1. About Anaptyxiakos Kyklos
Anaptyxiakos Kyklos consulting & accounting company is committed to protecting confidential and personal information assigned to it and complies with the legislation on Personal Data Protection, as it is in force today.
Our commitment to protecting personal data is a natural extension of our commitment to maintaining the confidentiality of customer information. That is based on the belief that respect for the personal data of individuals is not something we have to do but also something that improves the way we work.
2. What is personal data?
The term "personal data" (from now on referred to as data or data) refers to any information relating to an orderly or identifiable natural person ("data subject"). An identifiable natural person is one whose identity can be established, directly or indirectly, in particular by reference to an identity element, such as name, identity number, address, and telephone number. But also by regard to one or more factors that characterize that person's physical, physiological, genetic, psychological, economic, cultural, or social identity due to a natural person. In short, for example, it is any information that relates to and concerns a natural person; either he immediately reveals his identity to us, or he can reveal it to us.
3. What is Personal Data Processing?
Any operation or series of operations performed with or without the use of automated means on personal data or personal data sets, such as the collection, registration, organization, structure, storage, adaptation or alteration, retrieval, retrieval of information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction. Almost any action, from the moment an IPC is created to the moment it is destroyed (or fully anonymized), constitutes an act of processing. VAT processing is a legal action as long as it is carried out within the framework defined by the relevant legislation, i.e. national law 4624/2019 and the European General Regulation on Personal Data Protection (GDPR) 679/2016 / EU
4. Is the processing of personal data concerning you mandatory?
Providing some of your data to our company is necessary when you make transactions or contact us. With this Policy, we inform you about the processing rules we follow. Suppose you do not provide us with the data listed below. In that case, we will probably not be able to complete the transactions you request and generally provide you with our products and services or respond to your contact request or any other request.
5.When and how do we collect your data?
We collect your data in the following cases:
- When we receive tax information of your company for processing.
- When we collect information about your staff.
- When we receive any document concerning the processing of services with public bodies or with individuals.
- When you contact us
- When you request to receive electronic updates on our news, offers, and events, i.e., by subscribing to the list of accepted newsletters
- When you visit our website
6. What principles do we follow when processing data?
In the processing of your data, we accept, adopt and apply the processing principles according to no 5 GDPR, i.e. your data:
(a) are processed lawfully and fairly in a transparent manner about the data subject ("legality, objectivity and transparency");
(b) are collected for specified, express, and lawful purposes and are not further processed in a manner incompatible with those purposes ("limitation of purpose");
(c) are appropriate, relevant, and limited to what is necessary for the purposes for which they are processed ("data minimization");
(d) are accurate and, where necessary, updated; all reasonable steps are taken to promptly delete or correct personal data which are inaccurate for the processing ("accuracy");
(e) are kept in a form that allows the identification of data subjects only for the period required for the processing of personal data; ("limitation of the storage period");
(f) are processed in such a way as to guarantee the appropriate security of personal data, including their protection against unauthorized or unlawful processing and accidental loss, destruction, or deterioration, using appropriate technical or organizational measures ("integrity and confidentiality").
SECOND SECTION: Analysis of processing
A. Categories of dpx that we process
Our company collects and then processes (stores, etc.) based on the following categories of personal data (e.g.):
- Name, surname, date of birth, TIN, ID number or
passport number, home address / area, telephone number (landline / mobile), email address
- account number / IBAN, credit/debit card number (if applicable), pricing information (services, value, quantity), historical purchases
- browsing data and the Internet Protocol (IP) address of your terminal device while browsing our site
B. Processing purposes - Legal processing bases
We collect and process the above categories, for example, for the following purposes: in the provision of professional services - usually in the provision of services to individuals, employers, companies with clients, natural persons, and in the public sector. Our customer relations are governed by the letters of cooperation and the general terms of transactions, including the use of the personal data we receive.
