The website of the single member private company THANPA SINGLE MEMBER P.C. with the distinctive title Code Seed, which is based in Drama, Greece, on 51 Verginas street (hereinafter the “Company” or the “Website”) as the Data Controller, informs you as a person to whom the respective personal data concern (hereinafter the “Data Subject”) that during the visit or use of the website www.codeseed.io, the processing of your personal data is governed by applicable European and national data protection legislation, including Law 4624/2019, Regulation (EU) 2016/679 of the European Parliament and of the Council adopted on 27 April 2016 and entered into force on 25 May 2018 (hereinafter the “GDPR”), as well as of the decisions, instructions and regulatory acts of the Personal Data Protection Authority.
1. Personal Data collected and processed by the Company
The Company ensures the lawful and legal collection and processing of personal data. Personal data is information that directly or indirectly identifies the Data Subject in particular through reference to an identifier, such as name, contact telephone number and e-mail address. The above personal data that are collected are absolutely necessary for the implementation of the action requested by the Data Subject.
The Data Subject ensures that the personal data provided is correct and accurate and undertakes to notify the Company of any change or modification in them. Any loss or damage caused to the Company or any third party through the disclosure of incorrect, inaccurate or incomplete information in the contact form is the sole responsibility of the Data Subject.
2. Use of the Website by minors
According to the specific provisions of article 8 par. 1.a. of the GDPR in combination with article 21 of the Law 4624/2019, minors under fifteen (15) years of age are prohibited from disclosing their personal data through the Company’s website, without the prior consent of their guardian
3. Purpose of data processing
The purpose of the collection and processing of personal data by the Company is to communicate with the Data Subject for the best possible service of the request sent to the e-mail address and/or through the contact form and/or through the other available means of communication and social networking (Linkedin, Facebook, Instagram). Furthermore, the Company collects personal data for a possible recruitment to a 2 vacancy in the Company. Additionally, the Company collects necessary data for the basic functions of its website, such as navigation and access to secure areas of the website (necessary cookies). When the Data Subject enters the Website, the Company may, with Subject’s express consent, also collect browsing data for analytical purposes (e.g. traffic monitoring), and for statistical purposes (Browser Type, Operating System, Internet Protocol Addresses (IP), in order to understand the way in which the Data Subject interacts with the Website and to improve it in the corresponding direction. More information about this category of personal data can be found in the Cookies Policy of the Website.
The Company collects and processes personal data exclusively for the aforementioned purposes and only to the extent which is absolutely necessary for the effective service of these purposes. This data is always relevant, necessary, not more than what is required in view of the above purposes, accurate and, if necessary, updated.
4. Data retention time
The personal data collected is kept and stored in a secure environment, solely for the purpose of collecting and processing it (see paragraph 3) and only for as long as is necessary to achieve those purposes, without prejudice to the specific provisions of applicable law. In any case, the personal data of the applicants is kept for a period of six (6) months and the personal data of employees is kept for a period of ten (10) years from the end of the contractual relationship between the Company and the employee. This data is deleted-destroyed in a safe way after the end of this period, except if it is foreseen to continue their observance by the current legislation, such as in case of civil cases or investigation of a criminal act, case of tax control, etc
5. Data security
The process of processing personal data by the Company is carried out in a way that ensures its confidentiality. The Company takes all appropriate organizational and technical measures for the security of data and its protection against accidental or unlawful destruction, accidental loss, alteration, prohibited dissemination or access and any other form of unfair processing.
6. Data breaches
The Company undertakes that in case of violation of its database it will inform the Data Subjects as well as the Personal Data Protection Authority within 72 hours from the violation.
7. Recipients of the data
The recipient of the personal data is the Company as well as the Data Processors on its behalf. The Company guarantees that it will not transfer, disclose or make available the personal data of the Subject to third parties for any purpose or use. However, it reserves the right to disclose information concerning the Data Subject, if the law imposes a corresponding obligation or if such notification is required by a 3 court decision, prosecutor’s order or order or decision of another person or administrative body with a legal competence to oblige disclosure such information.
8. Data Processors
The Company uses third party service providers (lawyers, accountants, web hosting providers as well as certified applicant tracking systems) to manage one or more aspects of its business, including the processing of personal information. When the Company uses an external company or partner, it uses contractual commitments and other appropriate means to ensure that the Data Subject’s personal data is used in a manner consistent with applicable law and this Policy.
10. Links to third party websites
Any connection of the Company through special hyperlinks (links, hyperlinks, banners) with any other third party website does not imply its assumption of any responsibility for the policy pursued on the Website regarding the protection and management of personal data. The Data Subject should ensure that it is informed about the protection and management of its data from the above websites.
11. Access, rectification and erasure (‘right to be forgotten’) Rights
According to the GDPR (Articles 15-18, 20-21 GDPR) the Data Subject has the right to access the data, to rectify, erase, restrict processing, data portability and object. The above rights can be exercised by sending an e-mail to the electronic address of the Data Protection Officer of the Company firstname.lastname@example.org from the e-mail address through which the initial e-mail was submitted, in order to identify the Data Subject.
12. Communication with Personal Data Protection Authority
In the event that the Data Subject considers that the protection of his personal data is affected in any way, they may appeal to the Personal Data Protection Authority with the following information: