General Notice on the Processing of Personal Data

We reassure you that for Pleiades Cooperation On Technology and Innovation Non Profit Civil Company (Pleiades Innovation Cluster) protection of our customers' personal data and privacy is of paramount importance. For that reason, we are taking all necessary measures to protect the personal data we process and to ensure that its processing is always in compliance with the obligations as set by the legal framework, both by the company as well as by the third parties that process personal data on behalf of the company. We also declare that at Pleiades Innovation Cluster we do not collect, neither process personal data on minors under 16 years of age.

What is GDPR?

The General Data Protection Regulation (GDPR) is the new regulatory framework of the European Union (EU) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. The purpose of the Regulation is to enforce a framework around the processing of personal data to protect the rights and freedoms of natural persons, and, in particular, the right to the protection of personal data.

Controller - Data Protection Officer

Pleiades Cooperation On Technology and Innovation Non Profit Civil Company, having its registered seat in Kallithea, at 25 Al. Pantou Str, Postal Code 17671, TIN 996592038, GEN. COM. Register 165765601000 email: operations@pleiadesiot.com , website: www.pleiadesiot.com, as duly represented, informs that, for the purposes of its business activities, processes the personal data of its clients & associates in accordance with applicable national law and European Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as the “Regulation”), as such is in force as of May 25, 2018.

For any issue related to the processing of personal data, please contact the Department of Personal Data Protection at the email dataprotection@pleiadesiot.com. If you would like to contact the Data Protection Officer (Quest Group DPO), please contact: dpo@pleiadesiot.com.

What personal data categories do we process and for what purpose?

We process the personal data you provide us only if we have a legitimate reason to do so. Your personal data collected and processed by us are those absolutely required, necessary and appropriate to achieve our intended purposes. We hereby note that the data concerning your identification, as well as the contact details are absolutely required and necessary for any transaction or contractual relationship with the company. Moreover, we would like to note that in relation to the personal data we collect directly from you as customers or partners and in the event of any data updates you may have, you are required to inform us accordingly and without any delay and at the same time to respond promptly to any relevant requests for update we make. Moreover, we reassure you that the personal data we collect derive solely from the data you provide us with and by no means we collect data from other sources. We process the personal data provided to us, in particular for the purposes listed below:

Through the Contact Form of this website we collect your full name and email. These data are used to communicate with you in case you request us to do so.
Through our regular newsletter addressing our partner ecosystem, we release news that are of interest to our partners or information related to our working groups.
Moreover, we may process the data collected through our website in order to communicate with you via email or telephone and inform you on our news, solutions, services and products, or to invite you to our events based on your interest towards Pleiades IoT Innovation Cluster.

Which are legitimate grounds for processing your personal data?

Legitimate grounds for processing your personal data are:

(a) the provision of services assigned by you to our company, for example, information about our activities, therefore, within this context, fulfillment of our contractual obligations,

(b) the safeguarding and protection of both your and our legitimate interests. To that end, we use CCTV and security cameras, in order to be able to protect the safety and security of individuals, materials, facilities, and we use special security software to detect and prevent malicious actions. For more information regarding processing of personal data related to CCTV systems, please see here. Moreover, during your visit to the physical premises of our company, our specialized personnel register specific information in a logbook, such as the name of the visitor, time of entry/exit, identification number, the company in which you work for, while in our digital pages we use information such as IP address, location information, used devices and so on to detect or prevent frauds or abuses on our website.

(d) the consent you provide under the specific conditions as set in the legal framework to receive information regarding activities, services, and so forth of Pleiades Innovation Cluster or /and third cooperating companies, which may process personal data in accordance with the applicable law, at all times.

Statement

This site targets addresses adult audiences (such as investors and individuals seeking information about Pleiades Innovation Cluster) and does not collect or intend to collect information from or about children.

Where do we transfer your personal data?

Pleiades Innovation Cluster transfers lawfully personal data of individuals to third parties, to achieve the aforementioned processing purposes and in accordance with the legitimate grounds set out above, e.g. to Pleiades Innovation Cluster-affiliated companies that are intended to provide services related to researching the quality of our solutions and services.

Also, for the purposes of implementing a contract, personal data is lawfully transferred to partner enterprises (partners, customers, subcontractors, suppliers) entrusted with the execution of part of the contract. In such cases, Pleiades Innovation Cluster remains responsible for the processing of your personal data and defines the individual elements of the processing, and signs a special contract with the third parties to whom it entrusts the execution of the processing activities, in order to ensure that the processing is carried out in accordance with the applicable legal framework and that any natural person may freely and unhinderedly exercise the rights conferred on him by the legal framework. Pleiades Innovation Cluster has legally ensured that those processing the data on its behalf, fully fulfil the conditions and provide sufficient assurances for the implementation of appropriate technical and organisational measures so that such processing ensures the protection of your rights. We also disclose your personal data to those employees who are responsible for evaluating your requests, managing and operating your contract, as appropriate, to fulfil the obligations arising out of it, as well as the related obligations imposed by law. Your personal data is handled with the strictest discretion and confidentiality, as the employees who process your personal data have a sufficient and significant level of knowledge to protect them and are bound by a confidentiality clause or are under the appropriate regulatory obligation of confidentiality.

