The Company, Smile Vosmandros D. SA which is based in Industrial Area of Thessaloniki, DA 12A, PC 57022 Sindos, tel. +30-2310-680544 ensures the confidentiality of your personal data and adopts the General Regulation for the Protection of Personal Data 679/2016 of the European Union and the current Greek legislation in all procedures and stages of communication with you.
Purpose of this Policy
This Personal Data Protection Policy concerns, Smile Vosmandros D. SA and the personal data of individuals processed by the Company. This Policy provides to any individual, customer or visitor the website of our Company https://www.smilevos.gr/ with concise and transparent information regarding the practices followed for the management and protection of personal data.
It concerns any transaction or series of transactions performed with or without the use of automated means, in personal data or in personal data sets, such as the collection, registration, organization, structure, storage, adaptation or modification, retrieval, search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
The Policy is updated from time to time and may be amended whenever necessary, without prior notice, always within the applicable legal framework and in accordance with any changes in the current legislation on personal data protection. We therefore suggest that you check our website https://www.smilevos.gr/ in which, any posted revised version of this policy, prevails over the printed version.
The term “personal data” hereinafter referred to as “Personal Data or Data”, is any information concerning a specific natural person or person whose identity can be verified (e.g., name, identity number, address, etc.). Data related to health (physical or mental condition, receiving medical services, etc.) are included in the general term personal data; however, they constitute a special category of data.
Personal Data are obtained with following methods:
(a) When you apply for a job. The provision of your personal data in the context of submitting a CV to find a job in our Company takes place automatically and voluntarily as otherwise, it would not be possible to assess the possibility of your recruitment. The legal basis for the processing is in accordance with article 6 (1) (b) of the GDPR “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”.
For more information, please check our CV Policy.
(b) You provide them to us when you fill out forms and consent forms for the use and processing of your data in the context of promoting the Company and participating in promotions. The submission of your data is of your choice and their processing in accordance with article 6 (1) (a) of the Regulation 2016/679 “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”.
(c) You provide them to us in the context of the transaction between us for the execution of our contractual obligations but also in the context of compliance of the Company with its legal obligations. The processing of personal data we receive is carried out in accordance with articles 6 (1) (b) of the Regulation 2016/679 “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract” and 6 (1) (c) “processing is necessary for compliance with a legal obligation to which the controller is subject”.
(d) You provide them to us when you fill out forms in the context of the application of Management Systems (ISO) in the Company. The data processing is carried out in accordance with article 6 (1) (f) of the Regulation 2016/679 “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”.
(e) Automatically, via your browser or the mobile device you use to access our website https://www.smilevos.gr/
For more information, please check our Cookies Policy.
(f) You provide your personal data to us when you fill out electronic forms or send an e-mail in order to be informed about the products and services provided. The submission of your personal data is at your option and their processing is in accordance with article 6 (1) (b) of the Regulation 2016/679 “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract” and 6 (1) (a) of the Regulation 2016/679 “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”.
Categories of Personal Data – Purposes of Processing
Personal data which are collected and further processed include:
–identification data such as your name, address, general contact details (including email address and telephone number), etc. The purpose of the collection and processing is the provision of our services in accordance with article 6 (1) (b) of the Regulation 2016/679 “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”.
-identification data such as CV, education status, work experience, etc. The collection, processing and maintenance of the above data is for the sole purpose of the selection and evaluation of prospective employees by the Company for the possibility of finding a job and in accordance with article 6 (1) (b) of the Regulation 2016/679 “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”.
-identification data, financial data, tax and contact details, such as VAT, Tax Office, address, etc. The collection, processing and retention of your data belonging to the above mentioned categories, is in accordance with article 6 (1) (c) of the Regulation 2016/679, “processing is necessary for compliance with a legal obligation to which the controller is subject”.
-identification data such name, contact information (including email address and telephone number), etc. The purpose of the collection is to inform you about the actions and events of the Company as well as the promotion of the Company in the context of promotional activities. The processing of the data is in accordance with article 6 (1) (a) of the Regulation 2016/679 “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”.
The Company will not process your personal data without your consent, where is required. However, the Company reserves the right, in exceptional cases, to process your personal data to the extent permitted or required by law, and/ or by court decisions or prosecutorial orders.
