Privacy policy
With this Privacy Statement (hereinafter referred to as the “Statement”), the Cooperative of Taxi Owners of Patras SPE, under the distinctive title Taxi Express Patras SPE, based in Patras at Pineiou 87, no. 4, and legally represented (hereinafter referred to as the “Company”), establishes the principles under which it collects, uses, discloses, or otherwise processes data within the operational framework of this website, in accordance with the provisions of the European Regulation 2016/679.
- Data Controller The company under the name “TAXI EXPRESS PATRAS SPE,” based in Patras, at Pineiou 87 no.4, and legally represented. Phone number: 2610450000 Email: radiotaxipatras@gmail.com
- Definition of Personal Data Any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
- Definition of Personal Data Processing Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- Data We Collect The Company collects from the users of the website only the data that is absolutely necessary and essential for the purpose for which it was provided and is used exclusively for the purposes for which it has been collected. The data is limited to what the user has expressly provided with their consent and for a specific purpose. Note that filling out fields on the website constitutes user consent to the company for the processing of the data provided in these fields. The Company, with the exception of cookies (see the website’s terms of use and cookie policy for more details), collects the following personal data from the user: a) Identity information: such as name and surname b) Contact information: such as email address and phone number. If the Company deems it necessary for the user to provide additional data for current or future services, this privacy policy will be amended accordingly.
- How We Use Data The processing of User Data is conducted by the Company’s staff, through information technology systems and electronic devices. Exceptionally, the processing may be carried out by third parties, who have contractually committed to the Company to maintain confidentiality and protect the Users’ Data, and they process it on behalf of the Company and solely for the purposes for which it has been provided. The User provides the Company with their data, which is processed to provide the following services: – Rental of public passenger vehicles (taxis) – Private transportation of persons within Greece or to specific destinations. The Company requests and processes users’ personal data to make bookings for the provision of the aforementioned services through the website.
- Purpose of Processing The Company collects users’ data for the purposes of the services provided, including but not limited to: a) Making reservations for the rental of public passenger vehicles and organizing private transportation within Greece or to specific destinations. b) Managing the user’s booking request, such as communicating and informing the user about vehicle availability on the selected dates or the company’s potential inability to meet the user’s choices. c) Sending informational and promotional material about the Company’s services and products via email.
- Legal Basis for Data Processing User consent. Specifically, for sending emails that promote informational and promotional material, the User can revoke their consent at any time, either by contacting the Company using the provided contact details or by selecting the “UNSUBSCRIBE” option at the end of each email sent by the Company.
- Recipients of User Data The Company does not sell, share, lease, or otherwise transfer, disclose, or provide third parties with users’ personal data, except as specified by a specific agreement with the user and with their explicit consent or as required by law. However, the Company may use and disclose users’ personal data if necessary to protect its legal rights, including but not limited to establishing, exercising, or defending legal claims, in court or out of court. Access to User Data is limited to the Company’s essential staff, who are bound by confidentiality, and our cooperating businesses, who process User Data as Joint Controllers or Processors on our behalf and according to our instructions. Indicatively, recipients of your Data include: 1) The Company’s staff 2) Our system users 3) Internet service providers for sending emails User Data will not be used for any other purpose without prior notice and consent.
- Ensuring Personal Data Protection by Processors Anyone processing personal data on behalf of the Company has contractually agreed and committed to the Company to: a) Maintain absolute confidentiality b) Not transfer User Data to any third party, unless contractually provided or with the Company’s express permission c) Take appropriate security measures d) Fully comply with the legal framework for personal data protection, especially Regulation 679/2016/EU (GDPR). In performing their duties, processors on behalf of the Company may employ other individuals (sub-processors). In this case, the sub-processor will have the same obligations and rights as the processor, as detailed in this Policy, and will be jointly liable with the Processor.
- International Transfers of Personal Data Currently, the Company does not send data outside the EU for managing bookings made through the website. However, it may transfer and process users’ personal data globally in places where processing activities occur. Today, the systems (servers) storing users’ personal data are located in Greece and Germany. If in the future the Company deems it appropriate to work with service providers outside the EU, this privacy policy will be updated accordingly. In any case, the Company guarantees that any transfer of personal data from the Company to third countries (including the United States) will only occur to countries with data protection legislation providing an adequate level of protection as interpreted according to European data protection law. Specifically, for sending emails, internet service providers may have access to personal data necessary to fulfill their obligations and are not allowed to disclose or use this information for any other purpose. These providers are bound by written confidentiality agreements and provide sufficient guarantees for the security of users’ personal data. To the extent that international transfers of personal data take place, the Company will seek and obtain assurances that any information potentially transferred is adequately protected according to the Privacy Policy and applicable data protection law requirements.
- User Rights Users have the following rights regarding the use of their personal data by the Company: Right of access: Users can ask the Company whether their personal data is being processed and the type of processing conducted. They can also access their personal data held by the Company. Right to rectification: Users can check their personal data, update it, or request correction if it is incorrect or incomplete. Right to erasure (“right to be forgotten”): Users have the right to ask the Company to delete any of their personal data that is no longer necessary for the purposes for which it was collected, if they have withdrawn their consent, in case of unlawful data use, or for any other lawful reason explicitly provided by EU or Greek law. Right to withdraw consent: Users can withdraw their consent to the Company at any time. This withdrawal does not affect the legality of data processing based on consent before the withdrawal. Right to restrict processing: Users have the right to ask the Company to restrict the use of their personal data when there is a dispute regarding the accuracy of the data and verification is pending, if the use is unlawful, if they believe the personal data held by the Company is no longer necessary for the purposes it was held, or while waiting for verification of whether the controller’s legitimate grounds override those of the data subject. Right to data portability: Users have the right to receive their personal data that they provided to the Company in a structured, commonly used, and machine-readable format and the right to transmit those data to another controller without hindrance from the Company. Right to object: Users have the right to object at any time and for any lawful reason to the processing of their personal data.
- How to Exercise User Rights To exercise the above rights, users can contact the Company at any time, by any means (see contact details above).
- Retention Period of Personal Data The Company retains User Data only for as long as necessary to fulfill the purpose for which it was provided and in compliance with applicable legal provisions. The consent statement for sending informational and promotional material is kept for as long as the related messages are sent by the Company, unless the user opts to stop receiving them.
- Personal Data Security The Company states that it takes all necessary organizational and technical measures to protect Users’ Data, solely for security and protection against any form of accidental or unlawful processing. These measures are reviewed and modified as deemed necessary.
- Applicable Law – Competent Courts This policy is governed by Greek Law and is interpreted according to the laws of the State of Greece. Any dispute arising from accessing or using the Company’s website is subject to the jurisdiction of the courts of Patras. This policy is drafted in Greek and translated into English. In case of any discrepancy in interpretation between the Greek and English texts, the Greek text shall prevail.
- Complaints Regarding the Handling of Personal Data Users have the right to lodge a complaint regarding the Company’s processing of their personal data with: Hellenic Data Protection Authority (HDPA) Postal Address: 1-3 Kifissias Avenue, 115 23 Athens, Greece Phone: +30 210 6475600 Fax: +30 210 6475628 Email: contact@dpa.gr