Personal data: any information concerning an identified or identifiable natural person (“data subject”), the identifiable natural person is that the identity of whom can be verified, directly or indirectly, especially via reference to a recognizable identity element, such as name, identity number, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other disposal, alignment or combination, restriction, erasure or destruction.
- Subject: personal data subject is any natural person connected via one or more attributes with CCC and the personal data of whom are processed in the framework of this transaction or other relation or/and attribute.
- Controller: the person defining the purposes and the processing manner of personal data.
Controller of CONSOLIDATED CONTRACTORS COMPANY (CCC) which maintains offices in Greece at Marousi Attica, 62B Kifissias Avenue, Marousi Τ.: +30 210-6182000 E-mail.: dpo@ccc.net
When CCC processes personal data, it fully complies with the Greek legislation of the Personal Data Protection as each time amended and is in force, which includes the General Data Protection Regulation (GDPR) (ΕΕ) 2016/679 (GDPR), Law 4624/2019, and Law 3471/2006 in the field of electronic communications. It also fully complies with the European Legislation on the protection of personal data (i.e. Treaty on European Union, Charter of Fundamental Rights of the European Union, European Convention on Human Rights, etc.)
CCC can process a part or the whole of the data sent by the visitors/users/partners/contracting customers for legal reasons (analyzed below in detail), for statistical reasons but also for the improvement of the services provided etc, and more specifically:
- Full Name
- E-mail
- Company name
- Company website
- Location country
- IP Address
- Browser Agent
Vested interests of the processing manager or third parties when applicable and when the legal processing base is the vested interest. The personal data process is necessary for the fulfillment of the purposes below. Unless differently stated during the collection of personal data, the legal base for its process is one of the following. The process is necessary for the execution of the contractual relationship with you (Article 6 (1) (b) of the General Regulation) as well as for our compliance with vested interests (Article 6 (1) (c) of the General Regulation (GDPR)). More specifically CCC, processes the personal data mainly for the reasons stated below:
- For identification of the subjects and evaluation of the potential business opportunities with possibility of signing an NDA.
Complementary Legal processing bases
Apart from the above, the CCC may also proceed to the collection of personal data, providing that some of the following conditions are fulfilled:
- The process is necessary for the purposes of the vested interests pursued by the CCC (Article 6 (1) (f) of the General Regulation).
- The process is based on the explicit consent of the subject for personal data process (Article 6 (1) (a) of the General Regulation).
CCC limits the use of this website only to adults over 18 years old. Moreover, the intent of the CCC is not to collect personal data of underaged and legally incompetent adults who may have access to its website, in violation of the above mentioned. However, given the fact that this cannot be safeguarded/assured by the CCC, any underaged or legally incompetent adult users of the website, transmitting through its personal data to the CCC, are obliged and is expected to have received the consent of those exercising their parental responsibility or any legal guardians.
Recipients or acceptable personal data categories (if any). CCC is entitled to transmit personal data only to:
- Authorized third parties entitled to receive subjects’ personal data (customers, partners, shareholders, etc) for specific uses, such as State-Public authorities and law enforcement entities in the framework of their legal jurisdiction and providing that there is a relevant legal obligation of the CCC,
- Partners of the CCC (such as partners, subcontractors, banks, insurance companies, auditing companies, etc), underwriting companies, affiliates and subsidiaries companies of CCC, with the purpose of conducting subcontracting contracts, cooperating and fulfilling projects, bank transactions, audit for shares transfer deed by an auditor, in companies promoting the CCC products or market surveys on behalf of the CCC, credit institutions, in companies such as Teiresias, to control the creditworthiness of a subject, etc.
Without the consent of the subjects (users, customers, partners, shareholders, etc), CCC will for no reason reveal, make public, transmit, sell, their personal data to other non-authorized or non-complied to the European Legislation natural or/and legal persons regarding the protection of personal data (GDPR), apart from the recipients mentioned above.
Data Retention Time. We will retain your data for the whole time of our contractual relationship and after its expiration date for as long is necessary by the relevant legislation or as long as the statute of limitations for such claims expires. Since there is no observation obligation by the law and the data processing is not dictated by the above-mentioned purposes, your data will be deleted. In any case, under the condition that after any kind of termination or dissolution of the contract-partnership, a debt or a request for a dispute settlement or a complaint against the competent administrative, public or Judicial Authority is pending, the data is maintained until the final resolution of the dispute.
Personal Data transfer outside EEA
Your personal data may be transferred to third countries (i.e. in countries outside the European Economic Area). In this case the transfer will be performed either based on sufficiency decisions by the EU or if one or more legal basis is valid, allowed by the GDPR, including your consent.
Your rights
In the framework of the collection and process of the personal data concerning you, you have a series of rights based on the provisions of the legislation framework regarding personal data protection. More specifically, you have the right of information regarding the process of your personal data, the right to access your data, the right to correct, the right to delete your data after a consultation with us so as to determine if the suitable conditions are fulfilled, the right to data portability, the right to data process limitation, the right tο object to data process as well as the right to object to the automated decision making.
You can require from us to satisfy some of your rights by contacting CCC either by mail at CCC, 62B Kifissias Avenue, P.O. 151 25, Marousi, Attica, to the attention of our Data Protection Officer or via e-mail at the following e-mail address: dpo@ccc.net
CCC is committed to respond to your demands within a month from their submission. However, in the cases where the satisfaction of your demands is deemed impossible for CCC, we will inform you for this weakness in reason as well as the foreseen response date to your demand which will not surpass ninety (90) days in total from the initial submission of your demand.
If you have exercised some or all of your rights and you still feel that your concerns regarding the way we use your personal data hasn’t been dealt satisfactorily by us, you have the right to appeal to the Hellenic Data Protection Authority (DPA), 1-3 Kifisias Ave., P.C. 115 23, Athens. At the relevant website of the Authority, you can find information regarding the way to submit a complaint (http://www.dpa.gr).