Recipients of your data
We may disclose your personal information (in whole or in part, as each time it appears) indicatively to:
- a) all authorized persons of our Company, e.g. legal advisers, business consultants, external accountants, security technicians etc.,
- b) specific persons of our Company, necessary for the selection process of candidate employees, e.g., Administration, Head of Departments, HR Manager etc.,
- c) authorized external partners (logistics companies, transport companies), necessary for the execution of the contract between us,
- d) providers of support for these data processing systems,
(e) judicial or supervisory or control authorities, within the scope of their jurisdiction,
(f) third parties who have a legal interest in establishing, exercising or upholding legal claims.
In cases where your consent to the disclosure of your data to third parties is required (where it is not mentioned by law, it will be explicitly requested by you and you have the right to revoke it at any time. In these cases, the Company assures you that it is in constant contact and takes all necessary security measures, so that the transfer of personal data is carried out in the safest possible way.
The Company undertakes the obligation to not trade your personal data by making it available for sale or rental by transferring or disclosing it to third parties or using it in any other way and for other purposes that might jeopardize your privacy and your rights and freedoms, unless required by law, court decision/ order, administrative act or if it is a contractual obligation necessary for the smooth operation of the Company’s website and the performance of its functions.
Your personal data may be transferred to partners or third parties, complying with the terms of this policy and committed to maintaining confidentiality and who act on behalf of the Company for further processing in order to provide services (e.g. data management, technical support etc.). These third parties have contractually agreed with the Company, that the personal data will be used only for the above purposes and will not transmit personal information to third parties, as well as will not disclose any personal data to third parties unless law requires it.
The retention period can vary significantly depending on the type of data and how it is used. Determining the retention time of data is based on criteria such as legal retention periods, pending or potential disputes, intellectual property or rights, contractual requirements, business instructions or archiving needs.
The Company is committed to keep your CV for one (1) year, after the job position is filled.
The tax data are kept in accordance with the current tax legislation.
Data collected via video surveillance system is kept for up to 15 days upon which it is automatically deleted. If during this period we find an incident, we isolate part of the video and keep it for another (1) month, in order to investigate the incident and initiate legal proceedings to defend our legal interests, while if the incident concerns thirdly we will keep the video for up to three (3) more months.
In order to fulfill the purpose of processing that concerns the execution of the contract and to inform you about our services, a reasonable retention time of your data is the time of the operation of the Company and according to the current legal framework governing its operation, the legal framework governing the tax obligations of the Company as well as the Personal Data Protection Legislation.
CCTV – Data Processing
We use a surveillance system for protecting persons and property. The processing is necessary for the purposes of legal interests as a Controller and in accordance with article 6 (1) (f) of the Regulation 2016/679, “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”.
Our legal interest consists in the need to protect our property and the goods located in it from illegal acts, such as theft. The same applies to the safety of life, physical integrity, health as well as the property of our staff, our customers and third parties legally located in the supervised area. We only collect image data and limit the collection to areas where assessed with an increased possibility of committing illegal acts e.g. theft, such as at the entrance, without focusing on places where the privacy of the persons being photographed may be severely restricted, including their right to respect for personal data.
The kept material is accessible only by our authorized personnel who are in charge of the security of our facilities. This material shall not be transmitted to third parties, except in the following cases: (a) to the competent judicial, prosecutorial and police authorities when it contains information necessary for the investigation of a criminal offense involving persons or property of the controller; b) to the competent judicial, prosecutorial and police authorities when requesting data, lawfully, in the performance of their duties and (c) to the victim or perpetrator of a crime, in the case of data may constitute evidence of the act.
Data subject’s rights
With regard to your personal data, you may exercise the following rights: right of access, right of information, right of rectification, right of erasure, right of restriction of processing, right of data portability, and right of objection.
In order to exercise any of the above rights, please send e-mail (in the following email address: email@example.com ) always stating your complete details and the reason for your communication.
In case of exercise of one of the above rights, the Company will take every possible measure to satisfy your request within one (1) month of receiving it, informing you in writing of the satisfaction of your request or the reasons that prevent the satisfaction of one or more of them, as well as for the reasons of any delay beyond the above period of one (1) month and in any case not later than three months. The Company will also inform you of your further rights in case of improper response. This information is in principle provided free of charge by the Company, subject to the request for notification and information not to be exercised repeatedly, in excess and/ or to be manifestly unjustified.
