211-0082417 6980-196833
Our agency fully and irrevocably complies with the requirements of European Regulation 2016/679 (GDPR) [link] for the protection of personal data. In this context, special attention is paid to matters of processing, secrecy, confidentiality, integrity and availability of information, safeguarding and protection of information, retention/destruction of data, purpose of collection and processing and others.
Particular importance is attached to safeguarding your rights regarding the processed data (access, portability, deletion/"to be forgotten", rectification, withdrawal of consent, objection, immediate notification in the event of a breach, etc.).
An exception to the above is disclosure of information in cases where this is required by law or by court order or in response to a law enforcement order.
It should be noted that the same strict policy is imposed by written agreement on our external associates (translators, editors, interpreters).
If you have any questions or would like to know exactly what data we keep about you, please do not hesitate to contact us. For more and more detailed information, please click here [link to lawyer's text 4.1]
Cookies
To provide the best experience, we and our associates use technologies such as cookies to store and/or access device information. Your consent allows us to provide our services optimally, while refusal or withdrawal of consent may adversely affect certain functions and features.
PRIVACY POLICY
1. GENERAL
The translation agency with the distinctive title GrammaLexis, which is based in Melissia, at number 9, Papanikoli Street, P.C. 15127, with Business Registration (GEMI) number 179355003000 and VAT number 802600875 (hereinafter "the Agency") is committed to protecting the personal data of its customers, associates and website visitors and to take the necessary security measures to ensure this protection. This Policy describes the categories of personal data we may process, how we collect, use, store and share your personal data, the purposes and legal bases for the processing, the protection measures for your personal data and your rights regarding the use of your personal data, in accordance with the EU General Data Protection Regulation (GDPR) 2016/679, as well as the relevant national legislation on the protection of personal data, as applicable.
This Policy applies only to the Agency's website [www.grammalexis.gr] referring to it. Our website may contain links to third-party websites; we are not responsible for the content of these, and this Policy related to our Agency does not apply to these, even if you access third-party websites via a link on our website. For this reason, you should check the privacy policy of any third-party website before providing any information requested there.
2. MINORS
This website is not designed and is not intended for use by minors under the age of 16. All minors must obtain permission from their parents or guardians before using or disclosing any personal information on our website or other online resource. Under no circumstances do we knowingly collect on our website the personal data of any minor under the age of 16 without prior verifiable consent of their parents or guardians. Upon request, the said parents and guardians have the right to see the data provided by the minor, and to request its deletion.
3. DATA CONTROLLER
The Data Controller for the processing of your personal data is the GrammaLexis translation agency, with headquarters at 9, Papanikoli St., Melissia, Attica, Greece, P.C. 15127. You can contact the data controller for issues related to the processing of your personal data at the above address or at the contact phone number 210-6139659 and/or by sending an email to info@grammalexis.gr. The details of the data controller representative are: Nikolaos Drakoulis, nikosdrakoulis@gmail.com, 6980-196833.
4. METHODS OF COLLECTION AND PROCESSING OF PERSONAL DATA
4.1. For the purposes of this Policy, the term "personal data" refers to any information by which you can be directly or indirectly identified (indicative examples: name, address, e-mail address, telephone number, identity document number, location data, online identifier or one or more factors that characterize the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person), as well and any other information that is linked to your person and comes under the concept of "personal data" according to the General Data Protection Regulation (GDPR) 2016/679 of the EU (see in particular article 4 (1) - definitions), as well as the relevant national legislation for the protection of personal data, as applicable.
4.2. For the use of this website and the provision of the services of our Agency, we may request certain personal data in a pre-contractual stage which will enable us to send you an offer (e.g. service costs) for a possible cooperation or to contact you in the context of our contract/service provision. In addition, our Agency and our business partners collect and process personal data only when it is voluntarily provided by you during the use of this website and for the provision of services of our Agency, such as indicatively:
• Contact details: First name, last name, email address, telephone, address.
• Order details: Information related to the translations you request, including texts/certificates/documents and the working languages.
• Payments: Payment details (e.g. credit card number, VAT number), managed by secure third party payment service providers.
