138th km of Athens - Lamia highway 352 00, Kyparissi, Atalanti, Atalante

Lubricants and Mineral Oil Industry, Speed Motor Oil

22330 89750 speedoil@otenet.gr

22330 89750 speedoil@otenet.gr

Search
Menu

Privacy Policy

Home » Privacy Policy

PRIVACY POLICY

This describes our policy regarding the personal data we collect from visitors to our pages (hereafter “users”).

The Data Controller is the Company BADAS ALEXANDROS SA, with its registered office in Kyparissi Atalanti, 138ο km Athens – Lamia, postal code 35200, with VAT number 093469930, D.O.Y. Lamia, and e-mail info@speedmotoroil.gr

In the daily activities of our business and our website, we process data concerning natural persons, including:

  • Customers
  • Visitors to our website
  • Other stakeholders (employees, suppliers).

Our company complies with the General Data Protection Regulation (2016/679 EU GDPR) and any other European and national legislation regarding the protection of personal data, electronic communications, etc. and is committed to ensuring the protection of your Data at all times:

  • The data are collected for specific, explicit and legitimate purposes and are not further processed in a way incompatible with those purposes.
  • We collect the personal data necessary for each processing purpose and process them lawfully, fairly and in a transparent manner in relation to the data subjects.
  • We ensure that they are as accurate and up to date as possible and keep them only for the time necessary for the purposes for which they are processed.
  • In any case, the criterion we use to determine the storage period is based on and takes due account of the need to comply with any relevant legal requirement as well as the data minimisation principle.
  • We process the Data electronically and manually and take all appropriate measures to protect personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Collection, purpose, legal basis of processing and time of retention of your data

  1. Data we collect automatically through our website

The https://speedmotoroil.gr/ website uses the SSL (Secure Sockets Layer) protocol which uses methods of encryption of data exchanged between two devices (most commonly Computers), establishing a secure connection between them via the internet, which results in the protection of your personal data.

When you visit our website, our server collects so-called server log files, namely:

  • Date and time of access to the website.
  • The volume of data sent in bytes.
  • The browser and operating system you used to access the website.
  • Internet Protocol (IP) address, when you enter the website. The IP address is personal data along with the date and time of your visit, although we cannot track you by this data alone.

The legal basis for which we collect your IP address and keep it in special files (logs) is our legitimate interest in processing this data in order to ensure the security of networks, information and services against accidental events or illegal or malicious actions that compromise the availability, authenticity, integrity and confidentiality of the stored or transmitted data (e.g. ddos “denial of service” attack control), as well as our legal obligation to provide a service to you, and to provide you with a secure and reliable service. However, we reserve the right to check server logs (server logs) if specific indications of unauthorized use are detected.

  1. Customer Data.

When you visit our business, we collect personal data such as your full name, maiden name, e-mail, postal address, gender, age, occupation, address, and any other information related to the provision of our services to you.

The purpose of processing your data is to provide you with the requested services and the legal basis of the processing is the performance of the contract between us (Article 6(1b) and 9(2) GDPR), as well as our compliance with legal obligations. The retention period for your data is the period required by law and longer if legal claims arise.

It is clarified that we do not have a publicly accessible list of our subscribers/users’ email addresses. Therefore, any personal data (e.g. access names, etc.) that appear anywhere on the pages and services of the website of the Data Controller are intended solely to ensure the operation of the respective service and may not be used by any third party without complying with the provisions of the legislation on the protection of personal data processing, as applicable at any given time. The Data Controller shall act in accordance with the applicable legislation and shall aim at the best implementation of good practice as far as the Internet is concerned. Your personal data is kept securely for as long as you are registered with a service of the Data Controller and is deleted after your business relationship with the Data Controller has ended in any way.

  1. Data we collect via email and the Contact Form

In the context of communication between us via email and the Contact Form, we collect your name, email address and any other information you provide to us. This data is stored and used solely to respond to your request. The legal basis for processing your personal data is your consent (GDPR, Article 6(1a)). Your data will be deleted after the final processing of our contact. This will happen after the purpose and scope of our communication has been completed, provided that there are no legal requirements for the storage of such data.

