Privacy

Date: 1 January 2020

PROMAS S.A., is a company incorporated in Greece (General Electronic Commercial Registry (G.E.MI.) Number 4600901000, with registered seat at 64 Kifisias Ave., 15125 Marousi, Athens (“We” or “PROMAS”).

PROMAS is committed to preserving privacy and to protecting any personal data that you may provide to us.

We provide this Privacy Policy to help you to understand what we may do with any personal data that we obtain from you. Personal data is information about an identified or identifiable individual, as defined by applicable law, such as name, e-mail address and telephone number etc. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We also encourage you to regularly check this page to review any changes we might make to this Privacy Policy.

For the purposes of applicable data protection law (in particular, the General Data Protection Regulation (EU) 2016/679 (the “GDPR”)), your data will be controlled by PROMAS.

PERSONAL DATA WE MAY COLLECT

We collect and process the following personal data.

Personal details, such as your name, the company you work for, your title or position and other contact information;

Contact information, such as your postal address, your e-mail address and phone number(s);

Financial data, such as credit/debit card numbers, bank account information, and other invoicing and payment-related information;

Identification and background information provided by you or collected as part of our business acceptance processes;

Access and Attending Data, including information you provide to us for the purposes of attending meetings and events;

Profile Information, such as information about your preferences in receiving newsletters, your communication preferences and information about how you use our website(s), including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information, referring website (a site that has led you to ours) or application. To learn more please refer to our Cookies Policy;

Technical information, such as information collected during your visits to our website(s), the Internet Protocol (IP) address, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform, type of mobile device and its settings; unique device identifier (UDID) or mobile equipment identifier (MEID) for your mobile device; device and component serial numbers online activity on other websites, applications, or social media; communications to us or regarding us on social media To learn more please refer to our Cookies Policy;

Personal data provided to us by or on behalf of our clients or generated by us in the course or providing services to them, which may include special categories of data;

Any other personal information you choose to give us when you interact with us;

We may collect information about you when you interact with us through social media.

Personal data of other people: If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they have been made aware of how their personal data will be used by Us, and that they have given their consent for you to disclose it to Us and for you to allow Us to use it.

HOW WE COLLECT PERSONAL DATA

The ways we collect personal data include the following:

Directly from you or your organisation: in the course of acceptance processes and of the provision of consulting services and advice to you or your organisation; when you or your organisation provide services to us; when you communicate with us by phone, mail, email or otherwise;

By third parties: for instance, where you are the subject of, or your data is otherwise included in consulting advice we are asked to provide to that third party client;

While monitoring the use of our website, and your communication with Us via the website;

Using publicly available sources such as business registries.

HOW WE USE YOUR PERSONAL DATA

We use the personal data we collect about you in the following ways:

For the performance of contractual obligations or in order to take steps at the request of the data subject prior to entering into a contract;

- To register you as our client;

- To provide and administer services to you or your organisation;

- To process invoices, payments and other monetary transactions;

- To process employment applications and for recruitment purposes. When your personal data is shared with us for recruitment purposes, we will only use this personal data in order to contact you about recruitment and other opportunities which may you have requested. If you apply for any role within PROMAS, your personal data will be processed in accordance with this Privacy Policy.

To conduct our business and to pursue our legitimate interests, in particular:

- To provide advice and services to our clients;

- To administer and monitor our relationship, including for business acceptance, conflict checks, accounting, auditing purposes, as well as for confirming representation of our counterparties;

- To exercise or defend our legal rights or to comply with court orders;

- To protect the security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities;

- To analyse and improve our services and communications and to monitor compliance with our policies and standards;

- To communicate with you; to send you updates, announcements, publications and newsletters and other information about our services and events or initiatives organised, sponsored or otherwise affiliated with us;

- To protect the security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities;

- To provide this website and monitor its use.

For purposes required by law, including maintaining records, compliance checks or screening (e.g. anti-money laundering).

ON WHAT BASIS DO WE USE YOUR PERSONAL DATA

We use your personal data on the following basis:

For legitimate business purposes;

For the performance of contractual obligations;

For the establishment, exercise or defence of legal claims or proceedings;

To comply with legal and regulatory obligations.

For additional information, please refer to the section “How we use your personal data”.

WHERE WE STORE YOUR PERSONAL DATA

The data that we collect from you shall be transferred to and stored at a destination in the European Economic Area (“EEA”) or other destinations provided that for any transfer anywhere outside EEA, we will make sure that (i) there is a level of protection deemed adequate by the European Union (“EU”) or (ii) that the relevant EU Standard Contractual Clauses for the transfer of personal data to third countries are in place.

RETENTION OF PERSONAL DATA

We retain personal data for the period of time necessary to fulfil the purposes, that it was collected for as outlined in this Privacy Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for Us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.

WHO WE SHARE YOUR PERSONAL DATA WITH

We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement. We may disclose your personal data to:

Our professional advisers and auditors.

Our IT service providers.

Third parties, including service providers that we retain in the course of the services we provide, such as legal advisors, translators, couriers, financial & technical experts, and other necessary service providers.

Third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our contracts with you; or to protect our rights, or our safety and/or the safety of our service users, or others.

Project owners/employers, supervision engineers/consultants, adjudication boards, arbitration tribunals, courts, or other parties where it is reasonably necessary for the establishment, exercise or defence of a claim, or for the provision of our services, or for the purposes of alternative dispute resolution process or upon request.

