PRIVACY AND DATA PROTECTION POLICY 

Data Controller 

Our Company, under the trade name “Pragma – IoT”, hereinafter referred to as the “Company”, “we”, or “us”, located Ganas & Ganas Building Complex, Building B14, Perikleous Street – Drosia District, P.O. Box 600 75, Postal Code 570 01, Thermi, Thessaloniki, Greece, and specializing in the provision of Information Technology (IT) Application Development and Support Services, acts in full compliance with the EU General Data Protection Regulation (GDPR) 679/2016. In accordance with Chapter III, Article 13 of the Regulation, we would like to inform you about the nature, purpose and use of the personal data collected from you during your visit to our premises or through your interaction with our website. 

Principles relating to processing of personal data 

Personal data shall be: 

  1. Processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’), 
  1. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (purpose limitation’), 
  1. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimization’), 
  1. accurate and, where necessary, kept up to date (accuracy’), 
  1. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which personal data are processed; personal data may be stored for longer periods subject to implementation of the appropriate technical and organizational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (storage limitation’), 
  1. Processed in a manner that ensures appropriate security of personal data (integrity and confidentiality). 

Personal data processed 

The term “Personal data” refers to all information pertaining to any individual directly or indirectly identifiable. 

 Such information includes: 

  • Identity data: first name, surname, VAT number, Personal ID or Passport number, date of birth, etc. 
  • Contact details: residential address, email address, home phone number. 
  • Payment data: bank accounts for payments. 
  • Recruitment data: full name, personal email, telephone number, education and work history details featured in the curriculum vitae. 

Personal data collection 

In addition to our personal contact with clients, consumers, suppliers and partners, we collect personal data during your visit to our website through the Contact Form where you enter your name, email and personal message, or by other means of correspondence such as email or by phone. 

The personal data that you provide us when you fill in contact form, by phone or email, are used exclusively for processing your request; you are interested in our products/services.  

Such reasons may be: 

  • Responding to your inquiries about our IT products, solutions, or services. 
  • Providing technical support or customer service. 
  • Communicating with you about potential or current business partnerships. 
  • Reviewing your application or interest in working with us. 
  • Communicating with you as a representative of the organization you work for. 
  • Recording your presence through the CCTV system when you enter our premises, for security purposes. 

Also, by accepting “cookies”, data such as the browser version, computer model, operating system, internet service provider and other such technical information may be automatically collected. Furthermore, we may store various anonymous details, such as your browsing preferences, whether you have visited our website before, your country, city, time zone and language. The visitor/user of the Website can configure their web browser to either warn them about the use of cookies for specific services or to block the acceptance of cookies.  

If you choose to apply for a job position through our website or via email, your personal information will be kept in our database for two years following the submission of your resume. 

Furthermore, our premises are equipped with cameras, without sound, to protect our employees, partners, customers and visitors as well as our assets from intruders. There are signs at the entrances to our building alerting visitors to their presence. Surveillance footage remains stored for up to 15 days, and then the records are deleted unless material is requested by the Authorities or following our own request to state security authorities to detect illegal or malicious actions in our facilities. 

What is the purpose of processing your personal data? 

The Company and/or third parties acting on our behalf process your personal data for purposes including the provision of IT products, solutions, and consulting services, the processing and response to your requests or inquiries, informing you about new products, services, or solutions that may be of interest to you, completing payments related to our services, and managing applications or expressions of interest for potential employment or collaboration opportunities.  

The Company guarantees that your personal data will not be used for purposes other than those described in this Privacy Policy without your prior notification and, where required, your consent.  

The personal data you provide through our contact form or other communication channels are collected solely to enable us to communicate with you and respond appropriately to your inquiries. 

Legal grounds for data processing 

For processing your data as described above, we rely on the following legal bases: 

  • Contractual: your personal data are processed per your request within the scope of our contract. 
  • Consensual: processing of your personal data requires your free, explicit and written only to the extent necessary in the context and the timeframe of the occasion. 
  • Legal obligations: when required to comply with our legal obligations (e.g. labour or tax legislation) 
  • Legitimate interests: the processing is necessary for the purposes of our legitimate interests or those of third parties, unless such interests are overridden by your interests or fundamental rights and freedoms that impose the protection of your personal data. 

