Privacy Policy

Privacy Policy

The company operating under the name "PKF EUROAUDITING S.A.", has its registered office in Athens at 124, Kifissias Avenue, with General Commercial Register (GEMI) no. 001893601000 as is legally represented (hereinafter, the "Company"), with this Privacy Policy, declares that it respects your privacy, and its primary concern is the effective protection and security of your personal data.

In this context, the Company undertakes the obligation to maintain and process personal data in compliance with the provisions of the applicable national and EU legislation, to safeguard the security and confidentiality of personal data and to fulfil the security requirements, in order to prevent data loss, unlawful use, as well as unauthorised access to them.

 

1. Definition of personal data

'Personal data' means any information relating to an identified or identifiable natural person (data subject) - an identifiable person is one who can be identified, directly or indirectly, by reference to an identification number or to one or more factors characterising his or her physical, physiological, mental, economic, cultural or social identity. 'Personal data' do not include anonymous personal data from which the individual cannot be identified.

 

2. Purposes of processing personal data and legal bases for processing them

The personal data you provide to us will be processed for the following purposes:

(a) for the purpose of providing services to customers.

(b) for the purpose of receiving services from affiliates and associates.

(c) for the purpose of promoting and advertising services to existing and potential customers.

(d) for the purpose of selecting and recruiting employees for the Company.

(e) for the purpose of executing the payroll of employees and associates of the Company, as well as the execution of the payroll of the staff of other companies and customers.

The Company will collect, maintain and process only the minimum and necessary personal data that are needed to achieve the processing purpose. The processing of personal data will be non-automated by keeping a physical record.

The legal bases for processing your personal data are, on a case-by-case basis and depending on the purpose of processing, the following:

  • Article 6 para. 1 (a) GDPR - The consent of the data subject.
  • Article 6 para. 1 (b) GDPR – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Article 6 para. 1 (c) GDPR – Legal obligation of the data controller (e.g. payroll, insurance, etc.).
  • Article 6 para. 1 (f) GDPR - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.
  • Άρθρο 9 Article 9 para. 2 (a) GDPR – Explicit consent of the data subject.
  • Article 9 para. 2 (b) GDPR – Processing is necessary for the performance of the obligations and exercise of specific rights of the controller or data subject in the field of employment, social security and social protection law.

Any processing of personal data of minors under the age of 15 is carried out to the extent of the prior consent of their legal representatives.

 

3. Personal data we collect

Pursuant to the processing purposes as described in section 2, we may collect and process the following personal data:

(a) for the purpose of providing services to customers, we collect the following data: full name, father's name, mother's name, address, e-mail address, landline telephone, mobile phone, VAT number, Tax Office, ID (as well as copies of the documents required for your identification), bank account or any other useful information.

(b) for the purpose of receiving services from affiliates and associates: name, registered office, address, landline, mobile phone, Tax Identification Number (TIN), Tax Office, bank account or any other useful information.

(c) for the purpose of promoting and advertising products and services to existing and potential customers: name, address, contact telephone, e-mail address.

(d) for the purpose of selecting and recruiting employees for the Company: full name, father's name, mother's name, identity card number, address, landline and mobile telephone number, e-mail address, marital status, studies, educational level, professional training and specialization, work experience, personal interview details, curriculum vitae and any letters of recommendation.

(e) for the purpose of executing the payroll of the Company's employees and associates: full name, father's name, mother's name, identity card number, address, landline and mobile phone number, e-mail address, AMKA and social security details, VAT number, tax office, date of recruitment, salary, fees and allowances, bank account details.

(f) for the purpose of accessing the website: IP address, navigation data within the website, product and service preference information, user-generated content, device details (tablet, smartphone, PC).

Whenever we collect personal data, we will keep them with transparency and accuracy. For this purpose, we ask you to inform us of any change in your personal data, so that they always correspond to reality.

 

4. Recipients of personal data

Personal data may be processed by natural persons and/or legal entities established within and/or outside the European Union, acting in the name and on behalf of the Company on the basis of specific obligations.

By fulfilling our contractual, legal and regulatory obligations, your personal data may be transferred to:

  • Supervisory authorities, administrative, judicial, police or other public authorities to whom we are either required to provide information or are authorized by law to request it.
  • Affiliates, associates and external partners of the Company (processors).
  • Third parties that you have authorized.
  • Authorised external legal advisors, bailiffs and notaries, financial or other professional advisors.
  • Companies - members of the PKF network, which always comply with the general confidentiality and personal data protection policies in accordance with the provisions in section 5.

 

5. Transfer of personal data outside the European Union

As part of our contractual obligations, the Company may transfer and disclose personal data to countries outside the European Union, including their storage in databases managed by entities acting on behalf of the Company. Prior to transfer, the Company undertakes the obligation to ensure that appropriate data protection safety measures are in place, such as a transfer based on an adequacy decision by the European Commission, the conclusion of standard contractual clauses approved by the European Commission, adherence to a code of conduct or a certification mechanism approved by the European Commission.

 

6. The Data Controller and e-mail address

The Data Controller is the Company. For issues related to the protection of personal data, you can contact us at privacy@pkf.gr email  or at the following postal address: 124 Kifissias Avenue, Athens.

 

7. Retention period of Personal Data

The Personal Data collected for the processing purposes mentioned in section 1 will be kept by the Company for the period deemed strictly necessary for the fulfilment of these purposes, including for the satisfaction of any legal, accounting or informational requirements and obligations, as well as for the possible fulfilment of duties performed in the public interest.

