1.    Introduction 

The software service “Eligence” (“Service”) is operated by “Maggioli SPA – Greek Branch” (“Provider”) using resources provided by “Maggioli SPA – Greek Branch”.

“Maggioli SPA – Greek Branch” (“Provider”) is a private company founded in 2020 and headquartered at 19 Andrea Papandreou Street, Marousi, 15124, Attica, Greece.

Protecting your personal data is of utmost importance to us. Our Privacy Policy is intended to help you understand how we handle your personal information. It offers detailed insights into when and why we collect your data, how we use and process it, the duration for which we retain it, and the conditions under which we may share it with others.

2.    Scope

This Privacy Policy applies to all of you who access and use our Service.

This Privacy Policy exclusively covers personal data and information (referred to as “Personal Data”) collected by the Service through its use or any electronic communication between the User and the Service Provider.

Additionally, we may collect information from you through other means, such as during technical support interactions.

In the event of a separate or supplementary notice provided at the time of collecting your personal data, that notice will take precedence in the event of any conflict.

3.    Information Collected

The Service manages various types of data in strict compliance with applicable European data protection legislation. User data is collected by the Service to enable the Provider to deliver the Service effectively.

Required Data

Personal Data

The provision of the Service requires the processing of certain personal information about you. The personal data we process includes the following:

• name
• address
• email address
• telephone number

Cookies

Any cookies or other tracking tools used by this Service or by third-party service providers through this Service are intended to facilitate the provision of the Service to the User, as specifically outlined in the Cookie Policy.

4. Use of the Service by Children

If you are 16 years old or younger, please ask your parents or guardians for permission before providing any personal information to us. Children may use Eligence with the consent of their parents or guardians.

All information provided by children under the age of 16 will be handled with respect to their rights. We recognize the need to provide additional privacy protection regarding the personal data of children that we may collect. When collecting information from children, we take extra measures to safeguard their privacy, including:

• In accordance with applicable laws and our practices, we obtain parental consent for the collection and use of their children’s personal information.
• We inform parents about our practices concerning the handling of children’s information.
• We limit the collection of children’s personal information to what is necessary and reasonable.
• We provide parents with access to, or the ability to request access to, the personal information we have collected about their children, and the option to request corrections or deletions of this information.

If we discover that we have inadvertently collected personal information from a child under the age of 16, we will take steps to delete the information as promptly as possible.

5.    Use of Personal Data

The Service uses the personal information submitted for the following purposes:

• Fulfilment of requests: The Service uses personal data to process requests, register for third-party services, communicate with the user, send notifications, handle billing, and issue invoices, among other things.
• Service Operation: The Service uses cookies to identify users, customize and secure its features, provide access to specific Service areas, and filter content, among other functions.

• Statistical Analysis: Aggregated data about the use of the Service (which do not identify individual users), such as the number of users visiting specific pages or the time spent on a particular page, are used to compile usage statistics.

• Service and Product Development: Aggregated and Personal Data are used by the Provider to make improvements, customizations, and updates, as well as to design new services and products that meet the general or personalized needs of users.

• User Information Presentation: Data related to the user are presented by the Service to enable users to recognize ownership, origin, and allocation of various resources.
• Internal Business Purposes: The Provider uses the collected information for internal business purposes, such as audits, monitoring service usage and behavior, justifying resource use and funding, and deriving business KPIs, among other purposes.

Our Service guarantees that your personal data will not be used for purposes beyond those specified in this policy without prior notice and, if necessary, your consent.

Data processing is carried out using computers and/or IT tools, following organizational procedures and methods strictly related to the aforementioned purposes.

The Provider considers Users’ personal data as an asset that is not intended for sale and will never be sold to third parties.

6.    Recipients of personal data

Access to personal data and information is permitted only to specifically authorized employees of the Provider and only to the extent necessary for the aforementioned purposes. Personal data may be transferred, for the purposes of the aforementioned processing, only to specific recipients who are employees, collaborators, or third parties affiliated with the Provider.

