MENU
CLOSE

Privacy Policy

 

  1. The Company’s Website
  2. What is Personal Data
  3. What is the Processing of Personal Data
  4. What information and personal data do we retain about you
  5. Purposes for which we use your Personal Data
  6. Automatic Data Collection
  7. How we use your Personal Data
  8. What is the legal basis for processing your Data by the Company
  9. Who are the recipients of your Data
  10. How your Data is disclosed
  11. What policy do we apply to third parties who Process your Data as described above
  12. How we ensure that the Company and its partners respect your Data
  13. Data Transfer
  14. How long do we retain your Data
  15. Are your Data secure
  16. What are your rights
  17. How can you exercise your rights
  18. When do we respond to your requests
  19. What is the applicable law for the processing of your Data by us
  20. Where can you file a complaint if we violate applicable data protection law
  21. How will you be informed of amendments to this Policy
 

The protection of your personal data is important to us!

With this policy, the company under the name “Vivid Vibes I.K.E.” (hereinafter the “Company” or “we” or “us”), headquartered in Lykovrysi, Attica (47 Grigoriou Lambraki St., PC 14124), sets out and communicates the terms under which, acting as the “Data Controller” according to law, it collects, stores, uses, and generally processes your personal data, which it collects when you visit, register, or use the Company’s website (hereinafter the “Website”), as well as when you interact with the Company’s physical office. This Privacy Policy also describes how your personal data are used, disclosed, and protected, the options available to you regarding your data, and how you may contact us. This Privacy Policy complies with the provisions of the General Data Protection Regulation (EU) 679/2016 of the European Parliament and Council dated April 27, 2016, and all other applicable legislation. For any questions regarding this Privacy Policy, as well as any issue related to the processing of your Data and the exercise of your rights, you can contact us at info@vividvibes.gr.

1. The Company’s Website

The website www.vividvibes.gr is the Company’s official website, and through it you may access a range of services offered by the Company, such as:

  • information regarding issues of corporate culture transformation, human resources, customer experience, business experience design, personal and team development and support, and our organization and participation in conferences and seminars,
  • information on our existing collaborations – clients,
  • information on implemented programs and the ability to view selected photographic material.

In general, our aim is to collect and retain only the personal data voluntarily provided by online visitors so that we can provide them with information and/or services or data that they request. Please review this statement to learn more about how we collect, store, use, transmit, and protect the information/personal data we receive.

  1. What is Personal Data?

The term “personal data” refers to information about natural persons, such as full name, postal address, email address, contact phone number, age, gender, job title, salary, etc., which identify or can identify your identity, hereinafter “Personal Data” or “Data”.

3. What is the Processing of Personal Data?

Any operation or series of operations carried out, with or without the use of automated means, on personal data or on sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

4. What Information and Personal Data Do We Retain About You?

We ensure to collect only the absolutely necessary Personal Data, which are appropriate and clear for the intended purpose. These data and personal information may be provided either directly by you, or by the legal entity for which you work, or by a third party (supplier, service provider, business partner, etc.). We may collect various types of personal data about you depending on the purpose for which we collect them, such as:

  1. Identification data (e.g. surname, first name, gender, date and place of birth, nationality, ID or passport number, email and/or postal address, landline and/or mobile phone number, driver’s license number, etc.)
  2. Employment data (e.g. job title, position and company name)
  3. Financial information (e.g. bank account information)
  4. Your electronic identification data, when necessary for the provision of services to our company (e.g. login credentials, access rights, passwords, employee ID number, IP address, online identifiers/cookies, log files, access and connection times, audio recordings such as CCTV or photos)
  5. Information collected through the use of cookies in your browser (Learn more about how cookies are used below.)
  6. Your social media username if you interact with us through these channels, to help us respond to your comments or questions.
  7. Educational information, such as studies, skills, foreign language proficiency, professional experience (only in cases where you are responding to a job posting).

