WEBSITE PRIVACY POLICY

Your privacy and the protection of your fundamental personal rights, such as those related to the protection of Personal Data, are of great importance to our business and, therefore, to this Privacy Policy, which we ask you to comply with and read carefully, we inform you about the ways in which we ensure that you feel safe while using our Website.

I.PRIVACY AND DATA PROTECTION POLICY

Respecting what is established in the current legislation, LINKART (from now on, also Website) is committed to adopt the necessary technical and organizational measures, according to the security level appropriate to the risk of the collected data.

1.Laws incorporated in this Privacy Policy

This privacy policy is adapted to the Greek and European regulations in force regarding the protection of personal data on the Internet. Specifically, it respects the following legislation:

- The Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, relative to the protection of the physical persons with regard to the processing of personal data and to the free circulation of these data (from now on, also RGPD).

- The Law 4624/2019, of August 29, on Personal Data Protection Authority, implementing measures Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and the transposition into national law of Directive (EU) 2016/680 of the European Parliament and of the Council of April 27, 2016 and other provisions.

- The Presidential Decree 131/2003, of May 16, on the Adaptation of Directive 2000/31 of the European Parliament and of the Council on certain legal aspects of information society services, in particular electronic commerce, in the internal market.

2.About the Data Controller for the Processing of Personal Data

The Data Controller for the Processing of Personal Data collected in LINKART is STAVROS VLACHAKIS, with VAT number: XXXX and registered at XXXX's Tax Office, and whose contact details are:

Address: ΟΔΟΣ, ΠΟΛΗ ΝΟΜΟΣ, ΤΚ

Contact phone number: +30 6932 333 950

Contact email: svlachakism@gmail.com

3.Record of Personal Data

In compliance with the established in the legislation, we inform you that the personal data collected by LINKART, by means of the forms extended in Website, will be incorporated and treated in our file in order to facilitate, speed up and fulfil the commitments established between LINKART and the User or the maintenance of the relationship established in the forms that the User fills in, or to attend a request or consultation of the same. Likewise, in accordance with the provisions of the aforementioned legislation, unless the exception provided for in article 30.5 of the RGPD is applicable, a register of processing activities is maintained which specifies, according to its purposes, the processing activities carried out and the other circumstances established in the RGPD.

4.Forms of data collection

Automated: Electronic processes that allow for the recording of general User activities and behavior within the Website, but do not allow for personal identification. For example, the following information may be collected inter alia: number of visitors to the Website, times of entry, most viewed pages, number of page views.

Manuals (Forms, Forums): Direct requests for information from visitors or Users of the portal through which data such as name, email, occupation or other personal data is collected.

The personal data that the holders reveal in their participation in forums hosted on the Website will be stored along with the rest of the contents, in order to allow the operation and maintenance of the forum and the contributions made therein. In no case shall such data be processed by LINKART for any other purpose without the prior consent of the holder thereof.

5.Principles applicable to the Processing of Personal Data

The processing of the User's personal data will be subject to the following principles, as set out in Article 5 of the RGPD:

- Principle of legality, impartiality and transparency: the User's consent will be required at all times, after being informed in a completely transparent manner of the purposes for which the personal data are collected.

- Principle of purpose limitation: personal data will be collected for specific, explicit and legitimate purposes and will not further be processed in a manner incompatible with those purposes.

- Principle of data minimization: the personal data collected shall be only those strictly necessary in relation to the purposes for which they are processed.

- Accuracy principle: personal data must be accurate, up to date and appropriate measures must be taken to correct or remove any inaccuracies immediately in relation to the intended purposes of the data processing.

- Principle of limitation of conservation period: personal data will only be kept in a way that allows the identification of the User for the time necessary for the purposes of their processing.

- Principle of integrity and confidentiality: the data must be processed in such a way as to ensure its security and protection against unlawful processing, loss, destruction or deterioration.

- Principle of proactive responsibility: the Data Controller will be responsible for ensuring that the above principles are complied with.

6.Categories of Personal Data

The data categories treated in LINKART are only identifying data. In no case are special categories of personal data treated in the sense of article 9 of the RGPD.

7.Legal basis for the Processing of Personal Data

The express consent is the legal basis for the processing of personal data. LINKART undertakes to obtain the User's express and verifiable consent to the processing of his/her personal data for one or several specific purposes.

The User will have the right to withdraw his/her consent at any time. It will be as easy to withdraw the consent as to give it. As a general rule, withdrawal of consent shall not condition the use of the Website.

