privacy policy

privacy policy

For the company OLYSIS EE with the distinctive title “OLYSIS”, the protection of personal data is of primary importance and is treated with the utmost seriousness. Respect for the personal data we manage and ensuring their correct processing is one of the priorities of our company.

For this reason, we take all appropriate technical and organizational measures to protect the personal data we process and to ensure that their processing is always carried out in accordance with the requirements set by the applicable legislative framework (law 4624/2019) and mainly by the General Data Protection Regulation (EU) 2016/679.

1. DATA CONTROLLER – CONTACT DETAILS

The company OLYSIS EE acts as Data Controller for all personal data that it collects, registers, organizes, structures, stores, alters, retrieves, processes, transmits, restricts or deletes.

Company OLYSIS EE

Address: Efforionos 2A, 11635 Athens

Telephone:  6936988100

For issues concerning the processing and general management of personal data, you can contact us at info@olysis.gr .

This Privacy Policy also describes the method of use, disclosure and protection of your personal data, the rights you have regarding your personal data, as well as how you can contact us. For any questions you may have regarding this Policy, as well as any issue related to the processing of your data and the exercise of your rights, you can contact us at the above company contact details.

2. OUR WEBSITES

The company OLYSIS EE with the purposes of: a) providing consulting  has created and manages the website https://www.olysis.gr,:

The https://www.olysis.gr is the company's website with the aim of disseminating the services it offers to companies

3. DEFINITIONS (Article 4, GDPR)

“Personal data”: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

“Processing”: any operation or set of operations which is performed upon personal data or upon sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Profiling”: any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

“Controller”: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for his or her designation may be provided for by Union or Member State law.

“Processor”: the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

“Consent” of the data subject: any freely given, specific, explicit and informed indication of his or her wishes by which the data subject, by a statement or by a clear affirmative action, signifies agreement to personal data relating to him or her being processed.

4. WHAT DATA DO WE COLLECT AND PROCESS We collect and process personal data for the following purposes: a) the dissemination of information regarding the services offered. We take care to collect only the absolutely necessary data from you, which are appropriate and clear for the purpose for which they are intended.

In order to provide these services to its customers, the company OLYSIS EE collects and processes the following personal data:

  • When you fill out the online contact form, we record your name, the company you represent and your email address (email).
  • When you register to receive newsletters, we collect your name, the company you represent and your email.
  • When you register for training seminars through the online form, we register your name, the company you represent and your email address.
  • When you visit our website, we collect data through the necessary (essential) technical cookies that are installed on our website. Learn more about our website's Cookie Policy.
  • Educational information, such as studies, skills, knowledge of foreign languages, professional experience (only in cases where you apply for a job).
  • CHILDREN. Our website and services are not aimed at minors. If a minor contacts us, their personal data will be deleted immediately.

5. HOW WE USE YOUR DATA

We want to offer you the best possible experience when searching for business consulting services. To achieve this, it is necessary to obtain a complete picture of you, combining the data we have collected. We then use your data to offer you offers for services that are likely to interest you.

The legislation on the protection of personal data allows us to do the above in the context of our legitimate interest and the need to understand our customers in order to provide them with a high level of service.

Of course, if at any time you would like to change the way we use your Data, you will find details in sections 10 & 11 “Rights that subjects have in relation to their personal data” and “Rights to complain to the Personal Data Protection Authority (PDPA)” below.

Finally, we inform you that the processing of your data is carried out either by specially authorized company personnel, or through IT systems and electronic devices by the company and, exceptionally, by third parties, who, having been contractually bound to maintain confidentiality and protect your personal data, carry out tasks that are necessary to achieve the purposes strictly related to the use of our website. You will find information on this below in section 7 “Who are the recipients of your data? How is your data shared”.

We collect your data in order to:

a) cooperate with you,

b) contact you to resolve your queries,

c) post your comments on our articles / news,

d) conduct a customer satisfaction survey, send newsletters about our services.

e) to recruit you (potential partners)

Below you will find details on how we use your data and why:

To provide information about our website

  • Contact: The Company uses your data to respond to the requests / inquiries you submit. The information you share with us enables us to manage your requests and respond to you in the best possible way. We may also maintain a record of your requests / inquiries to us in order to better respond to any future communication. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests to provide you with the best possible service and to be able to improve our services based on your personal experience.
  • Sometimes, we will need to share your data with a third party that provides a service (such as website support companies). Without sharing your personal data, we would not be able to fulfill your request. Below is more information on how we share personal data with third parties.
  • Job Search: The company processes your data to assess your qualifications and abilities for the position you applied for or for another position within the company as well as for the purposes of communicating with you in relation to this purpose.

