Privacy policy

1) Respect for Privacy SEGIET ALEXANDROS KE SIA EE (CONCRETE) respects the right to privacy and the protection of personal data of natural persons, as well as the security of electronic transactions    

  • If the interested party does not agree with these conditions, he must not disclose personal data and not cooperate with our company or request his objection in writing as described below, provided of course that this objection will not lead to a violation of other texts provisions of our legislation.  
  • 2) Collection, processing of personal data and restrictions In order to support the above and with the aim of a full understanding on the part of the consumer public of the actions of adaptation and compliance with the legislation, we indicate the following measures of our company :
    • Data Protection – our policy and data protection has been carefully considered to comply with the General Data Protection Regulation. Appropriate measures have been taken to ensure that we understand and adequately demonstrate our obligations and responsibilities, with a special emphasis on privacy: from design to individuals' rights. 
    • The personal data concerning our company's suppliers and subcontractors are collected in order to successfully handle corporate needs and activities and are kept confidential except in cases of tax and insurance audits by the competent authorities or legal proceedings. Similarly, there is absolute respect for the privacy of the official staff with any form of work and collection of personal data with any process to avoid disclosing them to third parties. And here there is the possibility of access to these data only by the competent tax and insurance control authorities, as well as the possibility of litigation.        
    • Data breaches – our policy ensures that we have measures in place to detect, assess, investigate and report any breach of personal data as soon as possible. Similarly, there is absolute respect for the privacy of the official staff with any form of work and collection of personal data with any process to avoid disclosing them to third parties. And here there is the possibility of access to these data only by the competent tax and insurance control authorities, as well as the possibility of litigation. 
    • SEGIET ALEXANDROS KE SIA EE (CONCRETE) may transfer the personal data it collects from the above categories of persons in the context of its corporate activity to third-party companies, to which it entrusts the processing on its behalf, such as e.g. agents of the branch network, collaborating messaging companies, market research and customer service companies. Whenever this happens, our company remains solely responsible towards third parties for compliance with the said legislation, ensuring with special contracts and strict conditions the legal behavior of third party partners towards the data subjects. SEGIET ALEXANDROS KE SIA EE (CONCRETE) keeps your personal data for as long as you use its services and after that they remain in its file with the maximum possible technical security until the deadlines for carrying out financial audits by the competent authorities in company. After that, they will be permanently deleted if you declare it in writing. Of course, you retain your full rights to access and information about the processing of your data, to modify them as well as to correct them, but also to object to the processing of the data or to delete them under the conditions of the current legislation, in particular tax, insurance as well as the postal provisions. You also have the right to submit a complaint to the Personal Data Protection Authority (www.dpa.gr): Telephone Center: +30 210 6475600, Fax: +30 210 6475628, Email: contact@dpa.gr    
    • 3) Special measures to ensure privacy of personal data In addition, we declare to you with this Privacy Policy that we have already taken every technical-informational means of protecting your data, i.e. modern information storage and security methods, coding, encryption, limited access protocols, any protection for malicious unauthorized entries by external actors. Also, the company's premises are equipped with technical and human means of maximum security, eg cameras, guarding by a special company, security doors. Our staff are already fully informed about the need for increased data protection. Any revision of the Privacy Policy, whenever deemed appropriate by our company to take place, will be compulsorily posted in order to apply to third parties on our website, so that you always have direct access and knowledge of it.  
  • ACCEPTANCE AND CONSENT By accepting this policy, the user declares that he has been informed and understands the terms and conditions of the protection of his personal data, accepts it expressly and unconditionally and gives his consent to their electronic processing by SEGIET ALEXANDROS KE SIA EE (CONCRETE), in the manner and for the purpose described in this Privacy Policy. Where required, we also keep records of our activities, ensuring that our obligations under Article 30 of the General Data Protection Regulation and Schedule 1 of the Data Protection Bill are met. 
  • Privacy Notice/Policy –– we have revised our Privacy Notice(s) to comply with the General Data Protection Regulation (GDPR), ensuring that all individuals whose personal information we process have been informed of the purpose of its use, how it is used, what their rights are, to whom the information is disclosed and what safeguards are in place to protect their information. 
  • Obtaining consent – ​​we have reviewed our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we are using it, and giving clear, defined ways of consenting to the processing of their information. We have developed strict procedures for recording consent, ensuring that we can prove positive participation, along with time and date records. and an easy way to view and access to withdraw consent at any time. 
  • Direct Marketing – We have revised the wording and processes for direct marketing, including clear opt-in mechanisms for marketing subscriptions: a clear notice and a method to opt-out and provide unsubscribe capabilities in all subsequent marketing materials. 
  • Data Protection Impact Assessments (DPIA) – where we process personal information that is considered high risk, includes large-scale processing or special category/criminal conviction data: we have developed rigorous assessment procedures and standards to carry out impact assessments that fully comply with the requirements of Article 35 of the General Data Protection Regulation. We have implemented documentation procedures that record each assessment, allow us to assess the risk posed by the processing activity and implement measures to reduce the risk posed to the data subject(s).
  • Processor Agreements – where we use any third party to process personal information on our behalf ( eg payroll, recruitment, hosting etc. ), we have drawn up compliant Processor Agreements and due diligence processes to ensure that they ( as we ) , fulfill and understand their/our obligations related to the Data Protection Authority. These measures include initial and ongoing reviews of the service provided, the necessity of the processing activity, the applicable technical and organizational measures and compliance with the General Data Protection Regulation. 
  • Special Category Data – where we receive and process any special category information, in full compliance with the requirements of Article 9 and have high level encryption and protection for all such data. Special category data is only processed where necessary and only processed when we have first identified the appropriate basis of Article 9(2) or the condition of Schedule 1 of the Data Protection Programme. Where we rely on consent for processing, this is express and verified by signature, with the right to amend or withdraw consent clearly stated.  

Data Subject Rights

In addition to the above policies and procedures that ensure individuals can enforce their data protection rights, we provide easy access to information through: our headquarters at Ioannou Paparrigopoulou 15, 10561, Athens, Greece, about an individual's right to has access to any personal information for which SEGIET ALEXANDROS KE SIA EE (CONCRETE) performs processing procedures. This person has the right to request information about:   

  • which of his personal data we keep
  • the purpose of their processing
  • the categories of personal data we take into account
  • the recipients to whom the personal data have/will be disclosed
  • how long we intend to dispose of his personal data
  • If we have not obtained the data directly from them, information about the source,
  • the right to correct or complete incomplete or inaccurate data about them and the procedure for requesting them
  • The right to request erasure of personal data ( where applicable ) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed of any automated decision-making we use.
  • The right to file a complaint or seek legal remedies and who to contact in such cases

Security Information & Technical and Organizational Measures

SEGIET ALEXANDROS KE SIA EE (CONCRETE) takes the privacy and security of individuals and their personal information very seriously and takes every reasonable measure and precaution to protect and safeguard the personal data we process. We have robust information security policies and procedures to protect personal information from unauthorized access, alteration, disclosure or destruction and have multiple levels of security measures in place, including: 

  • SSL Certification
  • Website Firewall
  • Continuous control and monitoring of the site by the IT department.