Forward

OTS S.A. is the Data Controller and is committed to ensuring the protection of the confidentiality of personal data collected about website visitors to www.ots.gr.

The processing and protection of the personal data of the visitor is subject to the terms of this policy, as well as to the provisions of the European Regulation 679/2016 (GDPR), but also the other provisions of national, EU and international law on the protection of the individual from the processing of personal data, as applicable.

Personal Data – What is it?

‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

How we process your Personal Data

OTS S.A., in compliance with the requirements of the GDPR, processes your personal data in a fair and transparent manner, ensuring the legality, objectivity and transparency of the processing.
Ensures the protection of personal data from loss, misuse, unauthorized access and leakage by ensuring that appropriate technical and organizational measures are taken to protect them.

The website collects your personal data only if you provide it voluntarily and by visiting it or using one of the possibilities it provides.

The Website may collect the identities of its users using corresponding technologies, such as cookies and / or the monitoring of Internet Protocol (IP) addresses. Cookies are small text files that are stored on the hard drive of each visitor. They are used to facilitate the visitor’s access to the use of specific services and / or its pages, for statistical purposes and in order to determine the areas that are useful or popular. This information may also include the type of browser the visitor is using, the type of computer, its operating system, Internet service providers and other such information. In addition, its information system automatically collects information about the sites that its visitor visits and about the links to third party websites that it may choose through its use.

The visitor can configure his program for Internet browsing (web browser) in such a way that either warns him about the use of cookies in specific services or does not allow the acceptance of the use of cookies in any case. In case the visitor of the specific services and pages does not wish the use of cookies for his identification, he cannot have further access to these services.

List of cookies used in our webpage:

Analytics/Tracking _gid, _ga: Provides anonymous / aggregate information about what you visit and do on the site and other sites. It stays on your computer. For further information:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

WordPress _test cookie: WordPress sets this cookie while navigating the home page. The cookie is used to check if your web browser is set to allow or reject cookies. It is a cookie that is deleted when the web browser is closed. For further information:
https://cookie- cat.co.uk/cookie_category/wordpress_ test_cookie/

wp-settings- cookie: WordPress sets some cookies wp- settings- [UID]. The number at the end is your individual user ID from the user database table. This is used to customize the look
of the management interface and, where appropriate, of the main site interface. It stays on your computer for a year. For further information:
https://cookie-cat.co.uk/cookie_category/wp-settings/

wp-settings-time- cookie: WordPress sets some cookies wp-settings- {time} – [UID]. The number at the end is your personal user ID from the user database table. This is used to customize the appearance of the admin interface and, where appropriate, the main interface of the site. It stays on your computer for a year. For further information:
https://cookie-cat.co.uk/cookie_category/wp-settings-time/

_icl_current_language cookie: Contains the current language choice of the user. It stays on your computer for 24 hours. For further information:
https://cookie-cat.co.uk/cookie_category/_icl_current_language/

The Web site may process part or all of the data submitted by visitors for statistical purposes using Google Analytics. For more information about Google Analytics Terms of Use, you should refer to their respective policy.

In case of filling in the contact form, the website does not collect the personal identification data (name, email), but these are transferred to a corporate email of OTS S.A. and are used to respond to your request exclusively. For any other processing (eg updates, newsletter, your consent will be requested separately.

Legal Basis for the Processing

For the above purposes, the processing of your personal data is done only on the basis of your explicit, free and fully informed consent, after you have been informed about the terms of this, through your visit to it.

Submission of Requests – Exercise of Rights

To exercise your rights as defined below, you can submit a request. OTS S.A. commits to respond and provide the relevant information without delay within one month of the receipt of the request.

The request submission process is done only in writing by sending a relevant mail to dpo@ots.gr, or by registered letter to the company’s offices, 125 Monastiriou, Thessaloniki, PC 54627. Your request must include clear wording, your name and exact communication details (mail, phone, address).

Sharing your Personal Data

Your personal data is treated with confidentiality and security and is not disclosed further, except where disclosure may be required by applicable law, for reasons of protection of vital interests or force majeure. OTS S.A. uses your data exclusively for the purposes described herein and for its own use and is not available for sale or transmit in any other way or disclose personal data of its visitors / users to third parties.

Time of keeping your data

Your personal data is kept for each purpose until your consent is revoked and in accordance with what is mentioned in detail above. From the moment you withdraw your consent, the relevant personal data will be deleted.

Your rights

As data subjects you have the following rights:

Right of access by the data subject
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
(a) the purposes of the processing;
(b) the categories of personal data concerned;
(c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
(d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
The controller shall provide a copy of the personal data undergoing processing. For any further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs. Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.
The right to obtain a copy, shall not adversely affect the rights and freedoms of others.

Right to rectification
The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure (‘right to be forgotten’)
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
(a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(b) the data subject withdraws consent on which the processing is based and where there is no other legal ground for the processing;
(c) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
This shall not apply to the extent that processing is necessary:
(a) for exercising the right of freedom of expression and information;
(b) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(c) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3);
(d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(e) for the establishment, exercise or defence of legal claims.

Transfer of Data to third countries or International Organizations

For the purpose of processing, your personal data is not transferred to countries outside the EU, and in the event that this happens, the present will be modified and you will be notified again with the individual protection measures and the relevant safeguards.

Automated decision making

Your personal data is not subject to automated decision-making processes. In case this happens, the present will be amended and you will be informed again about the relevant logic and the importance and consequences of the treatment for the individual.

General Terms – Complaints – Exercise of Rights

OTS S.A. declares that it has taken all the necessary organizational and technical measures to protect your personal data and adheres to a comprehensive security plan in accordance with the requirements of the Regulation.

The collection and processing of personal data in this context is carried out by lawful means and in a manner that ensures respect for privacy, personality and human dignity.

In case of inability to exercise the rights provided by the Regulation, but also in general, in case of questions, clarifications and complaints, you have the right to contact the Hellenic Data Protection Authority, for support and assistance.
https://www.dpa.gr/index.php/en/individuals/complaint-to-the-hellenic-dpa

Furthermore, for any issue concerning your protection against the processing of personal data you have the right to submit a request in accordance with the above, as well as the right to address for any reason the Data Protection Officer of OTS S.A., by sending an email to dpo@ots.gr Your request must be clearly worded and include contact information and name.