Privacy Policy

Personal Data Protection Policy for Website

This applies to the website b2b.enarxis.eu (hereinafter referred to as the “Website”) of the company ENARXIS DYNAMIC MEDIA LTD, based in Neos Kosmos, Attica - 68 Ilias Iliou, 117 44, in Greece (Tax ID: 099455333 / Tax Office: KEFODE-Attikis / Registration No.: 003412201000), telephone +30 210 9011900, email contact info@enarxis.eu (hereinafter referred to as "Enarxis Dynamic Media" or the "Company").
Before using our Website, please read this Personal Data Protection Policy (hereinafter referred to as the “Policy”) carefully.

1.       Introduction
   The Company is committed to collecting and processing your personal data in accordance with the provisions of Regulation (EU) 2016/679 (hereinafter referred to as the “GDPR”). The Company, as the Data Controller, informs you of how information concerning you is collected and processed, governed by the following terms and the relevant provisions of the GDPR and the applicable Greek and European legislation on personal data protection.
   Personal Data refers to any information related to an identifiable or identified individual (hereinafter referred to as “Personal Data”).
   Protecting your Personal Data is very important to the Company, which takes measures in this regard.
   This Policy outlines the type of information that our Company may collect from you and informs you of how we use this information. When you voluntarily provide personal information, such as your name, address, or email address, we use this information with absolute confidentiality. Subject to specific provisions of this Policy, no personal information is subject to rental, sale, public posting, or sharing with other companies, organizations, or websites.
   This Policy applies to the collection and use of your personal information by the Company (e.g., information identifying a specific individual such as a full name or email address).
2.       What Information We Collect from You
   During the course of our business activities and Company operations, we may collect the following Personal Data from you, when you provide it to us:
3.       How We Collect Your Personal Data
   We collect your Personal Data directly from you in the following ways:

• Your personal details & contact information or details of individuals you have designated and obtained their explicit consent for (full name, father's name, mother's name, contact numbers, address, email, occupation/profession).
• Electronic identification data (where required during the provision of Company services to you).
• Financial information (bank account numbers, credit card information, payment methods, Tax ID, Tax Office).
• Health data (in case specific conditions require it for the shipping of products).
• When you visit the Company's Website, we may collect personal data from you. This data may include browsing history, IP address, screen resolution, browser type, operating system, access times, and referral URLs. If you use a mobile device, we may also collect data that identifies the device, settings, and your location.
• The Company reserves the right to collect non-personally identifiable information about users [such as browser type, type of computer, operating system, internet service providers, etc.] and/or monitor Internet Protocol addresses (IP Address) using appropriate technologies (cookies). Cookies are small text files stored on each user’s hard drive without access to documents or files on the user’s computer. They are used to facilitate user access when using specific services and/or pages of the Website and for statistical purposes. For more information on the cookies used by the Website, users are encouraged to visit the Cookies Policy page.

Directly from you:

• Through forms.
• Via email.
• Through phone calls.
• Via fax.
• Through all types of Sales Contracts/Service Agreements/Products/Work that you sign with our Company.
• In the context of expressing your interest in entering into sales contracts and in receiving offers/services/products from our Company.
• Through our authorized employees/associates.
• If you wish for us to contact you via the contact form found on the Website.
• By submitting details to register on the online members’ platform (registered customers).
• If you choose to subscribe to the Company’s newsletter.

By submitting your Personal Data to the Company, you consent to the use of this data in accordance with this Policy. Your Personal Data will not be used for other purposes unless we receive your permission or unless required by law or professional standards.

4.       Use and Disclosure of Personal Data

We use your Personal Data to respond to your requests with the aim of providing services and delivering products, continually keeping you informed, and facilitating communication between us on matters of interest to you, such as offers, product catalogs, etc.
We do not disclose your Personal Data to third parties that are not affiliated with us unless necessary for our legitimate business needs, to fulfill your requests, and/or if required or permitted by law or professional standards and/or with your explicit consent.

