TERMS OF USE

POLICY FOR PERSONAL DATA USE AND PROTECTION

Terms of use

If you wish to continue to navigate our website, you should agree with the following terms and conditions:

EYDAP S.A. makes every possible effort to ensure that the content of the Company’s website is up to date. The information shared in our website aim to provide its users with general information. Potential changes and additions may occur at any time without any obligation by EYDAP S.A. for particular update or notification.

The logo, content, data and code of the websites are intellectual property of EYDAP S.A. and cannot be copied and used by third parties without its consent. EYDAP S.A. makes every effort to ensure that its website is protected from malicious attacks and viruses as well as to make sure that it constantly functions properly. However, EYDAP S.A. will have no responsibility in the event of technical or other abnormalities as well as in case of potential unavailability of its website.

The navigation and use of our website takes place under the sole responsibility of the user.

Our website, in order to ensure the convenience of its visitors, provides them with useful links which lead to other websites. EYDAP S.A. does not have any responsibility for their content.

For any comments you might have regarding the content of our website, you may contact the Communications and Corporate Affairs Division of EYDAP S.A. If you experience any problems or malfunctions during the use of our website, please contact the IT Division of EYDAP S.A.

SECURE USE OF OUR INTERACTIVE PAGES

  • You should protect your computer by using antivirus as well as antispyware programs and make sure these are frequently updated with their latest editions.
  • You should not be misled by links which you believe they will lead you to the website of EYDAP S.A. You should always type out the address of our website (www.eydap.gr) by yourself and you should not use links, especially if these are sent to you via e-mail or they are published on the websites of other companies, search engines etc.
  • The originality of our website is secured with the Thawte Certification, one of the world's largest, prestigious, Internet-based certificates. We recommend you to check regularly the certificate.
  • When using our website and the website of your Bank for your online transactions, please ensure the authenticity of your Bank’s website as well.


DECLARATION OF CONFIDENTIALITY AND PROTECTION OF PERSONAL DATA

‘EYDAP S.A.’, which is headquartered in Galatsi, Attica, 156 Oropou Str. and to which this website belongs (ww.eydap.gr) is bound to the users who subscribe to it and register their personal data, by respecting their privacy and being vigilant for the proper maintenance and operation of the security systems so as to ensure the safety of your personal data.

When referring to personal data, we mean any information related to a particular individual or person whose identity can be ascertained such as their name, address, e-mail address, ID number etc. EYDAP S.A. will never process your personal data without your consent or if you are not customers of the Company or if you have not given your data to the company.

When referring to personal data or to groups of personal data processing, we mean any activity or group of activities implemented with or without the use of automated systems i.e. processing is the collection, recording, organisation, structure, storage, adaptation or change, recovery, information searching, use, disclosure by transmission, dissemination or any other form of distribution, association or combination, restriction, deletion or destruction.

The aim of this privacy policy and declaration of confidentiality and personal data protection is to inform you regarding the nature of the personal data collected by EYDAP S.A., the way they are used (collection, storage, use, distribution), the protection means and the rights of the users against this process, which in any case is carried out in a reliable and transparent way.

In order to ensure the transparency of the collection, use, storage, transfer of your personal data, EYDAP S.A. encourages the website users and anyone interested, to read the present declaration of confidentiality and personal data protection so as to obtain the following information:

1. Which information do we collect about the user and how do we use them

We collect your data through their registration on the website (Login/Registration) where in order to obtain information regarding water supplies, it is necessary to fill in and sign a formal declaration whereas for information regarding telemetry it is required to fill in the company name, VAT number, representative first name and surname, telephone number, email address and registration number of the water supply meter so as to complete the subscription and to provide information regarding the water bills and the relevant consumption to the user.

