- What personal information do we collect from the people visiting our website? When browsing our site, you may enter your name, surname and email and send us a message by using a form which appears at the bottom of the CONTACT page of this website.
- When do we collect the above information? We collect information from you when you fill out the form which appears at the bottom of the website.
- How do we use your information? We may use the information we collect from you (your name, surname and email) when you send us a message so as to stay in touch with you. We use your information in order to send our newsletters, receive marketing communications about us and our clients or learn more about our affiliated websites. We may also promote our marketing efforts, promotional campaigns and events by sending to you relevant information and asking you to participate.
- How do we protect your information? Our website is regularly scanned for security gaps or vulnerabilities so as to ensure that your visit to our site is as safe as possible. Your personal information is kept behind secured networks and is strictly accessible by only a limited number of persons who have special access rights to such systems, and who are required to keep the information confidential.
- About Third-party Disclosure: We do not sell, trade, or otherwise transfer to non-affiliated parties your personal information. This does not include website hosting partners and other parties who assist us in operating or maintaining our website, running our business, or serving our users. We agree with these parties to keep this information secure, confidential and private. In addition, we do not provide non-personally identifiable visitor information to other parties for marketing, advertising, or other purposes.
- Third-party Disclosure for Joint Marketing Events & Digital Assets: If we send to you an email and invite you to register and participate in a joint marketing event or digital asset, you will be prompted to opt-in and give us your consent before we provide your registration information to third parties & partners. If you give us your permission we may then pass your information so as to be used by third parties in marketing and in designing or providing their own services, to send you information about their products and to notify you if you win a contest. You may opt out of COLORA S.A. providing such information by opting out of our email newsletter and/or not registering for joint marketing events. You have the right to contact the third party directly who may already be sending you messages and request that these communications stop, and to review their privacy policies.
- Third-party Links: We may include or offer third-party products or services on our website. You are reminded that these third-party websites have separate and independent privacy policies. As a result, we can not assume any responsibility or liability for the content and activities of these linked sites. However, we are particularly careful about the integrity of our site and would thus ask from you to provide your opinion about these sites if anything goes wrong or looks suspicious.
- Children Online Privacy: We do not specifically market to children under the age of 16 years old. If you are under 16 you may browse our website with the presence and supervision of your parents or guardians only, otherwise we assume that you are above the age of 16 years old.
- Filing complaints: You also have the right to inform the Data Protection Bureau of your country or the respective Greek Bureau if you think that COLORA S.A. is not complying with GDPR guidelines.
- Data subject rights: Every data subject whose information is kept and processed by COLORA S.A. has the following rights:
1) Right to information: This right provides the data subject with the ability to ask COLORA S.A. for information about what personal data (about him or her) is being processed and the rationale for such processing.
2) Right to access : This right provides the data subject with the ability to get access to his or her personal data that is being processed. This request provides the right for data subjects to see or view their own personal data, as well as to request copies of the personal data.
3) Right to rectification: This right provides the data subject with the ability to ask for modifications to his or her personal data in case the data subject believes that this personal data is not up to date or accurate.
4) Right to withdraw consent: This right provides the data subject with the ability to withdraw a previously given consent for processing of their personal data for a purpose. The request would then require COLORA S.A. to stop the processing of the personal data that was based on the consent provided earlier.
5) Right to object: This right provides the data subject with the ability to object to the processing of their personal data.
6) Right to object to automated processing: This right provides the data subject with the ability to object to a decision based on automated processing.
7) Right to be forgotten: Also known as right to erasure, this right provides the data subject with the ability to ask for the deletion of their data.
8) Right for data portability: This right provides the data subject with the ability to ask for transfer of his or her personal data. As part of such request, the data subject may ask for his or her personal data to be provided back (to him or her) or transferred to another controller.
- How long do we keep your personal data? Depending on the nature and stage of our relationship with website visitors, prospective clients, active clients, vendors or partners, personal data are kept no longer than is necessary for the purposes for which the personal data are processed. The length of time varies accordingly. For example, if data are captured for marketing purposes, we store the data for as long as the individual can be considered a customer. In such a case, we will continue to inform you about our goods or services until you decide to opt-out and ask to delete your data. For recurring clients, data are necessary in order to issue invoices or send physical or email notifications. Likewise, if we have a contract, data are retained until the expiration of that contact.
- Notification of a personal data breach to the supervisory authority: In the case of a personal data breach, COLORA S.A. shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55 of GDPR -unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.