  1. Send newsletter

With your consent, we will collect your e-mail address in order to send you newsletters with news about our Company and articles you may find interesting. The legal basis for the processing is your consent (GDPR, Article 6(1a)) and you have the right to withdraw it at any time.

  1. Supplier data

For the performance of the contract between us, we collect the data of our suppliers such as name, address, contact details, shipping details, financial data, which you provide to us. The legal basis for the processing of your data is the performance of the contract and our compliance with legal obligations (GDPR Article 6(1b) and (c)), and we retain them for a period of up to twelve years from the last provision of services, or as long as required by tax and any other relevant legislation.

Who has access to your data. Data transfers.

Your data can be accessed by our employees and any other person authorised to process your data in the course of their duties. In addition, we cooperate with third parties, natural or legal persons, professionals, independent consultants, etc. who provide us with commercial, professional or technical services (e.g. website hosting, accounting services, transport services) for the purposes mentioned above, and support our business, in whole or in part, in connection with our activities. Where applicable, these natural/legal persons will act as Joint or Independent Data Controllers, Processors or persons authorised to process the personal data for the same purposes listed above, with the same security measures and in accordance with the applicable legal obligations.

Before the third party receives the Personal Data, we must: (1) complete a privacy audit to assess the privacy practices and risks associated with these third parties; (2) obtain contractual assurances from these third parties that they will process Personal Data in accordance with our instructions and in accordance with this Policy and applicable law, that they will promptly notify our business of any Privacy or Security incidents, failure to comply with the standards set forth in this Policy, and that they will promptly notify our business of any Privacy or Security incidents, failure to comply with the standards set forth in this Policy.

Finally, the data may be further transmitted to public authorities and institutions, as well as to our legal representatives (legal and insurance companies) for legitimate purposes.

Apart from the above, the Data will not be disclosed to third parties, individuals or legal entities and will not be disseminated.

Our business does not transfer Personal Data outside the EU, and if we need to (for example, in order to use Cloud services) this will be done on the terms and conditions set out in Articles 44 et seq. of the GDPR, such as with your consent, the application of standard contractual clauses approved by the European Commission or to countries deemed safe by the European Commission.

Use of cookies

In order for the website to function properly and to provide you with a better navigation experience, as well as to better provide our services, we use cookies. Cookies are text files containing information that the web server of the Controller stores on your computer when you visit this website. In this way, the website remembers your actions and preferences for a period of time in order to e.g. e.g. personalise online advertisements, traffic analysis or other statistical analysis, and provide the services you have requested. This way you do not have to enter these preferences every time you visit the website or browse its pages. Only the Data Controller and its specifically authorised partners have access to any information concerning cookies.

You can control and/or delete cookies according to your wishes. Details can be found on the website: aboutcookies.org. . If you choose to disable cookies on https://speedmotoroil.gr/ the functionality of some pages may be lost or reduced.

See here which cookies we use:

More information on the use and management of cookies on the website can be found on the websites:

About cookies and their management:

http://www.aboutcookies.org/default.aspx

http://www.whatarecookies.com/

About Google’s policy:

https://www.google.com/about/company/user-consent-policy.html

https://www.google.com/policies/technologies/cookies/

http://www.google.com/intl/el/policies/privacy/partners/

Security and Integrity of Data

The Controller shall implement reasonable technical and organisational security policies and procedures to protect personal data and information from loss, misuse, alteration or destruction.

In addition, we try to ensure that access to your personal data is limited to those who have a need to know it. maintain the confidentiality of that data.

Please be aware that the transmission of information over the internet is not completely secure. Although we make every effort to protect your personal data, we cannot guarantee the security of the data transmitted on our website. After receiving your information, we will implement strict security procedures and operations to try to prevent unauthorized access.

We make every reasonable effort to keep the personal data we collect from you only for the period for which we need the data for the purpose for which it was collected or until we request its deletion (if sooner), unless we continue to keep it in accordance with applicable law.