5. Purposes for Which We Use Your Personal Data

Depending on the case, we use your Data:

To fulfill contractual obligations:
The Company processes your Data in order to fulfill its contractual obligations towards you or to take pre-contractual measures at your request and/or with your consent, to process service orders, monitor activities at our offices—including compliance with applicable policies and health and safety regulations, ensure compliance and submit reports (such as compliance with our policies and local legal requirements, tax and deductions, archiving and recordkeeping, invoicing and issuing receipts), to comply with legal obligations, and to defend, raise, or exercise legal claims. If we do not collect your Data necessary for the provision of the services you have requested, we will not be able to effectively deliver the services or comply with our legal obligations arising from our contractual relationship.
We note that your Data may need to be transferred to third parties to deliver the services you have requested.  (For information on how we disclose personal data to third parties, see below in Sections 9, 10, 11, and 12.)

For Communication:
The Company uses your Data to respond to your inquiries/requests or any complaints you submit. The information you share with us enables us to handle your requests and respond to you in the best possible way. We may also maintain a record of your requests to better respond to future communication. This is done based on our contractual obligations, our legal obligations, and our legitimate interests, in order to provide the best possible service and improve our offerings based on your experience.

For Sending Newsletters / Offers:
With your consent, we will use your Personal Data, preferences, and transaction details to inform you via email, web, phone and/or social media about related products and services, including personalized offers. You may withdraw your consent at any time.

For the Development and Improvement of our Products and Services:
This is based on our legitimate business interests. We want to offer you personalized offers and recommendations based on your needs. To ensure the most relevant content appears on our Website, we use the Data you have provided with your consent to receive notifications or to place cookies on your device. We may also send you survey and review requests to help us improve our services. These messages will not contain promotional content and do not require prior consent when sent via email. We have a legitimate interest in doing this to make our services more relevant to you. You may opt out at any time by updating your preferences or emailing us to unsubscribe.

For Processing Payments and Fraud Prevention:
This is done based on our legitimate business interests and helps protect our clients from fraud.

To Comply with Our Contractual Obligations or Legal Requirements (e.g. accounting obligations)

To Send You Legally Required Notices:
 Such as updates to this privacy policy or legally mandated information about our services. These service-related messages do not require prior consent when sent via email. If we do not use your Personal Data for these purposes, we will be unable to comply with our legal obligations.

6. Automatic Collection of Personal Data

In some cases, the Company and its service providers use cookies, web beacons, and other technologies to automatically collect certain types of data when you visit our website or interact with us via electronic messages. This data helps us personalize your experience, improve performance, usability, and effectiveness of our online presence, and evaluate the effectiveness of our marketing activities.

IP Address
An IP address is assigned to your computer whenever you access the Internet. It allows computers and servers to recognize and communicate with each other. IP addresses may be recorded for IT security and system diagnostics. These data may also be used in aggregate to analyze trends and site performance.

Google Analytics
The Company uses Google Analytics. More information about how we use Google Analytics can be found here: http://www.google.com/analytics/learn/privacy.html. To give visitors more control over how their data is collected by Google Analytics, Google has developed the Google Analytics Opt-out Browser Add-on, which communicates with the JavaScript of Google Analytics to indicate that visit data should not be sent. The Opt-out Add-on does not prevent data from being sent to the website itself or other web analytics services.

Web Beacons
A web beacon is a small image file on a webpage used to collect certain data from your computer, such as IP address, the time content was viewed, browser type, and whether cookies were previously set by that server. The Company uses web beacons only in accordance with applicable legislation. These may be used to measure the effectiveness of third-party websites providing recruitment or advertising services, or to collect visitor statistics and manage cookies. You may deactivate some web beacons by rejecting the associated cookies. The web beacon may still record an anonymous visit from your IP address, but cookie information will not be captured.

