DECLARATION OF CONFIDENTIALITY AND PROTECTION OF PERSONAL DATA

Update on Personal Data Processing

Introduction


We would like to assure you that for the company named ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS (hereinafter referred to as the "Company"), it is of prime importance to protect the personal data of the underlying physical persons, in any way. That is why we are taking appropriate steps to protect the personal data we process and to ensure that the processing of personal data is always in accordance with the obligations imposed by the legal framework, both by the Company itself and by third parties on behalf of the Company.


Processing Manager - Data Protection Officer (DPO)


The company ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS with headquarters in the Municipality of Skiathos, Evaggelistrias Street, PC 37002, email: info@e-dolphins.gr, website: http://www.e-dolphins.gr, informs that, for the purposes of its business activities, it processes the personal data of the underlying natural persons (such as, for example, its clients, suppliers, shareholders, personnel) in accordance with applicable national law and European Regulation 2016/679 on the protection of individuals, with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as "Regulation". For any matter relating to the process of personal data, please contact Mr. Pippis Konstantinos directly, namely ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS at: dpo@e-dolphins.gr, phone: 2427029912, fax: 2427029925.


What personal data do we process?


The personal data you provide to us (such as your name, your contact information, your email address, telephone number, date of birth, identity / passport number, profession, address, etc.) when we have a legitimate reason to do so.


Confidentiality


• The processor ensures that our staff understands the responsibilities and obligations associated with the process of personal data. The roles and responsibilities of the staff are clearly communicated.
• Before taking up their duties, employees need to know and agree with the company's security policy and the signing of the appropriate confidentiality agreements.

Database / application security


• Encryption is implemented in the required data through the software/or related security mechanisms.
• There is encryption on the storage media.
• Pseudonymisation or anonymization techniques are implemented where required.

Terminal Security


• Users are unable to disable or bypass certain security settings.
• Users have no privileges to install or disable unauthorized software applications.
• There is a screen lock when the user is inactive for a certain period of time.
• Critical security updates available, installed at regular intervals.

Network/Communications security


• In every internet access, communication is encrypted through appropriate encryption protocols.
• Wireless access to the system is only allowed for specific users and processes that are protected by encryption.
• The remote teamservers used (teamviewer, anydesk) are protected by a password that changes at regular intervals.
• Traffic to and from information systems is monitored and controlled through appropriate firewalls and IDS / IPS protection mechanisms.
• Appropriate network partitioning is available for local PCs and a second one for all wireless devices (mobile, tablet, laptop, and office users). This ensures that there is no access to the local network from sources that can access the files and cause a problem.

Backups


• Backup and data recovery is defined by appropriate documented procedures and password protected.
• Security Copies provide the appropriate level of physical and environmental security according to the existing records.
• Full backup is made on a periodic basis.
• Backup procedures are tested regularly.
• Backups are safely stored in locations different from those of the primates.
• Backups, where required according to their classification, are encrypted.
• Each employee locks his files into individual drawers.
• The accounting department uses lockable cabinets to protect all accounting records.

What are the legitimate reasons for processing your personal data?


Legal reasons for processing your personal information are: (a) Performance of a contract that you assign to us or which you intend to assign to us, such as the execution of a work or the provision of services, in order to fulfill our contractual obligations in the above context. (b) Safeguarding and protecting the legitimate interests of yours as well as ours. (c) Compliance with an obligation imposed by law, such as the publication of acts and assets of the public limited company, the management of court cases. (d) The consent you provide under the specific conditions set out in the legal framework. (e) The explicit disclosure by the data subject and the processing necessary to protect the vital interests of the data subject or other natural person (where the subject is physically or legally incapable of consent), are the legitimate reasons for which we process any information provided regarding health data.

How and why do we use your personal information?