NOTE: the precision and accuracy of the data are under the responsibility of the user; however it is also confirmed through the systems of EYDAP S.A. in order to identify with the associated water meters. Subsequently, the identification and access of the user in the websites that contain sensitive personal data is carried out with the use of the User Name and the Password, which is recommended to be changed often. Personal data are not used for any other reasons except for those described in the present Privacy Policy, unless we have prior received your consent or if such is required or allowed by the law.

 
2. What is the legal basis for the data processing?

We collect the personal data you share with us based on one or more of the following legal bases:
 

  • As required to meet the terms of use of our website (please refer to the terms of use of our website)
  • According to your consent, which you can recall any time through the Settings according to your rights which are listed in detail below (please refer to settings where this will be analysed)
  • As required to comply with our legal obligations
  • As required for our own (or third parties) legitimate interests, unless your own interests or fundamental rights or fundamental freedoms, dictating the protection of personal data, override those interests.


Therefore, your personal data are legally processed by EYDAP S.A. both at the phase of their collection and the phase of processing in line with the relevant laws concerning the protection of personal data and in particular in line with the provisions of the new European General Data Protection Regulation (EU) 2016/679. By registering to the services provided by eydap.gr you also consent to the storage and use of your personal data in accordance with the present Statement.

 

 
3. How do we share the information we collect

By no means, EYDAP S.A. will not exploit your information or pass it on to third parties without your consent, except in the cases noted in this Policy.

In particular, in order to provide you with our services, we may share your personal data with certain third companies which act on our behalf (as those who implement the data processing) by providing us with services in order to ensure the provision of optimal services to you. Our company secures your personal data processing by third-party companies-partners through the existence of contractual clauses which restrict the purpose of processing and adhere to the GDPR’s technical and organisational measures for the proper and safe processing of your personal data. Both our company and our partners, who are subject to secrecy and confidentiality clauses, process your personal data in a fair and legitimate manner, for clear and defined purposes.

 
4. How we store and secure the information we collect - Data retention

The period of time during which we keep the information we collect from you depends on the type of information. The information that are considered as necessary for your registration when filling up the statement such as the name, surname and email address, is retained throughout the duration of your registration and for as long as it is required by the nature of the service provided by the Company you have selected yourself, with the explicit reservation of their retention for as long as the relevant legislation is in effect. In every use, we make every possible effort to ensure the security of your information by having already taken all the necessary technical and organisational measures.

If necessary to comply with our legal or regulatory obligations, to resolve disputes or strengthen the terms and conditions of use, we are able to retain some of your data as required even if your account is closed or the need to provide services to you no longer exists.

In any case, your personal data are limited to what is absolutely necessary to achieve those purposes, are accurate and kept for a period of time that is determined by the processing purposes, are protected by adequate security measures and are not distributed to non-EU countries, but only to authorised employees of the Company for the sole purpose of providing each service. They are distributed only to authorised people bound by confidentiality and secrecy and complying with the terms of the present Policy, who act on behalf of EYDAP for the stated purposes only.

 
5. What are your rights and how to access and check your information

In any case, you have the control over your personal data processing. In particular, under the new European Union General Data Protection Regulation (GDPR) 2016/679, the following rights of you are recognized and safeguarded:
 

  • The right to transparent information, announcement and arrangements for the exercise of your rights (Article 12, 13, 14 GDPR), i.e. your right to know how your personal data is being used (as detailed in this Privacy Policy)
  • Right to access (Article 15 GDPR) the personal data we have collected from you
  • Right to amendment (Article 16 of the GDPR) of inaccurate personal information we have about you
  • Right to cancelation ("right to forgiveness") (Article 17 of the GDPR) of the Member-User account and the information we have about you
  • Right to mitigate your personal data processing (Article 18 of the GDPR)
  • Right to be against (Article 21 GDPR) the processing of your personal data
  • The right to withdraw your already given consent (Article 7 of the GDPR), i.e. withdraw your consent for data processing at any time.
The legitimacy of processing your data is not affected by the withdrawal of consent until the time you requested the withdrawal.
  • The right to file a complaint to the competent supervisory authority, Privacy Policy Authority (1-3, Kifissias Avenue, Athens, 115 23, +30 210 6475600, contact@dpa.gr)