The Provider makes every effort to carefully select and evaluate its collaborators to whom personal data is transferred. There is a written agreement between the Provider and each third party, stipulating that the processing of personal data is conducted under the Provider’s control, only according to its instructions, and is subject to the same data protection policy.

Additionally, the Provider may, without prior notice, disclose your information to competent judicial and/or administrative authorities as required by applicable laws and regulations, or by court orders and/or administrative actions.

7.    Data retention time

The time period for storing data is determined based on the following specific criteria, depending on the case:

• When processing is required by provisions of the applicable legal framework, your personal data will be stored for as long as the relevant provisions require.
• When processed on a contract basis, your personal data will be stored for as long as necessary to execute the contract and to establish, exercise, and/or defend legal claims according to the contract.
• For other purposes, your personal information is retained until you withdraw your consent. This can be done at any time. The withdrawal of consent does not affect the legality of the processing based on consent before its withdrawal. You can withdraw your consent at any time by selecting the relevant link.

Before we can provide you with any information or correct any inaccuracies, we may ask you to verify your identity and/or provide other details to help us respond to your request.

8.    Your Rights and Choices

As defined in the Regulation (EU) 2016/679 (General Data Protection Regulation), User (data subject) has the following Rights:

• Right to have access to the Personal Data that is held about you by the Provider – what data we have collected, for what purpose, how it is processed and how long it is stored (article 15).
• Right to rectification (article 16). You have the right to obtain from the Provider the rectification of inaccurate personal data and to have incomplete personal data completed.
• Right to erasure (‘right to be forgotten’) (article 17). You have the right to obtain from the Provider the erasure of personal data concerning you.
• Right to restriction of processing (article 18). You shall have the right to obtain from the Provider restriction of processing where one of the following applies: (a) the accuracy of the personal data is contested (b) the processing is unlawful (c) the Provider no longer needs the personal data for the purposes of the processing.
• Notification obligation regarding rectification or erasure of personal data or restriction of processing by the controller (article 19). The Provider will communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Provider shall inform you about those recipients if you requests it.
• Right to data portability (article 20). You have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another Party without hindrance from the Provider.
• Right to object (article 21). You have the right to object to processing of your personal data. The Provider shall no longer process the personal data unless the Provider demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Before we are able to provide you with any information or correct any inaccuracies, we may ask you to verify your identity and/or provide other details to help us respond to your request.

The Provider reserves the right not to respond to requests generated through third-party applications or automated processes without direct validation of the requests by data subjects using the resources provided by the Service for the exercise of these rights as described in this Policy.

9.    Data security

The Provider takes measures to ensure the security of your personal data. We implement appropriate physical, technical, and organizational measures that are reasonably designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. We maintain a security program that is proportional to the risks associated with the processing of personal data.

10. Law enforcement – compliance

The Provider may use or disclose Personal Data to any third-party (a) if required to do so by law; (b) to comply with legal processes or respond to requests from governmental or public authorities; (c) to prevent, investigate, detect, or prosecute criminal offenses or attacks on the technical integrity of the Service or network; (d) to enforce Terms and Conditions; or (e) to protect the rights, privacy, property, business, or safety of the Provider, its business partners, employees, members, Service Users, or the public. Unless prohibited by applicable law, the Provider shall inform the User if a third-party requests access to Personal Data about the User.

11. Policy modification

This Privacy Policy may be subject to changes. We will make every effort to notify you of any updates, but we encourage you to regularly visit our website, where the current and most up-to-date Privacy Policy will always be available.

12. Exercise of your Rights, Inquiries, Objections, Complaints

For exercising your rights, or for any questions, comments, objections or complaints, regarding this Privacy Policy or privacy, security or data protection practices applied, please contact the Provider by email via its designated Data Protection Officer (dpo@eligence.eu).

We handle your requests with the utmost care to ensure that your rights are protected. For any requests that may require the disclosure of personal data, you must provide sufficient proof of your identity.

In some cases, we may not be able to process your request directly. However, we will inform you of the progress of your request within one month of receiving it. If you have concerns about how we have handled your personal data, you always have the right to file a complaint with the Data Protection Authority at www.dpa.gr.