Cookies – Anonymous data
Cookies are small text files that a website stores on your computer or mobile device when you visit it. Cookies are widely used for the most efficient operation of websites, which is achieved by storing your preferences. According to EU rules, any website that uses cookies must inform you about it, and ask for your consent. You always have the right to disable or not accept cookies on your device, as well as to know how the cookies information will be used. The cookies we use on our website do not refer to personal data, but to anonymous data.
What is remembered during your visit:
– if the visitor consented to the cookie policy.
– time when the visitor first visited the site.
– time when the visitor visited the site the next time.
– which pages of the site did the visitor end up with.
– how much time the visitor devoted to each page of the site.
– visitor`s IP address
– country of the visitor`s IP address
– type of the visitor`s device (laptop, desktop, tablet or mobile phone).
– screen resolution of the visitor’s device (e.g. 1920×1080).
– browser (Chrome, Firefox, Opera, Safari etc.).
– operating system installed on visitor’s device (Windows, Android, Ubuntu, OS etc.).
– website from which the visitor came to our site (e.g. from search engines Google, Bing, Yahoo, Yandex etc.).
– distinction of each visitor to new or repeat visitor.
Feasibility of processing anonymous data
Although anonymous data is not protected by the GDPR, of all the aforementioned anonymous data our interest is focused exclusively on reporting the total daily traffic and which website pages are of most interest to the visitors.
What is the “GDPR” – Applicable Law
The General Data Protection Regulation (GDPR) [Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 – http://eur-lex.europa.eu/legal-content/EL/TXT/?uri=celex%3A32016R0679] (hereinafter referred to as the “Regulation”), concerns the development of a single legal framework for the processing of personal data in the Member States of the European Union and replaces the previous Legislation “Directive 95 / 46 / EC”. The (previous) Directive was incorporated into the Greek Legislation by Law 2472/1997 (See in detail at the website: http://www.dpa.gr/portal/page?_pageid=33,123437&_dad=portal&_schema=PORTAL ).
The protection of individuals with regard to the processing of personal data is a fundamental right. Article 8 (1) of the Charter of Fundamental Rights of the European Union (“Charter”) and Article 16 (1) of the Treaty on the Functioning of the European Union (TFEU) provide that everyone has the right to the protection of their personal data. The “regulation” is binding in all its parts and is directly applicable in each Member State (i.e. no special adaptation of the National Legislation is required). (Rule 83 of the Regulation).
What is considered “personal data” and what is considered its processing
1) “personal data”: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
2) “processing”: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Other important “Definitions” of the “Regulation”
1) “controller”: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
2) “processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
3) “personal data breach”: means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
4) “supervisory authority” means an independent public authority which is established by a Member State responsible for monitoring the application of this Regulation, with a view to protecting the fundamental rights and freedoms of individuals against processing of data concerning them and facilitating the free movement of personal data within the Union,
5) Data Protection Officer (DPO): This is the person who will inform the users whose data is processed by the company but will also be the one who comes in contact with the Supervisory Authority.
Personal data we process
Personal data is any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We process personal data of clients that have been shared with us and only for the realization of our purpose, i.e. the provision of translation services. The people who have access to them are only executives who belong to the company or external collaborators with a project contract and who have signed with us an agreement not to disclose and use your personal data.
We process the following personal data:
– Your name.
– Your telephone number. You will not receive promotional text messages from us on your mobile phone.
– Your email. We will email you only information regarding your translation order. Your email is not shared with third parties. Your email is kept on our website for future communication purposes up to 1 month after the delivery of our service.
– Your order. The material of the text to be translated itself often contains sensitive personal data such as medical history, family status, educational level, personal information about your professional activities, etc. Your acceptance for the provision of translation services automatically means the disclosure to us of any particular personal information.
In any case, the processing of all this data concerns exclusively the execution of your order and this information is stored in our company for a period of 1 month after the completion of the translation project in order to provide after sales support to our customers. We inform you that none of your personal data will ever be used for advertising purposes by us or any third party.
What are your rights?
– to be informed by us about the purpose of processing;
– to be informed by us about the types of your personal data: The data disclosed to us is sensitive personal data (e.g. ethnicity, race, religion, trade union, biometric, genetic or medical data), which can only be processed within the service that we will provide you during the execution of your order.
– to be informed by us about the recipients: your personal information is not transferred to third parties other than the processors and only for the purposes mentioned above, without any further possibility of transmission or processing of your data by them. Your personal data is not accessible to anyone other than the people involved in the translation.
– to be informed by us about the storage time: your personal data is stored for 1 month unless you request us to delete it earlier.
– to ask for a correction: if you notice that some of your personal data was entered incorrectly or because something has changed along the way, you can ask us to correct it.
– to ask for a deletion: you can ask us to delete all personal data you have submitted.
– to object to the processing of your personal data: You can contact us requesting that your personal data not be subjected to any storage – processing. In this case we will not be able to provide our services.
– withdraw your consent: you can ask us to stop any processing and storage of your personal data.
– to be informed by us about the existence of automated decision-making system: Your personal data is not subject to an automated decision-making system.
– ask us for a copy of your personal data.
What mechanisms are used to protect personal data?
The security of the processing performed is maintained at a high level by applying encryption methods, and limited access rights to users of our systems. All web traffic (file transfer) between this site and your browser is encrypted and transferred via HTTPS using SSL (Secure Sockets Layer).
Our mail software, the computer network and translation tools are upgraded as well to offer maximum security from any data leakage.
Our special obligations
In the extreme case that the confidentiality of communications is violated, which includes the possibility that personal data has been disclosed, within 72 hours of the recognition of the event we will notify the competent supervisory authority and the natural persons to whom the personal data belong.
Supervising Authority
Today there is the Personal Data Protection Authority (PDPA) which is a constitutionally guaranteed independent Authority. The PDPA was established by law 2472/1997, which incorporates into the Greek law the European Directive 95/46/EC. Also, regarding the protection of personal data in the field of electronic communications, the PDPA applies the law 3471/2006 which respectively incorporates into the national law the European Directive 58/2002.
