This version was updated on 31/7/2018.
- Who we are?
Tillos Group (VAT No 998826107 and General Commercial Registry No 086772102000 at Athens Chamber of Small and Medium Industries, whose registered office is at Iera Odos 286-288, Postal Code 12243, Aigaleo – Attiki) is manufacturer of, steel wire and reinforcing bar mesh welding and forming machinery. The founder, Mr. Tillos, is a real life pioneer, being the builder of the first mesh welding machine, in Greece. For over 25 years, he remains devoted to engineering innovation and his utmost dedication has been incorporated in every member of the Group. We manufacture steel, wire and rebar resistance welding and forming machinery. Our products are used in: Building Construction Various Commercial / Industrial Specialized Industry Segments/oil industry. Substantial investments in R & D significantly paid off, resulting in profound rise in reliability and technical excellence, of our equipment. The experience and know-how acquired, during the development of such technological breakthrough, is now applied to all our products (E-mail: firstname.lastname@example.org, Tel: 2102836376).
Within our commercial activity and for the fulfillment of its statutory purposes, our Company, as Data Controller, collects, maintains and processes your personal data. The purpose of this policy is to provide you with information about how your personal data is collected and processed by our Company. The basic principle of our Company is respect for the privacy of your personal data, which we are committed to protect and keep safe.
- Categories of personal data that we collect
Our Company may collect, use, store and transfer various kinds of personal data that we categorize as follows:
- Identity information: include, but are not limited to, the name, surname, username or similar ID, title, VAT No, date of birth etc.
- Contact details: include, but are not limited to, address, street, city, postal code, telephone number, mobile phone number and e-mail address.
- Financial data: include but are not limited to, account number, credit card information.
- Transactions data: include indicative details of the products and services you have purchased from us.
When the data subject acts as representative of a legal entity requesting our services or products, our Company collects only identity information and contact details.
- How we collect your data
We collect your data through various methods, including:
A. Direct Interactions. You may give us your personal data, by filling in forms, by post, telephone, e-mail or else.
This includes personal data that you provide, when:
- you submit a request for a service or a product
- you contact with our representative
- you send an email/post
- you telephone for a service or a product
C. Third parties, when you made your data public or you authorize a third party to disclose your data to us
- How we process your data (and the legal basis for the processing)
Your personal data are collected and processed for the purposes below:
a) To offer you our services and to respond to your requests (the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract)
b) To conclude and execute a contract, to offer you our customer services and for the execution of our mutual contractual obligations in general (the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract)
c) If it is necessary for our legitimate interests (or third party) and your interests and fundamental rights do not override those interests (the processing is necessary for the purposes of the legitimate interests pursued by our Company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data)
d) To comply with a legal or regulatory obligation – indicatively, to comply with tax legislation, consumers protections law (the processing is necessary for compliance with a legal obligation to which our Company is subject)
e) If you give us with your consent, to promote our products and services and for market research (the processing is based on your consent for this purpose)
- Disclosures of your personal data –Third parties – International transfers
We may have to share your personal data with the parties set out below for the purposes set out in paragraph 5 above.
- Service providers (for example: IT , system administration services) or associates acting as processors
- Professional advisers acting as processors or joint controllers including lawyers, auditors and insurers etc.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
- Public or Judicial authority, when it’s required by the law
In any case, we require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
The personal data we collect from you may be transferred outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who works for us or for one of the suppliers or contractors. Territories outside of the EEA may not have equivalent legal protections to those that apply within the EEA but we are under a duty to make sure that our suppliers and contractors located outside of the EEA continue to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. By submitting your personal data to us, you agree to this transfer, storing or processing.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
- How we protect your personal data
All information that you provide to us is stored on our secure servers and any payment transaction are protected by appropriate technology.
The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Sites. Any transmission is at your own risk. However, we use SSL technology to secure as much as we can these transmissions. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
- How long we use your personal data
Our Company retains your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.
- Your rights
Your rights regarding the processes of your personal data that you can exert, under the conditions that are set by Regulation EE (2016/679) and depending on the purpose of the process, are as follow:
a) The right to access your personal data. By exerting this right, you can have a copy of your data that our Company holds about you and you can check if we process them legally
b) The right to request a rectification of your personal data which we hold about you. That gives you the right to have your data corrected in case of any incurrences or changes of your personal data, although you may need to verify the accuracy of the new data that you provide to us.
c) The right to delete your personal data. This allows you to ask us to delete or remove your personal data when there is no reason for our Company to continue the processing of them. Please note that we won’t be always able to comply with your request to delete your data, in cases that there are legitimate reasons for the processing of your data that will be announced to you at the time of your application.
d) The right to restrict your personal data which we hold about you. This gives you to right to ask us to suspend the processing of your personal data in the following scenarios: (1) if you want to determine the accuracy of your data, (2) in cases when the process of your data is illegal, but you do not want to delete them (3) when you need us to keep your data, even if we no longer require it, if you need to establish legal claims or (4) if you raise objections to the process of your data, but we need to verify if we have legitimate reasons to process it.
e) Remove you from any direct marketing lists when you object or withdraw your consent. In some case we may prove legitimate reasons for the processing of your data and your interests and fundamental rights do not override those interests
f) The right to request that we transmit your personal data to another data controller. Please note that this right applies only to automated information that you initially consented to provide us or when we used this information to execute a contract with you.
g) Where we process your personal data because you have given us your consent to do so, you have the right to withdraw your consent at any time.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
To exercise your rights, contact our company at 22630 31598
- The right to file a complaint to the Personal Data Authority
You have the right to file a complaint to the Personal Data Protection Authority for the issues concerning the processing of your personal data. For the Authority’s jurisdiction and how to file a complaint, you can visit its website (HYPERLINK “http://www.dpa.gr” ð Citizens Rights ð How to file a complaint with the DPA?), where detailed information is available.