For Premier Consulting S.A. (henceforth “Company”) the protection of the Personal Data of our partners, suppliers, clients and in general citizens that interact with the Company, as well as the respect for individual privacy, constitute a self-evident commitment. The Company is committed to collect and process personal data according to the General Data Protection Regulation (EU) 679/2016 and the rest of the applicable legislation. In this context we undertake all necessary organizational and technical measures required to ensure security, availability and validity of the data of our partners and citizens interacting with our Company.
Personal Data and ways of collection
The Company collects personal data directly from the data subjects via physical communication, whether through distance communication (eg via email, electronic form, telephone / telephone, etc.). Through our website www.premier.gr, our Company may collect personal data in two ways: (a) through the communication form under the "Contact" Company for any requests (b) through the newsletters procedure where a visitor can register his / her e-mail address in order for our Company to contact him / her for purposes of informing him of any offers, new services and general promotions. Subscription to the newsletter is done through double confirmation (opt-in) by the user and in every communication, we have the possibility of immediate and retroactive withdrawal of the consent. For the cookies data our site collects to each visiting user, you can get information through the www.aboutcookies.org link.
In some cases, it is likely that you have provided your data in the past, in the context of a previous collaboration or relationship with our Company. Only by way of exception is it possible to collect data from other sources. In such cases, the data subject will receive specific information.
In the context of its activities, the Company collects personal data through its authorized employees and partners, which may include:
- Personal, tax and insurance information (such as surname, first name, father's name, address, V.A.T. number, salary, id or passport number, signature);
- Data regarding financial transactions (such as bank accounts, credit and debit card details and other means of payment);
- Data necessary for transactions with legal entities and companies of the wider public and private sector, such as tax or social security clearance etc.;
- Contact details (telephone, email address, mail address);
- The Company takes all reasonable steps to collect personal data directly from the data subjects, through any appropriate mean. Only in exceptional cases the Company may collect personal data from any other source, after prior specific notification to the data subjects.
Legal Basis and purpose of personal data use
The Company collects only personal data that are absolutely necessary for the performance of its activities and duties, as described in the present, the performance of legal obligations and the performance of its contractual obligations. Specifically, the Company collects and processes data of partners and clients for the purposes of provision of services, procurement of services or works, collects and processes data for the performance of its contractual obligations in the context of the provision of its services, as well as for the performance of its legal obligations, such as, among others, regarding tax legislation.
In the context of pursuing these goals, our Company processes personal data, according to the following legal bases, depending on each time particular act of processing:
- Performance of contract: processing necessary for performance and compliance with contractual obligations.
- Compliance with legal obligations of our Company, such as recording in our accounting records, issuance of lawful receipts etc. for compliance with tax and relevant obligations.
- Management of clients and suppliers and safeguarding the smooth operation of our Company and the correct provision of its services.
- We collect and process data for safeguarding of legitimate interests, to the extent that it does not violate legitimate interests of higher stature of data subjects, such as record keeping for defending against claims, pursuing claims against liable parties, as well as documenting for the purposes of administrative reviews and reviews of relative nature and also processing necessary for the safety and security of the facilities and infrastructure.
Disclosures of personal data - categories of recipients
The Company does not disclose the personal data it collects and processes to third party, except if it is necessary for the purposes for the performance of legitimate professional and business needs, in order to perform contractual obligations to our suppliers and partners or is required or allowed by law.
The data of our partners, suppliers and citizens that engage with the Company may be processed according to those mentioned in the present notice, by departments and employees of our Company that are competent to perform each given task. The data may be processed by collaborating third parties, by order and on behalf of the Company, in cases of outsourcing of functions. In any case, the Company takes all necessary steps to ensure that it assigns parts of processing to third parties only if they ensure high levels of security and confidentiality of the data, provide enough guarantees and commitment about their protection and undertake the contractual obligations required by law.
Furthermore, the data, to the extent necessary for the performance of the purposes of processing, may be transferred to Banks or business partners such as insurance companies, security services providers or archive managing services providers, IT companies, courier companies or companies providing printing services etc. Our Company, under any circumstance in which such a transfer of data is necessary, takes all reasonable steps to disclose data only to third parties that demonstrate high levels of security and confidentiality and provide enough guarantees and commitment for their protection.
Finally, the Company may disclose data to public authorities of any nature (public services, tax authorities, social security institutions etc.) or to judicial authorities or independent public authorities, prosecuting authorities etc., if such a disclosure is allowed or required by law or such a disclosure is deemed absolutely necessary for the protection of our legal rights or legal compliance.
Timeframe of retention of personal data
Personal data are retained for the period that is absolutely necessary for the performance and completion of the purposes of their processing mentioned above. The exact period of retention of each category of personal data is determined by (a) the needed period, within a reasonable business framework, for the performance of our contractual obligations (b) each time applicable legislation about mandatory retention of certain data, as indicatively applies in accounting and tax records or data regarding social security obligations (c) the duration of our commercial or otherwise contractual relationship with suppliers, partners or clients (d) the possible need for the retention of data in order to safeguard our legitimate interests, demonstrate compliance, protection against claims and judicial pursuit of our claims.
Confidentiality and security of personal data
The Company maintains appropriate technical and organizational measures to ensure the confidentiality and integrity of the personal data in its possession and to protect them from incidental or deliberate destruction, loss, change, unauthorized access or disclosure, as well as any other form of illegal processing.
The processing of personal data from our Company is conducted only in a way that ensures confidentiality and security of the data, taking into consideration the latest developments, costs, nature, context and purposes of processing, through evaluation of the risks and the chances of their occurrence and its consequences for the data subjects. In this context, we take all reasonable steps to ensure that processing is carried out by authorized for such a procedure personnel, which is bound by confidentiality obligations and demonstrate the appropriate protection standards. The same applies to all our partners, which may be involved in the process (see above under "Disclosure of Personal Data - Categories of recipients").
Data Subject's Rights
According to applicable legislation and under the restrictions provided therein, data subjects have the following rights in respect to their personal data:
- Right to Rectification: You have the right to request the rectification of inaccurate data concerning you.
- Right to Erasure: You have the right to obtain from the controller the erasure of personal data concerning you, given that such an erasure is permitted by applicable law. We note that this right is subject to the restrictions provided by law.
- Right to Restriction of Processing: You have the right to obtain from the controller restriction of processing, if conditions set forth in applicable legislation are met. The exercise of such a right is possible if applicable legislation provides for such a possibility. If the relevant conditions are not met, the Company may have no obligation to accept your request.
- Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller, if such a possibility is provided by applicable legislation for the type of data concerned.
- Right to Object: You have the right to object to processing of data concerning you, given that such a possibility is provided by applicable legislation. This right is subject to the conditions provided by law and the Company may have legitimate reasons to deny your request.
- Right to withdraw your consent: If an act of processing is based on your consent you have the right to immediately, easily and without cost withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing before the time of the withdrawal.
- Right to file a complaint with the Data Protection Authority: We note that you also have the right, according to applicable legislation, if you deem that some of your rights are being violated, to file a complaint with the competent Data Protection Authority (for Greece: Data Protection Authority - DPA, 1 Kifissias Ave. -11523 Athens, tel :210 6475600, www.dpa.gr)
To exercise any of your rights, as well as for any information or clarification in respect to those rights and their conditions, you have to contact with the Company at given contact details below. The Company will provide any further information and guidance for the steps that you must follow. Furthermore, you can contact our Company for any queries, comments or complaints in respect with the management of your personal rights.
telephone: +30 210 72 99 34
Address: 91 Michalakopoulou str., Athens, 115 28