LOgin

Privacy Policy

1.    Introduction 

The software service “Eligence” (“Service”) is operated by “Maggioli SPA – Greek Branch (“Provider”) on resources provided by “Maggioli SPA – Greek Branch”.

“Maggioli SPA – Greek Branch” (“Provider”) is a software private Company with full name Maggioli SPA – Greek Branch est. in Marousi on 21 Sep 2020, its headquarters located Andrea Papandreou 19 Marousi, 15124, Attica, Greece.

Protecting your personal data is very important to us. Our Privacy Policy is intended to help you understand why we collect your personal information and how we use it. It provides detailed information about when and why we collect your personal information, how we use and process it, how long we keep it, and finally, under what terms we can share it with others.

2.    Scope

This policy applies to all of you who access and use our Service.

This Privacy Policy applies solely to personal data and information that the Service collects through its usage or through any electronic communication of the User with the Provider, as indicated on the Service (herein referred to as “Personal Data”).

We may also collect information from you in other ways, including information collected during technical support contacts. If we provide a separate or supplemental notice when we collect personal data from you, that notice will control to the extent of any conflict.

3.    Information Collected

The Service manages different types of data, all in compliance with the current European legislation on Data Protection. Any Data concerning the User is collected to allow the Provider to provide the services.

a.     Required Data

 

Personal Data

The provision of the Service requires that certain pieces of personally identifiable information are processed. Personal data of yours we process:

  • name
  • address
  • email address
  • telephone number

 

Cookies

Any Cookies or other tracking tools used by this Service, or by Other Providers of third-party services used by or through this Service, serve the purpose of providing the service required by the User, in addition to any other purposes described in the present document and in the specific Policy for Cookies, if such a document is made available.

4.    Use of Personal Data

The Service uses Personal Data for the following purposes:

  • Fulfilment of requests: The Service uses Personal Data to deal with inquiries, register to third-party Services, contact the user, deliver notifications, charge and bill the user etc.
  • Service operation: The Service uses cookies to identify users, get information about location and client device in order to adapt / grant its capabilities, grant access to specific Service areas, grant access to relevant information, filter content etc.
  • Statistical analysis: Aggregated data about Service usage (which do not identify a specific user), such as the number of users who have visited certain pages of the Service, or how long users are spending on a particular page, are used to feed statistics as to the use of the Service.
  • Internal business purposes: The Provider uses the collected information for internal business purposes, such as for audits or to track service feature use and behaviour, justification of resource usage and funding, extraction of business KPIs etc.
  • Service and products design: Aggregated and Personal Data are used by the Provider so that improvements, adjustments and refinements are performed, as well as new Services and Products are designed to address general or user-specific needs.
  • Displaying User information: Data concerning the User are presented by the service to allow Users to identify ownership, provenance and allocation of various resources.

 

Our Service guarantees that your personal data will not be used for purposes other than those set forth in this policy, without prior notice and where your approval is required.

The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated.

The Provider considers User Personal Data as an asset that is not for sale and will never sell User Personal Data to any third-party.

5.    Recipients of personal data

Access to personal data and transaction information is only authorized by employees, affiliates and third parties who process the above data at the Provider’s discretion and only when and to the extent necessary for the above purposes. Personal data may only be transmitted, for the purposes of the above processing, to specific recipients who are employees, and generally affiliates as well as third parties affiliated with the Provider. In addition, the Provider may, without prior notice, disclose your information to the competent judicial and/or administrative authorities to the extent required by applicable laws and regulations, or by judicial decision and/or administrative act.

The Provider makes every effort to control and evaluate when selecting its affiliates to whom it transmits the personal data of those concerned. There is a written agreement between the Provider and any third party, according to which the processing of personal data is carried out under the control of the Provider and only on its order and is subject to the same data protection policy.

6.    Data retention time

The time period for storing data is decided on the basis of the following specific criteria, as appropriate:

  • Where processing is required by provisions of the applicable legal framework, your personal data will be stored for as long as the relevant provisions require
  • When processed on a contract basis, your personal data is stored for as long as necessary for the performance of the contract and for the foundation, exercise, and/or support of legal claims under the contract.
  • For other purposes, your personal information is kept until your consent is withdrawn. This can be done at any time. Withdrawal of consent does not affect the legality of the consent-based treatment during the period prior to its withdrawal. You can revoke your consent at any time by selecting the link provided in the emails we send to you.

7.    Your Rights and Choices

As defined in the Regulation (EU) 2016/679 (General Data Protection Regulation), User (data subject) has the following Rights:

  • Right to have access to the Personal Data that is held about you by the Provider – what data we have collected, for what purpose, how it is processed and how long it is stored (article 15).
  • Right to rectification (article 16). You have the right to obtain from the Provider the rectification of inaccurate personal data and to have incomplete personal data completed.
  • Right to erasure (‘right to be forgotten’) (article 17). You have the right to obtain from the Provider the erasure of personal data concerning you.
  • Right to restriction of processing (article 18). You shall have the right to obtain from the Provider restriction of processing where one of the following applies: (a) the accuracy of the personal data is contested (b) the processing is unlawful (c) the Provider no longer needs the personal data for the purposes of the processing.
  • Notification obligation regarding rectification or erasure of personal data or restriction of processing by the controller (article 19). The Provider will communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Provider shall inform you about those recipients if you requests it.
  • Right to data portability (article 20). You have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another Party without hindrance from the Provider.
  • Right to object (article 21). You have the right to object to processing of your personal data. The Provider shall no longer process the personal data unless the Provider demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Before we are able to provide you with any information or correct any inaccuracies, we may ask you to verify your identity and/or provide other details to help us respond to your request.

The Provider reserves the right not to respond to requests generated through third-party applications or automated processes without direct validation of the requests by data subjects using the resources provided by the Service for the exercise of these rights as described in this Policy.

8.    Data security

The Provider takes care to guard the security of your personal data. We apply appropriate physical, technical and organizational measures that are reasonably designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. We maintain a security program that is proportionate to the risks associated with the processing.

9.    Location of Personal Data Storage

The Service is provided via its project managed instance, whose servers are located in Greece, and provided by “Maggioli SPA – Greek Branch”.

10. Law enforcement – compliance

The Provider may use or disclose Personal Data to any third-party (a) if required to do so by law; (b) to comply with legal processes or respond to requests from governmental or public authorities; (c) to prevent, investigate, detect, or prosecute criminal offenses or attacks on the technical integrity of the Service or network; (d) to enforce Terms and Conditions; or (e) to protect the rights, privacy, property, business, or safety of the Provider, its business partners, employees, members, Service Users, or the public. Unless prohibited by applicable law, the Provider shall inform the User if a third-party requests access to Personal Data about the User.

11. Policy modification

This privacy policy may be modified. We will be sure to keep you informed of any changes, but in any event we invite you to visit our website regularly, where the most up-to-date Privacy Policy will be posted.

12. Exercise of your Rights, Inquiries, Objections, Complaints

For exercising your rights, or for any questions, comments, objections or complaints, regarding this Privacy Policy or privacy, security or data protection practices applied, please contact the Provider by email via its designated Data Protection Officer (dpo@eligence.eu).

We handle your requests with the utmost care to ensure that your rights are protected. For any requests that may require assumption or disclosure of Personal Data, the User will have to demonstrate legitimate grounds for making the respective requests, as well as provide sufficient evident for the identity of the User.

In some cases we may not be able to process your request directly. However, in any event we will inform you of the progress of your request within one month of the submission of your original request.

You always have the right to complain to the “Hellenic Data Protection Authority (www.dpa.gr)”, if you are concerned about how we have processed your personal data.