercise of the right to access/ correction/ erasure/ restriction/ objection/ withdrawal of consent” and containing a description of your request. We will examine it and reply as soon as possible.

The Company has the right to refuse your request wholly or partly if this refusal is imposed by applicable laws or if it is necessary in order to establish, exercise or defend the Company’s legal rights.

The Data Protection Officer appointed by the Company is Triantafyllia Kiourktsidou who can be reached by email at t.kiourktsidou@gmail.com

If you have any questions or recommendations, you can send them to the address mentioned below. Developments in the field of Personal Data Protection necessitate amendments to our regulations regarding the protection of these data. The Company reserves the right to effectuate any appropriate amendments to the regulations in question at any given time. Contact address: Christou Lada 5-7, Athens, postcode: 10561