Regarding personal data processed for the provision of the contractual service, the Company may continue to store such data for a longer period of time, as may be necessary to protect and safeguard the Company's legitimate interests concerning liability related to the provision of the service.

In any case, the maximum retention period of the above personal data is 20 years for limitation of civil claims under Article 937 of the Greek Civil Code.

In case of unsuccessful submission of a job application, your personal data are stored until the completion of the recruitment process and for up to 6 months in case another job opportunity arises, unless you specify a shorter retention period or state that you do not wish to keep them, which can be done at any time,  by sending an e-mail to privacy@pkf.gr, in accordance with the provisions of the chapter "The rights of the Personal Data Subject".

If your data are processed on the basis of consent, you can withdraw it at any time by sending an email to privacy@pkf.gr.

We may anonymize your personal data so that they can no longer be associated with you and cannot be identified, for statistical and research purposes. In this case, we may use this information for an indefinite period without any further notice to you.

 

8. The rights of the Personal Data Subject

You may exercise the following rights in accordance with and within the limits set by the specific provisions of Regulation (EU) 2016/679:

(a) The right to access your Personal Data, namely your right to be informed by the Company whether your data are being processed and to have access to them (Article 15 GDPR).

(b) The right to rectification and erasure (the right to be forgotten), namely the right to correct any inaccurate information and the right to delete your data in case there is a legitimate interest in such deletion (Articles 16-17 GDPR), with the express reservation of any overriding interest of the Company or a legal obligation to retain personal data.

(c) The right to restriction of processing, namely your right to request the suspension of processing when you have a legitimate interest (Article 18 GDPR).

(d) The right to portability, namely your right to receive your data in a structured, commonly used and machine-readable format, as well as your right to request that such data be transmitted to other controllers (Article 20 GDPR).

(e) The right to object, namely your right to object to the processing of your data when there is a legitimate interest in accordance with the terms and provisions of Article 21 of the GDPR, including your right to object to any automated processing of your data and their processing for any marketing purposes.

(f) The right to withdraw your consent within the limits and provisions of the applicable Greek and EU legislation.

(g) The right to lodge a complaint with the competent supervisory authority in case of unlawful processing of your data.

You can exercise these rights by sending a request to privacy@pkf.gr. For your convenience you can use the forms for exercising your rights that are available in the following link ___________.

You will not have to pay any fees to access your personal data or to exercise your rights. However, we may charge you a reasonable fee if your request is manifestly unfounded or excessive, in particular due to its repetitive nature. Also, in such a case we may refuse to respond to your request.

The Company will make every effort to respond to your requests within one (1) month of their submission. In any case, if due to the complexity or volume of your requests a longer time is required, we will inform you within the month if we need to receive an extension of another (2) two months.

 

9. Protection of Personal Data

To protect the personal data you provide to us, we have taken appropriate technical and organizational measures. In this context, we regularly check our security systems and limit access to your personal data only to authorized persons who need the access to these data and who are expressly committed to keeping this data strictly confidential. 

 

10. Data Processors

The Company uses Processors who provide adequate assurances for the protection of personal data and the subjects of such data. They are bound to protect your personal data through a contract or other legal act that defines the object and duration of processing, the nature and purpose of processing, as well as the rights and obligations of the Processor. 

 

11. Policy Modification

This Privacy Policy may be amended from time to time. We reserve the right to alter or modify this Privacy Policy at any time. Please check our Company's Privacy Policy regularly before providing any new personal data.

 

12. Right to complain

If you assume that the protection of your personal data has been violated in any way, you have the right to lodge a complaint with the Hellenic Data Protection Authority using the following contact details:

Personal Data Protection Authority

Postal address: 1-3, Kifisias Avenue, P.C. 11523, Athens

Email address: contact@dpa.gr

Telephone: (+30) 210 6475600

Website: www.dpa.gr

 

13. Contact

If you have any questions or concerns about our use of your personal data, please contact us at privacy@pkf.gr and we will make every effort to answer your questions.

 

Last modification: 20 November 2024

PKF
PKF Hellas

Our Profile

Our vision

Why PKF Hellas

Our Values

PKF international

Transparency Reports

Financial Reports

Company Files

certificates

Our services

Audit & Assurance Services

Tax Consultancy Services

Advisory

Business Solutions

PKF Transfer Pricing Services

Legal Services

Disclaimers / Policies

Terms of use

Privacy Policy

Whistleblowing

Informational notice for candidate employees

Cookies Policy

Partners pages

Intranet

Follow us
© PKF International 2024. All Rights Reserved.

PKF EUROAUDITING SA (PKF HELLAS) is a member of PKF Global, the network of member firms of PKF International Limited, each of which is a separate and independent legal entity and does not accept any responsibility or liability for the actions or inactions of any individual member or correspondent firm(s).

PKF HELLAS CONSULTING SINGLE MEMBER P.C. (PKF HELLAS) is a member of PKF Global, the network of member firms of PKF International Limited, each of which is a separate and independent legal entity and does not accept any responsibility or liability for the actions or inactions of any individual member or correspondent firm(s).

Developed by Powersite.

Cookies Policy

This site uses cookies and other tracking technologies to assist with navigation. Click settings to choose the Cookies you want to enable.MORE

Settings
Deny all
Accept all