Social Media Applications and Widgets
The Company’s websites may include features that allow sharing through third-party social media platforms, such as the Facebook Like button or Twitter widget. These applications may collect and use data regarding your interactions with our websites. Any personal data shared through such platforms may be collected and used by other users and is subject to their privacy policies. We do not control or accept responsibility for how these companies use your data. Additionally, our websites may host blogs, forums, and other social media features (“social media functionalities”). These are designed to facilitate the exchange of information and content. Any personal data you provide through these functionalities may be disclosed to other users (unless otherwise noted at the time of collection), over whom we may have limited or no control. Posting personal data of third parties (e.g. images) via our websites is illegal unless prior consent from the data subject has been obtained.

7. How Do We Use Your Personal Data?

In accordance with Greek Law and the General Data Protection Regulation 2016/679/EU (GDPR), we do not process your personal data without a lawful justification provided by law.
Thus, we will only process your personal data if a legal basis exists, such as:

  • Contract execution: When processing is necessary for the fulfillment of a contract.
  • Legal obligation: To comply with a legal duty (e.g. tax reporting).
  • Legitimate interest: Where our business interests do not override your rights and freedoms.
  • Vital interests: To protect your vital interests or those of another person.
  • Public interest: When necessary to perform a task in the public interest.
  • Your consent: In certain cases, we will request your consent for specific data processing. You may withdraw consent at any time by contacting us at info@vividvibes.gr

Data processing is conducted either by authorized Company personnel or through IT systems and electronic devices, and exceptionally by third-party partners contractually bound to confidentiality and data protection, in accordance with the purposes strictly related to the operation of our Digital and Physical Records. For more information, refer to Sections 8 and 9: “Who are the recipients of your Data?” and “How is your Data disclosed?”

8. What Is the Legal Basis for Processing Your Data by the Company?

The data protection legislation defines several grounds under which a company may collect and process your personal data. These include:

  • The terms of our contractual relationship
  • Your consent, where required (e.g. when you opt in to receive newsletters). At the time of collecting your personal data, we will always inform you which data are necessary for a specific service.
  • The Company’s legal obligations (e.g. tax legislation, e-commerce law, etc.)
  • The legitimate interest of the Company: In certain cases, we collect your Data in a way that is reasonably expected as part of our business operations and that does not materially affect your rights, freedoms, or interests.

     

9. Who Are the Recipients of Your Data?

The Company does not share personal data with unrelated third parties unless this is necessary for legitimate professional and business needs, to fulfill your requests, or as required or permitted by law or professional standards. The Company collaborates with trusted partners and service providers who may process your personal data on our behalf.
The Company will transmit personal data to them only if they meet our strict standards for data processing and security. We share only the data required for them to provide their services.

10. How Is Your Data Disclosed?

Disclosure of Data by Our Company

The Company shares your Data with:

    • Third-party independent service providers who process personal data on behalf of the Company—for example (but not limited to) to provide part of the services you have commissioned us for, process payments, conduct research or collect data necessary to deliver the requested services, analyze research results, compile statistics, manage promotional activities, and handle certain services and content.
       When we use third-party service providers, we sign written contracts requiring them to implement appropriate technical and organizational measures to protect your personal data.
    • Other third parties, to the extent required for the following purposes:
       (i) compliance with a request from a Greek state authority, court order, or applicable law;
       (ii) prevention of illegal use of the Website or violations of its Terms of Use and our policies.
  • Other third parties to whom you have given your consent.

     

Disclosure of Data by You

When you use your social media account information on our Website, you may create a public profile that includes information such as username, profile picture, occupation, and city.

11. What Policy Do We Apply with Third Parties Who Process Your Data as Described Above?

The Company ensures that external service providers who have access to or use confidential information are contractually bound by obligations of confidentiality and information security. These obligations must be at least equivalent to those that bind the Company’s employees.

The Company includes confidentiality clauses in its General Terms of Business and in confidentiality or non-disclosure agreements that may be signed from time to time with third parties (i.e. external service providers who have access to confidential information). Specifically:

  • We provide only the information necessary for the performance of their specific services.

     

  • They may use your Data only for the exact purposes we specify in our contract with them.

     

  • We work closely with them to ensure that your privacy is respected and protected at all times.

     

  • If we stop using their services, any Data they hold will be deleted or anonymized.