• Website details: We automatically collect certain information when you visit our website, such as your IP address, browser type and the pages you visit within the website.
In addition, it should be noted that certain features of our website or our services may not be available if you choose not to provide certain personal data that is necessary to achieve the purposes specified in this policy.
4.3. Special categories of personal data: We do not ask you for special categories of personal data. In the event that a document that you voluntarily provide to us during the pre-contractual stage or in the context of the performance of a contract/the provision of translation services, includes special categories of personal data, i.e. personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of unambiguous identification of a person, data relating to health or data relating to a natural person's sex life or sexual orientation, the processing of such data is permitted when you have given us express consent for the processing of these personal data for one or more specific purposes, such as indicatively for the purpose of providing you with translation services of documents that include special categories of personal data.
5. PURPOSES OF PROCESSING
We process your personal data for the following purposes:
• Contact: In order to contact you with respect to your orders, respond to your requests or questions and provide you with information about our services or their costs.
• Provision of services/Performance of contract: To render the translation (or other translation-related) services you request.
• Improvement of services: To improve the quality of our services and your experience on our website.
• Website security: For purposes related to the operation and security of our website.
• Legal Compliance: To comply with our legal obligations
• Improvement of organization and operation: For purposes of business organization and improvement of our operations.
6. LEGAL BASIS OF PROCESSING
The legal basis for the processing of your personal data is:
• Regarding communications:
a. To inform and contact you about the cost or cost estimate of our services, we collect some necessary personal data of yours based on your express consent, which you have the right to withdraw at any time. In the event that you do not cooperate with us or conclude a contract/service provision, this personal data, as well as any documents that include personal data voluntarily sent to us for the above purpose, are deleted (GDPR article 6 par 1 (a)).
b. To inform you about our services and send newsletters or promotional material, we may process your personal data based on your express consent. At any time, you may stop your subscription to the newsletter by following the instructions mentioned in each communication (GDPR article 6 par 1 (a)).
c. To respond to your requests or questions, we collect and process your personal contact data (e.g. name, email address, phone number), your preferences (e.g. preference area) or any other information you provide us based on our legitimate interest so that we can respond to your requests and questions (GDPR Article 6, par. 1(f)).
d. If you submit sensitive personal data as part of the request, the said processing will also be based on your express consent (GDPR Article 6, par. 1 (a) and article 9 par. 2 (a)).
• Regarding the performance of a contract / the provision of services:
a. In order to perform the contract between us at a pre-contractual stage and while fulfilling the translation (or translation-related) services you request from us, we may collect and process your personal data, such as, indicatively, name, identity details, address, job position or any other information you provide us (e.g. through documents, certificates, training certificates, exams) in the context of the provision of our services. In this case, we use your personal data to fulfill some of our contractual obligations to you (GDPR article 6, par. 1 (b)).
b. If you submit to us sensitive personal data as part of a contractual obligation / provision of services, the said processing will also be based on your express consent (GDPR Article 6, par. 1 (a) and article 9 par. 2 (a)).
• Regarding the improvement of services:
We may collect and process certain information related to you and/or your preferences, to understand your interests in our services and to better serve you, improve our services (e.g. communication, language, service preferences) . In cases where the collection/processing is done automatically, we rely on our legitimate business interest to improve our services (GDPR article 6, par. 1 (f)). In other cases, we rely on your express consent (GDPR article 6, par. 1 (a)).
• Regarding the security of our website:
We may collect data and information (indicatively) about your IP address, your location, access sources on the basis of our legal interest (GDPR article 6, par. 1 (f)) for the security and operation of our website.
• Regarding legal compliance:
To ensure our compliance with our tax and other legal obligations, we may collect and process personal data in the context of our activity (e.g. name, address, professional status) if required by applicable law. In this context, we may also be required to share your relevant data with competent authorities (e.g. Tax Office) or third parties. We rely on our compliance with our legal obligations (GDPR article 6, par. 1 (c)).
