8. DATA SUBJECT RIGHTS
8.1 Data protection law provides individuals with numerous rights, including the right to: access, rectify, erase, restrict, transport, and object to the processing of, their personal data. Individuals also have the right to lodge a complaint with the relevant data protection authority if they believe that their personal data is not being processed in accordance with applicable data protection law.
8.1.1 Right to make subject access request (SAR). Where we are processing your personal data as a data controller you may, where permitted by applicable law, request copies of your personal data. If you would like to make a SAR, i.e. a request for copies of the personal data we hold about you, you may do so by writing to the data protection officer whose contact details are above. The request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and a fee.
8.1.2 Right to rectification. You may request that we rectify any inaccurate and/or complete any incomplete personal data.
8.1.3 Right to withdraw consent. You may, as permitted by applicable law, withdraw your consent to the processing of your personal data at any time. Such withdrawal will not affect the lawfulness of processing based on your previous consent. Please note that if you withdraw your consent, you may not be able to benefit certain service features for which the processing of your personal data is essential.
8.1.4 Right to object to processing. You may, as permitted by applicable law, request that we stop processing your personal data.
8.1.5 Right to erasure. You may request that we erase your personal data and we will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping your personal data, such as a legal obligation that we have to comply with, or if retention is necessary for us to comply with our legal obligations.
8.1.6 Your right to lodge a complaint with the supervisory authority. We suggest that you contact us about any questions or if you have a complaint in relation to how we process your personal data. However, you do have the right to contact the relevant supervisory authority directly.
8.1.7 If you would like to review, correct, update, suppress, restrict or delete Personal Data that you have previously provided to us, or if you would like to receive an electronic copy of your Personal Data for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by law), you can contact us at firstname.lastname@example.org or by mail: “IOANNIS A. XANTHIS SINGLE MEMBER PRIVATE COMPANY” at Al. Diakou, Rhodes, P.C. 85100, Greece.
In your request, please make clear what Personal Data you would like to have changed, whether you would like to have your Personal Data suppressed from our database, or other limitations you would like to put on our use of your Personal Data. For your protection, we only fulfil requests for the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before fulfilling your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we often need to retain certain data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or reservation, or enter a promotion, you may not be able to change or delete the Personal Data provided until after the completion of such purchase, reservation, or promotion). There may also be residual data that will remain within our databases and other records, which will not be removed. In addition, there may be certain data that we may not allow you to review for legal, security or other reasons.
9. NON-PERSONAL DATA
9.1 We collect and use the following types of non-personal information:
9.1.1 Internet Protocol (IP) addresses. When you visit our site, we log your IP address (the unique address which identifies your computer on the internet). We use IP addresses to collect broad geographic information on our site visitor, and to optimise our website. We do not link IP addresses to personally identifiable information.
9.1.2 Cookies. Cookies are small text files that are placed on your computer by the websites you visit. They are widely used in order to make websites works, or work more efficiently, as well as to provide information to the owners of the site. You may delete and block all cookies from this website, but if you choose to do so parts of this site may not work.
9.1.3 Session Cookies. Sections of this website use ‘session cookies’ which help us to improve our website, assist with the navigation through certain parts of the website and deliver a better and more personalised service. Session cookie specifically enable us to keep track of your movement from page to page within the website so you don’t get asked for the same information each time you navigate to a new page. They also allow us to recognise you so that any page changes.
9.1.5 Online surveys. From time to time we may invite our website visitor or our customers to participate in an online survey about our online services or our products and related services. Your participation is optional, and any information we collect is only used to improve the products and services we offer to our website users or customers.
10. LINKED WEBSITES
We seek to use reasonable organizational, technical and administrative measures to protect Personal Data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the “Contacting Us” section, below.
We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include: The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services) Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them) Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)
13. SENSITIVE DATA
Unless specifically requested, we ask that you not send us, and you not disclose, on or through the Services or otherwise to us, any Sensitive Personal Data (e.g., social security numbers, national identification number, data related to racial or ethnic origin, political opinions, religion, ideological or other beliefs, health, biometrics or genetic characteristics, criminal background, trade union membership, or administrative or criminal proceedings and sanctions).
14. UPDATES TO THIS PRIVACY STATEMENT
This Policy may be changed from time to time, consistent with the requirements of the Privacy Shield. You can determine when this Policy was last revised by referring to the “LAST UPDATED” legend at the top of this page. Any changes to our Policy will become effective upon our posting of the revised Policy on the Site.