The anonymous society under the trade name “SABO INDUSTRIAL & COMMERCIAL INCORPORATED COMPANY OF MACHINERY FOR THE BRICK & TILE INDUSTRY & MANUFACTURED AUTOMATIC SYSTEMS”, with the d.t. “SABO S.A.”, having its seat at Municipal Community of Vassiliko, Municipal Unit of Lilantion, in the Municipality of Chalkis, registered to the General Trade Registry Office in Greece under the registration number 130604522000, VAT 997316908 (hereinafter «the Company»), considers the legally process, security and protection of your personal data, in any capacity that you contact or cooperate with us, i.e. as visitors to our website, employees, suppliers, prospective or active customers or third parties, cooperating with every company of our group.
1. What your personal data are
Your personal data include any information on paper or electronic media that may lead, either directly or in combination with other, to your sole recognition or identification as a natural person. This category of data includes, depending on each case, information such as name, surname, TAX ID, social security number, addresses, e-mail addresses, telephone or mobile phone number, calling and called telephone numbers, recipients of messages SMS/MMS, equipment or terminal identifiers, such as computer, smartphone or, tablet, your web browsing history (log files, cookies, etc.) and every other data that allows your sole recognition, which comply with the provisions of the GDPR (General Data Protection Regulation 2016/679), the applicable Greek legislation L.4624/2019 and the decisions of the Hellenic Data Protection Authority.
2. Data collection and processing Principles
The Company implements the ten GDPR processing Principles 2016/679 (legitimacy, objectivity, transparency, purpose limitation, data minimization, accuracy, storage time limitation, integrity, confidentiality and accountability). The Company protects and safeguards your eight data subject rights in the use of your Personal Information (information, access, correction, deletion, processing limitation, portability, opposition, and non-automated decision-making based on profiles as specified in Greek law). The above apply without any discrimination to all our processing activities and to all the services provided by us.
3. Which are your Personal Data we collect
3.1 When you visit the Company’s website, the Company may process:
(a) The data that you have entered on the Contact Form of our website or for the purpose of submitting your CV (e-mail address. Name, surname),
(b) Personal data automatically collected while you browse (IP address, device type, browser, redirection website, company web pages that you visited, visit date and time).
3.2 In the context of a potential or existing business relationship with the Company, the Company may process the following categories of personal data of the contractual parties:
(a) Identification and contact information, such as full name, tax identification number, competent tax office, address, telephone number, mobile phone number, fax number, e-mail address.
(b) Data processed in the context of a project, a sale/purchase transaction covering goods or services, such as data provided by the business partner, such as personal data with regard to orders, payments effected, requests and reports in the context of implementation of a project or a business cooperation in general.
(c) Information on credit worthiness and integrity (information with respect to litigation or other legal proceedings against business partners) collected from publicly available sources, databases and credit rating agencies and bureaus.
4. Lawful process
The Company will use your information for the following legitimate processing purposes (as per article 6 of the GDPR) under your consent that you may freely revoke at any time, for the execution of contract or pre-contractual relationship with you, for our legitimate interest, or for protection of your vital interests, namely:
(a) To respond to your inquiries and information queries related to our products/services or communicate with you after your request.
(b) Τo document a legitimate legal claim or defense of the Company against an attempt at fraud, cyber-attack or other unlawful activity.
(c) The traffic analysis of our website to improve your browsing experience
(d) For our internal operations and analysis such as internal management, prevention against fraud, use of information management systems, pricing, accounting, charging, contractual management such as receipts, product deliveries, service delivery, project execution, receipts, payments, accounting audits.
(e) Conducting customer satisfaction surveys, advertising campaigns, or other promotional activities or events.
(f) Ensuring Company compliance with legal obligations (tax, social security, customs, accounting etc.), prevention of financial crimes and the safeguarding of its overriding legitimate interests such as the transmission of data to law firms or competent authorities.
5. Cookies Policy
According to the European E-Privacy Directive 2009/136/EU (which is expected to be replaced by the regulation e-Privacy) and the guidelines of the Hellenic Data Protection Authority, our website accepts the use of "cookies".
By using our website a process of your personal data is taking place by third parties, such as social networks and search engines, i.e. Google Analytics, Facebook, Twitter etc, without any influence or involvement by the Company and και they may be transmitted either within or outside the European Economic Area, for which those third parties are solely responsible.
If you do not wish third parties to receive information from your browser, when you visit our website, you can opt-out by selecting the corresponding option provided by the relevant Usage Policy on the site of any such third party part.
