The site sotbros.gr is owned by SOTIROPOULOS BROS (“Company”, “We”) based in Athens, 24C, Papadiamantopoulou str., 11528. The information collected through the website is intended to measure its traffic, to help in its evolution by recording user requirements or comments and facilitating communication with users.
The Company gives direct priority in respecting the confidentiality of your personal data and accurately protecting data protection principles and strictly preserving any personal data you provide to us.
The term “reader” or “user” (after this point called “You”) is used when referring to anyone browsing the site and consuming in any way its content.
What Information Do We Collect And Why?
When filling in forms, some personal information may be required, such as:
- Last name
- E-mail address
During your tour we collect the following:
- IP address: When you visit the site, we enter your device’s IP address and browser settings. IP address is a unique address that devices use to identify and communicate with each other on a computer network. Browser settings other than the IP address may include the type of browser you are using, the browser language, and the time zone. We collect this information so that we can tailor your experience and locate your device in case of misuse or illegal actions. In addition, we may use your IP address to reach your location (city-level).
Under no circumstances will sensitive data be collected and processed.
It is not mandatory to provide any additional item that is not necessary or reasonably required to provide the services requested by the reader.
How Do We Collect Data?
The site collects information that the user gives us voluntarily in one or more of the following ways:
- when you subscribe to newsletters,
- when filling out any form on our site
- automatically collect information such as your IP address.
The processing of user’s personal data from the website is subject to update and with the consent of the user. The Company complies fully with the provisions of the EU General Data Protection Regulation (GDPR).
How Your Data Is Used
The processing of user’s personal data from the website is subject to update and with the consent of the user.
The website makes use of the information you provide during the electronic mail following the completion of each form and always under a secure (using SSL) encrypted communication channel to contact you for confirmation and identification in any necessary case and for the proper functioning of your communication with you via e-mail and newsletter.
The information we collect is designed to provide you with the best possible service and information and to facilitate communication with you.
We use an email newsletter system, Mailchimp, to communicate with users and understand their needs and interests so that we can offer them better and more quality content.
You can unsubscribe from the Newsletter at any time of 24 hours using the Unsubscribe link at the bottom of all the emails we send you.
The Company has undertaken to fully respect the privacy of all visitors to sotbros.gr and to protect the personal data you may provide to us. In particular, we consider it important to know how you treat personal data that you are interested in and which we may receive through this website, as well as the data processing practices we use through the use of the Internet and other electronic communications networks.
The site collaborates and exchanges data with the following process partners:
- Mailchimp (the email & newsletter system, plus our internal self-built mail system)
- Google (Analytics)
We do not work with companies that are not able to adequately protect your personal data.
Finally, we reserve the right to disclose specific personal information to third parties / independent service providers, agents or independent contractors that help us maintain our site and provide us with other management. We seek to ensure that these third-party / independent service providers will not use your personal data for any purpose other than to provide the services for which they are contractually committed. We also create contracts with these third parties which oblige them to comply with the data protection standards required by law and use the data only for the purposes for which they were transmitted.
We will not disclose your personal data to third parties outside the European Union in countries where there is no appropriate data protection regime. However, should such data transfer be necessary, we will take all possible measures to ensure that your data is dealt with safely as well as within the EU / EEA and in accordance with this Policy and applicable law. In addition, we will update the current Policy in order to cover cross-border data transfer and related safeguards for your privacy.
Data Retention Time
It is our policy to maintain your data only for as long as it is necessary for the purpose for which it was collected, in accordance with the principles of data minimization and storage limitation. For all of the following reasons, your data will be retained for at least five (5) years after our customer relationship expires. Additionally, we align the retention of your data with possible variations resulting from the exercise of your privacy rights. In some cases, certain personal information may be retained beyond that time due to possible legal obligations, legitimate interests, etc. Such cases are likely issues related to:
- Money laundering
- Civil law
- Criminal law
- Any other legal issues
Disclosure of Personal Data
The personal data that users will provide will remain on the sotbros.gr server within the European Union. The Company may disclose this data to its staff working within the European Union alone. We undertake to use the personal data of users in accordance with these terms and for the purposes contained therein.
Unless explicitly is required by law, we will never make the abbreviation or disclosure of any information provided to us by the user without his / her information and consent.
We do not sell data to anyone, never.
In addition, the Company has the right to disclose personal information that users provide to third parties other than those referred to above only in the following cases: (a) in order to comply with law, court or administrative requirements; (b) in order to act in urgent circumstances to protect the personal safety of its users, their sites on the Internet or the public.
Privacy and Security of Personal Data Processing
The Company is committed to protect personal information and data provided by users. For this purpose, it has taken the necessary technical security measures and organized the processing of personal data of the users. Personal data collected are stored on password-limited restricted servers and the Company uses specific technologies and procedures and receives strict security, electronic and administrative security measures to enhance the protection of this information against loss or misuse and to protect against unauthorized access, disclosure, modification or destruction. The Company will retain the user’s information for a reasonable period of time or for as long as the law provides.
Rights of Information, Access and Resistance
Users of the Company’s website are entitled to be informed about whether their personal data are being processed by the Company and / or objected to the processing of their personal data.
The application must be in writing and relate to a specific request and / or action to be sent to the address listed below under “Contact” or email@example.com to be accompanied by documentary evidence of the identity of the applicants.
At any point, while maintaining or processing your data, you retain the following rights:
- Right of Access: You have the right to access the personal data we hold for you
- Right to Rectification: You have the right to correct inaccurate or incomplete data we hold for you.
- Right to Deletion: You may request to delete the data we hold for you from our records and we are obliged to satisfy your request in specific cases.
- Right to Limitation of Processing: You have the right to request that your personal data be processed and we are obliged to satisfy this request when certain conditions are met.
- Right to Data Portability: You have the right to request that the data we hold for you to be transferred to another organization.
- Right of Objection: You have the right to object to processing of your personal data subject to certain conditions.
- Right to Withdraw Consent: You have the right to withdraw your consent at any time, in writing to firstname.lastname@example.org, without disqualifying the lawfulness of the processing that preceded the revocation and was based on prior consent.
We will evaluate your request and respond to you about its progress (approval of a request, partial approval of a request and rejection of a request) as soon as possible and in any case within one month of its submission. In the event that SOTIROPOULOS BROS rejects your request regarding the above mentioned Data Protection Rights, we will communicate the reasons for your rejection. You have the right to file a complaint directly with the regulator.
We reserve the right to reject requests that are unreasonably repetitive, require disproportionate technical efforts or have disproportionate technical consequences, jeopardize the privacy of others or are impossible to implement.
Protecting your data is extremely important to the Company and we are constantly trying to provide all possible means of safeguarding your personal data, limiting unauthorized access and / or possible changes. These means include information security measures in line with current best practices to protect the privacy of our customers. These measures include technical and procedural actions and tracking and tracking actions aimed at safeguarding data from misuse, unauthorized access or disclosure, loss, alteration or destruction.
The security and privacy of your personal data and account is our top priority. We take the necessary measures and following the most advanced methods of protection for their preservation. Your personal information will not be used at any time for purposes other than those required for the proper operation of the website, the products and services we provide. In any case, access to them, for our part, is carried out exclusively by authorized personnel and is fully controlled.
Our company regularly checks the proper operation of security mechanisms and applies an SSL Security Certificate that validates the best practices we adopt to encrypt data. Whenever a user enters, connects, makes payments, or sends us sensitive information, we use the SSL / TLS template that encrypts the user’s data before being sent from his computer. In this way, the data can only be decrypted by the Company’s servers. The web pages that the user browses are encrypted by the Company’s servers so that they can only be decrypted by the user’s computer. Indicatively, browsers such as Chrome, Firefox, or Opera encrypt are AES-256 bits, while our servers will not accept links from browsers that do not meet the minimum 128-bit encryption security requirement. Page security can be verified by the presence of the padlock in the browser while Internet Explorer users can double-click on the Properties option and confirm the use of the TLS protocol accordingly.
If you believe that you have identified potential security vulnerability in any of the pages, services / products, please send an email to email@example.com with a summary along with the email to which we could contact you for further information.
Links to Other Websites
We strive to review and keep up-to-date with this Policy in order to comply with legal and regulatory requirements while providing optimal protection for your personal data. Any updates will be communicated to you via the current website.
If at any time you believe we are not complying with the provisions set forth in this Policy or any other matter related to data protection, please contact us by e-mail at firstname.lastname@example.org.