     

If you wish to receive more information about how your Data is disclosed to third parties, please contact us by email at info@vividvibes.gr.

12. How Do We Ensure That the Company and Its Partners Respect Your Data?

We have implemented appropriate organizational and technical measures to provide a high level of privacy and security of your personal data against accidental or unlawful destruction or alteration, accidental loss, unauthorized disclosure or access, and other unlawful forms of processing.

The Company integrates personal data protection as an essential part of its operations by design and by default, to protect the rights of data subjects, including user management policies, role-based access controls, backups, physical security measures, and personal data destruction policies.

Where the Company acts as a Data Processor, it must comply with the GDPR and, among other things, it must:

  • Process personal data only according to the instructions of the Data Controller who transferred the data and is responsible for GDPR compliance.

     

  • Retain the personal data only until the termination of the data processing services, subject to any applicable legal retention requirements.

     

  • Immediately notify the Data Controller of any legally binding request for disclosure of the data, any accidental or unauthorized access, or any request submitted directly by a data subject.

     

  • Not respond to any request for disclosure unless authorized by the Data Controller or the data subject or as required by law.

     

Where the Company acts as a Data Controller, it must also comply with the GDPR and, among other things, it must:

  • Implement appropriate measures to ensure compliance and data protection by design and by default.

     

  • Apply suitable technical and organizational security measures to protect personal data.

     

  • Report data breaches to the Data Protection Authority and the affected data subjects.

     

  • Cooperate with supervisory authorities.

     

  • Facilitate the exercise of data subject rights.

     

Our partners, when acting as processors on our behalf, have contractually agreed and are bound to the Company to:

  • Maintain confidentiality.

     

  • Not disclose your Data to third parties without the Company’s authorization.

     

  • Take appropriate security measures.

     

  • Comply with the legal framework for the protection of personal data, particularly the General Data Protection Regulation 2016/679/EU (GDPR).

     

13. Data Transfer

The personal Data we collect (or process) through our Website will be stored within the European Union.
However, some of the recipients with whom the Company shares your Personal Data may be located in other countries outside the country in which your data was originally collected.
The laws in those countries may not provide the same level of data protection as the country that initially provided your Data.
Nonetheless, when we transfer your Data to recipients in other countries, including the USA, we commit to protecting your Data as described in this Privacy Policy and in accordance with applicable laws.

We take steps to comply with applicable legal requirements for transferring Personal Data to recipients in countries outside the European Economic Area or Switzerland that do not ensure an adequate level of protection.
We use various measures to ensure that your transferred Data are sufficiently protected according to data protection standards.
These measures include signing Standard Contractual Clauses, verifying that the recipient has adopted Binding Corporate Rules, or adheres to the EU–US and Swiss–US Privacy Shield frameworks.

14. How Long Do We Retain Your Data?

We retain your Personal Data for as long as necessary to fulfill the purposes outlined in this Privacy Policy.

In general, this means we will retain your Personal Data for at least 10 years and, in any case, for the duration of your cooperation with our Company and until the purpose of processing has been achieved, subject to any requirements for keeping the information longer to comply with applicable law, regulation, professional obligations, or standards.

The Company maintains a process to define and monitor the nature and location of the personal data it holds about you.

It allows you to access the personal data retained by the Company and enables you to check and correct any errors in your personal information, as required by applicable laws and regulations.

Regarding the Personal Data related to the services provided, we retain such Data for a longer period to comply with our legal obligations (such as tax and commercial legislation).

Your consent declaration for receiving the newsletter is retained for as long as newsletters are sent to you and in any case no longer than six months after the unsubscribe request.

15. Are Your Data Secure?

We are committed to safeguarding your Personal Data.

Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to ensure the security and protection of your Data against any form of accidental or unlawful processing.
We use the most modern and advanced methods to ensure the highest possible security.

The website www.vividvibes.gr uses Transport Layer Security (TLS) protocol.
This ensures that all the Data you provide, including your name and address, are encrypted so they cannot be decrypted or altered during transmission over the Internet.

