The protection of your personal data is important to us. This Personal Data Protection Policy or otherwise Privacy Policy (from now on the "Policy") concerns the purposes of the collection, storage and in general processing of your personal data by Crowe Greece Group when you visit or navigate this website, in accordance with the provisions of the General Data Protection Regulation (GDPR 2016/679) as applicable from 25th May 2018, the Greek legislation in force on the protection of personal data (L. 4624/2019, as in force), as well as of the protection of personal data and private life in the electronic communications sector (L. 3471/2006, as in force) and the decisions of the Hellenic Data Protection Authority (HDPA) and any specific national and European legislation for certain areas.
1. A few words about Crowe Greece Group’s website (article 117)
This website belongs to the companies "ASSOCIATED CERTIFIED PUBLIC ACCOUNTANTS s.a." and its subsidiary "SOL Consulting S.A." ("Crowe Greece Group"). The personal data you provide during your navigation on this website are kept by Crowe Greece Group in its capacity as a "Data Controller".
2. What are the Personal Data
The term "personal data" means any information related to an identified or identifiable natural person ("data subject"). The identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that physical person.
3. What is the Processing of Personal Data
The term "processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. When do we collect your personal data through our website
When you visit or navigate our website
For more detailed information about the data collected by this website in the context of the cookies, the purpose and the period these are kept as well as the setting/disabling cookies options, see the Cookies Policy.
When you submit a query/request through the contact form of our website
When you submit a query/request through the contact form of our website, we ask you for your full name, your telephone number, your email address, the company where you may work and your professional status.
We use this information to respond to your query/request and provide you with any relevant information.
Only our authorised personnel have access to your personal data. We keep your personal data for the necessary period of time required for the completion of the procedure, namely to fulfil your query/request, unless the nature of your query/request indicates the need for further communication by Crowe Greece Group’s Firm with you and in any case for your convenience.
In specific cases of queries/requests, Crowe Greece Group reserves the right to retain the history of correspondence between us for as long as deemed necessary for the exercise of its rights.
When you subscribe to Crowe Greece Group’s Newsletters
We use the e-mail address that you have provided us to send you Crowe Greece Group’s newsletters and news.
Once you subscribe to Crowe Greece Group’s Newsletters, you receive a Double Opt-in confirmation and acceptance message and then you will receive our e-Newsletters and news.
The purpose of collecting and processing your personal data is to send you our e-Newsletters and news.
The legal basis for this processing is your consent, in accordance with article 6 par. 1 (a) of the GDPR.
We retain your personal data for as long as you remain registered in the recipients’ list of Crowe Group’s e-Newsletters and we delete them in case of withdrawal of your consent.
We rely on your consent to process the personal data you give us so that you receive our e-Newsletters and news. If you do not wish to receive our e-Newsletters, you have the right to withdraw your consent. Following your above request, we proceed to the deletion of the personal data you have provided us during your registration for the above purpose.
Furthermore, with regard to your personal data, you have the rights to access, rectification if these are inaccurate or incomplete, the right to erasure if you withdraw your consent, the right to restriction of processing under certain conditions, as well as submission of complaint to the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: [email protected]].
For more information on your rights, reference is made to section 6 "Rights of the Data Subject".
Attendance of Conferences, Seminars, Events of Crowe Greece Group
In order to register and attend conferences or events or seminars of Crowe Greece Group, we ask you for your contact information, including the name of the entity you may represent [Full Name, Title, Contact Number (land line and/or Mobile), Email, Company]. In case you do not wish to provide your above personal data, it is not possible to participate in the conferences, seminars, events of Crowe Greece Group. In addition, as applicable, and if you consent, we may process image data (e.g. of your face) if a photo shoot or video recording of the conference or seminar or event takes place.
The purpose of collecting this data is the effective organisation of our conferences, seminars, events and your unhindered participation in them. In particular, we use your contact details to inform you in case there are any changes (e.g. regarding the date which takes place) or cancellation of our conferences, seminars, events as well as to communicate to you the updates related to the conference, the seminar or the event (e.g. agenda, feedback, etc.).