Additionally, your data, as appropriate for fulfilling our contractual obligations, improving service, and meeting your requests, may be transferred to Company-affiliated providers, such as consulting and audit service firms, affiliated storage and document management companies, IT service providers, printing, organization, and delivery service providers, transportation and courier/postal companies, and shipping companies. The Company only transfers your Personal Data to third parties that comply with our strict data processing and security standards, act solely on our instructions, have specific authorization for this purpose, and are fully bound by confidentiality and legal obligations regarding the collection and processing of the above data.

Furthermore, as required by law, the Company may disclose your data to public authorities of all kinds (e.g., public services, insurance funds, tax authorities) and to judicial, public, and independent authorities, such as the "General Secretariat for Consumer Affairs" of the Ministry of Development and Competitiveness, the Independent Authority "Consumer Ombudsman," relevant Ministries, Regional Authorities, Tax Offices, Financial Crime Units, police stations, prosecutorial authorities, approved dispute resolution entities as part of the Alternative Dispute Resolution (ADR) process, and independent audit firms upon lawful request, provided it is absolutely necessary to defend legal rights or fulfill the Company’s obligations.

In the case of our reorganization or sale to another organization, the Company may also disclose Personal Data regarding the sale, assignment, or other transfer of the business.
Moreover, the Company may disclose Personal Data when necessary during audits related to Personal Data protection and security, and/or in the event of an investigation or response to a complaint or security threat.

5.       Transfers of Personal Data to Countries Outside the EU and EEA
   We may transfer the Personal Data we collect from you to countries outside the country where the Personal Data was initially collected. These countries may not have the same Personal Data protection laws as the country in which the Personal Data was initially collected. When we transfer your Personal Data to these other countries, we take appropriate measures to protect the Personal Data in accordance with this Policy and all applicable Personal Data protection laws.
6.       Legal Basis and Purpose of Use and Processing of Your Personal Data
   The Company only collects Personal Data that is necessary to meet your requests within the scope of its commercial activities and overall operations. Where additional, optional information is sought, you will be informed at the time of data collection. In accordance with Greek and EU law (including the GDPR), we process Personal Data only if we have a lawful basis to do so. Therefore, when processing your Personal Data, we rely on one of the following legal bases:

• To perform a contract: When the processing of your Personal Data is necessary to fulfill and comply with our contractual obligations.
• When we have a legitimate interest: We may process data about you when we have a legitimate interest in conducting lawful activities to ensure the continuity of such activities, provided it does not affect your interests. Such a case may include informing you about the Company's products for which you requested information as well as new products.
• When there is a legal obligation: We are required to process your Personal Data to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or authority or complying with other insurance, accounting, or tax provisions.
• When we have your consent: Occasionally, we may request your specific permission to process certain Personal Data, and such processing will only occur if you agree. You can withdraw your consent at any time by contacting the Company at info@enarxis.eu.

The Company collects "sensitive" personal data only when data subjects voluntarily offer this data and have provided explicit consent for its processing, or when the collection of such data is required by labor or social security laws. The concept of "sensitive" data includes Personal Data concerning a person’s race, nationality, political beliefs, union membership, religious or similar beliefs, physical or mental health, or sexual life.

7.       Network and Information Security The Company implements all reasonable and appropriate technical and organizational security measures to protect your Personal Data against unauthorized access, misuse, loss, or destruction. Such measures include, where necessary, the use of firewalls, secure server installations, encryption, the application of appropriate access control systems and procedures, access control policies, careful selection of processors, and compliance checks with the GDPR and other reasonable organizational and technical measures for the adequate protection of your Personal Data, which are updated considering technological advancements and the costs of their implementation.

All employees are bound by confidentiality and privacy clauses, and your Personal Data is processed only by specially authorized Company personnel.

8.       Storage – Protection of Personal Data The Company has taken appropriate technical and organizational measures to safeguard the security and protection of Personal Data, aiming at the secure storage of Personal Data and the prevention of accidental loss or destruction and unauthorized or unlawful access, use, alteration, or disclosure of it. Measures include:

o    Physical security measures such as access control and recording, security policies, secure destruction of files, secure locks, etc.

o    Electronic security measures such as encryption, pseudonymization, user access control of information systems, and installation of security hardware and software, among others.

o    Regular training and updates for authorized users.

o    Regular adequacy checks on security systems.

