DN2ME PRIVACY POLICY

• INTRODUCTION

• General

The respect for your privacy and the management, protection and security of your personal data is a priority for DN2ME (the “Company”, “DN2ME”, “we”,  “us,” “our,”).The  Company has adopted this Data Protection Policy (hereinafter the “Data Policy” or “Policy”) in order to inform on the types of data it collects or produces for you that make use of the Application and the Service (hereinafter “Application”, “Platform”, or “Service”) or become our Member or sign up for our newsletters recipients list (hereinafter “you”, “your”, “yours”, the “Traveler”, the “Doctor”, the “Member” the “User”) for the purpose of collecting and processing of your data and how these data is processed and its recipients, for the rights and your choices on your personal data, as well as how to contact us about every matter that may trouble you with respect to your personal data.

• Amendments  

The present is the first edition of the Policy and comes into effect from 1 July 2018. This Data Protection Policy is governed by the relevant provisions of both Greek and European law relating to the protection of individuals from the processing of personal data. Any possible future change to the above regulatory framework will be the subject to the present. Therefore, we retain the right to amend this statement and apply any change on your data and our practices regarding its collection and processing, according to the provisions of the law, or /and to amend or replace all or part of this Policy at our own discretion.

If there are substantial changes to this Policy or if our practices regarding your data shall change in the future, we shall notify you by publishing the changes on the Platform and by sending you a relevant update. However, if you wish to have any clarification or information regarding the changes, or have any disagreement, reservation or question about them (changes), you may contact us at the details listed in the Section below. Please note that any information / clarification given to you in accordance with the above regarding any changes to this Policy does not constitute a replacement, substitution or any amendment of this Policy.

 Continued use of the Application and Service implies the automatic and unconditional acceptance of the amended terms of this policy on your behalf. In the event that you do not agree with the amendments, you should not take any action or  make use of the Application and the Service, let alone provide any personal data, you are entitled to terminate the contracts between us and request the deletion of your Account and Data to the extent permitted by applicable law. For any information or clarification, you may contact us and in any case you are entitled to exercise your rights as detailed in Section V below.

• Content:

This Data Protection Policy includes:

• information about the Data Controller and the Data Protection Officer (DPO), and our contact details for any issue regarding your personal data.

• • the type of personal data that we collect for you and methods of collection

• • the purpose of collecting and processing of your personal data and the legal basis for the processing

• • security measures that we undertake for the protection of your data and how long we retain it

• • your rights and how to access them, as well any options you may have regarding the collection and processing of your data

• information about the protection and storage of your data by DN2ME

• DATA CONTROLLER AND DATA PROTECTION OFFICER

• Who is the Data Controller?

Data Controller of your personal data is the company under the name    “DOCTOR NEXT TO ME PRIVATE COMPANY” and the distinctive title “DN2ME IKE”, with company registration number 143485601000, having its headquarters in Athens (45 Galinis str., Galatsi), VAT no 800869936, Tax Office of IB Athinon, tel;. +30 2121042659 and email: [email protected] (hereinafter, the “Company”).

• Who is the Data Protection Officer?

Data Protection Officer (DPO) of our Company for your personal data is Mr. Kagelaris Apostolos. His contact details are: email: [email protected], telephone +302121042659 and post address: 45 Galinis str., Galatsi.

• Questions and Comments

You may communicate with us using the contact details above and submit any comment, queries, observations or any complaints regarding this Policy and generally the collection and processing of your personal data. You have the right to submit any claim regarding issues of protection of your personal data that may arise from its processing by the Company, before the Hellenic Data Protection Authority, which is the supervisory authority in our country. Please find details in link www.dpa.gr. However, it is our obligation and duty to handle any troubles regarding your personal data, hence we are glad to hear from you.

• COLLECTING AND PROCESSING OF DATA

• WHAT data do we collect and HOW do we collect it

Upon your registration in the Application, the creation of account, and the use of  Service or otherwise, we collect different types of personal data for you, either directly from you or from third parties through automatic means such us indicatively:

• • Identity data that you provide us upon your signing up in the Application, by creating an account, by completing the insurance policy data, by submitting a copy of your passport for its transfer to your Insurance Company etc.