The legal basis for this processing is your consent in accordance with article 6 par. 1 (a) of the GDPR, while in case a participation fee is paid, the legal basis for the processing that is necessary under the tax legislation is article 6 par. 1 (c) of the GDPR, i.e. our compliance with the relevant legal obligation.
We retain your personal data for as long as is necessary under the national law for the non-limitation of any related claims.
In order to hold a conference or seminar or to organise a physical or online event, we rely on your consent to process your personal data. However, you have the right to withdraw your consent at any time. This withdrawal does not affect the processing that has been done up to that point in time.
Furthermore, with regard to your personal data, you have the rights to access, rectification if these are inaccurate or incomplete, the right to erasure if you withdraw your consent, the right to restriction of processing under certain conditions, as well as submission of complaint to the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: [email protected]].
For more information on your rights, reference is made to section 6 "Rights of the Data Subject".
When you send us your CV
Your acceptance of this Privacy Policy is required, before you send us your CV.
Sending your CV to this website constitutes an electronic message to the Crowe Greece Group Firm which you wish to contact and which will process your personal data in view of the conclusion of a contract, in order to enable the Crowe Greece Group Firm to find the appropriate personnel based on the available positions held by the Crowe Greece Group Firm at the time you send us your CV. Your CV is kept by the Human Resources (HR) Department until the vacancy in the Crowe Greece Group Firm is filled. If you have stated that you wish to keep your CV for a longer period, then it will remain in the archives of the Human Resources Department (HR) for one (1) year. No one else than the Crowe Greece Group Firm has access to your CV nor is it forwarded to a third party for any further use.
The legal basis for this processing is your consent, in accordance with article 6 par. 1 (a) of the GDPR.
Furthermore, with regard to your personal data, you have the rights to access, rectification if these are inaccurate or incomplete, the right to erasure if you withdraw your consent, the right to restriction of processing under certain conditions, as well as submission of complaint to the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: [email protected]].
For more information on your rights, reference is made to section 6 "Rights of the Data Subject".
5. Connecting and interacting with social networks
Through our website, you have the possibility to connect and interact with Crowe Greece Group’s social networks on your own initiative. In this case, Crowe Greece Group is not responsible for the processing of your personal data carried out by these networks. In order to exercise the rights provided by law, you should contact the social networks themselves. We do not collect any of your personal data, other than what you personally disclose through the account of the Crowe Greece Group in the social media. The purpose of the processing is to achieve communication between us. The legal basis for the processing is your consent. You give your consent by liking or following our social media pages and you can withdraw it just as easily, in exactly the same way (unlike, unfollow).
6. Rights of the Data Subject
Right of access by the data subject (article 15 of the GDPR)
You have the right to ask us, at any time, for copies of your personal data. There are some exceptions, which means that you may not always receive all the information we process. More specifically:
The physical person (data subject), namely you, has the right to receive:
confirmation regarding the processing of your personal data, and
a copy of your personal data concerning you (ref. articles 12, 15 of the GDPR).
You can exercise this right, first of all, free of charge, either in writing or orally if you wish.
You may be required to pay a reasonable fee only if your request based on the exercise of your above right is manifestly unjustified or excessive (especially when repeated) or the number of copies we are required to provide to you is large.
Right to rectification (article 16 of the GDPR)
You have the right to request the rectification of your personal data, when it is inaccurate, or request the completion of your personal data when it is incomplete (relevant articles 12, 15, 19 of the GDPR). You can exercise this right in writing.
Right to deletion ("right to be forgotten") (article 17 of the GDPR)
You have the right to ask us to erase the personal data concerning you, if one of the reasons referred to in article 17 of the GDPR applies.
Right to restriction of processing (article 18 of the GDPR)
1.
