Learn about the Personal Data Protection Policy in accordance with the applicable European regulation on your privacy.
Introduction
“Marinidou Paraskevi Private Diagnostic – Microbiological Medical Laboratory Single-Member Private Capital Company
GEMI No. 173378611000”, hereinafter referred to as the “Company,” places particular importance on security and respects the privacy and confidentiality of your personal data. For this reason, we invest time and resources to protect your privacy. As part of this effort, we continuously update and train our personnel to fully comply with the applicable national, European, and international legal framework, and in particular with the General Data Protection Regulation (EU) 2016/679 of the European Union.
Purpose of this Policy
We aim to inform you about how our customers’ personal data are collected, stored, used, and transferred; the security measures we take to protect your personal data; the reasons for and duration of their storage; and the types of personal data collected.
This Policy applies to any operation or set of operations performed, with or without automated means, on personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or other forms of making available, alignment or combination, restriction, erasure, or destruction.
This Policy is updated periodically and may be amended whenever deemed necessary, without prior notice, always within the applicable legal framework and in accordance with any changes in personal data protection legislation. We therefore recommend that you review this Policy regularly to stay informed of any updates.
What are personal data?
Personal data are any information relating to an identified or identifiable natural person (e.g., name, identity card number, address, etc.).
Data concerning health (physical or mental condition, receipt of medical services, etc.) fall under the general term of personal data but constitute a special category of data.
The Company will not process your personal data without your consent. However, the Company reserves the right, in exceptional cases, to process your personal data to the extent permitted or required by law and/or by court decisions or prosecutorial orders.
How are personal data collected?
Your personal data are collected in the following ways:
a. You provide them to us when the Company provides services to you; when you contact us to receive services for yourself or a third party; when you submit a job application to the Company; when you complete online forms or send emails to obtain information about or use the Company’s services via its websites.
b. Automatically, through the browser or mobile device you use to access our websites.
c. By a third-party partner, after you have provided your consent. When registering for a service offered through the Company’s websites, you may be required to complete certain fields and select a username and password. Where consent is required for the collection of your personal data (e.g., for receiving a newsletter), it is expressly requested, and you may withdraw it at any time.
What types of personal data are collected?
In summary, the personal data collected and further processed include:
Your name, address, and contact details (including email address and telephone number), payment information (such as bank card details). In addition, technical information that constitutes personal data may be collected, such as your device’s Internet Protocol (IP) address (e.g., desktop computer, laptop, tablet, smartphone).
This technical information is used to ensure the proper operation and performance of the websites and electronic services and is not permanently stored in our infrastructure.
Further details on the technologies used on our websites (cookies, internet tags, etc.) are provided below.
Principles governing the processing of personal data
The Company processes your personal data fairly and lawfully for specific purposes. The data processed are limited to what is strictly necessary to achieve those purposes, are accurate and up to date, are retained for a period determined by the processing purposes, are protected by adequate security measures, and are not transferred to countries that do not ensure an adequate level of protection.
Who collects personal data and for what purpose? Are they transferred to third parties?
Personal data are collected and processed by authorized Company employees solely for the purpose of providing the relevant service. They are transferred only to authorized third parties bound by confidentiality obligations when access is required for service provision.
Upon your instruction, your personal data may be transferred to third parties/partner companies with whom you have contracted. The Company undertakes not to trade your personal data by selling, renting, transferring, publishing, or otherwise disclosing them to third parties, nor to use them for purposes that may jeopardize your privacy, rights, or freedoms, unless required by law, court order, administrative act, or contractual obligation necessary for the proper operation of the Company’s website and services.
Personal data may be transferred to partners or third parties who comply with this Policy and are bound by confidentiality, acting on our behalf for further processing to provide services, evaluate and improve website functionality, marketing purposes, data management, and technical support—only after the user has been informed in advance and consent has been obtained. These third parties are contractually bound to use the data solely for the above purposes and not to disclose them to others unless required by law.