To share information about our services, as well as for other promotional purposes

Sending newsletters/offers: With your consent, we will use your personal data, preferences and transaction details to inform you via e-mail, web, telephone and/or social media about relevant services, including personalized/personalized offers, discounts, etc. Of course, you have the ability to withdraw this consent at any time.

To operate, improve and maintain our business and services

  • We want to offer you offers and suggestions that are more relevant to your interests. To help us build a better and more comprehensive understanding of you as a customer, we combine your personal data collected throughout our relationship, for example the history of our cooperation. For this purpose, we also combine the data we collect directly from you with data we receive from third parties to whom you have given your consent to transfer this data to us.
  • To send you research and evaluation requests so that we can improve our services. These messages will not contain advertising content and do not require prior consent when sent by email or text message (SMS). We have a legitimate interest in doing so, as this helps our products to be more relevant to you. Of course, you are free to refuse to receive these requests from us at any time by informing us of your preferences at info@olysis.gr.

For our compliance with our obligations arising from the law

  • To comply with our contractual or legal obligations to exchange data with law enforcement. For example, following a court order to exchange data with judicial services.
  • To send you communications required by law or necessary to inform you of changes to the services we provide to you. For example, updates regarding these privacy notices and legally required information regarding our collaboration. These service messages will not include advertising content and do not require prior consent when sent by email or text message (SMS). If we do not use your personal data for these purposes, we cannot comply with our legal obligations.

6. PURPOSES OF PROCESSING & LEGAL BASES FOR PROCESSING

All of the above personal data are collected and processed for the purpose of providing business consulting services. Some data may also be used for information and marketing purposes of the services of the company OLYSIS EE, always after relevant consent.

Legal bases for processing data may be, as appropriate:

  1. The execution of the contract between OLYSIS EE and its customers, in order to receive its services.
  2. The compliance of OLYSIS EE with its legal and regulatory obligations, arising from the applicable legislative framework concerning the company's business activities, such as tax legislation.
  3. The promotion, safeguarding and protection of the legitimate interests of both OLYSIS EE and its customers, in the event that we need to support legal claims or defend our rights and interests before the courts. Legitimate interests include, among other things, the development and improvement of the services provided by the company, as well as its smooth and continuously improved operation.
  4. The consent  that may be provided to us in order for our customers (existing or potential) to receive information regarding the services of the company OLYSIS EE, its business actions and activities, etc., such as in the case where there is no previous transaction and you wish to receive a newsletter.  You can withdraw your consent  at any time.

7. WHO ARE THE RECIPIENTS OF PERSONAL DATA?

Access to your data is primarily granted to authorized employees of OLYSIS EE, in the context of performing their duties from their workplace (the company's absolutely necessary personnel). Our personnel are committed to maintaining confidentiality, as are the companies collaborating with us or third-party service providers, who process your data as Processors on our behalf and in accordance with our instructions.

Your personal data may be transferred to third-party partners of the company, always subject to maintaining confidentiality, integrity and availability in all cases. For example (indicatively mentioned) to a collaborating accountant, to companies: for credit card and payment processing, hosting, management and maintenance of our data, email distribution, research and analysis, technical support & software maintenance, website management, payment services, provision of electronic newsletter management software, platform for managing comments on articles, awarding contest prizes, management of brand promotions and promotional products, Alphabet, Meta, as well as management of certain services and elements. When we use third-party service providers, we enter into agreements that oblige them to implement appropriate technical and organizational measures to protect your personal data.

Furthermore, the data may be disclosed – as required and/or permitted by applicable law – to government authorities or public bodies, in order for OLYSIS EE to comply with its legal (legislative, regulatory, judicial decisions) or contractual obligations.

The policy we apply to those with whom we share your data in accordance with the above includes (indicatively):

  • Providing only the information they need to perform their specific services.
  • Allowing them to use your data only for the precise purposes we specify in our contract with them.
  • Ensuring the protection of your privacy.
  • Upon ceasing to use their services, any data they hold will be deleted or made anonymous.

Our partners have agreed and committed to:

  • maintaining confidentiality,
  • not sending your data to third parties without the company's permission,
  • taking appropriate technical and organizational security measures,
  • comply with the legal framework for the protection of personal data and in particular Regulation 979/2016/EU (GDPR).

Sharing by you

When you use certain social media features on our website, you may create a public profile that includes information such as your username, profile picture, and city. You may also share content with your friends or the general public, including information about your interaction with the company. We encourage you to use the tools we provide to manage your social media/Company sharing to control the information you make available through the Company’s social media features.

8. DATA RETENTION PERIOD

In principle, we store data for at least as long as necessary to fulfill the processing purposes  for which it was collected, unless a longer period is required due to our legal claims or obligations.

