Privacy Policy

Return to Previous Page

Scope and Purpose of this Policy

Our company respects your privacy and protects your personal data. You may contact us about any matter and issue relevant to this policy by using the details given below:

Business name: ABLE FACILITY AND ASSET MANAGEMENT LTD

Distinctive title: ABLE FACILITY AND ASSET MANAGEMENT

Business address: 2 Konitsis, Marousi

Email address: info@able.com.gr

Telephone: +30 2130048482

This policy intends to provide you with information about the personal data we collect and process during our operation. Your personal data is collected and stored for the time that is absolutely necessary and for the specified, explicit, and legal purposes which are fully described in the sections below. Furthermore, your personal data is subject to legal and fair processing, which is done with transparency and always in accordance with the legal framework currently in force, and also in a manner that guarantees their integrity and confidentiality. This data is appropriate, relevant, conducive, and not more than required in view of the above purposes; furthermore, they are accurate and, if necessary, subject to update and revision.

Concepts and Definitions

“Personal Data (PD)”: Αny information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Personal Data Processing”: Αny operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Data Controller”: Τhe natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Data Processor”: Α natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

“Consent” of the data subject: Αny freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

“Personal data breach”: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

“Data concerning health”: Personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.

“Special categories of personal data / Sensitive personal data”: Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data processed solely to identify a human being, health-related data, and data concerning a person’s sex life or sexual orientation.

General Principles of Personal Data Processing

Our company ensures that the personal data processing it conducts meets the following principles:

  • Personal data is processed lawfully, fairly and in a transparent manner in relation to the data subject.
  • Personal data is collected for specified, explicit and legitimate
  • Personal data is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  • Personal data is accurate and, where necessary, kept up to date.
  • Personal data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
  • Personal data is processed in a manner that ensures their appropriate security.
  • Personal data is stored inly for the time necessary for the purposes of their processing. In certain cases, personal data may be stored for longer periods, especially of the processing of such data is regarded as necessary for:
    • Complying with legal obligations imposed by the provision of other laws.
    • Fulfilling a responsibility of our company in order to achieve a purpose of public interest.
    • Archiving for purposes of public interest, scientific, or historical research.
    • Purposes relevant to the protection of public health.
    • Statistical purposes.
    • Establishment of basis, defence, pursuit, or support of legal claims.

Legal Framework of Personal Data Protection

Other than the General Data Protection Regulation of the European Parliament (EU Regulation 2016/679) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, all other domestic laws in force and regarding the processing and protection of personal data also apply, as well as any Directives issued by the Hellenic Data Protection Authority.

Legal Basis for Personal Data Processing

The company processes your personal data in a transparent manner and in accordance with the principles of lawfulness, proportionality, confidentiality and integrity, purpose limitation and accuracy, specific period of data retention, and data minimization.

The legal basis for processing of your personal data may be established on the following grounds:

  1. Processing is necessary in the framework of performance of our contractual obligations or during the preliminary contract stage (GDPR, article 6, section 1b),
  2. Processing is necessary for compliance with our legal obligations (GDPR, article 6, section 1c),
  3. processing is necessary for the purposes of ensuring the legitimate interests pursued by our company (GDPR, article 6, section 1f)
  4. Processing is necessary for compliance with health protocols for operation of tourist businesses in the framework of measures against COVID-19 (GDPR, article 6, section 1c).

Changes in this Policy

Our company may unilaterally revise this Policy at any time for purposes of compliance with regulatory changes, or for operational purposes.

We urge you to refer to this Policy at regular intervals in order to be informed about how the company manages and processes your personal data.

Copyright © 2020 Able. All Rights Reserved. Web Design & development by web-idea.gr
Privacy Policy - Cookies Policy - Terms of use