click2call
Gr EN

Privacy Policy

GDPR compliance

1. Introduction

"iRepair SA" (hereinafter "Company") is committed to ensuring the privacy and security of your personal data and to comply with the applicable national and European legal and regulatory framework for the protection of personal data.

In this context and in particular, in accordance with the principle of transparency, as provided by the General Data Protection Regulation (hereinafter "GDPR") and the law 4624/2019, our Company hereby wishes to inform you about the way it processes your personal data, as well as your rights arising from the existing legal and regulatory framework for their protection.

2. Controller

The contact details of our Company, which acts as Data Controller, are as follows:

Name: iRepair SA

English brand name: iRepair S.A.

Head offices address: Gounari 187, 16674, Glyfada, Attica

Contact info: [email protected]

What are the categories of personal data we process and for what purposes

Our Company processes your personal data for the following purposes and, as long as there is at least one of the legal processing bases provided for in the law. Particularly:

Purpose of processing Category of personal data Legal basis
Find an employee to fill a job position via website and/or social media
  • Personal identifiers (e.g. name, date of birth, gender),

 
  • Contact data (e.g. home address, mobile phone, email address),

 
  • Curriculum Vitae data (e.g. information about academic and professional qualifications, letters of recommendation, military service information)

 
  • Profile data (eg username, photo)

  • Necessary for the performance of the contract

  • Legitimate interest pursued by our Company for its efficient organization and orderly operation

Repair of devices after submitting a relevant request via website
  • Personal identifiers (e.g. first and last name),

 
  • Contact data (e.g. address, telephone, email address),

 
  • Unique identifiers (e.g. VAT number),

 
  • Device data (eg serial number, problem history

Necessary for the performance of a contract
Promotional actions Contact data (e.g. email address) The prior receipt of your consent
Customer service via website and/or social media
  • Contact data (e.g. email address, telephone)

  • Contact history

  • Profile data (eg username, photo)

  • Necessary for the performance of the contract

 
  • Legitimate interest pursued by our Company for its efficient organization and orderly operation

We point out that our Company acts jointly with its franchisees to collect your contact data and your communication history in order to serve you better and more efficiently, when you choose to submit questions, comments or your impressions through our website.

In addition, our Company acts jointly with social media providers to collect and use your personal identifiers, your contact data, your biographical data, as well as your profile data, when using the platforms Facebook, Instagram, YouTube, and LinkedIn, to fill a job position in our Company, as well as to communicate with you for the best and most efficient service.

4. What data do we process and under which conditions?

The data is collected directly from you or from individuals to whom you have given relevant authorization.

5. Who do we share your personal data with?

Our Company may disclose your personal identifiers, your contact data and your CV data to its franchisees in the case there is a need to fill a job in one of our network stores.

In any case, our Company does not transmit your personal data or link its files with any third-party private companies, natural or legal persons, public authorities or services or other organizations for monetary or other consideration.

6. Transfers of personal data to third countries

Our Company does not transfer your data to countries outside the European Economic Area ("EEA"). In case a relevant need arises in the future, we undertake to inform you immediately, as well as to take all the necessary measures to ensure the protection of your data.

7. What information do we collect?

The processing of your personal data is carried out in a way that ensures its privacy. Specifically, it is carried out exclusively and only by staff authorized for this purpose, while all appropriate technical and organizational measures are taken for their security and protection against accidental or unlawful destruction, accidental loss, alteration, prohibited dissemination or access and any other form of unlawful processing.

8. How long do we keep your personal data?

  • In order to find staff to fill a job position, in case you are not selected to fill the position, your data will be kept for a period of six (6) months from the notification of the rejection of your relevant job application. Otherwise, your data will be kept for a period of twenty (20) years from the termination of the contractual relationship between us in any way.

  • In order to carry out our promotions, your data will be kept until the relevant withdrawal of your provided consent.

  • For the repair of your devices following your relevant request through our website, your data will be kept for a period of five (5) years from the day following the provision of our relevant service.

  • To serve you in relation to our products and services, your data will be kept for a period of two (2) years from the start of our communication.

After the expiration of the above-mentioned periods, your personal data will be securely destroyed from our physical files and/or deleted from our information systems.

9. What are your rights?

You have the follοwing rights to protect your personal data:

  • Right of access: To know which of your personal data we keep and process, their origin, the purposes of their processing, their recipients, as well as their retention period.

  • Right to rectification: That is, to request the correction or completion of your personal data if it is inaccurate or incomplete.

  • Right to erasure: To request the erasure or removal of your personal data.

  • Right to restriction of processing: To request the restriction of the processing of your personal data.

  • Right to data portability: To request the transfer of your personal data to other controllers.

  • Right to object: To object to the processing of your personal data that we carry out to serve our above-mentioned legitimate interests.

For more information about the exercise of your above rights, you can go to the following link on the APDPX website (https://www.dpa.gr/en/individuals/rights-of-individuals)

10. How can you exercise your rights?

If you wish to exercise any of your rights above, you can submit your request in the following ways:

  • at the address: 187 Gounari, 16674, Glyfada, Attica,

  • at the email address: [email protected]

In any case, our Company will make every effort to respond to your request(s) in the context of exercising your above rights within thirty (30) days from the submission of the relevant request or requests. This deadline may be extended for an additional sixty (60) days if this is deemed necessary at the absolute discretion of our Company, taking into account the complexity of the request and the number of requests. Our Company will in any case inform you in good time about the extension of the above deadline.

In any case, if you consider that your rights are infringed in any way, you have the right to file a complaint with the Greek Data Protection Authority through the following methods: (a) Postal Address: Personal Data Protection Authority, Offices: Kifissias 1-3, T .K. 115 23, Athens, (b) Telephone Center: +30-210 6475600, (3) Fax: +30-210 6475628, (4) Email: [email protected].

However, if you have a complaint or question regarding the processing of your personal data, you should first contact our Company so that we can try to resolve the matter amicably.

11. Changes to this update

Definitions

"Personal data": any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one whose identity can be ascertained, directly or indirectly, in particular by reference to an identification element such as a name, an identification number, to location data, an online identifier or one or more factors that characterize the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

"Processing": any operation or series of operations carried out with or without the use of automated means, on personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, information retrieval, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.

“Controller”: the natural or legal person, public authority, agency or other entity that, alone or jointly with others, determines the purposes and manner of processing personal data; when the purposes and manner of such processing are determined by the European Union law or Member State law, the controller or the specific criteria for his appointment may be provided for by Union or Member State law.

"Recipient": the natural or legal person, public authority, agency or other body to which the personal data is disclosed, whether or not it is a third party. However, public authorities that may receive personal data in the context of a specific research in accordance with the European Union law or a Member State are not considered as recipients; the processing of such data by said public authorities is carried out in accordance with the applicable data protection rules depending on the purposes of the processing.