The registered office of the Company is located at 192, KIFISSIAS AVENUE & 24, IEREOS DOUSSI STREET, AMAROUSSIO 15124, GREECE. The Company is registered with the Athens Corporation Tax Office (FAE Athens) with TIN 094438218.
The Company as a legal entity:
Indicates and declares the following as regards the preparation and generation of this Code of Conduct and Personal Data Security Policies:
Personal data is retained for the duration of such relation (contractual obligations) with the data subjects.
The personal data of clients are retained for a period of at least fifteen (15) years to enable the Company to fulfil its obligation to submit accurate information to the tax or other administrative authorities.
7.1.1. The Company shall keep all client, vendor and employee details, as well as any electronic correspondence with the data subjects in electronic form in files stored on an external server installed at its registered office. Each PC has a unique password which is changed from time to time and which is known and managed by Controller and/or any authorised employee working under his/her direct supervision. Any processing by unauthorised users is prohibited. However, in cases where it is absolutely necessary and with the personal responsibility of the Controller or his/her authorised employees, data may be stored on USBs kept under lock and key, as well as on electronic reading devices (PCs and notebooks, tablets and smartphones) owned and used by the Company.
The Company shall update and monitor its security technology on an ongoing basis. The Company shall restrict access to your personal data to employees who need to know such information. In addition, the Company shall provide training to its employees on the importance of confidentiality and non-disclosure as well as on the security of personal data. Among other means, the Company applies technical and administrative measures and procedures to protect such data from any loss, alteration, unauthorised processing or modification, including but not limited to encryption, detection and management of security breaches, use of information systems and software installed on PCs in such a way that minimis es the use of personal data and/or user identification data, adoption of individual procedures for the retention and safe deletion/destruction of personal data.
Copies of all data kept in electronic form are also kept in back-up files stored on an external hard disk kept in the Director's office that can be locked, and the only person who has the key is the Legal Representative of the Company. All electronic devices where personal data is stored must not be exposed in places accessible to the public or where their display screen can be viewed by any person other than the authorised users of such devices.
8.1. Should any data subject request information on any data retained by the Company about them that is subject to processing, the Company shall provide the data subject, in writing or by other means, including by electronic means, any information requested, in a concise, transparent, intelligible and easily accessible form, using clear and plain language.
This information, which is provided free of charge, is given without delay and, in any case, within one month from receipt of such request, a time limit that may be extended by one more month by written notification of the data subject.
This 1st version of the Code is subject to revisions.
Maroussi, 24/05/2018
On behalf of T&T EXECUTIVE SA
The Controller