This policy applies to the following classification of individuals (data subjects) that interact with ATLANTIS ENGINEERING:
· Users of our products: individuals employed by our clients that use one or more of our products. More information regarding our products can be found in this link: https://atlantis- engineering.com/products/
· Suppliers/ business partners: those of which are individuals or sole proprietorships.
Note: ATLANTIS ENGINEERING’s employees get informed regarding the processing of their personal data with a different Privacy Notice.
When we collect information from you, we may be doing so on our own behalf (in which case we will be considered a “controller” of your data), or on behalf of one of our customers who has acquired and is using one of our products (in which case, the customer will be the “controller” and we will be considered a “processor” of your data).
We only collect as many data as necessary to be able to provide you with services that correspond to your needs. These data include:
· Products users (our customers’ employees): name, surname, job position, company’s name, email address, mobile phone number, browser and device information (including IP Address), user account information.
· Suppliers/ business partners: name, surname, brand name, email address, street address, land line phone number, mobile phone number, VAT number, profession.
· Individuals that participate in our Research Projects: data vary depending on the specific requirements of each Research Project specified in the relevant contracts with the Funding Authorities (e.g. European Commission). Some examples include contact details, professional information, opinions and beliefs, photos and videos.
Your personal data my be given to us directly by you or by your employer in case that your are using one of our products as part of your professional duties. Moreover, under our Research Projects, we may look for data belonging to individuals from various sources including:
· our research partners;
· our networks and contacts;
· public and open data sources such as public registers, news articles and internet searches;
· social and professional networking sites (e.g. LinkedIn).
We need your data to:
· issue and keep the legal tax documents regarding to the financial transactions between us (contracts, agreements, invoices, etc.);
· comply with applicable laws and regulations such as tax legislation;
· make payments;
· communicate and cooperate with you for the purposes of our business relationship;
· provide you with technical support for our products;
· receive your feedback on problems you may encounter when collaborating with us;
· ensure the proper and safe functioning of our products by managing the access to and use of our products, by analyzing data, by securely identifying you when you log onto our products, etc.;
· send you newsletters, messages and other promotional material on topics that may interest you;
· achieve the smooth implementation of our Research Projects in accordance with the relevant contractual requirements.
We assure you that your data will not be used for purposes other than those mentioned in this policy without your prior notification and consent if required.
We always ask for your consent when we intend to use your personal data for purposes other than those related to the provision of our products and services such as sending informational emails and newsletters.
You must know that you can always withdraw your consent by communicating with us on the phone (+30 210 6107374) or by email: [email protected]. With regards to the promotional messages and newsletters you can always opt out by simply clicking the link ”Unsubscribe” at the end of all relevant messages.
Our legal bases for collecting and using the types of Personal Data described above depend on the type of the Personal Data, and the context in which we are collecting it. When we collect, use, process or disclose your Personal Data, we will rely on one or more of the following legal grounds:
i. performance of a contract (including any Client Agreement), where we need your Personal Data to perform our obligations under a Client Agreement or other binding contract;
ii. your consent when it comes to sending informational emails and newsletters;
iii. our legitimate interests, where the processing is necessary for protecting our legitimate business interests such as to safeguard the security of our products or to prevent unauthorized or malicious activities;
iv. compliance with a legal obligation to which we are subject such as tax legislation.
We never disclose your information to third parties, except when:
· it is necessary to provide you with a service that you have requested (e.g. to send paper files with a courier service);
· it is required by a critical internal process (e.g. IT support, accounting services, etc.);
· it is imposed by Law (e.g. Tax Authorities).
Specifically, our Company discloses your personal data to the following types of recipients:
· State authorities and law enforcement agencies, when this is required for the fulfillment of a legally or administratively defined obligation or the performance of an audit (e.g. from tax authorities) and in accordance with the relevant legal procedures.
· Business partners (e.g. cloud service providers, MailChimp, banks, accounting services, courier services, etc.).
· The European Commission (or other funding authorities) according to our relevant contractual obligations.
When your data is transferred to the above third parties, we seek to minimize this data to the extent necessary to achieve the specific purpose. Unless otherwise prohibited by a legal procedure, our partners are obligated and contractually bound to protect your personal data in accordance with our policy and to comply with applicable privacy and data protection laws and regulations.
· The time length of our business relationship (with you or with your employer).
· Relevant legal and contractual obligations to which we are subject (for example, tax laws require us to keep records of your transactions for a certain period, EU funded projects require us to keep records that may include personal data for certain periods, customer agreements require us to retain personal data belonging to the customers’ employees that are using our products for as long as necessary to provide our Services to the customer).
· Safeguarding our Company from potential legal and business complications such as dispute resolution, complaint handling, fraud prevention and other illegal activities.
After the end of retention period, your personal data are destroyed, deleted or anonymized.
We apply security technologies, policies and others measures to protect personal data under our control from unauthorized access, inappropriate use, alteration, illegal or accidental destruction or loss. We also require from all our employees and any third party that have access to or are authorized to process your data, to be bound by a contract to protect your data.
In case of a data breach, we will make legally required disclosures to you via email or by providing notice on our Site, as applicable.
While we take reasonable steps to protect your Personal Data, please be aware that no method of Internet transmission or electronic storage guarantees complete protection or is 100% secure, and there is always some risk when you share your Personal Data online. ATLANTIS ENGINEERING therefore cannot guarantee the absolute security of your Personal Data.
We may also provide social media features that allow you to share information on your social networks and interact with ATLANTIS ENGINEERING on various social media sites. The use of these social media features may result in the collection or sharing of information about you. We recommend that you check the privacy
policies and regulations of the social networking sites you interact with, so that you can be sure that you understand what information may be collected, used and disclosed by these sites
We do not knowingly collect and / or retain data regarding persons under the age of 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at [email protected]. We will delete such information from our files within a reasonable time.
We want you to contact us for issues related to your privacy, such as for example:
• Updating your information,
• Changing the communication method,
You can contact us about the above and other related topics in any of the following ways:
• by mail: 12th km Thessaloniki-Moudania, Thermi, GR-57001
• by e-mail: info@ [email protected];
• by phone: +30 210 610 7374.
You must know that according to General Data Protection Regulation, you have certain rights regarding your personal data under our possession. Specifically, you can ask us to:
· give you a copy of your data,
· correct your data, if you think they are not accurate,
· erase your data, if there are specific reasons to do so,
· limit the processing applied to your data,
· give your data to you in an appropriate format and to transfer them to another Company,
· stop processing your data, under certain conditions. For example, you can ask as to stop processing your data that we use to send you promotional messages and newsletters.
To ask us to do anything of the above, you can contact our DPO by phone (+30 210 610 7374) and by email: [email protected].
We will promptly examine your request against the relevant requirements of the laws and regulations governing privacy and personal data protection and we will answer the latest within 30 days after receiving your request. We will ask from you some kind of identification (e.g. photocopy of your identity card or passport) to avoid non-authorized reveal of your personal data. If, for reasons of complexity of the request
or a multitude of requests, we are unable to respond promptly, we will notify you within 30 days of any delay, which in no case may exceed two months from the expiration of the 30-day deadline
To ensure that your personal data are always accurate and updated, we recommend you keep us informed about your data, as needed (e.g. in case of a change in a street or email address).
If you feel that your rights regarding your personal data are being compromised, you have the right to submit a complaint to the competent Data Protection Authority: http://www.dpa.gr, Kifissias 1-3, T.K. 115 23, Athens, tel. 210 6475600, email: [email protected].