ONLINE PRIVACY STATEMENT
The protection of personal data is very important to the Municipality of Thira.
In the context of the General Data Protection Regulation (EU) 2016/679 (GDPR), this document provides information on the processing of personal data and the rights of data subjects, in accordance with Article 13 of the above Regulation. This privacy statement concerns the information we collect from you when you use our website.
In collecting this information, we act as data controllers and, by law, we are required to provide you with information about us, why and how we use your data, and your rights over it.
We invite you to read this carefully in order to be adequately informed regarding the type of data we process.
Personal data
According to the above Regulation, Article 4 states the following definitions:
– “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one whose identity can be verified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person
– ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, search, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Who are we?
The Municipality of Thira, a public legal entity (a local government organization, as legally represented), is a municipality of the South Aegean Region that includes the islands of Thira and Thirassia, as well as their neighboring islands.
You can contact the GDPR Compliance Officer or/and the Data Protection Officer of the Municipality of Thera directly here:
(Indicate the name of the Data Protection Officer, telephone number, e-mail)
What personal data do we collect?
- When you browse our website, we automatically collect certain information using cookies (such as IP or preference information, device usage data), i.e. information that allows us to remember you and your preferences when using this website. We use cookies to collect this type of information. Your IP address, which we use to record your interest and visits to our website. We also collect the information you provide yourself when you fill in the relevant contact form (https://www.santorini.gr/santorini/contact/), including your full name and contact details.
- When you subscribe to the newsletter, we collect your email address in order to send you news and updates. The legal basis for processing is consent which you can withdraw at any time.
How do we use your information?
This privacy notice states how we, the Municipality of Thira, will collect and use your personal data to provide you with our services, keep in touch with you and manage requests or complaints you make to us.
The Municipality of Thira will process (collect, store and use) the information you provide in a manner compatible with the EU General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up-to-date and not keep it for longer than necessary. How long certain kinds of personal data should be retained may also be governed by specific business-sector requirements and agreed practices.
Are you going to share my data with someone else?
We may share your personal data with third party service providers linked to our website or/and the Municipality of Thira during the course of our partnership. Any third parties with whom we share your personal data are obliged to keep your information secure and only for legitimate processing purposes. The Municipality of Thira does not process and transfer your sensitive personal data to third parties without your explicit consent, except where there is another legitimate processing reason or obligation.
Your information is stored in the processing system of the hosting provider of our website and other internet service providers such as Google, whose headquarters are located in the USA and they are certified in the EU-U.S. Privacy Security with adequate protection measures.
The Municipality of Thira does not use the information you provide to us to make any automated decisions that may affect you.
How long do we keep your information?
We keep your browsing information usually anonymous and for the duration of your stay on our site. However it is possible to retain your data for up to a maximum of 2 years. In case you send us a request, the retention time of the data you provide us by yourself (e.g. contact details with you) varies depending on the time to fulfill your request.
Email communications
With your consent, we may use the information we collect to send you communication material by email, concerning the progress of a request from the request form or a request you have made to us from the certificate request form. If you subscribed to one of our email newsletters, we will also send you the newsletter you requested.
Cookies or other similar technologies
Our website uses “cookie” technologies to enable us to distinguish you from other visitors, to record your IP address and how you use our website. This information is used to help us provide you with a better service by improving the design of the site and our services. A cookie is a small data file that is placed on your computer’s hard drive when you visit a website and helps us to optimise our website by working out which areas are of most interest to users. You have the option to disable cookies or other similar technologies at any time through your browser options, but if you do so you may not have access to certain features and services that make your experience on the site more efficient and enjoyable. For details about cookies, you can refer to the cookies policy posted on this website.
Your rights
With regard to the protection of your personal data, you may, by submitting a request to the Municipality, exercise the following rights, such as:
- Right of access, i.e. the right to be informed about your personal data retained in our records and to obtain copies,
- right of rectification, i.e. the right to request the rectification of inaccuracies and errors in your personal data retained in our records,
- the right to erasure, i.e. the right to request that your personal data retained in our records be erased or cease to be used, subject to the more specific restrictions set out in the General Data Protection Regulation,
- the right to restriction of processing of your personal data, and always subject to the conditions stated in the General Regulation,
- the right of portability, i.e. the right to request the Municipality to transmit your personal data directly to the organisation you indicate, provided that they are technically structured in accordance with the relevant legislation.
- Right to object to the processing of your personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims of the Municipality.
Your right to complain
Finally, you also have the right to lodge a complaint with the Data Protection Authority (PPA) [1-3 Kifissias Street, 115 23, Athens, tel.: +30 2106475600, email: contact@dpa.gr] if you consider that your rights regarding the protection of your personal data have been infringed.
For more information please visit the website:http://www.dpa.gr/portal/page?_pageid=33,211532&_dad=portal&_schema=PORTAL
Updates to this Privacy Statement
We try to continuously improve our services and processes and to protect your rights in relation to your personal data. Thus, we may occasionally update this Privacy Statement from time to time. We therefore encourage you to review this statement on a regular basis.
Last update: 12/07/2021