PRIVACY POLICY STATEMENT

HOMEATUS Constructions is committed to the respect and protection of your personal data. We understand that you are aware of and are interested in your personal data and we take this fact under serious consideration.

This Privacy Policy Statement describes the personal data the company collects about you, the way we use and protect your personal data, as well as your choices regarding the way we use this data.

We acknowledge that the protection of your personal data is an ongoing responsibility and we will therefore update and amend this Statement from time to time.

1. ABOUT US

HOMEATUS Constructions is the architectural office of Ioannis Chomatas, based in Thessaloniki and providing services related to the preparation of architectural designs, construction and renovation of buildings, as well as consulting services regarding subsidy programmes.

2. EXPLANATION OF KEY TERMS

Personal data:

any information that refers to and can identify a person, such as identification data (name, age, residence, profession, marital status, contact details etc.), physical characteristics (weight, height etc.), education (qualifications, grades etc.), work (previous experience, work conduct etc.), financial status (income, assets, financial behaviour), interests, activities, habits. The individual (natural person) the data refers to is called a data subject.

 

Sensitive personal data:

racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data for the purpose of uniquely identifying a natural person, data concerning the health of the data subject, data concerning the person’s sex life or sexual orientation, criminal prosecutions and convictions, as well as participation in associations of persons relevant to the above.

 

Processing of personal data:

any operation which is performed on personal data or on sets of personal data, with or without the use of computers, such as collection, recording, organisation, structuring, storage, adaptation or alteration, information retrieval and consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

Controller:

the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

 

Processor:

a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

 

Recipient:

a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.

 

Consent of the data subject:

any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

Personal data breach:

a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

 

3. CATEGORIES OF DATA SUBJECTS

The Personal Data that are processed concern customers, suppliers, subcontractors or partners of the Company, natural or legal persons, as well as natural persons who have applied for work.

4. WHAT ARE THE PERSONAL DATA WE COLLECT ABOUT YOU?

We may collect the following data:

 

4.1  Identification and Communication Data. Indicatively, full name, address, telephone numbers, email address, date of birth.

 

4.2  Official identification information. Indicatively, Identity Card Number, Passport Number, Tax Identification Number, Social Security Number.

 

4.3  Marital status information. Names of parents, names of spouses, number of children, names of children.

 

4.4  Work information regarding our suppliers, partners, subcontractors. Indicatively, work title, registry number, work history (experience), contract type, work start date, desired remuneration.

 

4.5  Data from social media. Social media accounts, websites.

 

4.6  Information related to your requests in the context of your service, such as the summary of your request and other relevant information that we may need to receive.

 

4.7  Financial information. Information on remuneration, bank account data, bonuses, tax data, real estate data, topographic plans, building permits, if required for the performance of the contract between us.

 

4.8  Use of Website & Communications. We observe how you use our website and whether you open or forward our communication, including information collected through cookies (details regarding the use of cookies can be found in the company’s Cookie Policy).

 

4.9  Regarding job applicants, the data kept by the Company are your full name, home address, email address, telephone number and relevant documents required for the documentation of such data, date of birth, marital status, nationality, previous experience and academic qualifications, references and any other information you may provide to us through the documents you submit to us.

 

4.10  We try to minimise the risk to your rights and freedoms by not collecting your personal data unless it is absolutely necessary and, in any case, by providing an explicit and clear justification of such necessity.

 

The provision of personal data is in no way mandatory. In any case, the non-provision of personal data that have been identified as mandatory will prevent us from providing the contractual service. The non-provision of other, non-mandatory personal data can in no way affect our provision of the services.

 

Please help us keep your information up to date by notifying us of any changes to your personal data.

5. HOW DO WE COLLECT YOUR PERSONAL DATA?

We collect your personal data directly from you, either in printed form or by email or by an online form or by telephone or when you contact us through our social media pages.

 

At times, we may also receive data from archives or information systems. In this case, the data subjects are informed at the latest within one month or at the time of the first communication, if the use is intended for our communication with the data subject.

6. PURPOSES OF THE PROCESSING OF PERSONAL DATA

We use your personal data for the following purposes:

6.1  Provision of our services. Provision of consulting services regarding the NSRF, LEADER, and ENERGY SAVINGS AT HOME subsidy programmes, preparation and drafting of studies, implementation of repairs, constructions and renovations, settlement of unauthorised structures.

 

6.2  Customer Service. Serving our customers for any issue related to the provision of our services.

 

6.3  Promotional actions. Informing you regarding our services, news and offers.

 

6.4  Updating our database.

 

6.5  Compliance with our legal obligations such as, indicatively, issuing invoices and other fiscal obligations etc.

7. LEGAL GROUNDS FOR PROCESSING YOUR PERSONAL DATA

7.1  The processing of your personal data carried out for the provision of our services to you is based on the conclusion and performance of a contract or – at your request – on preparatory actions for the conclusion and performance of a contract.

 

7.2  The processing of your personal data carried out for marketing and/or promotional purposes is based on your consent.

 

7.3  In some cases, the processing of your personal data is required for the purposes of our legitimate interests or for the purposes of our compliance with national and/or European legislation.

