Data Protection Policy
The privacy of our website visitors is very important to us!
1. Some words about the Website of the Company
www.granikal.gr is the Website of the Company, where the Company’s online product display shop is located.
Moreover, via our display site www.granikal.gr you can access Company services such as:
- Information on topics related to catering, food and beverages of all kinds, and events through the section “NEWS” of the Website
2. What is Personal Data
The term “Personal Data” refers to the information of individuals, such as full name, postal address, email, address, telephone number etc. which identify or can identify you, hereinafter “Personal Data or Data”.
3. What is the processing of Personal Data
Any act, or series of acts performed with or without the use of automated means, on personal data or personal data sets, such as the collection, registration, organization, structure, storage, adjustment or alteration, retrieval search for information, use, disclosure, dissemination or any other form of distribution, association or combination, restriction, deletion or destruction.
4. Your concession for your Personal Data is mandatory
The mandatory nature of the data concession is indicated by asterisk (*) next to the mandatory personal data.
If you refuse to provide the information that is marked as “mandatory” on the Website, it will be impossible to achieve the essential purpose of collecting the particular Data and may, for example, make it impossible for the Company to complete the communication with the interested party.
5. What kind of Data we collect
As a rule, we only collect and process our Visitors’ Data when they provide it directly and at their will, so a simple visit to the site does not necessarily mean that we process your data.
However, this rule cannot be fully applied in two cases: the data collected by means of cookies and to some data that are automatically collected by your visit.
Due to the nature and functioning of the Internet, as soon as you visit our website, our server logs your IP address, which is personal data, even if we cannot -as a website- identify you, along with the date and time of login and keep them in log files:
On the one hand, we have a legitimate interest in processing this data in order to ensure the security of networks, information and services against accidental or unlawful or malicious acts that endanger the availability, authenticity, integrity, and confidentiality of stored or transmitted data ( e.g. “denial of service” attacks), but also to establish, exercise, or support legal claims.
On the other hand, we have a legal obligation to keep this information, as protecting your data from malicious users is our priority as well as our duty.
6. What is the legal basis for your Data processing by the Company
Data protection law defines a number of reasons why a company may collect and process your personal data. Additionally, your consent is asked where required. For example, when you choose to receive a newsletter or not. When collecting your personal data, we will always inform you what data is necessary for a particular service.
7. Where and how long we store your Data
Your data is stored in the company system hosted on a server that uses resources from Azure Cloud Virtual Machine under Mozaik Ltd’s management. Management is carried out by appropriate methods, solely by strictly limited personnel of the Company, without third party mediation or involvement.
As a general principle, we only retain your data for a period of time, which is necessary for the purpose of processing.
8. What are your rights for the Personal Data and how can you exercise them
According to the General Data Protection Regulation you have a number of rights in relation to the processing of your data by the Company.
Specifically, regarding Granikal you have the following rights:
- Right of access, i.e. requesting to know if we are processing data and, if so, some other information, such as the purpose of the treatment, the recipients etc.
- Right of correction, that is to ask for correction or even completion of your information
- The right to delete, that is to say, subject to conditions, the deletion of your data
- The right to restrict processing, that is to say, provided that we restrict the processing of your data on your own terms
Finally, in the event of a data breach, which may endanger your rights, and as long as this does not fall within one of the exceptions provided for the GDPR, we are obliged to inform you without undue delay.
In principle, we are required to respond to your request promptly and within one month at the latest. If necessary, given the complexity of your request and the number of pending requests, this deadline can be extended by a further two months. In any event, we will notify you as soon as possible and in any case within one month of your request, of its evolution and of the reason for any delay.
If you believe that we do not comply with the laws on personal data protection, you have the right to lodge a complaint with the competent supervisory authority (in Greece the Data Protection Authority).
For any additional questions or issues, you have regarding our data protection, please do not hesitate to contact us at firstname.lastname@example.org.
9. Social Media
The Company has official accounts on the following Social Media:
With the help of each of the above platforms we collect and process some of your data (such as username and photo).
The purpose of processing all of the data we collect about you, whether anonymized or not, is to provide updates on our content or to communicate with you in response to the messages you send us.
The legal basis as set out above, for the process of your personal data is your consent. You give your consent by liking or following on our pages and you can easily retrieve it in exactly the same way (unlike, unfollow). Your consent implies acceptance of our data protection policy, which is set out in a prominent and easily accessible place on the page. If you do not agree with our policy you should withdraw your consent in the appropriate way (unlike, unfollow).
In this context, we implement a number of appropriate technical and organizational measures, such as restricting access to media management, to ensure that data is processed securely.
As required by the principles of information security and data protection, technical and organizational security measures are regularly monitored and, if necessary, updated and adapted to new best practices.
Important note: We are not responsible for the way or the means by which each of the above platforms processes your data.
Our content and services are aimed exclusively at people over 18 years of age and we do not knowingly collect any information about people below this age. If you are under the age of 18, you are not allowed to submit your information to us in any way. As it is not technically feasible to effectively control your age at all times, we undertake to immediately delete all relevant information in the event that the submission of personal information regarding minors is reported and verified.
If you have any additional questions about our Policy or how we process your data in general, you can contact us at email@example.com or by phone at +302103388382 (Contact Hours: 09:00 – 17:00 Monday to Friday).