Information on the Processing of Personal Data
We would like to assure you that for INTRACOM HOLDINGS S.A. (hereinafter referred also as the “Company”), the protection of personal data associated with data subjects contacting or contracting in any way whatsoever with the Company is of primary importance. That is why we are taking all appropriate steps to protect the personal data we process as well as to ensure that the processing of personal data is always carried out in accordance with the obligations laid down by the applicable legal framework, by both the Company itself and third parties that process personal data on behalf of the Company.
INTRACOM HOLDINGS S.A. having its registered offices in 19th km Markopoulou Ave. 19002 Paiania, Athens, Greece, email: firstname.lastname@example.org, tel: +30-210-6674000 website: https://www.intracom.com, would like to inform the public that in the context of its operational activities it processes the personal data of data subjects, indicatively those of its customers, partners, suppliers, investors, employees and candidate employees, in accordance with applicable national legislation and the European General Data Protection Regulation 2016/679 on the protection of individuals with regard to the processing of their personal data and on the free movement of such data (General Data Protection Regulation, hereafter referred to as the “Regulation”) as in force from time to time.
For any matter relating to the processing of personal data, you may directly contact Company’s competent function by e-mail to email@example.com.
Which personal data do we process?
The personal data you provide us (such as your name, contact details, email address, telephone number, date of birth, marital status, etc.) along with any additional data resulting from resumes when submitted through the Company’s job application CV form in the context of job vacancies, are only processed as long as we have a legitimate reason to do so.
Which are the legitimate reasons for processing your personal data?
Legitimate reasons for lawful processing your personal information are:
(a) the performance of a contract or the intention to award a contract, such as the execution of a work or the provision of services, in order to meet contractual obligations in that context
(b) safeguarding and protecting both your and our legitimate interests
(c) compliance with obligations and duties imposed by the law or administrative acts, particularly in cases where it is required to publish corporate acts and information related a societe anonyme according to article 7b of the Codified Law no. 2190/1920, to disclose transactions of nominated persons to the Athens Stock Exchange, to submit shareholders lists and provide information when participating in public tenders, to handle claims for compensation arising from accidents caused during the execution of a project, to manage legal disputes etc.
(d) the consent you explicitly provide under the specific conditions set forth in the applicable legal framework or on the basis of contractual relations or when contacting departments of our Company.
(e) the processing necessary to protect the vital interests of the data subject or other natural person, where the data subject is physically or legally incapable of granting consent are the legitimate reasons for processing any information provided regarding health data.
How and why do we use your personal data?
To fulfil our contractual commitments and to maintain communication.
We draw and use in the context of our contractual relationship, either related to a project execution contract performed by a contractor / subcontractor, a supply contract, a service contract, a lease agreement, an employment contract etc., or related to the processing of personal data at a pre-contractual stage, the information necessary for the due performance of our cooperation between us, such as the signing of amendments to the main contract, the management of the pending financial issues resulting from our cooperation, etc.
To communicate and manage our relationship with you
We may need to contact you by email or phone for management reasons, such as providing information on the progress of our cooperation, arranging a professional meeting with job candidates, managing other requests or issues, etc.
To comply with legal obligations
For the communication with labor and social security authorities and agencies, the publication on our website, on the web site of GEMI or of the Athens Stock Exchange, of General Assembly resolution (including the data of shareholders – physical persons), the announcement to the Athens Stock Exchange and the Securities and Exchange Commission of issues related to Company’s activity or disclosure of significant shareholdings rights or changes thereof to the Securities and Exchange Commission in accordance with the provisions of Law 3556/2007, the granting of representative powers to natural persons and announcement thereof in order to carry out activities relating to Company’s business activities.
To safeguard our legitimate interests and protect individuals and goods
To protect the safety of physical persons, assets and Company’s premises.
Where do we communicate your data to?
INTRACOM communicates your personal data to the following categories of recipients:
State authorities, law enforcement agencies
When this is necessary for the fulfillment of a statutory or administrative obligation or conduct of an audit (e.g. the Security Exchange Commission) and in accordance with the prescribed legal procedures, as well as in the cases of participation in public tenders.