Furthermore, we may transfer your personal data, if required by law, to competent judicial, prosecutorial, police, supervisory, regulatory authorities or in the context of judicial or extrajudicial actions of a procedural nature, law enforcement bodies, government authorities and other third parties for our compliance with relevant legal obligations such as for the purpose of preventing or detecting criminal acts, providing customer account information, etc.

Data storage retention

The data storage retention period is determined by a set of criteria depending on the issue. Specifically: When processing is based on grounds of legitimate interest as set by the applicable legal framework, your personal data shall be stored for as long as defined by the relevant legal provisions. When processing is based on contractual grounds, your personal data will be stored for as long as it is required for the execution of the contract and for the foundation, exercise, and / or support of legal claims under the contract. Where processing is carried out on the basis of your consent, your personal data is kept until your consent is revoked. For information purposes, your personal data shall be kept until your consent is revoked. This can be done by yourself at any time. The revocation of consent does not affect the legitimacy of consent-based processing in the period prior to said revocation. To revoke your consent please contact the Data Protection Department at the email addressdataprotection@pleiadesiot.com . In case you wish to contact the Data Protection Officer ( DPO), please contact at email: dpo@pleiadesiot.com , You have the option to unsubscribe by clicking on the corresponding link in our electronic communications.

What are your rights in respect to your personal data?

Every natural person whose data are being processed by Pleiades Cooperation On Technology and Innovation Non Profit Civil Company (Pleiades Innovation Cluster) has the following rights:

Right to Access

You have the right to be aware of, and verify, the lawfulness of the processing. Therefore, you have the right to access the personal data which have been collected and get additional information about their processing.

Right to Correct

You have the right to revise, correct, update or modify your personal data. You also have the right to be informed on the recipients of the data, should you wish to.

Right to Delete

You have the right to request the deletion of your personal data in the course of processing under your consent or on the basis of our legitimate interests. In any other case, indicatively in the existence of a contract, a lawful obligation to personal data processing, or a public interest, the right shall be subject to restrictions or shall be withdrawn, as the case may be.

Right to limit processing You are entitled to request the limitation of your personal data processing in the following cases:

when the accuracy of the personal data cannot be established and until the data is verified,
when you object to the personal data deletion and request the limitation of their use rather than deletion,
when specific personal data are not required for processing purposes, they are, however, indispensable for the foundation, exercise, support of legal claims, and
when you oppose to the processing and until it is verified that there are legitimate grounds that concern us and supersede the reasons for which you are opposed to the processing. You also have the right to be informed on the recipients of the data, should you wish to.

Right to oppose the processing

You are entitled to oppose to your personal data processing, at all times, in case where, as described above, this is necessary on the legitimate interests grounds as pursued by us, as controllers, as well as in the data processing for direct marketing purposes and consumer profile creation. You also have the right to be informed on the recipients of the data, should you wish to.

Right to portability

You are entitled to receive your personal data free of charge in a format that allows you to access, use, and edit them with commonly used editing methods. Moreover, you have the right to request, if technically feasible, to pass the data directly to another controller. Such right is granted for the data you have provided to us and are subject to processing by automated means based on your consent or execution of a relevant contract.

Right to revoke your consent

Lastly, Pleiades Innovation Cluster. informs you that, where processing is based on your consent, you have the right to revoke it without affecting the legality of consent-based processing in the period prior to said revocation. To revoke your consent you can use the unsubscribe options by clicking on the corresponding link in our electronic communications or by contacting dataprotection@pleiadesiot.com.

To exercise any of the above rights you can contact the Data Protection Department at the email dataprotection@pleiadesiot.com. To contact the Data Protection Officer (DPO), please contact at email: dpo@pleiadesiot.com,or fill in the relevant form that you will find on this website.

In the above cases we will make every effort to respond to your request within thirty (30) days upon submission. Such deadline may be extended for an additional sixty (60) days, if deemed necessary, taking into account the complexity of the request and the number of requests, and in such case we will inform you within the aforementioned deadline of thirty (30) days.