• Regarding improvement of organization and operation:
We may process your personal data collected, in the context of our business activity and for the purpose of improving our organization and operation (e.g. name, address, contact telephone number, e-mail address), which may be archived to facilitate access to them by our staff. The collection and processing is based on our legitimate interest concerning the organization and improvement of the way our business operates (GDPR article 6, par. 1(f)).
7. INFORMATION SHARING / RECIPIENTS OF PERSONAL DATA
We may share your personal data with third parties, such as external associates or our staff or relevant authorities (where required by law), indicatively for purposes of:
a. operating, supporting, maintaining our digital media, website and other platforms
b. supporting / fulfilling the contractual obligations of our Agency
c. safeguarding our legitimate interests (improving services, responding to requests, organizing and improving the way our business operates)
d. answering requests from authorities, where required by law
e. responding to a complaint or a security threat.
In the above cases, where the third parties act either as data processors on our behalf, or as joint data controllers, or as independent data controllers, we ensure that they are contractually bound and warranted to maintain the confidentiality of the personal data we share with them, that they will take security measures and will not further share these data without our permission and, in general, that they will comply with the legal framework according to the EU General Data Protection Regulation (GDPR) 2016/679, as well as the relevant national legislation on the protection of personal data, as applicable.
8. DATA SUBJECT RIGHTS
Depending on the purpose and legal basis of processing, you may have some or all of the following rights with respect to your personal data:
• Access: The right to request confirmation as to whether or not personal data concerning you are being processed and, if so, the right to access the personal data we hold about you and the relevant information under GDPR article 15 (e.g. providing a copy).
• Rectification: The right to request the rectification of any inaccurate personal data or the completion of incomplete personal data.
• Erasure: The right to request the deletion of your personal data (e.g. when it is no longer required for the purposes for which you provided it), in accordance with the reasons/conditions set out in GDPR article 17.
• Restriction of processing: The right to request the restriction of the processing of your personal data (e.g. to specific limited purposes, where it is not possible to erase them) in accordance with the provisions of GDPR article 18.
• Notification obligation regarding rectification or erasure: The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with GDPR Article 16, Article 17(1) and Article 18 to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort The data controller shall inform the data subject about those recipients if the data subject requests it.
• Data portability: The right to receive your personal data in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from the data controller to which the personal data have been provided in accordance with the conditions in GDPR article 20.
• Objection: The right to object, at any time and on grounds relating to your particular situation, to processing of personal data concerning you, which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions, in accordance with the definitions in GDPR article 21.
• Automated decision making: The right to not be included in a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except for the cases stated in GDPR article 22.
• Withdrawal of consent: When processing is based on article 6 (1) (a) or article 9 (2) (a), that is when it is based on your express consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
• Complaint: You have the right to lodge a complaint with a supervisory authority.
• Information: As the provision of personal data may be a legal or contractual obligation or a requirement for the conclusion of a contract, it is possible that choosing not to provide personal data may make it impossible to fulfill the legal or contractual obligation.
• Notice: In the event that the personal data breach may put your rights and freedoms at high risk, the data controller, under the conditions of GDPR article 34, will notify you of the personal data breach.
9. DATA SECURITY
The Office, our service providers and associates implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, abuse, misuse, disclosure, alteration or destruction. However, the Agency waives, to the fullest extent permitted by law, all liability and damages caused by the loss, misuse, unauthorized access, disclosure, alteration or destruction of your personal data. It is always recommended that you take any available precautions to protect the personal data you submit to this website (e.g. secure browser setting, anti-virus software). If we become aware of a security breach, we may notify you via a posting on our website or notify you electronically so that you can take the necessary protective measures.
10. DATA RETENTION PERIOD
We retain and store your personal data for as long as necessary to fulfill the purposes for which they were collected, unless a longer retention period is required by applicable law or required to satisfy any legal claims we may have. The data retention time is calculated based on a) the time required to fulfill the legal obligations of our Agency, b) the duration of the legal effects resulting from your contract with our Agency.
11. CONTACT
For any question or request regarding this Policy or your personal data, please contact us at the contact details listed above.
12. POLICY UPDATE
This Policy may be updated from time to time.
Date of last review: 15 Nov 2024.