- Provision of services, invoicing credits,
- Customer service (information about products-services, customer record-keeping),
- Defending legal claims
- Compliance with legislation (tax, insurance, etc.)
- Sending a newsletter
Legal processing bases
We inform you that the processing for the above purposes is done:
- under the legal basis of no 6 par.1 case (b) of GPD 679/2016 / EU (i.e. the processing is necessary for executing a contract to which the data subject is a party) and
- under the legal basis of no 6 par.1 case (c) of GPA 679/2016 / EU (i.e. the processing is necessary for compliance with the controller's legal obligation).
Regarding sending the newsletter, we inform you that it is done if we have previously provided some services or only if you have voluntarily registered in the newsletter sending list of our company, i.e. with your consent.
In every newsletter message you receive, we allow you to stop sending them by selecting “unsubscribe” at any time you wish.
The newsletter is sent only to promote similar and related products or services of our business.
Your email address will not be shared with third parties.
C. Time - Place of preservation
The processing of IFRS should be limited in time, to the time necessary for processing.
According to the above, the personal data that we process is kept for a necessary period to comply with the legislation (mainly tax, Insurance) and preserve our legal claims.
In the case of using a credit/debit card, we do not save their data (card number-CVV number), while in the case of a telephone transaction, we delete them immediately after its completion.
Your other data are stored on the premises of our company in physical or, as the case may be, digital form.
D. Your rights
We process the above data by the overhead protection policy, and of course, we support and ensure the exercise of your rights through a corresponding procedure.
Our response to your requests (whether it concerns the exercise of rights or the submission of complaints) is free of charge without delay, and in any case, within (1) one month from the time we receive your request and confirm your identity. However, suppose your request is complex, or many bids are submitted to our company simultaneously. In that case, we will inform you within this month about whether we need to receive an extension of another (2) two months, within which we will respond to you. The reported times of one (1) plus two (2) months (if required) are legal and provided in the GCP.
Suppose your requests are manifestly unfounded or excessive. In that case, our company may charge a reasonable fee, considering the administrative costs of providing the information or performing the requested action, or finally refusing to respond to your abusively repeated request.
In particular, you have the following:
- The right to be informed about the above issues and anything else that concerns the processing of your data
- Right of access, i.e. the right to receive a copy of data you have provided to us
- Right to update / correct, in case any
data is or becomes inaccurate, so that we can correct it. The update will do updated within seven working days from the submission date of your written request and confirmation of your identity.
- Right of deletion. This right may be subject to restrictions due to the need to retain some data due to legal obligations.
- Right to restrict processing when:
(a) you dispute the accuracy of the personal data for a period which allows us to verify the accuracy of the personal data;
b) the processing is illegal, and you oppose the deletion of personal data and ask instead to restrict their use;
c) we no longer need personal data for the purposes above of processing, but you require such data to establish, exercise, or support legal claims and in related cases
- The right to portability, i.e. the right to receive the personal data concerning you, which you have provided in a structured, commonly used, and machine-readable format, and the right to transfer this data to another processor without objection from us.
- Right to revoke your consent to send the newsletter, i.e. the right to request that you do not receive newsletter messages from our company via email in the future by unsubscribing to any such email you have received.
- Right to complain to the Personal Data Protection Authority (DPA.gr) in case you consider that we are violating the relevant protection legislation, e.g. regarding your data
SECTION THREE: Other information
A. Our company uses modern and up-to-date organizational and technical measures to prevent illegal intrusion, access or dissemination of your data.
B. We inform you that we do not carry out automated individual decision-making or profiling.
D. Contact form. Through the contact form, you can send us a contact message and receive information about our services. We urge you not to send us messages that contain sensitive information about you or others. If you send us such a message, we declare that we will delete it immediately and not proceed with further processing or reply.
G. Communication - Requests - Complaints
If you have questions, comments, or complaints about the management or protection of your data or if you wish to exercise any of your rights, please contact us at the above contact details.