16. What Are Your Rights?

You have the right of access to your Personal Data.
This means you have the right to be informed by us whether we process your Data.
If we process your Data, you may request to be informed about the purpose of the processing, the type of Data we hold, to whom we disclose them, how long we store them, whether automated decision-making is in place, and about your other rights, such as correction, deletion, restriction of processing, and filing a complaint with the Data Protection Authority.

You have the right to correct inaccurate personal data.
If you find that there is an error in your Data, you can submit a request to correct it (e.g. correction of name or address update).

You have the right to deletion / the right to be forgotten.
You may ask us to delete your Data if it is no longer necessary for the aforementioned processing purposes or if you wish to withdraw your consent.

You have the right to data portability.
You can request to receive your Data in a structured, commonly used, and machine-readable format, or ask us to transmit it to another controller.

You have the right to restrict processing.
You may request us to restrict the processing of your Data while your objections to the processing are under review.

You have the right to object and withdraw consent to the processing of your Data.
You may object to the processing of your Data, and we will stop processing if there are no other compelling and legitimate grounds that override your rights.
If you have given your consent for the collection, processing, and use of your personal data, you may withdraw it at any time with future effect:

  • By choosing not to receive Marketing Communications
     You may opt out of marketing communications by clicking the unsubscribe link found at the bottom of every newsletter.

     

  • Alternatively, you may contact us using the contact details provided in Section 16 below.

     

If we rely on our legitimate interest:
Where we process your personal data based on our legitimate interest, you may ask us to stop for reasons related to your personal situation.
We will comply unless we believe we have compelling legitimate grounds to continue processing your Personal Data.

17. How Can You Exercise Your Rights?

To exercise your rights, you may submit a relevant request to the email address info@vividvibes.gr with the subject line “Exercise of Right” and we will review it and respond to you as soon as possible.

Additionally, for any complaint or grievance, you may use the complaint form, which you can send to the above-mentioned email address.

By exception:

  • If you wish to withdraw your consent to receive the newsletter, you can do so by clicking on the “Unsubscribe from the newsletter list” link located at the bottom of each newsletter.

     

  • If you no longer wish to receive web push notifications from the Company, you can deactivate this option from your browser settings.

     

Identity Verification

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you submit under this Privacy Policy.
If you have authorized a third party to submit a request on your behalf, we will ask them to prove that they have your permission to act in this capacity.

18. When Do We Respond to Your Requests?

We respond to your requests free of charge and without delay, and in any case within one (1) month from the time we receive your request.
If your request is complex or if you have submitted a large number of requests, we will inform you within the month whether we need to extend the response time by an additional two (2) months.

19. What Is the Applicable Law for the Processing of Your Data by Us?

The applicable law is Greek law, as shaped by the General Data Protection Regulation 2016/679/EU (GDPR) and the relevant national and European legislative and regulatory framework for the protection of personal data.

Any dispute arising from or in connection with the protection of your Personal Data shall be resolved through mediation in accordance with the Mediation Regulation of the European Organization for Mediation and Arbitration (EODID).
If the dispute or part of it is not resolved through mediation, the dispute or the unresolved part shall be exclusively resolved by the Greek Courts.

20. Where Can You File a Complaint If We Violate Applicable Data Protection Law?

You have the right to file a complaint with the Hellenic Data Protection Authority if you believe that the processing of your Personal Data violates the applicable national and regulatory legal framework for personal data protection.

Hellenic Data Protection Authority (HDPA)
www.dpa.gr
Postal address: 1-3 Kifisias Avenue, P.C. 115 23, Athens
Phone: +30 210 6475600
Email: contact@dpa.gr

21. How Will You Be Informed of Amendments to This Policy?

We update this Privacy Policy whenever necessary.
 If there are significant changes to the Privacy Policy or the way we use your Personal Data, we will post an update on our website before the changes take effect and notify you in every appropriate way.

We encourage you to review this Policy regularly to stay informed about how your Data is protected.