Your personal data includes any information that may lead, either directly or in combination with others, to your identification or location as a natural person. This category includes information such as the full name, VAT registration number, social security number, your physical and electronic addresses, your landline and mobile phone numbers, your bank/debit/prepaid card details, your e-mail addresses, your rating data, your internet history (log files, cookies, etc.), and any other information allows your identification, according to the provisions of the General Data Protection Regulation (GDPR 2016/679) and the applicable Greek legislation and the decisions of the Hellenic Data Protection Authority (HDPA).
Epafos offers integrated applications for the management of educational organizations in the cloud.
The address and contact details of the company are the following:
46-48 El. Venizelou Avenue & 1 Kanakidi street
PC 17676, Kallithea
This Personal Data Protection Policy is intended to inform you of the terms of collection, processing and transmission of your personal data that we may collect as Data controllers.
EPAFOS will always ask you for the minimum required personal data required by law in order for you to receive our services, and this include indicatively, at each case, the name, surname, email address, postal address for the issuance and dispatching of the invoice or the receipt for the provision of services, billing method that may include also details of the credit card or bank account in cases of a bank transfer, as well as details related to the services. The receipt of your personal data is made almost generally for the execution of a contract between us in your capacity as a user of our services and/or as our supplier and/or as a visitor of our website.
EPAFOS keeps your personal data only for as long as required by the contractual terms of each service, in combination with the applicable financial, tax and other legislation, based on the respective purpose of processing and then anonymizes or destroys it.
EPAFOS will use your information for at least one of the following legitimate processing purposes:
In fulfilling our contractual and legal obligations, your personal data may be provided to various service providers and suppliers. These service providers and suppliers are bound by data processing agreements and are required to ensure confidentiality and protection of data in accordance with the GDPR, e.g.
In any case, we take the appropriate technical and organizational measures to ensure that your personal information is transferred, stored and processed in accordance with the appropriate security standards and in accordance with the terms of this Policy and the applicable data protection laws.
EPAFOS does not transmit personal data to third countries (outside the European Economic Area - EEA).
We will process and store your Personal Data for the entire duration of our business relationship and for as long as it is necessary to meet our contractual and legal obligations.
We will delete your data:
When conducting our business, we do not use an automated decision-making process. We can process certain aspects of your data in order to commence a business relationship with you.
We may process your personal information to inform you about our services and offers that may be of interest to you or your business.
The personal data we process for this purpose consists of information you provide to us and data we collect when you use our services. We may use your personal information to promote our products and services to you, only if we have your consent to do so or if we believe we have a legitimate interest in doing so.
You have the right to object at any time to the processing of your personal data for marketing purposes.
You have the following rights regarding the personal data we retain about you:
In order to exercise any of your rights you can contact the Company, or fill out the relevant form through the Company's website.
Before submitting your complaint, you must contact us, exercising your abovementioned rights, provided by the GDPR. If we do not satisfy your requests, or you consider that our response is not what it should be, you have the right to file a complaint to the Hellenic Data Protection Authority HDPA (www.dpa.gr).
We, at EPAFOS, have trained and responsible staff, while recognizing the importance of protecting your privacy and all your personal information. For this purpose, we have appropriate security policies and use the appropriate technical and operational tools, such as anonymization, pseudonymization, data encryption, use of firewalls, establishment of access levels, authorized employees, staff training, periodic inspections. Any partner who has access to the above information, uses it to serve exclusively the above purposes. We share the information you provide to us solely in the ways described in this Policy.
This Policy was published by EPAFOS on 01/10/2018 and is subject to periodic improvement and revision.
Any changes to this Policy will apply to the information collected from the date the revised version is published, as well as to the existing information we hold. The use of the website after the publication of changes implies the acceptance by you of these changes.