How long are my personal data retained?
Your personal data are retained for as long as required by the nature of the service you have selected and additionally for the period stipulated by applicable law.
What are my rights?
What can I do if I have an issue with the processing of my personal data?
You have the right at any time to ask which of your personal data we process, for what purposes, whether they are shared with third parties and with whom, and other related information. You also have the right to receive a free copy of your personal data upon request.
Other rights under applicable data protection law include the right to request updating and/or correction of your data, cessation and/or restriction of processing, and deletion from the Company’s systems, provided there is no other legal obligation to retain them. You also retain the right to data portability and/or to object to processing. Specifically regarding the newsletter service, you may unsubscribe by following the instructions included in each newsletter.
You may exercise all of the above rights by submitting a written request to vmarinid@otenet.gr. For any matter regarding your personal data or clarifications, you may contact the Company’s Data Protection Officer by phone at 2531037744 or by email at vmarinid@otenet.gr.
In any case, you have the right to contact the Hellenic Data Protection Authority (HDPA, www.dpa.gr) and/or to seek judicial remedy.
Each request must be accompanied by appropriate proof of identity and the necessary information (e.g., data requiring correction), as described in the terms of use of the relevant service. The Company may request additional information necessary to verify your identity.
The Company endeavors to respond to requests without undue delay and in any event within one month of receipt. This period may be extended by up to two (2) additional months where necessary, considering the complexity and number of requests. You will be informed of any extension and the reasons for the delay within one month of receipt. If you submit the request electronically, the response will be provided electronically where possible, unless you request otherwise (e.g., written letter).
Are my data secure?
The Company considers privacy of utmost importance and makes every effort to protect personal data with respect to confidentiality and integrity. It applies an Information Security Management System aligned with best practices of ISO 9001:2015 and EN 15224:2012 standards.
The Company implements appropriate organizational and technical measures designed to protect information from loss, misuse, unauthorized access, disclosure, alteration, or destruction, ensuring lawful and fair processing and secure retention in accordance with Greek, EU, and international law and decisions of the Data Protection Authority. Access to website users’ contact details is limited to authorized persons bound by confidentiality.
Cookies & internet tags
Cookies are small text files containing information stored in the visitor’s browser during website navigation and can be removed at any time. The Company’s website uses cookies for:
- Proper and efficient website operation
- Device, browser, and operating system recognition to provide a personalized experience
- Storing user preferences during or between visits
- Improving performance and/or security
- Delivering content based on interests and needs
- Analyzing navigation and website use
The Company does not use cookies to collect personal data without consent, transmit data to advertisers, or share data with third parties without consent.
The website uses session and persistent cookies. Some third-party services (e.g., social media buttons) may place their own cookies beyond the Company’s control. Session cookies are deleted after browsing ends or the browser is closed; persistent cookies remain until deleted or until their predefined expiration.
You can configure your browser to warn you about cookies or refuse them entirely. More information is available at https://cookiepedia.co.uk/all-about-cookies and http://www.allaboutcookies.org/. You may delete cookies at any time; however, refusal may limit some website features.
The website also uses internet tags to measure visitor response. No personally identifiable information is collected through cookies or internet tags.
Links to other websites
The Company’s website may include hyperlinks to other websites for whose content and services the Company bears no responsibility and does not guarantee continuous or secure access. The Company does not endorse or adopt such content or services. Responsibility lies solely with the respective website owner, including their data protection practices.
Social media and advertising content
The Company uses social media to present its work and services through widely used channels, as indicated on the website. Users are encouraged to consult the policies of third-party providers (e.g., search engines, social media platforms such as Facebook, LinkedIn, Twitter, etc.).
The website may display advertising or informational material. The Company bears no responsibility for any unlawful act, omission, inaccuracy, or non-compliance related to such material. Responsibility lies with advertisers, sponsors, or creators of the displayed content.