If you consider that the Company in any way violates the current legislation on personal data, you reserve the right to file a complaint to the Personal Data Protection Supervisory Authority: http://www.dpa.gr, 1-3 Kifissias, PC 11523, Athens, tel. 210 6475600, e-mail: firstname.lastname@example.org.
In this case, we would highly appreciate your previous communication with the Company either by letter at its headquarters (Smile Vosmandros D. SA which is based in Industrial Area of Thessaloniki, DA 12A, PC 57022 Sindos, tel. +30-2310-680544), or via e-mail (in the following email address: email@example.com ) always stating your complete details and your reason for contact.
What is a cookie?
The term «cookie» refers to a small data file consisting solely of a set of text information that the site transmits to the web browser on your computer’s hard disk, either temporarily throughout your visit , or sometimes for longer periods, depending on the type of cookie. Cookies perform different operations (for example, you are distinguished from other site’s visitors or remember certain info for you like your preferences) and are used by most websites to improve your user experience.
Each cookie is unique to your browser and contains some anonymous information. A cookie typically contains the name of the cookie field, the cookie’s lifetime, and a value (usually in the form of a randomly generated unique number).
Types of cookies
The basic types of cookies are described below
These are temporary cookies that remain in the cookie file of your device’s browser only during your visit and are deleted when you close the browser.
These remain in the cookie file of your device’s browser even after the browser closes, sometimes for one year or more (the exact length of stay depends on the lifetime of each cookie). Permanent cookies are used when the site administrator may need to know who you are for more than one visit (e.g., to remember your username or your site configuration preferences).
These are cookies installed on your browser and/or hard drive of your device from the site you are visiting. This includes assigning a unique ID to you, in order to monitor your site navigation. Site creators often use first-party cookies to handle visits and for identification purposes.
These are cookies used by third parties, such as social networks to track your visits to the various sites they advertise. The site administrator has no control over these third-party cookies.
Cookies on this site and how to manage them
See the following information about the third-party cookies we use on this site, including how to disable them and the effect of disabling on the site’s functionality. If you need any help on how to manage certain types of cookies, including how to check or delete them, please visit www.aboutcookies.org.
Google Analytics cookies
Google Analytics cookies are performance analytics/logging cookies that allow us to collect anonymous information about how visitors use our site. These cookies can inform us on how many visitors use the site, the visit’s time and duration, and also provide information on how visitors navigate across the site. This information helps us improve the way our site works. They are anonymous information and do not contain personal information.
For more information on Google Analytics, please visit https://support.google.com/analytics/answer/6004245
You can disable Google Analytics tracking by visting https://tools.go ogle.com/dlpa ge/gaoptout?hl =en=GB
If you disable these cookies, your activity will not be counted or used in the statistics we collect to improve the services we provide through this site. Website functionality will not be affected.
Video providers cookies
Video providers can place cookies on your device if you watch their video on our site.
If you disable these cookies you may not be able to see the embedded videos on our site.
Social Networks cookies
Third-party social networks can place cookies on your device if you choose to share a web page of our site with another third-party Social Network site, by clicking on one of the «share» buttons.
If you disable these cookies, you will not be able to share any of our content with third-party social networks
About this site’s web server
All web traffic (file transfer) between this site and your browser is encrypted and transferred via the HTTPS protocol using Secure Sockets Layer (SSL). Our servers, in order to ensure the smooth and secure operation of our services, record the user’s ip and, in case of failed connections, the username, in log files through security systems (firewalls, ddos filters, http filters, sql injection filters, visit statistics, cloudflare services) and backup. All of the above data is kept for short periods on our servers with modern security protocols so only authorized personnel can access them and only in cases to avoid malicious actions.
Third-party personal data processors
We use a number of third parties to process personal data for us (for example datacenter services, hosting services, backup services, payment gateways, shipping companies, marketing services etc). These Third-party personal data processors have been carefully selected to comply with the legislation mentioned in this document.
For any of your personal information stored in our database, all necessary action will be taken to be secure as possible.
We will report any unlawful violation of our database or any third party data processing database to all relevant stakeholders as well as authorities within 72 hours of the violation, if it is obvious that the personal data stored in recognizable form, have been stolen.
Access to information
For any personal information that is stored in our database, you have the right to access, correct or delete them. You can get information about this and its limitations by contacting us.
Data Protection Officer
You may contact the data protection officer (DPO) of this site by using the email in our contact page.