PRIVACY
GENERALLY
At "ACTIVITY EDGE (e-service)" and at www.activityedge.com we care about the security of your personal data. To this end, we make every effort to comply with the current regulatory and legislative framework for the protection of personal data of Website Users and the services we offer, as this framework is determined by Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 for the protection of natural persons against the processing of personal data and for the free circulation of such data – General Data Protection Regulation (GDPR). At the same time, we take all the appropriate organizational and technical measures to protect the personal data we collect, store and process.
Already during the design of www.activityedge.com and the services provided within it, we try to create friendly conditions for the protection of your data. Therefore, we give you the option to choose settings that will protect your personal data more.
It is important to know:
In the sense of the GDPR (Article 4 No. 1) the concept of "processing" includes any act or series of acts carried out with or without the use of automated means, on personal data or sets of personal data, such as collection, registration, organization, structure, storage, adaptation or alteration, retrieval, retrieval of information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
Therefore, we invite you to carefully read this Privacy Policy & Cookies Policy. It is important that you understand this Policy before proceeding. By using our Website, you consent to the collection, processing and use of your personal information as described herein. Or you can choose which of your data to share with us and how.
For more information on the current regulations regarding the protection of personal data, you can consult the website of the Independent Authority for the Protection of Personal Data (www.dpa.gr).
INFORMATION WE COLLECT
We collect personal information from you when you create an account on our website, make a reservation or otherwise interact with us. The necessary personal information we collect includes by default your name, email address, login password (encrypted), phone number and payment information. We may ask you for your contact details (address, telephone) in order to pass them on to the Organizer, for your further communication regarding the details of the activity. We may also collect information about your location, device and browsing activity on our website. Information necessary for the issuance of a tax document (receipt / invoice for the provision of services) for the conduct of the activity will be requested directly by the Organizer. For our part, we will make every effort to ensure that your personal data is accurate and up-to-date. Especially for your data for which it is not possible for us to know that they have changed, it is your obligation to inform us promptly of any possible change.
PURPOSES OF PROCESSING
We collect and process your data for the following purposes:
1. In order to respond to your general subscription to our online services, to respond to your questions and requests.
2. To process and manage your reservations, to inform you about the availability of the reservations you have chosen, to communicate the details of the activity for which you have made a reservation (Organizer details, exact details of the place and time of the event activity etc.), to ensure the registration of your reservation, as well as as evidence for the drawing up of the contract for the provision of leisure services (activities) between you and the Organizers.
3. To safeguard your vital interests, and in particular in the case of damage or bodily injury or death during the performance of the leisure service contract with the Organizer.
4. For the security of your data, including the protection of your data from unauthorized or unlawful processing and accidental loss, destruction or damage, by using appropriate technical or organizational measures.
5. For the observance of our obligations towards the Organizers (Partners) with regard to the cooperation agreement, and specifically for the preparation and sending to the Organizers (Partners) on a monthly basis lists and statements for the mediations that have taken place through Website www.activityedge.com.
6. For statistical purposes, as well as to improve our website and services.
7. To serve our best legal interest and for the purpose of defending our legal rights, the establishment, exercise and judicial pursuit of our legal claims, in case of legal disputes between us.
8. For the purposes of promoting our services and for marketing purposes, including but not limited to sending you emails about offers, events or new products or services that we think may be of interest to you. You can opt out of receiving marketing emails at any time by following the unsubscribe instructions in the emails.
Notification:
All of your personal data that we have collected is processed in a way that relates exclusively to these purposes. Especially for the fulfillment of purposes that do not concern the contract, the compliance of the controller with his legal obligation, the safeguarding of your vital interests, or of third parties, for the fulfillment of purposes related to the public interest, for the service of legal interests of " ACTIVITY EDGE (e-service)” and www.activityedge.com, we ask for your express and written consent. In the event that you do not consent, the processing will only concern the above purposes, without affecting at all the execution of the contract between us from your eventual refusal. You have the right, freely and at any time, to withdraw your consent. Withdrawal of consent does not operate retroactively. The processing of your data is considered lawful for the period before your consent is withdrawn.
WHERE YOUR DATA IS STORED AND HOW IT IS PROTECTED
We take measures to protect your personal information from unauthorized access, use or disclosure, and to ensure an appropriate level of security, by implementing appropriate technical measures.
We use secure servers and encryption to protect your personal information and require our service providers to do the same. We store and keep your personal data in an electronic file and specifically on servers that we rent from a company based in the EU. The company in question takes all the necessary measures for the security of personal data and, among other things, constantly upgrades the software and the operating system it uses, applies a strict access policy to the data held, has installed SSL certificates and has activated the firewall. With regard to your information that is traded through our website, such as e.g. the passwords you use when entering it, the Controller applies the security measure of encryption.
However, no security measure is perfect and we cannot guarantee the absolute security of your personal information. You should take care to protect your personal information, such as by using strong passwords and avoiding sharing your account credentials with others.