Our partners (partners, subcontractors, banks, insurance companies, auditing company etc.)
INTRACOM maintains subcontractors to whom it delegates the processing of personal data on its behalf (e.g. subcontracts, bank transactions, audit share transfer deeds by a statutory auditor). In these cases, INTRACOM remains responsible for the processing of your personal data and sets out the details of the processing, by signing a specific contract with the respective partners to whom it assigns processing activities, to ensure that the processing is carried out in accordance with the applicable legal framework and that any individual may freely and without hindrance exercise the rights conferred on him by the legal framework.
Furthermore, INTRACOM may forward data to other companies of its Group as well as to third-party affiliates (e.g. members of Joint Ventures or associations of companies) in order to provide information on the Company’s status, provided that it has obtained the consent from the natural person as mentioned above, and that the aforementioned applies regarding the assignment in writing of processing.
Data Retention Period
The length of the data retention period is determined on the basis of the following specific criteria, per case:
When processing is required as an obligation under applicable legal framework, your personal data will be stored for the period prescribed in the respective provisions applicable to each case.
When processing take place in the context of performing a contract, your personal data will be stored for the period necessary to ensure fulfillment of contractual obligation throughout the term of the contract and, if necessary, for the establishment, exercise or defense of legal claims arising from such contract.
What are your rights in respect to your personal data?
Every natural person whose data is being processed by the Company has the following rights:
Right of Access:
You have the right to be aware and verify the legitimate nature of the processing. So, you have the right to access your personal data and receive additional information about their processing.
Right to rectification:
You have the right to review, correct, update or modify your personal data by contacting the Company at the above contact details.
Right to erasure (right to be forgotten):
You have the right to request the deletion of your personal data when we process it based on your consent. There are however other cases or instances (such as, indicatively, where there is a contract, an obligation to process personal data required by law, public interest), where such right shall be subject to specific restrictions or shall not applicable, as the case may be.
Right to restriction of processing:
You have the right to request the restriction of processing of your personal data in the following cases: (a) when the accuracy of the personal data is contested by you and until such data is verified, (b) when you object to the deletion of personal data and request the restriction of their use instead of their deletion, (c) when such personal data are no longer necessary for processing purposes, they are, however, required for the establishment, exercise, defense of legal claims, and (d) when you oppose to the processing that is necessary for the performance of a task of public interest or for the exercise of public authority or for the purposes of our legitimate interests or in case of profiling thereunder and until it is verified that there are legitimate grounds of the Company overriding the reasons for which you are opposed to the processing.
Right to object:
You are entitled to object to the processing of your personal data, at all times, in case where, as described above, this is necessary for the performance of a task of public interest or for the exercise of public authority or in case of profiling thereunder or for the purposes of legitimate interests pursued by us as controllers.
Right to data portability:
You have the right to receive your personal data free of charge in a structured, commonly used and machine-readable format that allows you to access, use, and edit them in cases where the processing is based on your consent or on a contract and to the extent that such processing carried out by automated means.
Moreover, you have the right to request from us, in case it is technically feasible, to transmit your personal data directly to another controller.
Right to withdraw your consent:
In cases where processing is based on your consent, you have the right to withdraw it without affecting the lawfulness of processing based on consent prior to its withdrawal.
To exercise any of the above rights you may directly contact Company’s competent function by e-mail to firstname.lastname@example.org.
Right to lodge a complaint with a Supervisory Authority
You have the right to lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr ): Switchboard: +30 210 6475600, Fax: +30 210 6475628, E-mail: email@example.com, or with the supervisory authority in the Member State of your habitual residence or your place of work.
Security of Personal Data
The Company implements appropriate technical and organizational measures aiming at ensuring safe processing of personal data and the prevention of accidental loss or destruction and the unauthorized and/or unlawful access to, use, modification or disclosure thereof.
Last update: 30/1/2020