On the occasions when the User must or may provide his/her data through forms to make queries, request information or for reasons related to the content of the Website, the User will be informed if the completion of any of these forms is compulsory due to the fact that they are essential for the correct development of the operation carried out.

8.Purposes of the processing to which the personal data are destined

LINKART collects and treats in a manual and/or automated way the data that the User provides us for the accepted purposes in each case. The personal data are collected and managed by LINKART with the purpose of facilitating, speeding up and fulfilling the commitments established between the Website and the User or the maintenance of the relationship established in the forms that the latter fills in or to attend a request or enquiry.

Likewise, the data can be used with a commercial purpose of operative or/and statistical personalization, and activities of the corporate purpose of LINKART, as well as for the extraction, data storage and marketing studies to adapt the offered Content to the User, as well as to improve the quality, operation and navigation of the Website.

Among these purposes, we can process personal data in order to: Receive personalized notifications based on the use of the website; Solve all the informative queries and answer the requests the User might make through our Website or our social network profile pages; Send informative notifications about the services we offer from LINKART; In case you send us your CV or register in the different offers we can publish, we will treat your data with the purpose of managing your application and, if necessary, carry out the necessary activities for the selection and hiring.

At the moment in which the personal data is obtained, the User will be informed about the specific purpose or purposes of the processing to which the personal data will be destined; that is to say, the use or uses that will be given to the collected information.

9.Personal data retention periods

Personal data will only be retained for the minimum time necessary for the purposes of processing and, in any case, only for the following period: 18 months, or until the User requests its deletion.

At the time the personal data is obtained, the User shall be informed of the period during which the personal data will be kept or, when this is not possible, of the criteria used to determine this period.

10.Recipients of personal data

In case the Data Controller intends to transfer personal data to a third country or international organization, at the time the personal data are obtained, the User will be informed about the third country or international organization to which the data are intended to be transferred, as well as the existence or absence of a decision of adequacy by the Commission.

11.Minor's personal data

Respecting what is established in articles 8 of the RGPD and 21 of the Law 4624/2019, only those over 15 years old will be able to give their consent to the processing of their personal data in a legal way by LINKART. If the User is under 15 years old, the consent of the parents or guardians will be necessary for the processing, and this will only be considered legal insofar as they have authorized it.

Please note that the data controller will make all reasonable efforts to verify the age and identity of the person giving consent in the case of a minor under the age of 15.

12.Privacy and security of personal data

LINKART undertakes to adopt the necessary technical and organizational measures, according to the security level appropriate to the risk of the collected data, in order to guarantee the security of the personal data and to avoid the destruction, loss or accidental or illegal alteration of the personal data transmitted, kept or processed in another way, or the non-authorized communication or access to these data.

However, due to the fact that LINKART cannot guarantee the impregnability of the Internet and its unimpeded navigation or the total absence of hackers or others who access personal data in a fraudulent way, the person in charge of the processing undertakes to inform the User without undue delay when a violation of the security of personal data occurs, which is likely to involve a high risk for the rights and freedoms of natural persons. In accordance with article 4 of the RGPD, a personal data security breach is understood to be any security violation that results in the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorized communication of or access to such data.

The personal data will be considered confidential by the Data Controller, who commits himself to inform about and to guarantee by means of a legal or contractual obligation that such confidentiality is respected by his employees, associates, and any person to whom he makes the information accessible.

13.Rights deriving from the processing of personal data

The User will be able to exercise against the Data Controller the following rights recognized in the RGPD:

- Right of access: It is the User's right to obtain confirmation of whether or not LINKART is treating his/her personal data and, if so, to obtain information about his/her specific personal data and about the processing that LINKART has carried out or is carrying out, as well as, among other things, the information available about the origin of these data and the recipients of the communications carried out or planned.

- Right of rectification: It is the User's right to have his/her personal data modified if they are inaccurate or, taking into account the purpose of the processing, incomplete.

- Right of erasure ("Right to be Forgotten"): It is the User's right, provided that the legislation in force does not establish otherwise, to obtain the deletion of his/her personal data when:

these are no longer necessary for the purposes for which they were collected or processed;

the User has withdrawn his/her consent to the processing and the processing has no other legal basis;

the User opposes the processing and there is no other legitimate reason to continue it;

the personal data has been processed unlawfully;

the personal data must be deleted in compliance with a legal obligation;

or the personal data has been obtained as a result of a direct offer of information society services to a minor under 15 years old.