• • Communication data that you provide us either necessarily or optionally when opening an account, when setting up your Profile, for example, when you are a Doctor you state contact details of your mobile or fixed phone of your medical practice office when reporting an incident etc.

• • Location data: You can optionally tell us your geolocation data if you set your browser to be tracked by the signal.

• • Insurance coverage data: If you have an insurance policy and wish to make use of this, you state Insurance Name, Country of Destination, Policy Number, Your/Assistance  ref.number, Travel dates.

• • Economic data that you provide us either at the opening of the Account, or by using the Service (e.g. card details or PayPal account), credit balances, amounts you have spent on the use of the Service (for each Incident / Doctor / examination, etc.) amounts credited to you and amounts covered by your Insurance Company, bank accounts of doctors who are required to provide for their payment, or their PayPal account.

• • Medical data: that you voluntarily provide us with when using the Service and concerns your condition, for example, when you leave a message to the Doctor or make a video call, from the medical history completed by the Doctor who attended you, from the examinations proposed and booked through the Service, from relevant photographic material, such as photos or traffic report in the event of an accident, from the clinics you visited through the Service, the medical appointments with specialist Doctors you have booked etc.

• • Transaction data: the doctors you saw, the specializations of the doctors who attended you, the type of examinations you make, the cost you have paid for the medical services provided to you through the Service, the time of the incident, the time of its settlement, the insurance services you receive, your reviews on  doctors, the place of provision of medical services, etc.

• • Login Information data to your Account, which is your username and password.

• • Profile Data

• • Demographic data: age, gender, place of residence, travel places etc.

• Device data

We do not knowingly collect any information from any person under the age of 15 without the consent of parents, guardians. Our services are aimed exclusively at people who are at least 15 years of age or older. If you are under 15, do not use or provide any information to us, do not register as a Member or in our newsletters list of recipients, do not use the Application and Service, even the upload, and do not give any information about your face to us, including your name, address, or contact information (phone, email, etc.). If we find that we have collected or received personal data from a child under the age of 15 without the consent of the guardian, we will delete it immediately unless consent has been given to a parent or guardian. If you think we may have information from or for a child under 15, please contact us.

Learn more…..

We collect directly from you the following personal data:

If you are a Traveler:

• When opening your Account, you must provide us with a username and password and your full name, email and mobile phone, and you will preferably indicate your birth date, sex and country of origin.
• If you are insured and want to use your insurance policy during the use of the Service, you must indicate the name of the insurance company in which you have an insurance policy, the Policy Number, the Assistance ref. Number, country of origin, and dates of your journey.
• As a security or in case you do not have insurance coverage for any reason, you are giving us information about your card or your PayPal account.
• When you have an Incident and you use the Service you voluntarily state the nature of the Incident (urgent or not) description of the health issue either in the form of a video call or as a recorded message, you provide with your passport information for your identification and because it is necessary for your insurance coverage, you provide us with your location data to locate the Doctors near you, the Doctor’s specialty you are looking for, the appointment for further examinations, the type of examinations you will make, the place you will take the exam, the day and time,
• When you communicate with us, we collect information necessary to meet your need.

If you are a Doctor:

• When opening your Account, you must provide us with a username and password, your full name, email, mobile phone, spoken languages, your specialty, your title, your registration number as a member at the competent Medical Association, your availability regarding the provision of your medical services and optionally information about your qualifications (e.g. foundation – year of study, year of specialization, etc.).
• If you voluntarily state that you are adhering to a private practice, please provide us with information about your office location, contact details, opening hours, your available appointments, your medical equipment,
• If you voluntarily declare to us if you are insured for compensation for medical liability.
• Payment and pricing data such as bank, bank account, VAT number, PayPal account.

           Personal data we collect by automated means.