Some examples of customer data retention periods:

Collaborations:

When you place an order that will develop into a contract, we will retain the personal data you provided for 15 years, so that we can comply with our legal and contractual obligations (e.g. our tax obligations). If it does not develop into a contract, then it is retained for 6 months.

Newsletter:

Your declaration of consent to receive a newsletter is kept for as long as the company sends you the newsletter and in any case no longer than 6 months after it has stopped being sent.

Finally, we retain the data for the period of time required by the legislative framework that defines the company's business operation.

If the processing is based on your consent, the personal data will be kept until such consent is withdrawn. It is clarified that the withdrawal of consent does not affect the lawfulness of the processing that was based on consent before its withdrawal.

In any case, the company OLYSIS EE implements all appropriate technical and organizational measures to ensure the protection of the personal data it processes and constantly takes care to prevent any unauthorized access to this data.

For the retention period of data collected through cookies, you can be informed from the Cookies Policy.

9. INTERNATIONAL DATA TRANSFER

The personal data we collect and/or process in the context of our websites and applications will be stored in Greece. However, some of the data recipients with whom the company shares your personal data may be located in countries other than the one in which the initial collection of your personal data took place. The legislation in these countries may not provide the same level of data protection compared to the country that originally provided your personal data. However, when we transfer your personal data to recipients in other countries, including the United States, we are committed to protecting your personal data as described in this Privacy Policy and in accordance with applicable law.

We take steps to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside the European Economic Area or Switzerland that do not ensure an adequate level of protection. We use various measures to ensure that your personal data transferred to these countries enjoys adequate protection in accordance with data protection rules. These include signing Contractual Clauses, certifying that the recipient has adopted the European Binding Rules or adheres to the EU-US and Swiss-US Privacy Shield.

10. RIGHTS OF SUBJECTS IN RELATION TO THEIR PERSONAL DATA

With regard to the processing of your personal data, you can exercise the following rights:

  • Right of access

You have the right to know which data we hold and process, why and other additional information about them, as well as to request a copy of them.

  • Right of rectification

You have the right to request the correction, modification and completion of your personal data (e.g. name correction or update of the email address for sending our newsletters).

  • Right to erasure ("right to be forgotten")

You have the right to request the erasure of your personal data when they are processed after your consent. In cases where the processing is based on another legal basis (such as, for example, the performance of a contract, a legal obligation or the protection of the legitimate interests of the company, etc.), your right may be subject to restrictions or may not exist.

  • Right to restriction of processing

You have the right to request the restriction of the processing of your personal data:

  • when their accuracy is contested and until the relevant verification is made,
  • alternatively, instead of their deletion,
  • when they are no longer necessary for the processing purposes for which we collected them, but they are necessary for the establishment, exercise or defence of legal claims by you,
  • when you object to their processing and until it is verified that there are legitimate grounds for such processing by the company.
  • Right to object to processing and to withdraw consent to the processing of your data

You have the right to object to the processing of your personal data when this is done with based on legitimate interest, as well as for direct marketing and profiling purposes. Your right to object to processing includes automated decision-making and profiling. If you have given your consent to the collection, processing and use of your personal data, you can withdraw your consent at any time with future effect.

Right to portability

You have the right to request and receive your personal data in a format that allows you to access them, use them and process them with commonly used processing methods. In addition, for your data that we process by automated means and based on your consent or for the performance of a contract, you can ask us to transmit them directly to another controller, if this is technically feasible.

Right to withdraw consent

If the processing of your data is based on your consent, you have the right to withdraw it at any time. The withdrawal of your consent does not affect the lawfulness of the processing that was based on consent before its withdrawal.

To exercise your above rights and for any question, complaint or other information regarding the processing of your personal data, you can contact us at info@olysis.gr .

We respond to your requests free of charge without delay, and in any case within (1) one month from the date we receive your request. However, if your request is complex or there is a large number of your requests, we will inform you within the month if we need to obtain an extension of another (2) two months within which we will respond to you.

If your requests are manifestly unfounded or excessive, in particular due to their repetitive nature, the company may impose a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action, or refuse to act on the request.

11. RIGHTS TO COMPLAIN WITH THE DATA PROTECTION AUTHORITY (DPPA)

You have the right to file a complaint with the Data Protection Authority ( www.dpa.gr) regarding issues concerning the processing of your personal data.

Applicable Law is Greek Law, as formulated in accordance with the General Regulation on the Protection of Personal Data 2016/679/EU, and in general the current national and European legislative and regulatory framework for the protection of personal data.

Competent courts for any disputes arising related to your data are the Courts of Athens.

12. UPDATE

Our policy will be updated whenever necessary. Significant changes will be published on our website or we will notify you in other appropriate ways. The last revision was made on 29/05/2024.

Ε01/Δ03_PDC v2.0 /15.5.2024