Privacy Notice

The principles described in this Privacy Notice document are handled in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). The aim of these principles is to provide participants with basic information on the processing of Personal Data, their protection and methods of processing.

 Glossary of terms used in this Privacy Notice:

“Personal Data“ means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

“Processing“ means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

“Consent“ means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

“Controller“ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data;

“Processor“ means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller;

“Recipient“ means a natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a third party or not.

This document is intended to inform you about the ways we handle your Personal Data as well as to ensure you they are of the utmost importance for us therefore we constantly protect them. Our employees treat your Personal Data complying with the applicable legislation of Greece and the EU. To ensure we always handle your Personal Data in the best and most secure way possible, our IT systems and processes are being regularly revised by external professionals. Being fully aware of the fact, your Personal Data do not represent our property, we truly appreciate the trust you have put in us through sharing them with us. Whether we obtain them from public sources or you entrust them to us, we always inform you about this fact.  In case we wanted to use your Personal Data for other purposes than those stated here, we would ask for your consent with such Personal Data processing (lacking other lawful basis).   We never proactively disclose your Personal Data. Your Personal Data remains completely safe with us. If we need to transfer your Personal Data to another recipient, we will inform you of this fact and always seek your consent prior to transferring your Personal Data.

What happens if you don’t provide us with your Personal Data? Should such a situation arise, we will not be able to conclude a contract with you and/or provide you with our services. We keep your data safe and we want to tell you how we do it!

The Personal Data entrusted to us, as well as the ones obtained from the public sources remain under constant physical, electronic and procedural control. We ensure maximum possible protection of the processed data by using the frontier control, technical and security mechanisms, efficiently preventing your Personal Data from any unauthorized access, transfer, as well as their loss, damage, or other potential misuse. Every person handling your Personal Data, whether within their work or contractual obligations, is subject to legal or contractual obligation of secrecy. Handling your Personal Data is essential for our work – we want you to know all our processing operations are undertaken in accordance with the law.

In order to be able to offer you our service, we do have to handle your Personal Data, therefore a majority of processing operations is based on the contractual terms agreed by you and the Indigo HMC company.

There are other types of Personal Data, we may use only based on your freely given consent, which does not affect the other services we provide for you. Certain requirements are also set by the legislature – we also process the information required by the laws of Greece.  Should you disagree with processing or should you have any questions, please do not hesitate to contact us.

Your trust in our services is essential for us, and you can contact us at any time. Once we verify your identity, we enable you to withdraw your consent free of charge.