1. DATA CONTROLLER AND DATA PROTECTION OFFICER
The Controller of your personal data is the company “INTERSTAR LLC” (We, Us, Company), (50 Anageniseos str Metamorfosi, Attica, tel. 2111900900 email: email@example.com (hereinafter referred to as the “Company”) which provides security services. You may contact us at the contact details listed above and provide us with your feedback, queries, comments or any complaints regarding this Policy and the collection and processing of your personal data, in general.
For any issue related to the processing of your personal data, please contact the Data Protection Officer (DPO) directly at the email firstname.lastname@example.org
2. DATA COLLECTION AND PROCESSING
Personal data or personal information means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one whose identity can be identified, directly or indirectly.
Our company collects and processes data of data subjects under the age of 15 while providing our services. For this reason, we apply strict protocols and technical and organizational security measures, while we are also certified with ISO 27001 and 22301.
3. WHAT IS DATA PROCESSING
‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
4.WHAT types of data we collect for you and HOW we collect them
When entering into a contract with our Company, browsing our website or the Company’s Social Media, subscribing to the recipient list of our Newsletters, we collect various types of personal data, either directly from you, or from third parties or we create with the use of technical means (including automated means).
Indicatively, we collect the following personal data for you:
Identity Data: (name, username, ID) that you provide to us when you enter into a contract with us.
Contact Data: (telephone number and/or mobile phone, e-mail address and other contact information) that you provide to us when submitting your order, opening an Account or as part of receiving a commercial communication from our Company or participating in various actions of our Company (e.g. contests, etc.).
Postal address (street, number, PO, city, country)
Financial data: (bank account, transaction value, credit notes, refunds, debit or credit card information, billing address, etc.) that you provide to us when you pay by electronic means. The card details, their confirmation, preapproval of payment and final charge are recorded in secure environment (SSL) of the bank.
Technical data such as for example channel – source of origin, Internet Protocol (IP) address, time zone and location, login details, browser type and version, operating system and platform, and other technology on the Devices that you use to access our Website, etc. For more details on the information we collect using cookies, please see our policy below.
Demographic data: age, sex, place of residence,
5. HOW do we use your personal information?
Your personal data are used by us for the following purposes:
i. To provide to you our security services and for pre-contractual actions.
ii. To communicate with you about issues relating to the provision of our services to you.
iii. To manage, handle and process your payments, including the security of our financial transaction.
iv. To create, keep and maintain a database with our client base and to analyze it.
v. To send to you commercial communication via Newsletter, SMS, or other media (VIBER) regarding our Company’s news, products, promotions and offers.
vi. To analyze your behavior and identify your preferences.
vii. To understand and analyze the results of our ads and promotions.
viii. To process your requests,
ix. To satisfy your rights with respect to your personal data.
For other purposes for which we will notify you or will be identified on a case-by-case basis at the place where your information is originally collected
6. ON WHAT LEGAL BASIS do we use your personal data?
The Legal basis on which we make use of your information is either one of the following:
i. Performance of a contract for the provision of security services to which you are a party.
ii. The communication with you at a pre-contractual stage, for your information and in order to finalize the contract between us
iii. In order to fulfill our obligations under our Agreement, such as our payment and issue of invoices.
iv. To Safeguard and protect both yours and ours legal interests. E.g. we use CCTV and security cameras in order to ensure the safety of our visitors and partners and also to protect the property of our Company from incidents of theft, vandalism, etc.
v. We also process your personal data in order to manage and protect our business and website, to better understand our customer base and improve our services, and for market research, evaluation and analysis of your opinion of our services and our commercial policy, reputation, recognition of our trademarks and other distinguishing features.To perform market research, evaluation and analysis of your opinion on our products and for our commercial policy, reputation, visibility of our trademarks and other distinctive features.
vi. To advertise our company and our services on social media.
vii. To Comply with our legal obligations, e.g. towards the tax authorities.
viii. If none of the above apply, your consent (which you will always be requested to provide before we process any information). Your free and informed consent is the legal basis for using your email and/or mobile phone for us to send you direct mail in the Newsletter form to your emails, or for you to receive updates on our news and offers through SMS/VIBER on your mobile phone, when you are not for example our client or as appropriate.