If you are a Traveler:

• By using the Service and the Application we create data about your health issues or accidents that occur, the specialties of the Doctors who have provided you with medical services, the type of examinations you have undergone or the treatment, the duration, when it took place, your insurance coverage, the amounts you have spent on the provision of medical services through the Application, your travel places, your location based on geolocation data exclusively for the use of the Service by you,

If you are a Doctor:

• By using the Service and Application the place where you provide your services, your fees through the Service, your location based on geolocation data solely for the use of the Service by you, your working hours, and so on .

Personal data we collect from third parties:

If you are a Traveler:

• We may receive information about your medical data from the Doctors who attended you while using the Service and which have been sent to the Service by the Doctors and Medical Diagnostic Centers and Clinics.
• We may receive personal data from you from third parties who have reported your information to the Application in your name and on your behalf.
• We may receive information for you from your insurer when you use the Service with regard to the processing of your insurance compensation

 

• HOW and WHY do we use your personal data.

All the above personal data that you provide us necessarily or voluntarily, or we collect from third parties or are produced by automated means, we use it for the legal purposes referred below. Please note that, where the European or national laws restrict or prohibit certain actions of the Company for which we use your data, we will stop using information about you for these purposes.

In particular, we may use your personal data for the following purposes:

• for signing up for the Service and for opening and maintaining your Account.
• To manage your requests on the Platform,
• To provide the Service with regard to Mediation of the Company for the provision of the Medical Service.
• For identification.
• Managing claims for covering insurance compensation.
• To communicate with you about your Account Management issues
• To communicate with you about Service operation issues.
• For handling and concluding and processing your payments, including the security of our financial transaction.
• For your service as a Member of DN2ME Service.
• For creating, keeping and maintaining a database with our client base and analyzing it.
• For sending to you commercial communication via newsletter, sms, or other multimedia related to our Company news, products and Services, offers and promotions and / or to send you personalized updates based on your preferences and your profile at us and for understanding and analyzing our advertising and promotional results.
• To process your requests, such as canceling appointments, change of your details, exercising your rights.
• For the transfer of documents and information necessary for the use of the Service.
• For security of transactions.
• for business analysis and improvements, such as the availability of our Services and their optimization, to optimize your experience and service by us within the Platform, to manage Loyalty programs, as well to adjust your experience in the Application and Service.
• For market research, statistical analysis, development of marketing strategies and marketing campaign management and for letting us or our partners inform you of possible opportunities to participate in DN2ME’s marketing or promotion initiatives.
• for other purposes for which we will notify you of or will be defined on a case-by-case basis at the point where your information is originally collected.

The legal basis for our use of information about you is one of the following (which we explain in more detail in the “find out more” section):

• • compliance with a legal obligation to which we are subject;

• • the performance of a contract to which you are a party;

• • a legitimate business interest that is not overridden by interests you have to protect the information;

• where none of the above applies, your consent (which we will ask for before we process the information).