Links to other websites

Our website may contain links to other websites that are governed by other privacy statements whose content may differ from this Privacy Statement. Please review the privacy policy of each website you visit before submitting any personal data to it. Although we strive to provide links only to websites that share our high standards and respect for privacy, we are not responsible for the content, security or privacy practices of other websites.

Minors’ data

When we need to process data of minors (e.g. data of minor patients), i.e., according to the GDPR, those who have not reached the age of 15ο , the processing is only done with the written and explicitly expressed consent of the persons having parental responsibility of the minor. In any case, we make reasonable efforts to verify that consent is given or approved by the person who actually has parental responsibility for the child, i.e. by checking identity and any other available information.

Rights of Subjects

You can contact us by post or email at the addresses mentioned in paragraph (1) above to exercise your rights under Articles 15 et seq. of the GDPR. You can, for example, request an updated list of the persons who have access to your data, obtain confirmation of whether or not we are processing personal data relating to you, check their content, source, accuracy and location (also in relation to any third country), request a copy, request their rectification and restrict their processing, and even delete them if applicable. Similarly, you can always report comments and file complaints to the Hellenic Data Protection Authority, Avenue Λεωφ. Kifissias 1-3, GR 115 23, Athens, Athens, Phone: + 30-210 6475600 or http://www.dpa.gr/

Changes to this Policy

The Controller shall subject this Policy to frequent review and may amend or revise this Policy periodically at our discretion. When we make any changes, we will record the date of the modification or revision in the Policy. The updated Policy will apply to you and your information as of that date. We encourage you to review this Policy from time to time to consider whether there are any changes to the way we handle your personal data. This Statement was last updated in November 2023.

Contact us

If you have any questions, comments or complaints about our handling or protection of your personal data, or if you wish to amend your personal data or exercise any of your rights as a data subject, please contact us at info@speedmotoroil.gr.

Statement by the Data Controller On the Protection of Personal Data”

Increasing economic and scientific cooperation and mutual provision for data processing services have resulted in the exchange of personal data, a trend that is reinforced by the ever-increasing use of modern telecommunication media.

For these reasons, it is necessary to process the data with care.

The Data Controller declares that compliance with the principles governing the protection of data for the processing of such data is its purpose as it is committed to respecting the individual rights and privacy of individuals. The Data Controller handles personal data with special care and always in accordance with EU Regulation 2016/679 ,the applicable National Law and applicable legislation.

For the purposes of this Directive, the following definitions shall apply:

Data Subject: any natural person whose personal data are processed by or on behalf of the Company

Personal Data: any information relating to an identified or identifiable natural person which relates to his or her physical, physiological, psychological, emotional or economic condition, cultural or social identity.

Processing: processing of personal data (“processing”) means any operation or set of operations which is performed on personal data, such as, but not limited to, collection, recording, storage, alteration, analysis, use, association, blocking, erasure or destruction

1. Data Controller and DPO

The Data Controller is the Company BADAS ALEXANDROS SA, with its registered office in Kyparissi Atalanti, 138ο km Athens – Lamia, P.O.Box 35200, with VAT number 093469930, D.O.Y. Lamia, and e-mail info@speedmotoroil.gr (“Data Controller”).

2. The Data we process

With your consent, we process the following ordinary and sensitive personal data that you provide when you interact with https://speedmotoroil.gr/ and use the services and features it provides. This data includes in particular your first and last name, contact details, address and the content of your specific requests, updates or reports as well as additional data that the Data Controller may obtain, including from third parties, in the course of conducting its business (“Data”).

In order for us to fulfil the requests you submit via the contact form and/or to provide updates on adverse reactions, it is necessary for you to consent to the processing of data marked with an asterisk (*).

Without this mandatory data or your consent we cannot proceed any further. Conversely, the information requested in fields not marked with an asterisk and your consent to receive informative material is optional and failure to provide it has no consequence.

In any case, even without your prior consent, the Data Controller may process your data in order to comply with legal obligations under laws, regulations and EU law, to exercise rights in legal proceedings, to pursue its own legitimate interests and in all cases provided for in Articles 6 and 9 of the GDPR Regulation, as the case may be.

