SECRECY POLICY

INGROUP is a Data Controller within the meaning of the General Data Protection Regulation (Regulation (EU) 2016/679). You may contact the Data Controller at the following address:  11 Oitylou Street or the following telephone number: +302108120555 and the email address: dpo@ingroup.gr.

            INGROUP has committed himself to comply with all the applicable laws for the data protection, including without limitation the General Data Protection Regulation, but also the national, European or international statute provisions that already exist or will be enacted in implementation of the provisions of the General Data Protection Regulation.

            INGROUP respects the privacy of its employees and counterparties and protects their personal data during the process to the greatest possible extent.

            INGROUP has adopted the requisite organisational and technical measures for the subjects’ personal data.

            INGROUP may process data duly collected only for specific, determined and legal purposes:

• The individualisation of the data’s subject when they enter into employment and civil relationships with the Controller and the fulfilment of the Controller’s legal and contractual obligations deriving from the capacity of employer/ principal;
• The entering into and fulfilment of any obligations based on contracts signed by the Controller and relate to the business thereof;
• The monitoring of the access status in the Controller’s territory;
• The fulfilment of the Controller’s obligations under the law that are connected to the activities exercised by him/ herself.
• Other purposes requiring data processing by the Controller, when the Controller has in any case the obligation to demonstrate the existence of any processing reasons in accordance with Article 6 of the General Data Protection Regulation (Regulation (EU) 2016/679).

Any personal information that is collected and processed by INGROUP must be accurate and updated if necessary. The data are erased or corrected when it is assessed that they are inaccurate or do comply with the purposes for which their processing is being carried out.

INGROUP stores and processes data collected for a period not longer than the one required for the purposes of collection of the personal data.

INGROUP observes the general prohibition of special categories of data processing, such as details disclosing racial or ethic origin, political beliefs, religious or philosophical convictions, trade union participation, as well as the processing of genetic data, biometric details exclusively for the purposes of identification of a person, elements of a person’s state of health or sexual life or sexual orientation. Where the Company INGROUP is required to process sensible data for the achievement of the processing’s purposes, such processing shall be carried out with strict adherence to the legal requirements.

Each subject the data of which is being processed by INGROUP has the following rights:

• The right to be informed with regard to his/ her data processed by the Company INGROUP;
• The right of access his/ her personal data processed by the Company INGROUP;
• The right to correct erroneous data processed by the Company INGROUP;
• The right of erasure of his/ her personal data (“right to be forgotten”);
• The right of restriction of the processing of his/ her personal data;
• The right of portability of his/ her personal data.

Any of the rights set out above may be exercised by the data’s subjects through:

• The dispatch of an application either personally or through a proxy to the following e-mail address: dpo@ingroup.gr;
• The dispatch of an application either personally or through a proxy to the following e-mail address: 11 Oitylou Street, Athens.

Collection and Use of Personal Data

            We may collect personal data including without limitation your full name, mailing address, e-mail address, telephone number, your contact preferences and other information only where they are voluntarily provided by you. Our website is addressed to the general public; however, we do not collect personal data in respect of persons under 18 years of age. We may also use the data that you may submit for internal/ administrative purposes, such as the data analysis and the research for the improvement of INGROUP’s management systems.

Personal Data Protection

            The protection of your personal data constitutes a major priority for us. We respect your right to confidentiality and we adopt precautions including all technical, organisational and natural measures for the protection of your personal data against loss, theft and misuse as well as against non-authorised access, disclosure, amendment and destruction. We impose the appropriate restrictions to access to personal data and we apply the proper measures and reviews for the safe storage and transfer data. The personal data that you submit voluntarily are accessible to INGROUP’s staff. You are responsible for such personal data that you submit in these cases. When your personal data are not of use anymore, we erase them or destroy them safely.

Personal Data Processing Purposes

            We may use and process the data you submit in order to satisfy your requests and queries and to comply with the applicable laws and statutes. Your personal data are required for communication aiming at the potential start of cooperation with you. Your data may also be used and subject to processing in examining a request for taking a vacant post with our Company. Without such data, INGROUP would not be able to contact with you or enter into any contract with you. This comprises both the cooperation and the employment agreements.

            INGROUP may keep personal data about:

• Suppliers
• Service providers
• Business partners
• Advisers
• Applicants
• Employees
• Complainants

Transfer of Personal Data

            Your personal data to be collected by INGROUP may be stored and be processed in the European Union or to any other country as may be required. If INGROUP needs to transfer your personal data, then it shall adopt all the requisite and appropriate measures in order to ensure that the transfer of your personal data shall be carried out safely and in compliance with the requirements of General Data Protection Regulation.