Right to lodge a complaint to the Personal Data Protection Authority In case you consider that we have not duly satisfied your request and the protection of your personal data is somehow affected, you may submit a complaint via special web portal to the Hellenic Data Protection Authority (dpa.gr) (Athens, 1-3 Kifissias Avenue, 11523 Athens, Greece | +30 210 647 5600). You may find detailed guidelines on how to submit a complaint on the Authority’s website.

Cookies Policy

At www.pleiadesiot.com we use cookies to make your browsing experience more interesting. You can see which cookies we use as well as our full cookies policy by clicking here . You also have the right to change your preferences by clicking at the cookies preferences at bottom of each page in this website.

Personal Data Security

Pleiades Innovation Cluster shall implement appropriate technical and organizational measures aimed at the secure personal data processing and the prevention of accidental loss or destruction as well as the unauthorized and/or unlawful access to, use, modification or disclosure thereof. In any case, the way in which the internet operates and the fact that it is free to anyone, cannot guarantee that unauthorized third parties will never be able to violate the applicable technical and organizational measures gaining access and, possibly, using personal data for unauthorized and/or unfair purposes.

Links to other websites

Our site may contain links to other websites. Pleiades Innovation Cluster is not responsible for the privacy practices or content of other sites not owned by Pleiades Innovation Cluster.. Therefore, we suggest that you read carefully the privacy statements of the third party website.

Changes to the Privacy Policy

Information about the company's privacy policy reflects the current state of the data processing. In the event of changes in data processing, such data protection information will be updated accordingly. Our website will always include the latest version of data protection information so that you are informed about the extent of data processing. We recommend that you always be aware of how we process and protect your personal information. All future changes regarding this Privacy Statement will be made known on our website.

Privacy Notice on Processing of Personal Data and the Use of CCTV Systems

Controller: Pleiades Innovation Cluster, Al. Pantou 25, 176 71, Athens - Greece,
Purpose of processing and legal basis: We use a surveillance system for the purpose of protecting persons and goods. Processing is necessary for the purposes of legal interests that we seek as controller (Article 6, par. 1.f of the GDPR).
Analysis of legal interests Our legitimate interest is to protect our space and the goods found in it from illegal acts, such as theft. The same applies to the safety of life, physical integrity, health and property of our staff and third parties legally located in the supervised area. We only collect image data and restrict recording to sites where we have assessed that there is an increased likelihood of committing illegal acts e.g. theft, such as at our cash registers and entrance, without focusing on places where the privacy of the persons whose image is taken may be excessively restricted, including their right to respect personal data.
Recipients The material is only accessible by our competent/authorized personnel in charge of the security of the site. This material shall not be transmitted to third parties, without the consent of the subject, except in the following cases: (a) to the competent judicial, prosecutorial and police authorities where it contains information necessary for the investigation of a criminal offence involving persons or goods of the controller, (b) to the competent judicial, prosecutorial and police authorities when requesting data, lawfully, in the performance of their duties, and (c) to the victim or perpetrator of a criminal offence, in the case of data which may constitute evidence of the act.
Retention time We keep the data up to fifteen (15) days after which they are automatically deleted. In the event that we find an incident during this time, we isolate part of the video and keep it for up to one (1) month, with a view to investigating the incident and initiating legal proceedings to defend our legal interests, while if the incident concerns a third party we will keep the video for up to three (3) months more.
Rights of data subjects Data subjects have the following rights:
- Right of access: you have the right to know if we are editing your image and, if applicable, to obtain a copy of it.
- Right of restriction: you have the right to ask us to restrict processing, such as not to delete data that you consider necessary to establish, exercise or support legal claims.
- Right to object: you have the right to object to processing.
- Right of deletion: you have the right to request deletion of your data.
To exercise any of the above rights you can contact the Data Protection Department at the email dataprotection@pleiadesiot.com and in case you want to contact the Data Protection Officer (DPO) at the email: dpo@pleiadesiot.com or send a letter to our postal address or by submitting the request to us in person, to the address of the company. To review a request related to your image, you should inform us on when approximately you were in camera range and provide us an image of yourself to make it easier for us to locate your own data and hide the data of third parties depicted. Alternatively, we offer you the opportunity to visit our facilities to show you the images you appear in. We also note that the exercise of a right of objection or deletion does not entail the immediate deletion of data or the modification of the processing. In any case, we will reply in detail as soon as possible, within the deadlines set by the GDPR.
Right to submit a complaint In case you consider that we have not duly satisfied your request and the protection of your personal data is somehow affected, you may submit a complaint via special web portal to the Hellenic Data Protection Authority (dpa.gr) (Athens, 1-3 Kifissias Avenue, 11523 Athens, Greece | +30 210 647 5600). You may find detailed guidelines on how to submit a complaint on the Authority’s website.