find out more…

Registration as a member – Creating an account: We process your data in order to: acknowledge you as a user. Give you access in functions and services of your member account.   Use services/functions of your account	Legal basis is: a) your consent for your signing up and creation of Account b) our legitimate interest to secure your account and identify you if necessary, for your benefit, for the avoidance of any fraud or security incident. γ) our contractual obligation to retain your data in your Account. provide the Service as agreed
Receiving and Managing a Traveler’s Request for the provision of Medical Service: • Geolocation • Traveler’s update for Specialty Doctors based on their geolocation point in relation to such Traveler’s point. • Traveler’s update for waiting time until the Doctor’s on-site visit. • Updating a Traveler for available Doctors based on Traveler’s searches. • Traveler’s update for nearest diagnostic centers and clinics. • Update a Traveler for available days and hours to make an appointment. • Receiving and transfer of medical data on the incident to doctors. • Informing selected doctors about the details of the Incident. • Informing Doctors for an appointment with a Traveler-Patient • Transfer of medical history to a patient – Traveler.	Legal basis for processing  is: a) Your consent • To receive the description of the Incident. • For transferring your medical data to the Doctor of your choice. • To keep this in your Account. • For geolocation and provision of the Service based on your location. b) our legitimate interest • for security of your transactions and data • for your identification wherever is needed, and to your advantage to avoid fraud or security incidents. • c) fulfillment of our contractual obligations • to receive your data and requests and transfer them to Doctors. • For the provision of the Service as agreed. • To notify Doctors who are closest to Incidents. • For the Doctors, who have been requested to go to the Place of Incident, to locate you. • To receive the medical history from the Traveler. • to make and manage appointments.
View and presentation of doctors and their medical services. • Geolocation • Transfer of the location of the Doctors to the Travelers • Management of CVs • View and update the location of provision of medical services and of the available time. • Transfer of the Doctor’s Mobile Phone to the Traveler.	The legal basis for the processing is: a) Your consent • Regarding the information you provide to us. • Your geolocation • Transfer of your mobile phone to the Travelers who choose you b) fulfillment of our contractual obligations • Regarding the mandatory information you provide to us.
Processing of any insurance cover for patients and processing the payments of the Doctors by the Insurance Companies. • Collection of data regarding the insurance policy by the Travelers. • Transfer of Traveler ID data to the Insurance Company. • Transfer of Travelers’ Medical Data to the Insurance Company. • Transfer of the identity data of the Doctors who provided medical services to the insured Traveler through the Service to the Insurance Company. • Transfer of the location data of travelers and doctors to the insurance company. • Transfer of the billing data and of the doctors’ bank accounts for the payment of their remuneration to the Insurance Company	The legal basis for the processing is: a) Your consent • With regard to the provision of insurance policy data. • Your geolocation b) fulfillment of our contractual obligations • Transfer of data to cover the Insured Traveler’s insurance compensation and the payment of Doctors. (c) fulfillment of a legitimate interest • Your identification for your, our, the insurer’s safety and the safety of transactions in general that does not exceed your rights but benefits you.
User / Member care and management before or after the use of the Service. We process your data for: • Communication by the User / Member in the communication media of the Company (conventional media, email or call center, or in multimedia e.g. viber or other means e.g. Social Media) • Communication by the Company at the request of the User / Member at the given details. • User / Member care in general for matters related to the Company, its services and its products, its Account, the programs, the guarantees it may provides, the social media of the company. • Complaints or clarifications • Exercise of consumer rights and / or rights deriving from applicable law. • Overall management and optimization of user experience and service on our Platform, etc.	The legal basis for the processing is: (a) Compliance with the Company’s legal obligation to adopt tools / means of customer service before and after sale, in order to respond to Customer’s queries relating to the use of the Service, to exercise his/her rights. b) The Company’s legitimate interest in responding to your requests that you submit to us through various communication channels, to optimize the service and management of our Users / Members and to provide its customers with the ability to communicate with the company and manage any issue they have in the best possible way, based on their needs, which is of benefit to the User / Member and which is reasonably expected by him / her. Each User / Member may opt-out at any time by accessing personal information for that purpose such as by stating it to the customer care service or by contacting the Company in all media for any of the above. However, it is noted that the Company is entitled to demonstrate imperative and legitimate reasons for such processing, such as data necessary to provide you with customer care service, to record any problems or failures, or to establish or support legal claims c) performance of a contract if you specifically contact us to manage issues related to the use of the Service d) the customer’s consent to receive communication from the Company for this purpose when he/she asks the Company to contact him/her
Advertising & Marketing Management registration in newsletter recipients list of the Company to send newsletters generic and personalized. to send marketing communication via email, sms or other multimedia, push notifications etc. to run promotions such as activate old customers. Suggestions for your participation in our Company’s Actions and incentives to participate and use the Service and the Application. Exploring the degree of satisfaction of the User / Member from the provided products-services of the Company.	Legal basis for the processing is: (a) a legitimate interest of the Company in processing the data of our Users / Members that were granted to us in the use of the Service for the purpose of direct commercial communication for related products or purposes. In these cases, you can request the opt-out by pressing the unsubscribe button on your email or mobile message or by contacting us or by requesting your removal from receiving general communication for products / services you do not care about.   In addition, we believe we have a legitimate interest in drawing up a profile with the information we have about you (e.g. your demographics as we understand that processing this data is also beneficial to you as you improve your experience with your transaction with us and at the same time you gain access to information that interests you. (b) consent to cases where • you voluntarily grant us your data, • You authorize us to send you the newsletter • you state us your preferences for your update from us. • when you accept sending of  general and / or personalized newsletters, push notifications, etc..
Business analysis and improvements for: Unceasing Application and Service operation technical excellence and security of transactions optimization of technical systems addressing technical issues compiling reports and keeping data	Legal basis for processing is: a) compliance with legal obligation to secure information and confidentiality b) the legitimate interest for security of networks, avoidance of any fraud and unauthorized access to data, for our business continuity, upgrading our systems and our partners’ system, for our business development, optimization of our technical systems and commercial processes, any data process that prevails rights and freedoms of data subjects that data subjects who reasonably expect to be processed for this purpose. You have the right to oppose the above processing per data processing case. It should be noted, however, that the Company is entitled to demonstrate imperative and legitimate reasons for the processing, which prevail interests, rights and freedoms of data subjects.
Statistical analysis to evaluate and improve Application services and procedures that includes: Evaluation and improvement of business processes Responsiveness and requests management Responsiveness and management of the content of the Application and the Service Research and / or analysis to better understand needs of our Users / Members Research and evaluation to improve existing products and / or services and to develop new ones Evaluation for the creation of new programs, offers, etc. Adoption of new commercial and business models, programs and partnerships. Promotion of the Company, of our services. Distribution and marketing of our services to other countries. Provision and marketing of new services. Advertising and promotion of our Company. Improvement of your experience Delivery of  related content Quality surveys Statistical analysis	Legal basis for this processing is: a) the legitimate interest of the Company for the further compatible processing of aggregated data for the purpose of statistical analysis to improve its products and services while complying with all the necessary safeguards to collect and process data that do not identify a particular data subject and do not affect the rights and freedoms of data subjects. b) the legitimate interest to market our products, analyze usability and functionality of the Application and the Service, customer satisfaction, customer preferences on how to provide the Service, to improve our business performance to improve our partnerships, always respecting your rights, freedoms and interests for your personal data.