The processing is carried out both by computer and in paper form and always involves the application of the security measures provided for by the legislation in force.

  1. Why and how we process your data

The data are processed for the following purposes:

  • to handle the requests you submit using the ”Form”, to subsequently contact you or to provide you with information through it. The legal basis for processing personal data for this purpose is your consent (Article 6(1)(a) and Article 9(2)(a) of the GDPR) and the performance of the contract to which you are a party as a data subject;
  • to manage reports of adverse events submitted through the Website or Forms. The legal basis for processing for these purposes is your consent (Article 6(1)(a) and Article 9(2)(a) of the GDPR), as well as the pursuit of any public interest (Article 9(2)(i) of the GDPR) and legal obligations;

in addition, but only with your voluntary consent which is the legal basis for the processing in accordance with Article 6(1)(a) of the GDPR:

  • to receive promotional material (direct marketing) from us.

By checking the appropriate boxes you agree to the processing of your data for these purposes.

Your data may in any case be processed, even without your consent, in order to comply with laws, regulations, EU law (Article 6(1)(c) of the GDPR Regulation, to obtain statistics on the use of the Website and its proper functioning (Article 6(1)(f) of the Regulation).

Personal data is entered into the Controller’s IT system in full compliance with data protection legislation, including security and confidentiality profiles, and based on principles of good practice, lawfulness and transparency in processing.

Data is stored for as long as it is strictly necessary to achieve the purposes for which it was collected. . In any case, the criterion used to determine this period shall be based on compliance with the time limits laid down by law and the principles of data minimisation, storage limitation and rational management of records.

All your data will be processed in paper or automated means, ensuring in each case the appropriate level of security and confidentiality.

  1. Principles applied during processing

We are allowed to process your personal data in order to provide personalised services, based on the law (Article 6(1b) of Regulation (EU) 2016/679) and the relevant National Implementing Law. Your personal data will not be used for any other purposes other than those described in the Statement, unless we obtain your prior permission, or unless required or permitted by law.

Personal data are processed in a manner compatible with the purpose for which they were collected.

The principle of proportionality applies to the processing of personal data. Among other things, it creates an obligation not to collect personal data unnecessarily.

The personal data used should be accurate and up to date.

Personal data used which is no longer accurate and complete should be corrected or deleted.

With the exception of cases where there is a legal obligation to retain them for a longer period of time, personal data shall not be kept for longer than is necessary for the purposes for which they were collected or processed.

The processing of personal data is carried out in accordance with the principles of good faith. This means that data subjects can rely on data processors to show due care in all aspects of data processing.

Data subjects whose personal data have been processed will be informed accordingly, if they so request. In particular, they have the right to be informed of the purposes for which their data are processed, the type of data concerned and the identity of the recipients of the data. Where necessary, data subjects also have the right to request the rectification, non-transmission or erasure of their data.

The above rights may be limited only if such limitation is provided for by law. This applies, in particular, when carrying out scientific research.

In particular, personal data are protected against unauthorized disclosure and any unlawful processing. The measures put in place ensure a level of security appropriate to the nature of the data to be protected and the risks that may result from their processing.

The controller is responsible for compliance and implementation of Regulation 2016/679 and the National Implementing Law.

Our employees who deal with the processing of personal data are accordingly informed and trained. The procedures for third party processing of personal data by agreement will be set out in writing, having ensured that the third party processes personal data in a secure manner and is in compliance with the principles set out in this Statement and the GDPR EU. If the third party is found to be unable to ensure a satisfactory level of security of personal data, we will terminate the partnership.

  1. People who have access to the data

The Data shall be processed by electronic and manual means in accordance with the procedures and practices related to the aforementioned purposes and shall be accessible to the Controller’s staff authorised to process Personal Data and supervisors and in particular to employees belonging to the following categories: technical staff, Information Security and Network Security staff and administrative staff as well as other staff members who have to process the data;

The Data may also be disclosed to countries outside the European Union (“Third Countries”): i) to institutions, authorities, public bodies for institutional purposes; ii) to professionals, independent consultants – whether working individually or collectively – and other third parties and providers who provide the Data Controller with commercial, professional or technical services required for the operation of the Website (e.g. provision of IT and Cloud Computing services) for the purposes mentioned above and in support of the Website. iii) to third parties in the event of mergers, acquisitions, transfers of undertakings or their branches, audits or other extraordinary operations.