• To properly respect our contractual commitments and maintain communication between us. From the contractual relationship between us (whether it is a works contract from a contractor / subcontractor, a supply contract, a service contract, etc., we are dealing with the processing of precontractual personal data), we draw and use the information required for a smooth development of our co-operation, for example for the signing of amendments to the main project contract, the management of financial pending issues resulting from a cooperation, etc.
• To communicate with you and manage our relationship with you. We may need to contact you via email or phone for management reasons, for example, to inform you about the progress of our cooperation, to define a professional meeting, to handle other requests or complaints, etc.
• To comply with legal obligations. When, for example, we publish decisions of the General Assembly and / or the Board of Directors of the Company on our website, on the web site of G.E.MI., with statutory authorization, we designate and disclose third party natural persons as representatives of the Company activities relating to its business activities.
• To safeguard our legitimate interests and protect individuals and goods. Safeguarding and protecting the legitimate interests of yours as well as ours. Thus, we record ALPHA BONUS customer conversations in two specific ALPHA BANK customer contact numbers.
• To subscribe to newsletters and send updates offers and promotions, you must provide us with your email address, unless it is already published or you have previously received an email and did not contact for deletion. In any case, you have the right to delete it and you will be completely respected. With your sign up and your consent, you will enjoy all our updates and offers we send via email and text messaging or instant messaging through relevant services (for example, SMS, Viber, Push Notifications, etc.).
• Where do you share your data? DIMOPOULOS NARLIAN SA "/" HIMALAYA TRAVEL SA may also transmit data to other companies of cooperating third parties (e.g. airlines or shipping companies, visa embassies, hotel companies, transport companies, insurance companies, tour guides, for the purpose of providing services and provided that consent has been given by the natural person as mentioned above and that the foregoing applies to the written assignment of processing.

Storage Time


The length of the data storage period is decided on the basis of the following specific criteria, as appropriate:
• When processing is required as a requirement under provisions of the applicable legal framework, your personal data will be stored for as long as required by the relevant provisions.
• When processed under contract, your personal data is stored for as long as necessary to perform the contract and to establish, exercise, and / or support legal claims under the contract.

What are your rights with respect to your personal data


Any natural person whose data is processed by ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS ", has the following rights:
• Right to rectification - You have the right to examine, correct, update or modify your personal data by contacting the Data Protection Officer (DPO) at the above contact details.
• Right to delete - You have the right to request a deletion of your personal data when we process it on your consent or in order to protect our legitimate interests. In all other cases (such as, for example, where there is a contract, the obligation to process personal data required by law, public interest), this right is subject to specific restrictions or does not exist as the case may be. In order to exercise any of the above rights you can contact the DPO, Mr. Pippis Konstantinos, namely "ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS at email: dpo@e-dolphins.gr, phone: 2427029912, fax: 2427029925

Right to complain to the HDCP


You have the right to file a complaint with the Personal Data Protection Authority (www.dpa.gr): Telephone Center: +302106475600, Fax: +30210 6475628, Email: contact@dpa.gr

Privacy Policy


ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS shall implement appropriate technical and organizational measures, aiming at the safe processing of personal data and the prevention of accidental loss or destruction and unauthorized and / or unauthorized access to use, modification or disclosure. In any case, the way the internet works and the fact that it is free to anyone, does not guarantee that unauthorized third parties will never be able to violate the applied technical and organizational measures by gaining access and possibly using personal data for unauthorized and / or unfair purposes.

Update for Cookies


Cookies are small files with information, that a website saves on a user's computer (usually on a web browser such as Chrome, Opera, Mozilla Firefox, Edge, etc.), so that whenever the user logs on to the site, the latter to retrieve that information and provide the user with relevant services. A typical example of such information is the user's preferences on a website, as these are indicated by the user's choices on that webpage (e.g. selecting specific "buttons", searches, advertisements, etc.).

How and why do we use Cookies?


www.e-dolphins.gr/www.skiathosholidays.gr/www.chalkidikiholidays.gr/www.sporadesholidays.gr/ www.chalkidikidestination.gr, use "cookies" to collect e-activity information to save your preferences and settings, as well as optimize the navigation experience on our Company’s site. We also use cookies to personalize content and ads, provide social media features, and analyze your traffic. In addition, we share information about how you use our site with social media, advertising, and analytics partners who may be able to combine them with other information that you have given or collected in connection with your use of the services. Cookies, in no way damage your device and may allow us to offer you faster and better navigation on our site. We store on your device the absolutely necessary cookies for the site. Be reusing the site you accept the use of cookies. Cookies sent from our website and stored on your electronic device are indicative of the following:
• Google Analytics
• PHPSESSID
• icl_current_language
By disabling cookies or by withdrawing your consent, certain features of the site will not be available. Additionally, website performance and functionality may be affected

Link to other websites


Our site may contain links to foreign websites. ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS is not responsible for the privacy practices or the content of other sites not belonging to "ALEXANDROS EFSTATHIOU MON IKE / DOLPHINS. Therefore, we suggest that you read carefully the privacy statements of these foreign sites.