Privacy Policy

In CITYTRANSFER E.E. (hereinafter the “Company”) we care about your privacy and we want to be open and transparent about the way they are processed.

For this reason we have created this Privacy Policy in which we explain how we process and protect your personal data.

The personal data the user voluntarily provides anywhere on our website are solely intended to ensure the provision of services and the legitimacy of the transaction and are not allowed to be used by any third, without complying with the provisions of the General Data Protection Regulation 2016/679 (GDPR), the national, European and international law on the protection of individuals with regard to the processing of personal data as applicable today.

This Policy forms integral part of the Terms of Use. At the beginning of this is mentioned the latest policy update. These terms may change so users of the website are kindly requested to check them at regular intervals. Please visit and review this privacy policy periodically, as it may change from time to time.

 

Controller

 

Controller of personal data in accordance with the legislation in force is the sole proprietorship MAVROGIANNIS NEKTARIOS with distinctive title “CITYTRANSFER E.E.” (Car rental services-Car rental services with driver) which is headquartered at 68 Antoniou Mpertou st. – P.C. 18 758, with TIN 801126131, Tax Office of E’ Piraeus, with GCR 149701708000, MH.T.E.0207Ε81000967101.

 

e-mail for personal data issues:  gdpr@citytransfer.gr

 

  1. SECURITY

 

Secure Socket Layer (SSL) encryption technology is used for the protection of personal data.

Any personal information that we hold, as part of the customer profile will be stored in a database with physical and technological security control procedures.

 

Our commitment to data security

The security of your personal data is important to us. When you enter sensitive information (such as your identity card number or passport) during the booking process, we encrypt that information using Secure Socket Layer (SSL) encryption technology.

We follow generally accepted industry standards to protect personal information and personal data submitted to us, both during transmission and after receipt. However, no method of transmission via Internet, or method of online storage is 100% secure. As a result, although we try to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

 

Storage time of your data

The data provided by you are stored by us only for as long as necessary to   fulfill the purpose for which you have shared your data  and in compliance with the relevant legislative provisions.

 

Where do we store your data?

The data we collect from you are stored within the European Economic Area.

 

  1. USER RIGHTS

 

2.1 Summary of your rights in accordance with the applicable Data Protection Law.

Users who have disclosed their personal data in the company shall have the following rights:

 

2.2 Right to access: 

You have the right to request information about the personal data held by us at any time. To this end, you can send us an e-mail at gdpr@citytransfer.gr

 

2.3 Right to correction:  

You have the right to request the correction of your personal data if they are inaccurate or if complementing them is incomplete, by sending an e-mail to gdpr@citytransfer.gr

 

2.4 Right to erasure: 

You have the right to request at any time the erasure of your personal data processed by the Company, in particular, when:

  • Your personal information is no longer required in relation to the purposes for which it was collected or otherwise processed.
  • The processing of your data is based on your consent and you withdraw this consent.
  • Your data are processed illegally.

This right does not exist in particular where:

  • The processing of your data is necessary for the foundation, exercise or support of legal claims.
  • Processing of your data is necessary to meet a legal obligation of the Company that requires process.

In any case, we will notify you whether or not your claim is satisfied and, in the event of non-satisfaction, the reasons for this.

In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr

 

2.5 Right of opposition:  

You have the right to oppose the processing of your personal data that is based on the company’s legitimate interest. In this case we will stop processing your personal data, unless we can prove that we have compelling legitimate grounds for processing which will take precedence over your rights and freedoms or for the establishment, exercise or support of legal claims.

In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr 

 

2.6 Right to oppose direct marketing:
You have the right to oppose the processing of your personal data for direct marketing purposes.

You may declare your desire in the following ways:

  • By following the instructions that accompany each e-mail with promotional content
  • By sending us an e-mail at gdpr@citytransfer.gr

 

2.7 Right to portability:  

In cases where the company processes personal data by automated means based on consent or under a contract, you are entitled to receive a copy of your data in a structured, commonly used and readable format. You may also request the direct dispatch of your data in third person. The above right concerns only personal data that you have provided to us.

In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr

 

 2.8 Right of restriction: 

You have the right to request the restriction of processing of your personal data in the following cases:

  • When you dispute the accuracy of your personal data and until the Company verifies the precision thereof.
  • When the processing is unlawful and you oppose their erasure and demand the restriction of use instead.
  • When the Company does not need any more your personal data for process, but these data are essential for the foundation, exercise or support of legal claims.
  • When you are opposed to the process of your data from the Company that is based on legitimate interest of the latter and until is verified the existence of unlawful reasons of the Company that predominate your freedoms or rights.

In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr

 

2.9 Right to submit a complaint to the competent supervisory authority:
 As a data subject you may at any moment exercise the rights laid down in the Regulation (EU) 2016/679, including the right to information and to access, correction, erasure (right to be forgotten), restriction of processing, portability and the right to object to processing using the appropriate forms. These rights are exercised via e-mail to the Data Controller gdpr@citytransfer.gr  free of charge unless they are often repeated and have for us administrative cost, therefore you will be charged with the relative cost.