Our Cookies Policy refers to further details for the types of cookies we use, the use thereof, as well as the ways you can delete or prevent the placement of specific cookies on your computer or mobile device.
6. Minors’ Personal Data
The Company and its website address to persons having completed their eighteenth (18) year of age. In case that minors visit our website on their own initiative, the Company has no liability. If during the data collection process, it becomes evident that the user is of a younger age, the Company will not process the minor’s personal data.
7. Transfer to third parties
7.1 Regarding our website, this may be managed by third party IT companies (processors). In this case we make sure, through contractual terms and regular inspections that if such third parties have access to personal data this is done with due observance of the applicable legislation on data protection.
7.2 Regarding your contractual relationship with the Company, the Company may transfer personal data to:
other subsidiaries or third parties, only if and to the extent that such transmission is necessary solely for the above indicated purposes.
judicial, administrative, taxation, customs, arbitration authorities or other public authorities, regulatory bodies and attorneys-at-law if necessary, for its compliance with legislation and/or for establishing, exercising or defending its legal claims.
Furthermore, the Company may assign part or all of the said processing to third parties (processors) including their directors and employees:
parties who have entered into contract with the Company for promoting the company services, for the provision of postal services, data processing support services, record-keeping services, survey services, IT services, advertising services, banking and credit institutions, Certified Public Accountant firms.
parties who have entered into contract with the Company for assessing the creditworthiness of the customer and the customer’s ability to fulfill its obligations under the contract,
attorneys-at-law and law firms.
In these cases we ensure via contractual terms and regular inspections that, if and to the extent that they have access to personal data, the legislation on the protection thereof is duly complied with.
The recipients of personal data may be established outside the European Economic Area. In such cases, the Company takes measures so that adequate and appropriate safeguards are applied for the protection of personal data by other means, mainly by way of the use of the EU standard data protection clauses.
8. Links to third party websites
Our website may contain links to other third- party websites, (i.e. professionals), which are operated and maintained exclusively by them and which we do not control. Therefore we do not bear any responsibility for the content, actions or policies of these websites. Please read carefully the relevant privacy policies on the different websites you visit, as they may differ significantly from the present one.
9. Security of your personal data
We take the appropriate technical and organizational measures to ensure the confidentiality, integrity and availability of your personal data. Our aim is to ensure that your personal data is transferred, stored and processed by following appropriate security standards and procedures in accordance with the terms of this Policy and the applicable data protection laws.
Our Company has trained and responsible personnel, we have appropriate security policies and we use the appropriate technical and operational tools such as anonymization, pseudonymization, data encryption, use of firewalls, access levels, authorized employees, staff training, periodic inspections, compliance with international security and business continuity standards.
10. Data retention - deletion
Our Company retains your personal data only for as long as is required by the contractual terms of each service, in conjunction with the legislation, based on the purpose of the processing as described in this policy, and subsequently anonymises or destroys them.
The retention period is determined according to the following criteria:
(a) the term of the contractual relationship
(b) the compliance of the Company to a legal obligation that incurs it
(c) legal reasons such as court cases, audits by regulatory authorities, etc.
(d) your prior consent to retain your data for a longer period of time
11. Withdrawal of your consent
In case you have given us your consent to process specific personal data by the Company, you have the right to withdraw your consent at any time, with prospective effect. Such withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. In case of such withdrawal, the Company may further process your personal data only in cases where there is some other legal ground for such processing.
12. Continuous training and awareness of staff and associates
The Company notifies the present policy to its staff and network of partners and ensures its continuous upgrading, in order to achieve full compliance with the current legal and regulatory framework.
At the same time, it invests in the continuous training, sensitization and training of its employees and its network of partners, in matters of Information Security and Personal Data Protection, as well as in the continuous improvement of know-how and its diffusion throughout the staff.
The above-mentioned trainings and informative actions refer both to the senior management levels and the staff of the Company. The trainings can be specialized according to the particularities and needs of the Departments. Training and information actions may be carried out by external providers or by internal rapporteurs, as well as electronically, through a special educational platform.
The effectiveness of this policy as well as the relevant procedures shall be evaluated at least on an annual basis and, if deemed necessary, it shall be amended and updated accordingly.
If you have any questions or comments about this privacy and security policy, you can contact by e-mail at: PersonalData@sabo.gr or by post to the address: "Agrielia" Vassiliko D.E. Lilantion D. Chalkida PC 34002