In accordance with article 18 of the GDPR, you have the right to obtain from the Data Controller (Crowe Greece Group) restriction of processing of your personal data, when one of the following applies:
the accuracy of your personal data is contested by you as a data subject, for a period of time enabling the Data Controller (Crowe Greece Group) to verify the accuracy of your personal data,
the processing is unlawful and you as a data subject object to the deletion of your personal data and request, instead, the restriction of their use,
the Data Controller (Crowe Greece Group) no longer needs your personal data for the purposes of the processing, but these are required by you as a data subject for the establishment, exercise or defence of legal claims;
you as a data subject, object to the processing in accordance with article 21 par. 1 of the GDPR, pending the verification whether the legitimate grounds of the Data Controller override your grounds as a data subject.
2.
When processing has been restricted in accordance with article 18 par. 1 of the GDPR, such personal data concerning you, with the exception of storage, shall be processed only with your consent as a data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a member state.
3.
As a data subject you have previously obtained the restriction of the processing of your personal data in accordance with article 18 par. 1 of the GDPR, you shall be informed by Crowe Greece Group as Data Controller before the restriction of processing is lifted.
Notification obligation regarding rectification or deletion of personal data or restriction of processing (article 19 GDPR)
The Data Controller (Crowe Greece Group) communicates any rectification or deletion of personal data or restriction of the processing of such data carried out in accordance with article 16, article 17 par. 1 and article 18 of the GDPR to any recipient to whom the personal data have been disclosed, unless this proves impossible or involves a disproportionate effort. Crowe Greece Group as a Data Controller shall inform you as a data subject of such recipients if this is requested by you as a data subject.
Right to data portability (article 20 GDPR)
You have the right to receive the personal data concerning you, which you have provided to the Crowe Greece Group as Data Controller, in a structured, commonly used and machine-readable format, as well as the right to transmit such data to another data controller without objection from the Data Controller (Crowe Greece Group) to whom your personal data were provided, when:
the processing is based on consent in accordance with article 6 par. 1 (a) of the GDPR or article 9 par. 2 (a) of the GDPR or on a contract in accordance with article 6 par. 1 (b) of the GDPR, and
the processing is carried out by automated means.
Right to object (article 21 GDPR)
You are entitled as a data subject to object, at any time and on grounds relating to your particular situation, to the processing of your personal data based on article 6 par. 1 (e) or (f) of the GDPR.
Right to withdraw consent (article 7 of the GDPR - Conditions for consent)
You have the right as a data subject to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of the processing of your personal data based on your consent before its withdrawal.
7. Exercise of rights
In order to exercise your rights as a data subject, you may submit a relevant request to us either to the postal address of the Crowe Greece Group’s Firm, or at the email address ([email protected]) entitled "Exercise of the right to access / rectification / erasure / restriction / objection", or in the electronic contact form (www.solcrowe.gr/contact/) with a description of your request and we will make sure to examine it and respond to you as soon as possible.
8. When do we respond to your requests
We respond to your requests free of charge, without any delay, and in any case, within one (1) month from the time we receive your request. However, if your request is complex or there is a large number of your requests, we will inform you within the month and if we need to receive an extension of another (2) two months within which we will respond to you.
If your requests are manifestly unfounded or excessive, in particular because of their repetitive nature, the Crowe Greece Group’s Firm may impose a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action, or refuse to act on the request.
9. Announcement of a personal data breach to the data subject
The Crowe Greece Group Firm will notify you immediately of any breach of your personal data if it may pose a high risk to your rights and freedoms.
10. Right of appeal to the Hellenic Data Protection Authority (HDPA)
You have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: [email protected]] if you consider that the processing of your personal data violates the current national and European regulatory framework for the protection of personal data.
11. Update of the Privacy Policy
This Personal Data Protection Policy or otherwise Privacy Policy will be updated by Crowe Greece Group whenever is necessary. If there are significant changes to the Policy or the way we use your personal data, we will inform you either by posting a notice on a prominent location of this website before the changes are made or in any other appropriate way. We encourage you to read regularly this Policy to know how your personal data is protected.
In the event that we wish/need to process your personal data for a different purpose than the one for which these was originally collected, we will contact you to provide you with all necessary information and, if necessary, to ask for your consent.