If you exercise any of these rights, we will take every measure possible to satisfy your request within thirty (30) days from the date of receipt of the request, since we inform you either for its satisfaction or for the reasons hindering satisfaction.

Moreover, you always keep the right to contact the Data Protection Authority, which can accept and submit relevant complaints either in written form at its registry (1-3, Kifissias Avenue GR-115 23, Athens) or electronic form (  www.dpa.gr  ).

 

  1. DATA COLLECTION AND USE

 

3.1 The Company uses the data it collects for legitimate and lawful purposes connected with the fulfilment of its legitimate interests and it does not sell, assign or exchange them with any third party outside the Company. In addition, it takes all reasonable measures to ensure that the processing of personal data is reliable, accurate and complete.

Booking information: When you book car rental services with driver we ask for your name, mailing address, telephone number, number of identity card or passport and your email address. This helps us to process your booking, to contact you if we have any problems with your request or to send you an electronic confirmation for any offers received or reservations you made.

 

IP Address: We collect your IP address when you visit our website. It identifies only the ISP (Internet Service Provider) and does not contain any information about you as an individual. We use this information to help us understand more about our site visiting.

 

3.2 Recipient of personal data is only the Company. Any contact with the administrator of the site is done by email at gdpr@citytransfer.gr.

 

3.3 CITYTRANSFER collects personal data when:

(a) When filling in your details on the relevant online booking form from which the following are collected:

  • Name
  • Email
  • Telephone
  • Identity card or passport number

(b) When filling in your details on the relevant online contact form from which the following are collected:

  • Name
  • Email
  • Telephone

(c) When you contact us via live chat  are collected the following:

 

The above are collected just in case you wish to make a booking.

 

3.4 The data are collected and used for the fulfilment of the objectives of the company as stated above and the legal basis of processing according to article 6 par. 1 (f) of GDPR, is the pursuit of legal interests of our company.

 

3.5 We will keep your personal data for direct marketing purposes until you revoke your consent or object to the use of your personal data for direct marketing purposes.

 

  1. CHANNELING AND DISCLOSURE OF PERSONAL DATA

 

4.1  The company shall not sell, lease or in any way publish and/or disclose personal data of the website users to any third party.

4.2 The company can channel private data of its users to third legal and/or natural persons only if (not all terms are applicable at once):

  • It has the explicit consent of the users to channel personal data.
  • The channeling of personal data to legal and/or natural persons that cooperate with the Company is necessary to implement the wishes of the users. Legal and natural persons that cooperate with the Company shall have the right to process personal data that users submit to this website only to the extent that is absolutely necessary to provide support to the Company.
  • It is required due to compliance with the relevant provisions of the law and the relevant authorities.

 

  1. MONITORING INFORMATION

 

5.1 Information we automatically receive when you visit our website We may collect behavioural monitoring data from the Website, such as how you use it, what pages a user visits, the time of each visit, the number of pages visited, from which websites he came on our website. These data may be stored in third services such as Google Analytics for the purpose of improving advertising activities carried out by the company. This data do not identify users and these data are retained for up to two (2) years. When you visit the Website, the web browser sends data to our servers. This information may include the following:

  • your IP address,
  • the date and time of your visit to the website,
  • the URL redirecting address (i.e. the site from which the user was redirected),
  • the pages you’ve visited on our website,
  • information about the device you are using and your web browser (type of web browser and version, operating system, etc.).

 

5.2 During the use of this website are collected and stored in log files of our server information such as the user’s IP address, the browser, the operating system, the date and time of each call to the server and other similar information. These items cannot identify the user, but are needed to monitor the smooth operation of our server, but also the protection of the site. Then, and if we have received your consent as above, we can provide these data to advertisers and other partners, to improve our services or to provide other ancillary services. None of these items may be connected with the identities or other Personal Data of individual users. We allow third-party companies to serve ads and/or collect certain anonymous information when you visit the Website. These companies may use anonymous, non-personal identifiable/identifying information during your visits to the website or to other websites in order to provide advertisements about services that may be of interest to you.

 

5.3 Third-party Applications Google Analytics (Google Inc.)

For advertising purposes, visit data are provided to third-party services, such as the Google platform and Facebook, for displaying promotional messages. These are retained for up to two (2) years.  Google Analytics service is provided by Google Inc. (“Google”) and uses the data collected in order to monitor and examine the use of this application, to prepare reports on its activities and to share with other Google services. Google may use the data collected in order to create context and adapt the advertisements of its own advertising network.

 

 

  1. MINORS UNDER THE AGE OF 16

 

Through our website we do not knowingly collect personal information from minors under the age of 16 without the previous consent of parents/custodians/or persons practising the parental care of minors. If we realise that we have collected any personal information from minors under 16 years old without verifiable parental consent, we will erase the information from our database as soon as possible. If you believe that we may have collected information from minor under the age of 16, please contact us