In addition to the deletion of the data, the Data Controller, taking into account the available technology and the cost of its implementation, shall take reasonable steps to inform the Data Controllers who are processing the personal data of the data subject's request for the deletion of any link to such personal data.

- Right to restriction of processing: This is the User's right to limit the processing of his or her personal data. The User has the right to obtain the limitation of the processing in the following cases:

when he/she contests the accuracy of his/her personal data;

when the processing is unlawful;

when the Data Controller no longer needs the personal data, but the User needs then to file a complaint; or

when the User has opposed the processing.

- Right to data portability: In the event that the processing is carried out by automated means, the User shall have the right to receive from the Data Controller his personal data in a structured, commonly used and machine-readable format and to transmit them to another Data Controller. Whenever technically possible, the Data Controller shall transmit the data directly to that other controller.

- Right to object: This is the right of the User to prevent the processing of his personal data or to stop the processing of his data by LINKART.

- Right not to be subject to a decision based only on the automated processing, including profiling: It is the User's right not to be subject to an individualized decision based only on the automated processing of his/her personal data, including the elaboration of profiles, unless the current legislation establishes the opposite.

Therefore, the User may exercise his or her rights by means of a written communication addressed to the person responsible for the processing, with the reference "RGPD", specifying:

- Name, surname(s) of the User and a copy of the ID card. In the cases in which representation is admitted, it will also be necessary to identify by the same means the person representing the User, as well as the document proving the representation. The photocopy of the DNI may be replaced by any other legally valid means of proof of identity.

- Request with the specific reasons for the request or information you want to access.

- Address for notification purposes.

- Date and signature of the applicant.

- Any document that accredits the request made.

This request and any other attached document may be sent to the following address and/or e-mail:

Address: ΟΔΟΣ, ΠΟΛΗ ΝΟΜΟΣ, ΤΚ

Contact email: svlachakism@gmail.com

14.Links to third party Websites

Through this Website we will provide links to other websites that we consider of interest to our visitors, so the Website may include add-ons, applications, hyperlinks or links that allow access to websites of third parties other than LINKART, and which are therefore not operated by LINKART. Although we aim to ensure that such websites maintain the highest standards, clicking on such links or enabling such connections may allow third parties to collect or share data about you.

However, due to the very nature of the Internet, we cannot guarantee the privacy standards of websites we provide the link from or be responsible for the content of other sites that are not owned by us, so this Privacy Policy will not apply to any linked site that is not owned by LINKART. The owners of these websites will have their own data protection policies, being themselves, in each case, responsible for their own files and their own privacy practices. When you leave our website, we recommend that you read the privacy notice of each website you visit so that you can direct all your concerns regarding any third party website to their relevant administrator.

15.Claims before the control authority

In the event that the User considers that there is a problem or infringement of the regulations in force in the way his or her personal data is being processed, and especially when he or she has not obtained satisfaction in the exercise of his or her rights, without prejudice to any other administrative remedy or legal action, he or she shall be entitled to effective judicial protection and to file a complaint with a supervisory authority, in particular in the State in which he or she has his or her habitual residence, place of work or place of the alleged infringement. In the case of Greece, the User may exercise his/her right to complain to the Hellenic Data Protection Authority[Φ1]  as the supervisory authority, located at Kifisias 1-3, Athens, 11523.

II.APPLICABLE LAW AND JURISDICTION

This Privacy Policy is governed by and shall be construed in accordance with Greek law. The Greek version of this Privacy Policy shall prevail over any translation into other languages, if any. The nullity of any of the provisions will have to be eliminated, leaving the remaining provisions in full force and effect.

In the absence of an amicable agreement between the parties, conflicts and disputes of any nature whatsoever, relating to the application and/or interpretation of this Agreement, shall be governed by the Greek Law and subject to the jurisdiction of the Court of Athens, with express waiver of any other jurisdiction that may correspond to them.

III. ACCEPTANCE OF AND CHANGES TO THIS PRIVACY POLICY

It is necessary that the User has read and agrees with the conditions on the protection of personal data contained in this Privacy Policy, as well as accepts the processing of personal data so that the Data Controller can proceed in the same way, during the periods and for the purposes indicated.

LINKART reserves the right to modify its Privacy Policy, according to its own criteria, or due to a legislative, jurisprudential or doctrinal change of the Hellenic Data Protection Agency. The changes or updates of this Privacy Policy will not be explicitly notified to the User. It is recommended that the User consult this page periodically to be aware of the latest changes or updates.

This Privacy Policy was updated to adapt to the Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data (RGPD) and to the Law 4624/2019.