1. Introduction
In Odyssea, we respect the privacy of individuals and we are committed to the security and protection of the personal information of the visitors to our website www.platform.odyssea.com.
The present Privacy and Cookie Notice has been prepared based on the provisions of the applicable data protection legislation, including Art. 13/14 of Regulation (EU) 2016/679 (“General Data Protection Regulation”) and the Greek L.4624/2019. You should read this Notice in order to fully understand the legal basis for collecting your personal information upon your access, use or navigation of our Website, how we use it, to whom we may transfer it and the relevant rights you may have regarding it.
The present Notice forms an integral part of our Website Terms of Use. This Notice relates solely to the navigation on the Website, if not stated otherwise within this document, and does not apply to your use of any of our other Services, including but not limited to the access to the Odyssea Platform registered user area which might be subject to different Notice as described therein.
We will always keep your personal data safe and comply with all applicable data protection provisions as each time in force. We shall not at any time, receive from you more personal data than what is necessary for each purpose for which they are collected, and we will not use or share your information with anyone except as described in this Privacy and Cookie Notice.
We may update the present Notice at our discretion, from time to time, for example to comply with new obligations imposed by the applicable laws or technical requirements, and therefore we ask you to check periodically for the latest version of the Notice, as indicated in the “Effective Date” at the bottom of the page. If there will be any significant changes made to the use of your Personal Information (as defined herein) in a manner different from that stated at the time of collection, we will notify you by posting a notice on our Website or by sending you an e-mail.
Data Controller:
The Data Controller for the collection, processing and use of your personal data within the meaning of the applicable legal and regulatory framework is: The Company under the trade name: ONTISI A.M.K.E., having its registered office in Athens, Greece (8A Karditsis str, 10440) with General electronic Commercial Registry No. 137879803000 (hereinafter referred to as “Odyssea”, “Company” “we”, “us”, “our”).
2. Personal Data We May Collect About You:
Personal data is any information related to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly. Such data do not include information that is anonymous.
We may collect and process the following types of personal data about you, as described in this Notice, including:
• Data collected directly by you: Personal data such as your name, surname, e-mail address, or any other information about you that might be contained in communications you send to us for inquiries, complaints and other requests through our channels of communication (using the contact form available on our Website).
• Data collected automatically using cookies or other tracking technologies: Our website may drop cookies on its visitors for the sole purpose of ensuring its proper operation and to make our website work efficiently and enable users to browse around the website and use its various features efficiently; For more details on the data we collect automatically, through cookies, – or other similar tracking technologies – by our Website please see the Section 8 below.
3. For what purposes we collect information about you and on what legal basis?
In general, whenever we process personal data, we do so on a lawful legal basis for such processing. We may process Personal Data relating to our Users solely if one of the following applies:
• If processing is necessary for our legitimate interests (or interests of a third party) that are not overridden by your interests and fundamental rights, including indicatively the operation, maintenance, security and the improvement of our Website and of the users’ experience, the processing of your inquiries or the establishing, exercising or defending of legal claims. In these cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in “Your Rights” section below;
• If processing is based on users’ prior explicit consent for one or more specific purposes.
• If processing is necessary for compliance with a legal or regulatory obligation to which we are subject (e.g. the disclosure of information to law enforcement or tax authorities or subject to any auditing inspection in connection with the charitable character of our organization).
• If use of your Personal Information is necessary for the performance of any agreement, we have concluded with you and/or for any pre-contractual obligations thereof;
In any case, we will gladly help to clarify the specific legal basis that applies to the processing, so if you would like to find out more about the legal basis for which we process Personal Information please contact us.
4. With whom we might share personal information?
We may share personal data and information we collect about our users, in accordance to the present Notice, with third parties in the context of the general operation and functioning of our website and always in a way that guarantees that your personal data and the information that we collect about you is not subject to any unlawful processing, i.e. is not being processed for purposes other than the following purposes:
• With third-party subcontractors and/or our service providers who may provide on behalf of our Company technical and operational services, such as but not limited to hosting, technical support, and e-mail delivery services or other support services from time to time, strictly for the purpose of providing their services to us, appointed, if necessary, as our Data Processors.
• With our consultants (including financial, legal and other consultants, donors) within the context of our Company’s lawful operation and subject to any accountability or auditing obligations we may have.
Furthermore, we will also respond to requests for personal data where required to do so by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.
5. Transfer of data outside of the European Economic Area (E.E.A.)
We process your personal data at our operating offices and in any other place where the parties involved in the processing, such as our subcontractors, are located. As a result, depending on the User's location, data transfers may involve transferring of User's Data to a country other than their own. If such transfer takes place to a third-country outside of the EU/EEA area in the context of and for the needs of the above-mentioned purposes, and the third country does not provide an adequate level of security of the personal data, the personal data will be transferred to that country only if the protection of data is guaranteed by a data transfer agreement based on Standard Contractual Clauses (2010/87/EC and/or 2004/915/EC) or by any other condition explicitly provided by European or local law.
