Website Privacy Policy

 

Notification of processing of Personal Data in accordance with Article 13 of Regulation (EU) 2016/679 (“GDPR”)

 

Dear User, “MiniBus Athens Tours” welcomes you to its website (hereinafter  the “Website”) and invites you to pay attention to the following notice, (the “Notice”), which is issued in accordance with Article 13 of Regulation (EU) 2016/679 on the protection of persons with regard to the processing of personal data, as well as on the free movement of such data (“GDPR”).
This document contains a record of the processing carried out by the Data Controller, as defined below, through the Website, while clarifying that the information concerns only the Website, therefore excluding any webpage to which you may be redirected from the Website.

  1. Data controller

The Data Controller is the company under the name “MiniBus Athens Tours”, VAT 075298433 of the Tax Office Nikaias, based in Sokratous, no. 15, Koridalos – P.C 181 20, e-mail address info@minibusathens.tours and tel. contact +30 697 176 8848 (hereinafter the “Company”). This means that the Company manages the Website and determines the purposes and means of processing your personal data in accordance with the Regulation and the applicable legislation in general.
The Company has also appointed Mr. George Bentis as its representative for personal data protection issues, with whom you can contact directly for the exercise of your rights, as well as receive any information regarding the processing of your personal data and/or this Notice, at the following email address: info@minibusathens.tours also at the contact number:  +30 697 176 8848.

  1. Sources of personal data collection

The Company collects personal data directly from you and not from third party sources. Your personal data is provided in the context of your visit to the website and specifically the search for communication with the Company, sending a CV, completing the offer form, submitting an evaluation – comments on the level of our services and subscribing to the newsletter, after clicking on the relevant links on the home page. In order to serve the above purposes and fulfill the service you have requested, it is necessary for us to process the following personal data, otherwise it will become impossible to provide the service.

  1. For what purposes do we process your personal data and what is the legal basis for processing?

The table below sets out the purposes of processing the personal data processed by the Company, the categories of such personal data, as well as the legal basis for their processing.

Purpose of processing Categories of Personal Data Legal Basis for Processing
(Regulation provision)
1. Communication of the user with the Company Personal identifiers, contact details and data communicated to us by the user for this purpose. Article 6, para. 1, approx. f’ – processing is necessary for the purposes of the legitimate interests pursued by the Company and in particular to serve the user’s request.
2. Send CV Personal identifiers, contact details, CV content Article 6, para. 1, approx. f’ – processing is necessary for the purposes of the legitimate interests pursued by the Company and in particular the evaluation of any future cooperation with the user.
3. Filling out the offer form Personal identifiers, contact details Article 6, para. 1, approx. f’ – processing is necessary for the purposes of the legitimate interests pursued by the Company and in particular to serve the user’s request by formulating a financial offer for the service requested.
4. Service evaluation – Submission of customer feedback Personal identifiers, contact details Article 6, para. 1, approx. f’ – processing is necessary for the purposes of the legitimate interests pursued by the Company and in particular the improvement of its services.
5. Subscribe to our newsletter Contact details (e-mail) Article 6, para. 1, approx. f’ – processing is necessary for the purposes of the legitimate interests pursued by the Company and in particular corporate promotion and communication.
  1. Security

The Company processes your personal data in a way that ensures their protection, taking all appropriate organizational and technical measures to secure the data and protect them from accidental or unlawful destruction, accidental loss, alteration, prohibited disclosure or access and any other form of unlawful processing.

  1. Disclosure to third parties and categories of recipients

To achieve the purpose described in paragraph 3 above, your personal data may be brought to the attention of external service providers contracted with the Company for this purpose or, where applicable, to the attention of other public authorities to satisfy your requests.

The Company does not transfer your personal data to a third country or international organization.

  1. Geolocation data

The website may collect and process geolocation data for the provision of services requested by the user, only with the specific consent of the interested party, which can always be revoked. In this case, consent will be requested through what is known as a pop-up window.

  1. Rights of the Subject

This section presents your rights in relation to your personal data. These rights are subject to certain exceptions, reservations or limitations. Please submit your requests responsibly. The Company will respond to you as soon as possible and in any case within one (1) month of receipt of the request. If your request will take longer to process, you will be informed. To exercise your rights, you can contact us by email: info@minibusathens.tours.

The Company ensures the unhindered exercise of the following rights:

7.1 The right to information

You have the right to request and receive clear, transparent and easily understandable information about how we process your personal data, in accordance with the Company’s policies and procedures.

7.2. The right of access

You have the right to access your personal data free of charge, in accordance with the Company’s policies and procedures, except in the following cases, where there may be a reasonable charge to cover the Company’s administrative expenses:

  • manifestly unfounded or excessive/repeated requests, or
  • additional copies of the same information.

7.3. The right to rectification

You have the right to request the correction of your personal data if it is inaccurate or incomplete, in accordance with the Company’s policies and procedures.

7.4. The right to erasure

You have the right to request the deletion or removal of your personal data when it is no longer necessary for the purposes collected or there is no legitimate reason to continue processing it, in accordance with the Company’s policies and procedures. The right to erasure is not absolute, to the extent that there is a particular legal obligation or other legal reason for the retention of your personal data by the Company.

7.5. The right to restriction of processing

In certain cases, you have the right, in accordance with the Company’s policies and procedures, to restrict or remove further processing of your personal data. In cases where processing has been restricted, your personal data remains stored without being further processed.

7.6. The right to data portability

You have the right to request the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, as well as to transmit such data to another controller, in accordance with the Company’s policies and procedures.
7.7. The right to object

You have the right to object, at any time and on grounds relating to your particular situation, to the processing of your personal data, which is based on Article 6 para. 1 point f of the Regulation (processing for reasons of legitimate interest of the Company), based on this provision. In such a case, the Company, as controller, no longer processes the personal data, unless it demonstrates compelling and legitimate reasons for the processing, which override the interests, rights and freedoms of the subject or for the establishment, exercise or support of legal claims.
7.8. Rights related to automated individual decision-making and profiling

The Company does not make automated individual decision-making, including profiling.
7.9. How to exercise your rights

The exercise of the aforementioned rights requires the submission of a written application to the Company, in accordance with its policies and procedures. The Company reserves the right to respond no later than one month from receipt of the request, in accordance with the terms of the Regulation and its policies and procedures.

  1. Retention period of personal data

For each category of personal data, the Company determines the retention time of personal data in accordance with the provisions of the law for each category of personal data and its internal policies and procedures.

  1. Communication with the supervisory authority

For further information and advice on your rights or to lodge a complaint, you can contact the Hellenic Data Protection Authority:

Postal Address: Hellenic Data Protection Authority, Offices: 1-3 Kifissias Avenue, P.C. 115 23, Athens

Call Center: +30-210 6475600

Fax: +30-210 6475628

E-mail: contact@dpa.gr.

  1. Revisions to this Notice

We aim to constantly review and update this Notice in order to comply with data protection legislation and new developments. Any update to this Notice will be communicated to you immediately.