Our data centers, where your Personal Data is stored, are located in the European Union, where the Company’s data center is based, and the backup location is within the Company, in an area equipped with all necessary security measures. Additionally, data is stored with cloud service providers whose data centers are based in Europe. A secondary encrypted backup copy is created and stored off-site, secured with all necessary safety measures. If you need further information on protection measures, you may contact info@enarxis.eu.

9.      Personal Data Retention Period Personal Data is retained for the period necessary to fulfill and complete the processing purposes outlined above, including the satisfaction of legal, accounting, or informational requirements, and to meet your needs, both in physical and electronic form. It is clarified that we will retain and process your Personal Data for as long as our contractual relationship lasts. If the relationship is terminated or expires in any way, we will retain your data for as long as necessary until the relevant claims are time-barred and, in any case, as long as required by tax law, the applicable legal and regulatory framework, and approved codes of conduct.

We also retain your Personal Data when you contact us with a query for the duration necessary to process your query. When you have provided your consent for direct marketing communications, we will retain your Personal Data until you unsubscribe or request its deletion or after a period of inactivity determined by local regulations and guidelines.

Please note that if we are involved in legal proceedings beyond the processing times mentioned above, we will retain your data until the judicial case is resolved by a final judgment. After the retention period, Personal Data is destroyed from the Company’s physical records and information systems or anonymized so that you are no longer identifiable from it.

10.   Your Rights Regarding Personal Data Processing

Under the GDPR (Articles 12-22), you have the following rights:

• To request a copy of your Personal Data.
• To withdraw your consent when it is the legal basis for processing your Personal Data.
• To request the correction of your Personal Data if it is inaccurate.
• To request the deletion of the Personal Data you have provided, under the conditions of the law.
• To request the restriction of processing, under the conditions of the law.
• To request the portability of your Personal Data, provided by you, based on consent or contract performance, and if processing is automated.
• To object to certain forms of processing of your Personal Data by us.

To exercise the above rights, you may contact us via email at info@enarxis.eu or by mail or in person at the Company’s address: Neos Kosmos, Athens - 68 Ilias Iliou St, 117 44, Athens. Upon exercising one or more of the rights mentioned above, we will take all possible measures to satisfy the request within a reasonable timeframe, no later than one (1) month from the request submission and identification. This period may be extended by up to two (2) more months if the request is complex or there is a large number of requests.

The Company may retain the minimum necessary Personal Data to safeguard its legitimate interests. Finally, each customer/user has the right to submit a query to the Company about how their Personal Data is processed and protected, and if they believe any of their rights are violated, they have the right to file a complaint with the Data Protection Authority (https://www.dpa.gr/, Kifisias 1-3, T.K. 115 23, Athens, Tel: 210 6475600).

11.  Children’s Policy

Our Company is committed to protecting the privacy of children. Please note that the content and services of this Website are not intended for children under 16 years of age. Personal Data should not be submitted to the Company either through the Website or in any other way by individuals under 16 years old. If we become aware that a person under 16 has submitted Personal Data to the Company without the explicit consent of a parent or guardian, we will delete that data immediately, following notification or a request, in accordance with our Company’s data deletion policy.

12.  CalOPPA Do-Not-Track Notice

The Company does not track users across third-party websites, and therefore does not respond to DoNotTrack (DNT) signals. The Company also does not permit third parties to collect personal data directly from our users on our Website, such as through third-party advertisements.

13.  Changes to the Privacy Policy

The Company may modify this Policy. Please check the Effective Date at the beginning of the Policy to see when it was last revised. Any revision will take effect as soon as we post the updated Policy.

If we make significant changes to this Policy that expand our rights to use the Personal Data we have already collected from you, we will notify you and provide you with the option to choose the future use of that data.