8. TIME AND PLACE OF RETENTION OF YOUR PERSONAL DATA

8.1  The personal data submitted to the above processing purposes shall be retained by our company for the period strictly necessary for the fulfilment of the above purposes and in accordance with the law. As a rule, our company retains the data for ten (10) years from the date on which the transaction ends.

 

8.2  Regarding the personal data processed for the provision of our contractual obligations, our company may continue to retain them for a longer period, as may be required to protect our company’s legitimate interests in relation to our possible liability related to the provision of our services to you. The data that concern you are retained for the duration of your business relationship with the company and, after its end, for as long as the applicable legislation provides that claims can be made by the parties or, in case of a claim, until the irrevocable resolution of any dispute.

 

8.3  The data concerning you that we process based on your consent (e.g. for marketing purposes) are retained for one (1) year.

 

8.4  The data that the company receives in relation to suppliers with whom it eventually did not cooperate are retained for a period of one (1) year (this concerns mainly, but not exclusively, the case of market research on suppliers). The period of ten (10) years concerns the data received for suppliers with which it eventually cooperated.

 

8.5  CVs and data received as part of this process are retained for one (1) year and then deleted.

 

8.6  We restrict access to your data to those persons who need to use them for the specific purpose.

 

8.7  Your personal data are stored in the cloud with the company’s electronic files and/or in paper copies in a cabinet.

 

8.8  For any clarifications regarding where and for how long your personal data are retained, please contact info@homeatus.gr

9. GUARANTEES WE OBTAIN FOR THE PROTECTION OF YOUR DATA

When you give us your personal data, we take measures to ensure that these are kept safe. To ensure the protection of your personal data, we take physical, technical and organisational measures to protect them, whether they are in physical or electronic form. We continuously update and test our security technology. We restrict access to your personal data only to those employees who need to know such data in order to provide benefits or services to you. Moreover, we train employees on the importance of the confidentiality and preservation of the secrecy and security of your personal data. Among other things, we have applied the following technical and organisational measures and procedures to protect your personal data from any loss, alteration, unlawful processing or change:

 

– encryption

 

– detection and management of security breaches

 

– use of servers located in rooms with a restricted access that are subject to regular checks

 

– use of information systems and computer programmes installed in a way that minimises the use of personal data and/or user authentication data

 

– adoption of individual procedures for the retention of personal data and their safe deletion/destruction

 

– sending of emails to you and our partners using security protocols that guarantee, to the extent possible, the prevention of data leakage

 

– measures for the physical security of printed material and IT devices, such as locks on cabinets that contain documents, fire protection system, alarm system etc.

10. WHEN AND HOW DO WE TRANSFER YOUR PERSONAL DATA TO OTHERS?

10.1 

In the context of our activities, we enter into contracts with third-party partners/suppliers/subcontractors who provide services on our behalf. We may therefore need to share your personal data with them. However, we share with them only the personal data that are necessary for the provision of the services we request from them and we require that they protect your data and not use it for other purposes.

 

10.2  We do not offer or sell your personal data.

11. YOUR RIGHTS

11.1  Right of information:

You have the right to receive clear information regarding the way your personal data are used by us. For example, why we receive your personal data, where they will be stored, for how long, for what reason etc.

 

11.2  Right of access:

You have the right to access your personal data, once you contact us. We will try to serve you as quickly as possible, always taking into account our workload.

 

11.3  Right of rectification:

You have the right to request that we correct your personal data, if they are incorrect or not updated.

 

11.4  Right to erasure/right to be forgotten:

You have the right to request the erasure of your personal data from our computers and records, provided that this does not conflict with our legal and regulatory obligations.

 

11.5  Right to object to direct marketing, including profiling:

You may cancel your subscription to our advertising messages either by simply clicking the unsubscribe link on the messages you receive from us or by sending us an email indicating your wish to unsubscribe.

 

11.6  Right to withdraw consent:

You may withdraw your consent to the processing of your personal data even if the processing was done with your consent. If such withdrawal removes our ability to perform the contract that we have agreed with you, you must contact us again so that we can find a new way of cooperation that will be beneficial for both sides.

 

11.7  Right to object to processing based on legitimate interests:

If you believe you have a legitimate interest, you can object to the processing of your data.

 

11.8  Right to data portability:

You have the right to transfer your data from our database to another.

 

11.9  Right to restriction of processing:

You have the right to request that we restrict the processing of your data (e.g. we may store it but not use it or process it in accordance with the General Regulation).

 

11.10  Right to deactivate Cookies
Finally, you have the right to submit a complaint to the competent Greek independent authority, which is the Data Protection Authority (http://www.dpa.gr/).

12. TRANSFER OF PERSONAL DATA OUTSIDE THE EU

The personal data we collect from you are not transferred or processed outside the European Union.

13. HOW CAN YOU CONTACT US?

You can contact us for any question regarding the processing of your personal data or the use of cookies by us or in order to exercise your rights, by using the electronic contact form available on our website, by sending an email to info@homeatus.gr, or by calling 698 6985304.

14. VERSION INFORMATION – CHANGES AND UPDATES

This Statement was last updated on 20/02/2020.

We reserve the right to amend and update this Statement at any time, for any reason, without providing any notice to you other than by posting the updated Statement on our website. We may periodically send emails in order to remind you of changes and updates to this Statement, but you should check our website frequently so that you can be informed about the current and applicable Privacy Policy Statement.