The website www.visitkynouria.gr and its sub-domains collect, store, process and use your personal data for the relevant legislation on protection of personal not vibrating known as GDPR. All of them assure the safe storage of your personal data, which does not undergo any other processing, are not disclosed to third parties and are not assigned to another use. If you wish, anytime you may request the change or delete your personal data from their online database. Our website and its subdomains do not hold any other personal data and cookies are accepted for your best browsing on our site alone.
COLLECTION AND USE OF DATA
This website and its sub-domains do not collect or hold personal data than the strictly necessary via the respective communication form to either contact either with the www.visitkynouria.gr, its sub-domains and its management team and vice versa . (ie name and email ). As a user of consent either prior to sending the e-mail to us and after being affixed at the end either read the text telling you that these will only be kept for the necessary contacts on this requested either via the contact forms, to keep the website, its sub-domains and associated applications secure and to avoid any attempts of fraud and to verify compliance with the terms and conditions governing the use of the site and its sub-domains. Without your consent, the website and its sub-domains will not sell your personal information to any third party for purposes of the same or any third party.
CORRECTION/DELETION OF PERSONAL DATA
The website and its sub-domains give the right to correct, update or delete your personal data at any time by sending an email with your demand on the site or its sub-domains. The website’s management team is required to confirm that it has received the request and that within 48 hours (except weekends or holidays) to act with all the necessary movements for deletion of your personal data except any personal data used for any of your billing and those will be kept only under the law terms.
BALANCING AND DISCLOSURE OF PERSONAL DATA
Our site and its sub-domains are committed not to sell (partially or totally), rent, publish and share your personal data to any third party.The site and its sub-domains can stream your personal data to third parties legally only if:
• We have your written consent for passing your personal data and did not initiate anything described above.
• Sharing your personal data into legal or natural persons working with the site may become necessary for the realization of your requests or your orders. Natural and legal persons who cooperate with the website have the right to process your personal data necessary to provide support to the site.
• Enforced due to compliance with the relevant provisions of the law and to the competent authorities alone.
The site and its sub-domains may disclose your personal information to any employee, executive, consultant, supplier or sub-contractor to the extent only if it is necessary for the purposes set out in this private policy statement. The site and its sub-domains may disclose your personal information to the extent required by law, to protect or exercise its legal rights. Apart from the cases provided for in this private policy, the website and its sub-domains will not sell your personal information to any third parties.
PRESERVATION OF PERSONAL DATA
This notification defines the policies and procedure compliance with personal data, which are designed to ensure that our website and its sub-domains comply with all the legal obligations with respect to maintaining the deletion of your personal information. Personal information processed by the site and its sub-domains for any reason, will not be retained for longer than the one required for that purpose or for these purposes. Subject to all these terms, the site and its sub-domains will usually delete the personal information that falls under the following categories at the date / time specified below:
(a) Personal data communications will be cleared at the end of 6 months.
(b) Personal order data will be deleted after the expiry of the time limit set by law and the tax authority.
The site and its sub-domains will keep documents containing personal data required by law, by judging the responsible site and its sub-domains that those documents are of any actual or potential legal and judicial procedures, to exercise or protect his / her legitimate rights.
PROTECTION OF PERSONAL INFORMATION
The site and its sub-domains will take every precaution to prevent the loss, misuse or alteration of your personal information. The site and its sub-domains will store all of your personal information provided on secure servers protected by passwords and firewall. All online financial transactions running through the site, its sub-domains or linked apps will be protected by encryption technology. You are responsible to keep the secret password used either for logging to our website, its sub-domains or related applications. You will not be asked to tell us your code by email.
You may request the website and its sub-domains to provide you with any personal information held about you. The site and its sub-domains have the right to withhold your personal information permitted by law. You may request anytime to the website and its sub-domains not to process your data for marketing purposes.
APPLICABLE LAW AND OTHER TERMS
The above terms and conditions of use of the site and its sub-domains, as well as any modification, are governed by and supplemented by Greek law, European Union law and relevant international treaties, and Courts for the settlement of any dispute are designated by the Courts of Athens. Any provision of these terms becomes legally unenforceable, without any effect being prejudiced by the validity of the other terms.
Managing and protecting your personal data is subject to the terms of this section and to the relevant provisions of Greek law (Law 2472/1997 on the protection of the individual and the protection of personal data, as supplemented by the decisions of the Chairman of the Commission for the Protection of Personal Data, 207/1998 and 79/2000 and Article 8 of Law 2819/2000 as well as Law 2774/1999 and European law (Directives 95/46 / EC and 97/66 / EC) because of the rapid development of technology and, in particular, of the internet,- though not fully developed – necessary regulations created on these issues. In any case the site and its sub-domains reserve the right to change the personal in data protection terms. If you do not agree with the terms of protection of personal data provided herein, please do not use our services. The site and its sub-domains are not responsible for any damage that you may have which is made with your own initiative and with the knowledge of the terms. The site and its sub-domains have an SSL mechanism for safer access to it.
What is SSL?
The main function of SSL (Secure Sockets Layer) is the creation of an encrypted connection between our web server and visitor’s browser, ensuring secure data exchange between the two sides, preventing them from being intercepted by malicious users. The server that hosts and serves our website and its sub-domains is certified and bound under the new GDPR regulations. The staff is trained to understand the role of the compliance of data protection, our internal policies and procedures. They have tested all of their systems, processes, and services to meet the GDPR requirements, especially in terms of the security of the data and third-party services we use. They only allow specific staff members, access servers, and perform strictly defined processes. Datacenter staff have physical access to servers but have strict protocols to ensure that they do so only if they ask for members of the technical support team and this request will only be done in cases where a visual inspection of a server or physical maintenance on the server itself. The data (websites, databases, e-mails) are stored only on dedicated servers rather than cloud vps, so there is no third-party access (eg infrastructure managers). Systems are constantly being tested for security gaps and we are rapidly upgrading the applications we use. In the unlikely event of a violation in their system, we are obliged by GDPR to inform you within 72 hours, but our goal is to inform you in less than 24 hours. The log files of both the web server and other services (e.g., mail server ) are kept for the minimum time required to complete the original purpose and for the security of our infrastructure. The connection to their infrastructures is SSL, SSH, SFTP and FTP with TLS. Our procedures will continue to improve after 25 May 2018.