The Central Market of Thessaloniki S.A. will collect and process only the personal data that are appropriate, relevant and necessary for the processing purpose in question, which, depending on the case, may include, in particular, identification or legalisation data (such as full name, date and place of birth, identity card or passport particulars, etc.), contact data (such as address, landline or mobile phone number, e-mail address), education/work history, and any other piece of information that you may provide voluntarily and in specific cases, information about criminal convictions, etc. The Central Market of Thessaloniki S.A. will not process such data for any other purpose than the one for which they have been collected.
Users/visitors
are requested to share with the Central Market of Thessaloniki S.A. only the
particulars/data requested by the latter through the respective call for
tenders and the expression of interest for filling a certain position, etc. In
the event that the Central Market of Thessaloniki S.A. is not provided with
such particulars/data, it may not be possible to carry out and/or complete the
operation for which such particulars/data are requested.
The
Website of the Central Market of Thessaloniki S.A. is addressed to adults.
Purpose of Processing
The
Central Market of Thessaloniki S.A. shall use the data it collects solely for
the purposes indicated below:
Personal Data Processing Period
The storage and processing of our customers' and users' data are carried out solely as permitted by law or following the users' express consent only for as long as necessary to satisfy the purposes of processing (as defined above) or until the user disagrees with the use of the Personal Data by Central Market of Thessaloniki S.A. or until they withdraw their consent. However, whenever required by (mandatory) law, the Central Market of Thessaloniki S.A. will retain the Personal Data for a longer period or whenever the Personal Data is required so that the Central Market of Thessaloniki S.A. can assert or defend itself against legal claims.
Place of Data Processing
The
head office of the Central Market of Thessaloniki S.A. is located in Greece;
therefore, all processing carried out in our premises is within the Greek
territory.
Disclosure/Transmission of data to third parties
Access
to personal data collected and processed in accordance with this Policy will in
principle only be available to competent/authorized members of staff and/or
members of corporate bodies of the Central Market of Thessaloniki S.A. and only
to the extent required in the context of the above processing purposes.
Furthermore,
the Central Market of Thessaloniki S.A. may, depending on the case, transmit
the data in question to third parties, if and to the extent required for the
fulfilment of the aforementioned processing purpose, e.g. to its shareholder,
consultants and/or partners in general, as well as to any kind of authorities,
bodies, services, institutions and/or organisations, etc.
In
the event that the Central Market of Thessaloniki S.A. is interested in
establishing a partnership with other persons, this partnership will involve
the processing of personal data by these persons - as processors - on its
behalf. These persons should comply with the national and EU legal framework
for the protection of personal data and sign a contract with the Central Market
of Thessaloniki S.A. that will govern the terms and conditions of the data
processing carried out in this context and will be in accordance with the applicable provisions.
How to access and control your Personal Data
Users
of the Central Market of Thessaloniki S.A.’s services may request information
about their Personal Data from the Central Market of Thessaloniki S.A. at any
time and may also request their correction or deletion. The Central Market of
Thessaloniki S.A. may delete the data only if there is no legal obligation or
if it has no other legal right to retain them. In case a user's data is
deleted, the Central Market of Thessaloniki S.A. shall not be able to continue
to provide its services to this user, as long as such services require the use
of such data.
Last but not least, users may request the Central Market of Thessaloniki S.A. to restrict any processing of their Personal Data in the following cases:
1. The Personal Data held by the Central Market of Thessaloniki S.A. is incorrect.
2. They do not agree with one of the above processing procedures.
Users
may contact us for any request or clarification needed via the email addresses
listed in the contact information, specifying the information or processing
activities related to their request as well as the format in which they want
this information. The request will be carefully reviewed and we will work with
the user to discuss ways to best fulfil the request.
The Central Market of Thessaloniki S.A. uses cookies (small text files installed on your device) and similar technologies and services that use your IP address to provide its Website, mobile application and online services. More details about the cookies used by our Website can be found in the Cookies Policy posted on this Website.
Contact information
The
Controller is the Central Market of Thessaloniki S.A. located in Nea Menemeni, Thessaloniki,
Postal Code 54628. Phone number: +30 2310 764023 Email address: nomiki@kath.gr
The
Central Market of Thessaloniki S.A. has appointed a Data Protection Officer
(DPO) and you can contact them at dpo@kath.gr.
Changes to the current policy
The
Central Market of Thessaloniki S.A. may amend this Personal Data Privacy
Statement in order to comply with the applicable data protection practices.
Upon making changes to this statement, the "Date of last update"
field at the top of this page will automatically change. We encourage you to
review this Personal Data Processing Policy from time to time in order to be
informed on how the Central Market of Thessaloniki S.A. protects your data.
Questions about the policy and its implementation
The
Central Market of Thessaloniki S.A. is committed to protecting your personal
data on the Internet. Should you have any questions or comments regarding our
handling of your personal data, please contact us at the address and details
listed above in the contact information section.
ANNEX A
Information
on the processing of personal data through video surveillance (CCTV)
Controller:
CENTRAL MARKET OF THESSALONIKI (C.M.TH.).
NEA MENEMENI, THESSALONIKI
POSTAL CODE: 54628 - PHONE NUMBER: +30 2310 764023
VAT REGISTRATION NUMBER: 099356122 - THESSALONIKI TAX OFFICE FOR COMMERCIAL COMPANIES
Purpose of processing and legal basis
We
use a surveillance system to protect persons and goods. Processing is necessary
in order to pursue our legitimate interests as a Controller (Article 6(1)(f)
GDPR).
Legitimate interests overview
Our
legitimate interest consists in the need to protect our premises and the goods
located there from illegal acts, such as theft. The same applies to the safety
of the life, physical integrity, health and property of our staff and of third
parties lawfully located on the premises. We only collect image data and do so only in
areas where we have assessed that there is an increased likelihood of
committing illegal acts e.g. theft, such as at our counters and entrance
gates without focusing on areas where the privacy of the person whose image is
taken may be unduly restricted, including their right to have their personal
data respected.
Recipients
The
material held is accessible only by our competent/authorised personnel who are
responsible for the security of the site. This material is not transmitted to
third parties, except in the following cases. It might be transmitted to (a)
the competent judicial, prosecutorial and police authorities when it contains
data necessary for the investigation of a criminal offence involving persons or
property of the Controller; (b) the competent judicial, prosecutorial and
police authorities when they lawfully request data in the course of their
duties; and (c) the victim or perpetrator of a criminal offence when it
concerns data which may constitute evidence of the offence.
Data retention time
We
retain data for fifteen (15) days, and after the elapse of this time frame it
shall be automatically deleted. In case we detect an incident during this
period, we will isolate part of the video and keep it for up to one (1) more
month in order to investigate the incident and initiate legal proceedings to
defend our legitimate interests, and if the incident concerns a third party, we
will keep the video for up to three (3) more months.
Rights of data subjects (individuals)
Data subjects (individuals) have the following rights:
You can exercise your rights by sending an e-mail to dpo@kath.gr or a letter to our postal address or by submitting the request to us in person at our address. In order for us to review a request related to your image, you will need to identify approximately when you were in the range of the cameras and provide us with an image of you to assist us in identifying your own data and concealing the data of third parties depicted. As an alternative, we offer you the opportunity to come to our premises to show you the images in which you appear. We would also like to point out that the exercise of a right to object or delete does not imply the immediate deletion of data or the modification of processing. In any case, we will reply to you in detail as soon as possible within the time limits set by the GDPR.