• WHOM do we share your personal data with and WHY?

In the context of the operation of the Application and the Service, the fulfillment of our contractual obligations and your best service, our Company reserves the right to cooperate with third-party service providers that provide us with support and access only to your data are absolutely necessary for the service they offer us (e.g. registering you in the Application and management of your account, the execution of the mediation contract between us to provide you with medical services and processing service of your insurance compensation and the general provision of our services to you, the functional and computerized organization of the Platform and the Service, the optimization of our products and services, etc.). These third party service providers are bound by contract not to use your information in any way other than to help us provide you with the products and services we agree upon.

More specifically, our Company cooperates with:

(a) With a third company which, acting as processor by order and on behalf of our Company, hosts and manages the data you provide to the Platform.

(b) With Third-Party Email Marketing Companies acting in the name and on behalf of us to send you the newsletter.

(c) Advertising and marketing companies

(d) Data analysis companies

(e) Research companies

(f) Financial Organizations for the Recovery of Health Insurance Fees.

(g) fraud detection and prevention Organizations,

(h) Providers of technology services,

We reserve the right to disclose your personal data to a third party that we choose to transfer all or part of our business. In addition, in the event of a merge or acquisition or other change in our business, the new owners, etc. have the right to use your personal data in the same way according to this Privacy Policy.

Your data may be communicated to competent judicial, police and other administrative authorities upon their request and in accordance with the applicable laws. Moreover, in case of a statutory provision, a service order or a formal preliminary examination, our Company has the right to place the relevant information at the disposal of the respective authority.