Personal data recipients 

The Company ensures lawful and appropriate use of personal data and prevents any unauthorized access. In the course of providing the requested service and always within the limits set forth by law, we share your personal data with: 

  1. Our personnel, who are bound by strict confidentiality agreements. 
  1. External partners – service providers to whom the tasks of management, maintenance and/or upgrading of the computer software, video surveillance systems and other electronic systems of the Company have been entrusted for the safer and more efficient provision of services, who are bound to comply with data security and confidentiality by relevant written contracts. 
  1. External partners, including legal advisors, lawyers, and other professionals, to whom personal data may be disclosed solely for the purpose of supporting the Company in matters of legal representation, ensuring compliance with applicable law, and protecting the Company’s legitimate interests. 
  1. Public authorities in situations prescribed by law, court rulings, and dictates for compliance.  
  1. Financial institutions or other payment facilitators, in cases you are using them to make payments to us. We may also exchange information with financial intermediaries in case we deem it necessary to prevent fraud.  

Your legal rights 

If not prevented by preceding legal or regulatory mandates or issued court rulings, we are obligated to submit to you, and you are entitled to: 

  • Acquire a copy of your data which we have collected and processed. 
  •  Demand the amendment of any incorrect data. 
  •  Deny the processing of your data or restrict their use. 
  • Demand deletion of the data. 
  •  Rescind your consent for processing. 
  • Require that we transfer or transmit the data to a third party of your choice. 

What is the retention period for your personal data 

Your personal data are physically stored in a secure place with controlled access for as long as it is necessary in order to serve the purposes for which we collect them and for the duration of our cooperation, unless legal issues demand that we maintain the data for a specific period before destroying them or if the Company retains the data for its own rights of advocacy in judicial or regulatory matters. Where your personal data is provided based on your consent, it will be deleted upon withdrawal of your consent.  

Transfer to third countries 

In the event of your personal data transference to a third country, the Company has taken all appropriate measures of protection and has ensured that your data is being transferred to countries that offer adequate protection by EU standards. 

Ownership – Intellectual and Industrial Property Rights 

Our website’s contents, featuring trademarks, pictures, graphics, photographs, text, etc., constitute property on which we have full and exclusive ownership, except for those that belong to third parties, and are protected by national, European, and international laws. Their appearance on our web page does not constitute allowance to use and does not relinquish our rights in any way. The publication, reproduction, transfer, transmittance, distribution, presentation, and any other misappropriation of the contents of this site as well as the use of any service or part of our services anywhere and anyway for commercial exploitation or other purposes without our expressed consent is strictly forbidden. 

Disclaimer of liability for the use of links to third-party websites 

Our web pages allow you to access other websites via electronic links.  These links have been properly placed for the sole purpose of facilitating ease of use.  The pages you are redirected to may be subject to different terms of use.  We deny all responsibility for their truth of content and protection of privacy.  The user entering these sites assumes full responsibility.    

Amending our Privacy Protection Policy 

If we must alter or augment our privacy protection policy, we shall do so each time in accordance with all applicable laws. 

Hellenic Data Protection Authority 

If you realize or suspect that your personal data protection is compromised in any way, you must contact the Hellenic Data Protection Authority at: 

1-3 Kifissias Street, PC 11523, Athens, Greece  

Tel: +30 (210) 6475600 

E-mail: contact@dpa.gr 

Personal Data Controller 

To exercise your individual rights and to request information relevant to personal data protection, you may contact us at: 

Pragma – IoT 

Ganas & Ganas Building Complex, Building B14,  

Perikleous Street – Drosia District,  

P.O. Box 600 75, Postal Code 570 01,  

Thermi, Thessaloniki 

T: +30 2316 025005 

E: dpo@pragma-iot.com     

Use of Cookies 

Cookies are small archives stored in the PC, tablet, mobile phone, and any electronic device you use to surf the internet.  Each one contains information such as the mother-website’s name, life span, and an alphanumeric code. Cookies allow us to store various information such as personal preferences or previous visits to the site. 

In addition to our own page, we receive 3rd Party Services like Google Analytics, Google Maps, Google Tag Manager, Google Ads, Facebook Pixel, Facebook Conversion Tracking etc. 

  • Google Analytics Cookies: facilitate the collection and screening of statistical data received by Google, such as the browser used, visiting frequency, and origination page (location of the link to our site).  For more information as to how Google uses your personal data, visit https://policies.google.com/privacy?hl=el#infocollect 

–    Google ads: is a service to offer targeted online advertising based on your previous visits. 

You can save, reject, or update each time a browser wants to store a file cookie on your computer. For more information, visit https://www.aboutcookies.org/