    You have every right to exercise your rights by sending an email to the address dpo@eydap.gr or by sending a letter to the address Ilision 9, Athens, 157 71. The Data Protection Officer-DPO named Mrs Aikaterini Vlastari, is the person in charge to answer, solve and clarify any question you might have. Please, accompany your relevant requests with the appropriate evidence of your identification, with EYDAP's explicit reservation to request additional information to identify and confirm your details.

     

 
6. How do we transfer the information we collect internationally

The Company does not distribute your personal data either within the EU or abroad, in non -EU countries. In case that this happens, users will be informed accordingly through the update of this privacy policy.

 
7. How do we keep your information secure

Driven by your privacy security, we apply best practices to safeguard your personal data through the implementation of the necessary technical and organisational measures determined by the GDPR. The data are secured from loss of availability, integrity and confidentiality of the information.

EYDAP S.A. makes every effort to fully meet the level of information assurance and complies with the dictated technical measures such as encryption, pseudonymisation, anonymisation and data minimisation throughout the data processing.

Lastly, we apply Secure Sockets Layer (SSL) with 128-bit strong encryption to the Interactive Websites (Your Account, Data Correction, Your Water Meter and Telemetry) to ensure the confidentiality and inviolability of your transactions and personal information.

EYDAP is in constant harmonisation and compliance with the provisions of the General Regulation (EU) 2016/679 for the protection of individuals against the personal data processing and for the free movement of data and it is constantly making every effort to comply with it.

 
8. Policy of the company regarding the personal data of children

EYDAP, having a sense of responsibility for children's sensitive age states that it will not process personal data from visitors / users of the website who are under the age of sixteen (16) without the prior consent of the person having parental responsibility of the child.

 
9. Cookies

Cookies are files that are stored in your browser and contain information about your previous activity either online or on the website of EYDAP S.A. or on third-party websites.

The website of EYDAP S.A. does not collect or distribute to third-parties information about your previous web navigation, such as cookies.

 
10. Notification of the Data Protection Officer and User Rights Exercise

If you wish to exercise your rights (see paragraph No5 of this Declaraton) or be informed about your personal data processing, please contact our company by sending email to dpo@eydap.gr. The appointed Data Protection Officer-DPO is Aikaterini Vlastari who will answer to your questions or requests.

The Company reserves the right, upon consideration of your request, to proceed within one month or more of it, in case of justified delay, to its satisfaction, provided that it is lawful and valid. Before we provide you with personal data, we are likely to request proof of your identity and sufficient information about your transactions with us from which we can detect your personal data.

If you decide to unsubscribe from a service or communication means, we will try to delete your data as soon as possible, although we may need some time and / or information before we can process your request. The Company reserves the right to retain your personal data in cases where it has a legal obligation to do so or to exercise legal claims or to fulfill its contractual obligations.

EYDAP maintains unilaterally the right to update, modify or revise this policy and the terms of use of its website without prior notice to the user with the aim to improve its services, to ensure its harmonisation with the provisions of the existing legislation (domestic and EU) on the protection of personal data. Therefore, please check this Privacy Policy and declaration of confidentiality and personal data protection regularly to keep up-to-date on the changes that have been made.

 

Useful contact numbers:


a) Data Processing Manager

Address: 156 Oropou Str.

Telephone number: +30 210 2144444

E-mail: grammateia@eydap.gr



b) Data Protection Officer-DPO

Aikaterini Vlastari

E-mail: dpo@eydap.gr



c) Hellenic Data Protection Authority

Office address: 1-3 Kifissias Avenue, 115 23, Athens

Call Center: +30-210 6475600

Fax: +30-210 6475628

E-mail: contact@dpa.gr