• PROTECTION AND MANAGEMENT OF YOUR PERSONAL DATA

• SECURITY of your personal data

We take appropriate technical and organizational measures to protect your personal data we keep from unauthorized disclosure, use, conversion or destruction. Where appropriate, we use encryption and other technologies that can help to secure any information you provide us. We also ask our service providers to comply with severe privacy and data protection requirements.

find out more…

More specifically, the data you submit to the Company is managed exclusively by specially authorized personnel of the Company under our control respectively and only on our mandate. In order to conduct the processing, the Company selects individuals or third party – collaborators with corresponding professional qualifications that provide sufficient guarantees in terms of technical knowledge and personal integrity to safeguard confidentiality. The Company, through its respective contractual commitments and these of its partners, takes all necessary security measures to protect and secure the privacy, confidentiality and integrity of personal data. In any case, its security in the Platform’s environment is subject to reasons beyond Company’s influence, as well as to reasons resulting from technical or other problems of the network that are not controlled by the Company or reasons of force majeure or events of chance.

You must not disclose the data / passwords you have entered to open your Account, which is personal and non-transferable. For personalized communication, our Company also uses appropriate mathematical and / or statistical processes for profiling and performs regular quality and security checks on the systems and algorithms it uses to correct the factors that lead to inaccuracies in the data.

• Personal data RETENTION

We will retain your personal data for as long as you continue to interact with us (you keep an Account, an Incident is pending, you are registered to receive commercial communication from us, you contact our customer service points, etc.) and is necessary for the fulfillment of the purposes for which we have collected and processed it as described in detail above, or for the length of time that liability could arise due to processing, in accordance with the applicable law. or if these purposes are eliminated, we do not have to keep it under a law e.g. for tax purposes. We also keep it until you ask for their deletion, or for data we keep and process by your consent, until you withdraw it, or until you oppose its processing by us on which we base our legitimate interest.

To determine data retention time of your personal data, we take into account the nature of your data, the quantity, purpose, security, etc.. You have the right to request from us to delete your data. To exercise your right, please visit the relevant Section in this Policy.

We reserve the right in certain circumstances to anonymize your data for research or statistical purposes, so that it cannot be associated with an identifiable person, therefore we reserve the right to use this information for an indefinite period of time. In any case, your data is stored with safety.

find out more…

Purpose of data processing	Data retention
Management of your Account	Till you delete your account
Incidents Management	We will process your data for the time required to manage Incidents, including your insurance coverage, withdrawal, complaints, or claims relating to the use of the Service. Some of your information you may have provided to us, we will keep it until you tell us to stop storing them.
Payment data	We will retain your transaction data for as long as it is required to complete the Service with regard to the Incident and to comply with any legal obligations (for example, for tax and accounting purposes).
Customer care	If you contact customer care, we will make a record of the matter (including details of your query and our response) and retain it while it remains relevant to our relationship. Temporary records may be relevant only until more permanent records are made, and will be retained only temporarily.
Usability and quality analysis	We will process your data during the period we will perform an action or a specific quality survey or until we have anonymized your browsing data
Marketing	Until you unsubscribe from our newsletter recipients list, or until you withdraw your consent, or until you oppose (opt out) processing, otherwise we will retain your data for five (5) years maximum. However, some details of your profile, such as files about how we interact with you, may cease to be effective after a period of time, so we automatically delete them after a specified period (usually 3 years) depending on the purpose for which we have collected them. if we do not have any communication with you for a long time (usually 3 years), we will stop sending you promotional messages and we will delete history of your responses. This will happen, for example, if you never click on our Newsletter, if you never log in to a digital contact point or if you never contact us or do not use the Service, or contact customer service during this period. The reason is that, in these cases, we assume that you prefer not to receive any message from us.

• TRANSFER of your personal data to THIRD COUNTRIES

In principle, the Company keeps your personal data within the European Economic Area. When your data is to be transferred to third countries outside the European Economic Area or International Organizations for which no European Commission decision is available, all the appropriate safeguards provided for in the applicable data protection legislation on the transfers to third countries and the relevant information will be posted on the company’s website …………………….

• YOUR RIGHTS AND YOUR OPTIONS

You have the following rights with respect to your personal data that we have and process:

• • request us to give you access to it, to confirm that we process it in accordance with law and / or your own orders and preferences,

• • request us to rectify it, incomplete, non-updated or inaccurate data that we hold for you. Of course, we also have the right to ask you to update your information at regular intervals.

