The website of the Société Anonyme “DADAKARIDES SALT SA”, distinctive title “SALT SA”, based in Thessaloniki, 2nd km Langadas- Kolchiko, Thessaloniki (hereinafter referred to as “Company” or “Website”), being the processor of personal data, hereby informs any visitor, i.e. any person whose personal data are kept by the Company (hereinafter the “Subject”) that when visiting or using the website www.dadakarides-salt.gr, processing of their personal data is governed by the European and national legislation for the protection of personal data currently in force, including Law 4624/2019, Regulation (EU) 2016/679 of the European Parliament and of the Council, adopted on 27 April 2016 and came into force on 25 May 2018 (hereinafter “GDPR”), as well as the decisions, directives and regulatory acts of the Personal Data Protection Authority.
1. Personal Data collected and processed by the Company
The Company ensures legitime and legal collection and processing of personal data. Personal data is information that directly or indirectly identifies the Subject, by reference to an identifying element of identity, such as name, contact telephone number and e-mail address. The above personal data collected are absolutely necessary for the implementation of the action requested by the Subject.
The Subject ensures that the personal data provided are correct and accurate, undertaking to notify the Company of any change or modification thereof. The Subject shall be exclusively liable for any loss or damage caused to the Company or to any third party due to incorrect, inaccurate or incomplete information in the contact form.
2. Use of the Website by minors
According to the provisions of Art. 8 (1), item a) GDPR, as combined with Art. 21 of the Law, minors under the age of fifteen (15) are prohibited from disclosing their personal data through the website of the Company, without the prior consent of their guardian.
3. Purpose of data processing
The Company collects and processes personal data exclusively for the above purposes, and only to the extent absolutely necessary to effectively serve these purposes. This data is always relevant, accessible, only those required in view of the above purposes and accurate and, if necessary, these are submitted for updating.
4. Data retention time
The personal data collected are kept and securely stored, exclusively to be collected and processed (see above, section 3), only for as long as is necessary to achieve said purposes, subject to more specific provisions of the legislation currently in force. In any case, personal data of customers is kept for a period of five (5) years from the termination of the contractual relationship between the Company and the customer in any way, and is securely deleted-destroyed after the end of this period, unless further retention is foreseen by the legislation, such as in the event of a civil case or investigation of a criminal act, tax audit, etc.
5. Security of data
Processing personal data by the Company is carried out so that these are kept confidential. The Company takes all appropriate organizational and technical measures for the security of data and protection thereof against accidental or unlawful destruction, accidental loss, alteration, prohibited dissemination or access, and any other form of unlawful processing.
6. Data Breaches
The Company undertakes that in the event of a breach of its database, it shall inform the Subjects as well as the Personal Data Protection Authority, within 72 hours of such breach.
7. Recipients of the data
The recipient of the personal data is the Company as well as the persons performing the actual processing on the Company’s behalf. The Company guarantees that it shall not transmit, share or make available the Subject's personal data to any third parties for any purpose or use. However, it reserves the right to disclose information about the Subject if the legislation introduces a relevant obligation, or if such disclosure is ordered by a court decision, prosecutorial order or by order or decision of another person or administrative body with legal authority to rule disclosure of such information.
8. Processing on behalf of the Company
The Company uses third party service providers (accountant, IT professional, provider web hosting and bailiffs) to manage a range of its business, including processing of personal data. When the Company makes use of an external company or partner, it employs contractual representations and other appropriate means to ensure that the Subject's personal data is used in a manner consistent with applicable law and in line with this Policy.
For more detailed information on the cookies collected, please check the the Cookies Policy.
10. Linking to third-party websites
Any interconnection of the Company through hyperlinks (links, hyperlinks, banners) with any other third-party website does not imply assumption of any responsibility for the policy followed on that Website regarding protection and management of personal data. The Subject should ensure that they are informed about the protection and management of their data by the above websites.
11. Rights of Access, Correction and Deletion
According to the GDPR (Articles 15-18, 20-21 GDPR) the Subject is entitled to access the data and has the rights of rectification, erasure, restriction of processing, data portability and objection. The above rights may be exercised by sending an e - mail at email@example.com, from the e-mail address through which the original e- mail was submitted, so that the Subject can be identified.
12. Communication with the Personal Data Protection Authority
Should the Subject considers that the protection of their personal data is infringed in any way, they may appeal to the Personal Data Protection Authority on the following details:
Personal Data Protection Authority
1-3, Kifisias str., P.O. 115 23, Athens
Telephone 210 6475628
Since this communication and the personal data protection terms included here may be modified, the Subject should regularly be informed about its content and check for any changes.
Last update: 14.06.2022