The mentioned recipients receive only the data necessary for their respective functions and duly undertake to process them only for the purposes mentioned above and in accordance with data protection laws. The Data may also be disclosed to the other lawful recipients identified from time to time by applicable laws.

With the exception of the above, the Data will not be disclosed to third parties, natural or legal persons, who do not perform tasks of a commercial, professional or technical nature for the Controller and will not be disseminated. The persons receiving the Data will process it, as the case may be, as Data Controllers, Processors or persons authorised to process the personal data for the purposes indicated above and in accordance with the applicable data protection legislation.

With regard to the transfer of data outside the EU, even to countries whose laws do not guarantee the same level of protection of personal data privacy as that provided by EU law, the Controller informs that the transfer will in any case be carried out in accordance with the methods allowed by the GDPR, such as on the basis of the user’s consent, on the basis of standard contractual clauses approved by the European Commission, by selecting parties participating in international programmes for the protection of personal data, by selecting parties participating in international programmes for the protection of the privacy of personal data.

  1. Your rights

If you so wish, you may request at any time to exercise the rights under Articles 15-22 of the GDPR Regulation, to be informed about your personal data held by us, the recipients, the purpose of their retention and processing and their modification, correction or deletion, by sending an email to the addresses shown above, from the contact email address you have provided, by filling in the application form that may be provided to you, by filling in the corresponding application form. You also have the right to review the personal data we hold and, in general, to exercise any right provided for by the legislation on the protection of personal data.

The personal data that you disclose to the Data Controller through the Website, either during your registration or at a later stage, are collected and used and processed in accordance with the applicable provisions on the protection of personal data of the new European General Data Protection Regulation (EU) 2016/679.

You retain the following rights in detail:

  • Right to be informed about your personal data: Upon your request, we will provide you with information about the personal data we hold about you.
  • Right to correct and complete your personal data: If you notify us, we will correct any inaccurate personal data concerning you. We will complete incomplete data if you notify us, provided that such data is necessary for the purposes of processing your data.
  • Right to have your personal data deleted: Upon your request, we will delete the personal data we hold about you. However, some data will only be deleted after a specified retention period, for example because in some cases we are legally obliged to retain the data, or because the data is required to fulfil our contractual obligations to you.
  • Right to block your personal data: In certain cases provided by law, we will block your data if you ask us to do so. Further processing of blocked data is only carried out to a very limited extent.
  • Right to withdraw your consent: You may at any time withdraw your consent to the processing of your personal data in the future. The lawfulness of the processing of your data remains unaffected by this action, up to the point of withdrawal of your consent.
  • • Your right to object to the processing of your data: You may at any time object to the processing of your personal data in the future if we process your data on the basis of one of the legal grounds provided for in Article 6 (1e or 1f) of Regulation (EU) 2016/679. If you object, we will stop processing your data, provided that there are no legitimate grounds for further processing. The processing of your data for advertising purposes does not constitute a legitimate ground.
  1. Security of Personal Data

The Data Controller applies specific technical and organisational security procedures in order to protect personal data and information from loss, misuse, alteration or destruction. Our partners who support us in the operation of this website also comply with these provisions.

The Data Controller shall make every reasonable effort to keep the personal data collected only for the period of time for which the data is needed for the purpose for which it was collected or until the deletion of the data is requested (if earlier), unless he/she continues to keep the data as provided for in the applicable legislation.

  1. Revisions to the Declaration

We reserve the right to modify or revise this Statement from time to time, in its sole discretion. If changes are made, the Controller will record the date of the modification or revision on this Statement and the updated Statement will apply to you as of that date. We encourage you to review this Statement from time to time to consider whether there are any changes to the way we handle your personal data.

This is a Declaration of Compliance with the provisions of EU Regulation 2016/679 and the National Implementing Law.

November 2023

Start typing to see products you are looking for.