• • request us to delete it, since of course the law does not oblige us to the contrary.

• • request us to restrict our use of it, in certain circumstances;

• • to object to our using it, in certain circumstances;

• • to withdraw your consent to our using it;

• • data portability, in certain circumstances;

• • opt out from our using it for direct marketing; and

• lodge a complaint with the country’s supervisory authority.

We offer you easy ways to exercise these rights, such as “unsubscribe” links, or by calling from Monday to Sunday 9:00 to 17:00, or by sending email at [email protected]

Some mobile applications we offer might also send you push messages, for instance about new products or services. You can disable these messages through the settings in your phone or the application.

For the exercise of your rights with respect to the device data we collect, you can access the settings.

It may be necessary, for the security of your information, to ask for some information about you for the purposes of your identification. Your right is exercised free of charge, however, when your right is exercised abusively, we shall request a fee in accordance with the conditions set by law. In any case, we respond to your requests within one month, except in exceptional cases where our response time to a request may be longer.

find out more…

access (article 15)	You may request us to: confirm whether or not we process your personal data; give you access to data that you don’t have provide you with other information about your personal data, such as, what data we have, why we use it, with whom we share it, whether we transfer it abroad and how we protect it, for how long we keep it, what rights you have,  how to file a complaint, where did we take your personal data from to the extent that such information is not already given with this Policy.
rectification (article 16)	You may request us to rectify inaccurate personal data. We may seek to confirm the accuracy of the data before we rectify it.
erasure (article 17)	You may request us to erase your personal data At any time, when the information we hold is no longer necessary in relation to the purposes for which it was collected; When you delete your account (which data is erased either way) or If it has been unlawfully processed. It is not required to comply with your request to erase your personal data if processing is necessary to comply with a legal obligation. To fulfill another lawful purpose or other legal basis To establish, exercise or defend any legal claims
restriction (article 18)	You may ask us to restrict (i.e. keep but not use) your personal data when: • its accuracy is being questioned (see rectification) so that we can verify its accuracy or • processing is illegal, but you do not want to delete it or • it is no longer necessary for the purposes for which it was collected, but we still need it for the establishment, exercise or defense of legal claims, or there is another legitimate processing purpose or other legal basis
portability (article 20)	When processing is based on consent and is done by automated means, you may ask us to provide your personal data in a structured format that is commonly used in mechanical reading form, or you may request it to be transferred directly to another controller. However, this right, according to the law, concerns only data that has been provided by the data subject and not data concluded by the controller on the basis of the data provided by the subject
to object (article 21)	You may at any time object to any processing of his or her personal data, which has as its legitimacy the legitimate interest of the Company or the fulfillment of a duty performed in the public interest.
to withdraw your consent (opt- out)	You are entitled to withdraw your consent, where consent is provided for as a basis for processing. The withdrawal is done for the future.
supervisory authority	You have the right to file a complaint with the local supervisory authority regarding the processing of your personal data. In Greece, the supervisory authority for data protection is the Hellenic Data Protection Authority – HDPA (www.dpa.gr).
Identity	We take seriously into account the confidentiality of all files that contain personal data and we reserve the right to ask you for proof of your identity if you make a claim about those files.
Costs	We will not charge you for the exercise of your rights in relation to your personal data unless, as required by law, your request for access to information is unreasonable or excessive, so we may charge a reasonable fee under these conditions. We will notify you of any charges before fulfilling your request.
Timelines	We aim to respond to any valid requests within one (1) month of receipt, unless it is very complex or you have made a number of requests, so we aim to respond within three months. We’ll let you know if we’ll need more than one (1) month for the reasons outlined above. We may ask you if you can tell us exactly what you want to receive or what exactly is your concern. This will help us to act faster for your request. In any case, you should provide us with specific and truthful details and / or facts in order to be able to answer and / or satisfy your request, otherwise we reserve the right to make any errors that are out of our control. In addition, our Company may refuse requests that are unjustified or excessive or abusive or made in bad faith or generally illegal according the provisions of the law.