We may, for strategic or other business reasons, decide to sell or transfer all or part of our business. As part of that sale or transfer, we may pass information we have collected and stored, including customer information, to anyone involved in the sale or transfer.

There may be times when we may share information when it does not directly identify you. For example, we may share anonymous, aggregated statistics about your use of our website. Or we may combine information about you with other customers and share the information in a way that does not identify you.

YOUR RIGHTS

Under the applicable legislation you have the following rights:

The right to access: You have the right to request a copy of the personal data We hold on you as well as information about how it is used.

The right to rectification: You have the right to request to correct personal data We hold on you where it is incorrect or incomplete.

The right to erasure: This right entitles you to require the erasure of your personal data from Our systems and records. However, this right applies only in certain circumstances (e.g., where the organisation no longer needs the personal data for the purpose for which we collected it or where you withdraw consent to our use of your personal data and where there is no other legal basis for continuing to use it).

The right to restrict processing: This right entitles you to restrict the processing of your personal data by us. Where this right is exercised, We are still permitted to store your personal data but other use of the data is prohibited, save in certain limited circumstances.

The right to object to processing: You have the right to object to our use of your personal data in certain circumstances. However, We may continue to use your personal data, despite your objection, where there are compelling legitimate grounds to do so or We need to use your personal data in connection with any legal claims.

The right to data portability: This right allows you to obtain your personal data in a format that enables you to transfer that personal data to another organisation where the organisation is processing your personal data on the basis of consent or on the fulfilment of a contract and if the processing is carried out by automated means. You may have the right to have your personal data transferred by us directly to the other organisation, if this is technically feasible.

The right to withdraw consent: To the extent that processing requires your consent, you may withdraw that consent at any time. However, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.

If such a request places us in breach of our obligations under applicable laws, regulations or our codes of practice, then We may not be able to comply with your request but you may still be able to request that we block the use of your personal data for further processing.

If you would like to exercise your rights above or if you have any questions or concerns about our Privacy Policy please contact us at the following email: info@promas.gr.

If you believe that the processing of your personal data described above, is unlawful, you may also file a complaint with the Greek Data Protection Authority (Greek Data Protection Authority 1-3 Kifissias str., Post Code: 115 23, Athens, T: +30 210 64 75 600, F: +30 210 64 75 628).

LINKS TO OTHER WEBSITES AND SOCIAL MEDIA

Our website may, from time to time, contain links to and from the websites of our partner networks, and advertisers. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

CHANGES TO OUR PRIVACY POLICY

This Privacy Policy is in effect as of the date noted at the top of this Policy. We may change this Privacy Policy from time to time. If we do, we will post the revised version here and change the “last updated date” (the date it applies from) at the top of the statement. You should check here regularly for the most up-to-date version of the statement.

Any changes we may make to our Privacy Policy in the future will be posted on this page.

COOKIES POLICY

This Cookies Policy applies to the use by PROMAS of cookies and other similar technologies on its website under https://www.promas.gr (hereinafter the “Website”).

What are cookies

Cookies are text files that contain bundles of information that are stored on the directory of the web browser of a user’s computer or mobile device (e.g., notebook, tablet, smartphone, etc.) every time a website is accessed online through the browser. Whenever this website is visited again subsequently, the browser sends these cookies to the website that originated them or to another website. The cookies allow these websites to memorize some information so that the person visiting the website can explore it quickly and easily. There are various types of cookies, some devised to make use of the website more efficient and to improve the browsing experience of the user, others enabling particular functions to operate.

Similar technologies, e.g., web beacons or transparent GIFs, can be used to gather information on a user’s behaviour and his/her use of the services. In this Cookie Policy, all such technologies will be referred to as “cookies”.

Our Website uses cookies for important reasons, such as:

To provide a great experience for our visitors and customers.

To monitor and analyze the performance, operation and effectiveness of the Website.

To ensure the Website is secure and safe to use.

More information on cookies can be found at http://www.allaboutcookies.org.

What type of cookies do we use?

The cookies we use are presented in the following table:

Cookie Name	Purpose	Duration	Cookie Type
XSRF-TOKEN	Used for security reasons	Session	Essential
hs	Used for security reasons	Session	Essential
svSession	Used in connection with user login	12 months	Essential
SSR-caching	Used to indicate the system from which the site was rendered	1 minute	Essential
_wixCIDX	Used for system monitoring/debugging	3 months	Essential
_wix_browser_sess	Used for system monitoring/debugging	session	Essential
consent-policy	Used for cookie banner parameters	12 months	Essential
smSession	Used to identify logged-in site members	Session	Essential
TS*	Used for security and anti-fraud reasons	Session	Essential
bSession	Used for system effectiveness measurement	30 minutes	Essential
fedops.logger.X	Used for stability/effectiveness measurement	12 months	Essential

How to disable cookies

For information on how to disable and/or clear cookies, on your device please follow the instructions in the links below:

Microsoft Edge

Internet Explorer (IE)

Google Chrome

Safari (desktop)

Safari (mobile)

Firefox

Opera

Netscape

HOW TO CONTACT US

If you want to contact us about this Privacy Policy as well as for the exercise of your rights, you can reach us at the following email: info@promas.gr.

Anchor 1