WHO HAS ACCESS TO YOUR DATA
Only the Data Controller has access to your personal data that we keep in an electronic file. Processing Manager for "ACTIVITY EDGE (e-service)" is defined as the Tax Manager of the Company.
SHARING OF YOUR INFORMATION
We may share your personal data with third parties, individuals or businesses, who provide services on our behalf, such as payment processing and customer support. We require these service providers to protect your personal information, and to use it only for the purposes for which it was shared with them.
We may share your personal information in response to legal requests, such as subpoenas or court orders, or in connection with the sale or merger of our business.
In any case, any communication of your personal data takes place exclusively in accordance with the purposes described above, in particular to the extent necessary.
We do not disclose any of your personal data to third parties, natural or legal persons, other than those who carry out the processing on behalf of the Processor for the purposes and under the legal bases set out above.
Specifically, in order to comply with our legal obligations under national tax and other provisions, we share your personal data only with the persons who will carry out the accounting work (e.g. submission of income tax returns, VAT returns, etc., in case of of legal disputes to the authorized lawyers of the company, etc.
Finally, we will also transfer your personal data to the competent Public Authorities, Services and Organizations, in order to comply with our legal obligations under national tax etc. legislation, if this is necessary.
PROCESSING DURATION
The personal data we collect is kept in a form that allows the identification of the data subjects in principle for as long as the contract between us lasts, and in particular for as long as is required for its execution and management, or for the time required to fulfill its purposes processing of personal data (execution of the contract for the provision of digital services through your account, and the respective execution of the rental contract for leisure activities, limitation of possible claims arising from this contract, etc.). Personal data may be stored for longer periods if they are processed only for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes, in accordance with Article 89(1), and if appropriate technical and organizational measures required by this regulation to ensure the rights and freedoms of the data subject. This time can be extended exclusively and only in the event of the need to comply with our tax or other legal obligation from the national provisions. Finally, in case of a claim against you, the retention time of your data which is necessary for the establishment, support and exercise of this claim is extended until its termination or statute of limitations.
When we no longer need to use your personal information, we will permanently delete or declassify it.
To determine the appropriate retention period for personal data, consideration is given to the amount, nature and sensitivity of the personal data, the potential risk of damage to the personal data from unauthorized user access or disclosure, the purpose for which the personal data is being processed and whether these purposes can be achieved by other means and the applicable legal provisions.
RIGHTS OF USERS (DATA SUBJECTS)
1. Right to information and transparency (Articles 13-14 GDPR): You have the right to know which of your data is being processed by the Processor, the purposes of this processing, the categories of data being processed and its potential recipients.
2. Right of access of the data subject (Article 15 GDPR): You have the right to request free access to your personal data that we collect, and to receive a copy of it from the Controller.
3. Right to rectification (Article 16 GDPR): You have the right to request the correction of inaccurate personal data as well as the completion of incomplete data concerning you.
4. Right to erasure ("right to be forgotten") (Article 17 GDPR): When you no longer wish to process and store your personal data, you have the right to request its erasure, provided that the data is not kept for a specific legal purpose and stated purpose.
5. Right to restriction of processing (Article 18 GDPR): You have the right to request the restriction of the processing of your personal data, under certain conditions, when their accuracy is disputed, the processing is unlawful, the data is no longer needed by the controller, you object to automated processing;
6. Right to data portability (Article 20 GDPR): You have the right to request the transfer of your data in machine-readable form to another data controller / another party data controller.
7. Right to object (Article 21 GDPR): You have the right, at any time, to object to the processing of your personal data, provided that the public interest is not affected. unless the Processor proves that it has to continue the processing for an important reason, or if the processing is necessary for the establishment and exercise of its legal claims against you.
8. Right to non-automated individual decision-making, including profiling (Article 22 GDPR): You have the right to object when a decision concerning you is based solely on automated processing, including profiling, and that decision produces legal effects or significantly affects you.
HOW TO EXERCISE YOUR RIGHTS – SUBMIT A COMPLAINT
You can exercise your Rights orally, or by contacting the Controller electronically using the means of communication set out herein. For your safety, "ACTIVITY EDGE (e-service)" and the person in charge of Processing may ask you for strong identification to prove your identity (e.g. copy of police ID, certificate of genuine signature via gov.gr, etc. K.). The Processor has the obligation to respond to your requests within a reasonable period of one (1) month. In the event of a refusal or unjustified delay in answering or satisfying your requests, you have the right to appeal to the Personal Data Protection Authority, which is the materially competent Supervisory authority for compliance with the GDPR. In any case, you reserve the right to file a complaint with the above competent Authority for the Protection of Personal Data, if you consider that the processing of your personal data is illegal based on the applicable provisions, in writing (Kifisias 1-3, P.O. 115 23, Athens) or online (www.dpa.gr).
CHANGES TO THIS POLICY
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make changes, we will post the revised policy on this page and update the effective date. We encourage you to regularly review our privacy policy to stay informed about how we collect, use and share your personal information.
FINAL PROVISIONS
Any invalidity of any part hereof shall not imply invalidity as a whole, except that part which is deemed or is invalid and the remaining terms shall remain valid and effective.