6. Retention time (How long do we keep your data?)
We will store your Personal Information for as long as it is reasonably necessary for the purposes for which it was collected, as explained in this Privacy and Cookie Notice, or until a consent given by you gets revoked and you request their deletion (if this happens earlier), unless we are required to retain data for longer period of time for the performance of a legal regulatory, tax or accounting obligation or upon order of an authority. Notwithstanding the previous sentence personal data collected for the purposes of our legitimate interests might be retained as long as needed to fulfill such purposes.
Once the retention period expires, Personal Data will be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
7. Cookies
Our Website uses cookies, therefore when you visit the website, a cookie may be installed in your device. Generally, a cookie is a small amount of data file that is sent to a user’s browser from a web server and stored on the user’s computer’s hard drive, in order to allow a website to recognize the user when he returns to the website using the same computer and web browser, either for the duration of his visit (a “session cookie”) or for repeat visits (a “persistent cookie”). The session cookies are stored in the user’s device until log out, until the user leaves a webpage or until the software (web browser) is disabled while the persistent cookies remain on the user’s device until deleted or once they reach a defined expiration date.
Cookies set by the owner of a website are called “first party cookies”. Cookies set by other parties are called “third party cookies”.
We do not use automated decision-making without human intervention, including profiling in a way that produces legal effects concerning you or otherwise significantly affects you.
Please see below the list of the First-Party we use:
| Source | Cookie ID | Type purpose | Retention time | Opt-out |
|---|---|---|---|---|
| Odyssea | has_js | Strictly necessary cookies are essential for the proper operation of the website, are used to help make our website work efficiently and enable you to browse around our website and use its features; | Per session | Because strictly necessary cookies are essential to operate the website and its services, you cannot opt out. |
In any case, most browsers provide settings on managing cookies. These settings may vary depending on the type of browser you are using. Depending on the settings provided by your browser, you may allow cookies to be installed, you can disable the existing cookies or be notified every time a cookie is placed on your computer/device. You can find instructions for the management and deletion of Cookies in the “Help”, “Tools” or ‘Edit” functions within your browser.
Please note that if you reject or disable the Cookies of our websites, you may find that certain sections of our website do not work properly.
8. Security
We take and maintain appropriate technical and organizational security measures designed to prevent and reduce the risk of unauthorized access, disclosure, modification, or accidental destruction of personal information, appropriate to the nature of the information concerned. We also require our service providers to comply with strict data privacy and security requirements. While we take reasonable steps to protect your personal data, as the security of information depends in part on the security of the computer you use to communicate with us and the security you use, you accept the inherent security implications of dealing on-line over the Internet and will not hold us or our data processors responsible for any data breach unless it is due to our negligence. For the best possible protection of your personal data outside the limits of our control, your device should be protected (such as by updated antivirus systems) and your internet service provider should take appropriate measures for the security of network data transmission (such as, for example, firewalls and anti-spam filtering).
9. Your rights
Our website Users residing in the European Economic Area may exercise certain rights regarding their personal data processed by us:
| Right of information | We must provide you with all the necessary information regarding the processing of your personal data (including as to what data are being processed, for what purposes, how long the data will be stored) in a concise, transparent, easy to understand and easily accessible format, using clear and plain language. |
|---|---|
| Right of access | You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed and, where that is the case, you have the right of access to such personal data and obtain a copy of the data undergoing processing, or of related information regarding such processing if not covered within the present Notice. |
| Right to rectification | You have the right to verify the accuracy of your data and request from us the rectification of inaccurate personal data concerning you and the completion of incomplete information about you |
| Right to erasure | You have the right, under certain circumstances, to request the erasure of your personal data, subject to our obligation to retain such data for a specific period of time as required by law. |
| Right to restriction of processing | You have the right, under certain circumstances, to request from us the restriction of your processing. |
| Right to object to processing | You have the right to object, at any time to processing of personal data concerning you. We, in that case, shall no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms as data subject or for the establishment, exercise or defence of legal claims. |
| Right to data portability | You have the right to request from us to receive your personal data in a structured, commonly used and machine-readable or to be transmitted to another provider without hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User's consent, or a contract which the User is part of or on pre-contractual obligations thereof. |
| Right to withdraw consent | You have the right at any time to withdraw your consent whenever consent is the legal basis for processing your personal information |
| Right to lodge a complaint | You have the right to lodge a complaint with the data protection supervisory authority if you consider that the processing of your personal data infringes applicable law (Hellenic Data Protection Authority, Kifisias av. 1-3, 11523 Athens, email: contact@dpa.gr, tel:210-6475600. However, we would appreciate if we are offered the opportunity to deal with your concerns before you approach the data protection authority and so please contact us before, using the contact information mentioned in the present Privacy and Cookie Notice. |
Exercising your Rights:
For further information regarding your rights, or in order to exercise any of your rights, please contact us at admin@platform.odyssea.com. These requests can be exercised free of charge and we will reply as soon as possible. In general, we reply to your requests within one (1) month of when we received the request, but if the request requires more time then we will inform you accordingly (within one month). Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
10. Children's privacy
We will not knowingly collect, any personal information from any person younger than 18 y.o. If you are younger than 18y.o. please do not use or provide any information on this website or through any of its features, and do not give any information about you to us, including your name or your e-mail address. If we find that we have collected or received personal data from a minor we will delete such information, unless consent or authorization has been given by the child’s parent or guardian.
Effective date: 30/06/2020