This Privacy Policy (hereinafter referred to as the “Policy”) describes the way in which the corporation “Karasakalidis LTD”, located in Zlatograd, Bulgaria (hereinafter referred to as the “Corporation”) operating as a Data Controller, processes the personal data you provide, to receive the Corporation’s Newsletter with its new products and offers (hereinafter referred to as “Data”).

Our Corporation is fully compliant with the European legislation on personal data protection, including Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data (“General Data Protection Regulation”- hereinafter “Regulation”), as it stands.

1. What is Data or Personal Data?

The term “Personal Data” refers to any information relating to an identified or identifiable natural person (subject of data). An identifiable natural person is one whose identity can be verified, directly or indirectly, in particular by reference to an identifier, such as name, identification number, location data, online identifier or one or more factors that approximate the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

1. What is Data processing?

Data processing is any operation or series of operations performed, with or without the use of automated means, on personal data or on sets of personal data, such as collection, recording, organization, structuring, correction, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1. What does the term “Data Controller” mean?

A data controller is a natural or a legal person, a public authority, an agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; when the purposes and the means of such processing are determined by the European or the state (Greek) legislation, the data controller or the specific criteria for its determination, can be provided by the European or the State law themselves.

1. What is “consent”?

Consent consists of any freely given, specific, informed, explicit and unambiguous indication, by which the subject, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to them.

1. Which Data is processed by the Civil Non-Profit Corporation?

The Corporation, within the scope of its commercial activity, may collect personal data that you provide to cooperate with it or receive the Corporation’s Newsletter with offers and new products. The corporation mainly processes the following data:
full name, e-mail address, and phone number.

1. For which purposes does the Civil Non-Profit Corporation process your Data?

The Corporation processes and uses your Data, according to the present Policy, complying with all obligations predicted by the familiar legislative framework and by the GDPR policy. The Corporation collects and processes Data exclusively for the following purposes:
A. To strengthen the services it provides to you.
B. To effectively communicate and cooperate with you.
C. To promote its Newsletter with new products and offers to both well-established cooperating parties and interested cooperating parties.

1. Your consent:

In any transaction with our Corporation as well as in case you request access to our Newsletter, you unequivocally declare that you accept the terms of this Policy, as well as that you provide us your explicit consent for the collection and processing of your Data, under the terms and conditions of the same Policy.

1. How long does the Corporation keep your Data?

The Corporation retains your Data only for as long as necessary to carry out its activities, as they are analyzed in Section 6, unless an extension of this particular time table is deemed crucial, due to legal claims or legal obligations of the Corporation.

1. What are your rights?

Υοu have the following rights:

• The right to Information/ Transparency (Articles 12-14 GDPR): You have the right to be informed of who processes your Data, which are these Data, and for which purpose they are being processed.
• The right to access (Article 15 GDPR): You have the right to request free access to your Data.
  The right to rectification (Article 16 GDPR); You have the right to request the correction of any imprecise personal data. You also have the right to demand any additions to your incomplete data.
• Τhe right to erasure (“right to be forgotten”) (Article 17 GDPR): You have the right to request the deletion of Data, under certain particular conditions, e.g. when the Data are no longer necessary or in case where you have withdrawn your consent or in case you wish to cancel your subscription to “Karasakalidis Ltd” Newsletter with your explicit declaration.
• The right to restriction of processing (Article 18 GDPR): You have the right to request the limitation of your Data processing for as long as the examination of your objections to the processing is pending.
• The right to Data Portability Article 20 GDPR): You have the right to request the transfer of your Data to another controller, if applicable.
• The right to object (Article 21 GDPR): You have the right to object to the processing of your Data, at which point the Corporation will abstain from any processing of your Data, unless there are compelling legitimate grounds for the continuance of the processing, which override your rights. In case you have provided your consent for the collection, processing and use of your Data, you have the right to recall, with no retroactive effect, your consent at any time.

10. When does the Corporation respond to your requests?

The Corporation responds to your requests without undue delay, and, in any case, within one month from receiving your request. However, there are exemptions, where the Corporation might need the maximum amount of two months from the previous deadline, to handle your request.

11. Where can you find out about the progress of your requests?

For further information you can contact us through the following email: [email protected]  

12. What’s the legal basis for processing your personal Data by the Civil Non-Profit Corporation?

The applicable law is the General Data Protection (GDPR) Regulation 2016/679/ΕU, the Greek Law 4624/2019, as well as the applicable national and European legislative and regulatory framework for the protection of personal data, as it is modified and stands today. The competent courts for any possible disputes over personal data are the Courts of Thessaloniki.

13. How can you be informed on any amendments of the present in Policy? 

The Corporation updates the present Policy whenever it deems necessary. If there are substantial amendments in Policy or in the way in which your Data are being used, there will be an update on the site of the Corporation, that will include the new Policy, before the amendments enter into force and the Corporation will inform you by any appropriate and punctual means. The Corporation encourages you to read fairly often the present Policy in order to know how your Data are being protected.