7. WHO is NOTIFIED of your personal data and WHY
In the context of fulfilling our contractual obligations and provide better services to you, our Company reserves the right to cooperate with third-party service provider companies, which provide us with support and gain access only to the data of yours that is absolutely necessary for the service that they offer us (e.g. IT companies, lawyers, notaries, bailiffs, financial or professional advisers). These third service providers are contractually bound not to use your information in any way other than to help us provide you with the agreed services, while our Company remains the Data Controller.
Your retained data may be communicated to the competent judicial, police and other administrative authorities upon their request and in accordance with the applicable laws. Furthermore, in the case of a statutory provision, a service order or a formal preliminary examination, the Company has the right to place the relevant information at the disposal of the respective service.
The Company does not transfer your personal data to third countries, outside the European Economic Area.
8. SAFETY of your personal data
The data you submit to the Company is treated exclusively by specifically authorized personnel of the Company. In order to conduct the processing, the Company selects individuals or third parties with corresponding professional qualifications that provide sufficient guarantees in terms of technical knowledge and personal integrity to ensure confidentiality. In all cases, your personal data is treated with the utmost confidentiality and secrecy while the employees of the Company who process your personal data are bound by a confidentiality clause or have a regulatory obligation to maintain confidentiality. More specifically, the Company, through its respective contractual commitments and its affiliates, shall take all necessary security measures to protect and ensure the confidentiality, privacy and integrity of personal data. In any case, their security in the platform environment is subject to reasons beyond its sphere of influence, as well as reasons resulting from technical or other weaknesses of the network that are not controlled by the Company, or reasons of force majeure. The fact that the internet is free to everyone does not allow us to provide guarantees that unauthorized third parties will never gain access to personal data for illegal or unauthorized purposes.
9. TIME OF RETENTION of your personal data
We will retain your personal data for as long as you continue to interact with us. At the same time, we keep your personal data for purposes of legitimate interest which consists of our legal coverage in case of any conflict regarding our contract, our commercial policy or any other transaction between us, for the period during which liability could arise from the processing, in accordance with the applicable legislation. Your financial data may be kept by our Company as part of its tax obligations. We may keep any other data until you ask us to delete them or those we maintain and process as part of your consent until you withdraw it or until you oppose to their processing by us on which we rely on our legitimate interest.
We reserve the right in some cases, to anonymize your data for research or statistical purposes, so that they will be no longer associated with an identifiable person, therefore we reserve the right to use this information for an indefinite period of time. In any case, your data will be stored securely.
10. YOUR RIGHTS REGARDING YOUR PERSONAL DATA
With respect to your personal data, we have and process, you have the following rights:
i. to request us to access them to confirm that we process them in accordance with law and/or your request and preferences,
ii. to request us to correct any incomplete or inaccurate data we keep about you. We also have the right to request you to update your information at regular intervals.
iii. to request us to delete them, as long as the law does not oblige us to the contrary.
iv. to request us to limit their use, under certain circumstances,
v. to oppose to their use, under certain circumstances,
vi. to withdraw your consent with respect to their use,
vii. you have the right to data portability, under certain circumstances,
viii. to submit a complaint to the country’s supervisory authority.
ix. not to be bound by a decision made solely on the basis of automated processing, including profiling, under certain circumstances.
We offer you easy ways to exercise these rights, such as “unsubscribe” links in the emails that we send you, or by sending an email to email@example.com.
For your information security, we may ask you for certain information about your identification. Your right is exercised free of charge, however, when your right is used abusively, we may claim a fee, in accordance with the conditions laid down by law. In any case, we shall respond to your requests within one month of the date of receipt of the request, except in exceptional cases where our response time to a request may be longer.
11. The right to complain to the Data Protection Authority
You have the right to submit any complaint regarding your personal data protection issues that may arise from the Company’s processing thereof, to the Hellenic Personal Data Protection Authority (www.dpa.gr), which is the supervisory Authority in our country.
12. Update of the policy
This version was updated on 13/12/2022. Any future change to this regulatory framework will be the subject hereof. We reserve the right to change this policy and to implement any change to your data and our practices regarding the collection and processing thereof, in accordance with what is provided by law, and/or to modify or replace all and/or part of of this Policy at our sole discretion.
Any changes to this Policy will be posted immediately here.