Privacy Policy – Updating Data Subjects for the processing of their data
based on EU Regulation 2016/679 and related Greek legislation

 

IT company DWHITE is committed to protecting the personal data of its customers and employees. It is committed to protecting the confidentiality and privacy of the information provided to it and is in compliance with applicable Data Protection Law.

The aim of the company is to ensure the best possible service to its customers, while keeping their personal data secure, as defined below.

As part of this fundamental obligation, the company is committed to protecting and using, as appropriate, the personal data collected with the consent of the data subjects. We collect personal data solely for the purpose of fulfilling our purpose and only the personal data voluntarily provided by the subjects.

The privacy policies and practices of the company are described below and the privacy policy applied covers all the activities of the company related to the collection and processing of personal data.

The subjects of personal data are requested to study this Privacy Statement in order to know about the type of information collected and how it is stored, used and protected throughout the duration of any contracts with subjects and accomplishing any other required purpose.

 

1. Collection and Use of Personal Data

The personal data is collected with the express consent of the subjects, which is given by the subjects before any processing or collection of their personal data is carried out. The aforementioned consent clearly informs the data subjects, in accordance with the provisions of the current Personal Data Protection legislation, that the personal data will be collected and processed in order to fulfill the intended purpose and informs the subjects of all recognized rights, which they can exercise.
The data collected are as follows:

  • Identification data: full name, ID, tax registration number, gender, etc.
  • Contact details: postal and email address, telephone number etc.

It is clarified that the personal data of the subjects are not used for any purpose other than those pursued by the company and the subjects, which expressly consent to the collection and processing of their data.

 

 

1.2 The legal basis for the use of the Subjects’ Personal Data.

The company collects only the personal data necessary to satisfy the demands of its customers, and in the case of employees, it is specified that we keep records of their personal data for payroll and social security purposes in accordance with applicable laws. Also, personal data is obtained from CVs, which we collect for the purpose of offering a job to our company, after previously the subjects, ie the candidates, explicitly consent to the provision of the necessary personal information in order to be subsequently interviewed and decided if they will be recruited.

Greek and European law allows our company to process personal data, provided it has the legal basis to proceed. In addition, the reasons for such processing may be disclosed to the subjects. Of course the legal basis is the prior consent given, and any subsequent contracts and transactions, in which the parties are required to disclose certain personal information.

 

 

1.3 Where and how the Personal Data of the Entities is collected.

The personal data is collected either manually and by direct physical presence of the subjects in the company, by fax or by mail to the company or electronically by e-mail or telephone.

 

 

2. Time of Retention of Subjects’ Personal Data.

The company retains your data immediately after collection and retains it in this form for a limited time only for the agreed purposes. Specifically, employee data will be retained for as long as the employment contract is active, while customer data will be retained for as long as is only required for the period during which the relevant transactions between the company and the customer take place.

After the above intervals, the personal data of the subjects will be destroyed and will not be used for any purpose whatsoever. We also assure you that this particular data is not transmitted to any third party, as access to the files, which include the data of the data subjects, is restricted solely to authorized people who have assumed the role of processor.

 

 

3. Rights of Data Subjects and how they can be exercised.

Each subject, if he expressly consents to the processing and collection of his personal data and subsequently accepts the above actions, has the following rights:

  • The right of access and information on the manner and purpose of their processing and storage.
  • The right to complete and / or correct inaccurate or incomplete data in order to keep the record maintained complete and accurate.
  • The right to request a restriction on the processing of data or even a refusal to object to any further processing.
  • Right to delete data (right to be forgotten), provided that either the expiry date has been exceeded, or data that the subject does not wish to process.
  • The right to data portability, ie to receive data in a format that supports their transfer to another Controller.
  • The right to withdraw consent at any time.
  • Finally, the right to file a complaint to the Data Protection Authority (www.dpa.gr) if the subject considers himself or herself to be infringed in any way whatsoever..

Contact for the exercise of these rights may be made to our company by phone at 2310474381, or by e-mail at dpo@dwhite.eu.

Our company will take all possible measures to satisfy the requests of the subjects and will respond within a reasonable time and only if this is not possible, will inform the necessary extension.

 

 

4. Protection of the Subjects’ Personal Data.

Our company applies appropriate technical and organizational measures to ensure an adequate level of security appropriate to address the risks and to provide the best possible protection of Data subject to the latest technology.

As part of the company’s use of computers, specific technologies and procedures are used to enhance the protection of the data against loss or misuse, as well as to protect against unauthorized access, disclosure, modification or destruction.

To this end, if any visitor / user becomes aware of any unlawful, malicious, inappropriate or improper use of personal data, he / she must immediately notify the company.

 

 

5. Where can you address any issues regarding the processing of your personal data?

If you have any questions, comments or issues regarding the management or protection of your personal data by company or if you wish to modify your personal data or exercise any of your rights as a data subject, please contact us at the following email address: dpo@dwhite.eu.

 

 

 

Top