In CITYTRANSFER E.E. (hereinafter the “Company”) we care about your privacy and we want to be open and transparent about the way they are processed.
For this reason we have created this Privacy Policy in which we explain how we process and protect your personal data.
The personal data the user voluntarily provides anywhere on our website are solely intended to ensure the provision of services and the legitimacy of the transaction and are not allowed to be used by any third, without complying with the provisions of the General Data Protection Regulation 2016/679 (GDPR), the national, European and international law on the protection of individuals with regard to the processing of personal data as applicable today.
This Policy forms integral part of the Terms of Use. At the beginning of this is mentioned the latest policy update. These terms may change so users of the website are kindly requested to check them at regular intervals. Please visit and review this privacy policy periodically, as it may change from time to time.
Controller
Controller of personal data in accordance with the legislation in force is the sole proprietorship MAVROGIANNIS NEKTARIOS with distinctive title “CITYTRANSFER E.E.” (Car rental services-Car rental services with driver) which is headquartered at 68 Antoniou Mpertou st. – P.C. 18 758, with TIN 801126131, Tax Office of E’ Piraeus, with GCR 149701708000, MH.T.E.0207Ε81000967101.
e-mail for personal data issues: gdpr@citytransfer.gr
Secure Socket Layer (SSL) encryption technology is used for the protection of personal data.
Any personal information that we hold, as part of the customer profile will be stored in a database with physical and technological security control procedures.
Our commitment to data security
The security of your personal data is important to us. When you enter sensitive information (such as your identity card number or passport) during the booking process, we encrypt that information using Secure Socket Layer (SSL) encryption technology.
We follow generally accepted industry standards to protect personal information and personal data submitted to us, both during transmission and after receipt. However, no method of transmission via Internet, or method of online storage is 100% secure. As a result, although we try to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
Storage time of your data
The data provided by you are stored by us only for as long as necessary to fulfill the purpose for which you have shared your data and in compliance with the relevant legislative provisions.
Where do we store your data?
The data we collect from you are stored within the European Economic Area.
2.1 Summary of your rights in accordance with the applicable Data Protection Law.
Users who have disclosed their personal data in the company shall have the following rights:
2.2 Right to access:
You have the right to request information about the personal data held by us at any time. To this end, you can send us an e-mail at gdpr@citytransfer.gr
2.3 Right to correction:
You have the right to request the correction of your personal data if they are inaccurate or if complementing them is incomplete, by sending an e-mail to gdpr@citytransfer.gr
2.4 Right to erasure:
You have the right to request at any time the erasure of your personal data processed by the Company, in particular, when:
This right does not exist in particular where:
In any case, we will notify you whether or not your claim is satisfied and, in the event of non-satisfaction, the reasons for this.
In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr
2.5 Right of opposition:
You have the right to oppose the processing of your personal data that is based on the company’s legitimate interest. In this case we will stop processing your personal data, unless we can prove that we have compelling legitimate grounds for processing which will take precedence over your rights and freedoms or for the establishment, exercise or support of legal claims.
In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr
2.6 Right to oppose direct marketing:
You have the right to oppose the processing of your personal data for direct marketing purposes.
You may declare your desire in the following ways:
2.7 Right to portability:
In cases where the company processes personal data by automated means based on consent or under a contract, you are entitled to receive a copy of your data in a structured, commonly used and readable format. You may also request the direct dispatch of your data in third person. The above right concerns only personal data that you have provided to us.
In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr
2.8 Right of restriction:
You have the right to request the restriction of processing of your personal data in the following cases:
In order to exercise the above right you can send us an e-mail at gdpr@citytransfer.gr
2.9 Right to submit a complaint to the competent supervisory authority:
As a data subject you may at any moment exercise the rights laid down in the Regulation (EU) 2016/679, including the right to information and to access, correction, erasure (right to be forgotten), restriction of processing, portability and the right to object to processing using the appropriate forms. These rights are exercised via e-mail to the Data Controller gdpr@citytransfer.gr free of charge unless they are often repeated and have for us administrative cost, therefore you will be charged with the relative cost.
If you exercise any of these rights, we will take every measure possible to satisfy your request within thirty (30) days from the date of receipt of the request, since we inform you either for its satisfaction or for the reasons hindering satisfaction.
Moreover, you always keep the right to contact the Data Protection Authority, which can accept and submit relevant complaints either in written form at its registry (1-3, Kifissias Avenue GR-115 23, Athens) or electronic form ( www.dpa.gr ).
3.1 The Company uses the data it collects for legitimate and lawful purposes connected with the fulfilment of its legitimate interests and it does not sell, assign or exchange them with any third party outside the Company. In addition, it takes all reasonable measures to ensure that the processing of personal data is reliable, accurate and complete.
Booking information: When you book car rental services with driver we ask for your name, mailing address, telephone number, number of identity card or passport and your email address. This helps us to process your booking, to contact you if we have any problems with your request or to send you an electronic confirmation for any offers received or reservations you made.
IP Address: We collect your IP address when you visit our website. It identifies only the ISP (Internet Service Provider) and does not contain any information about you as an individual. We use this information to help us understand more about our site visiting.
3.2 Recipient of personal data is only the Company. Any contact with the administrator of the site is done by email at gdpr@citytransfer.gr.
3.3 CITYTRANSFER collects personal data when:
(a) When filling in your details on the relevant online booking form from which the following are collected:
(b) When filling in your details on the relevant online contact form from which the following are collected:
(c) When you contact us via live chat are collected the following:
The above are collected just in case you wish to make a booking.
3.4 The data are collected and used for the fulfilment of the objectives of the company as stated above and the legal basis of processing according to article 6 par. 1 (f) of GDPR, is the pursuit of legal interests of our company.
3.5 We will keep your personal data for direct marketing purposes until you revoke your consent or object to the use of your personal data for direct marketing purposes.
4.1 The company shall not sell, lease or in any way publish and/or disclose personal data of the website users to any third party.
4.2 The company can channel private data of its users to third legal and/or natural persons only if (not all terms are applicable at once):
5.1 Information we automatically receive when you visit our website We may collect behavioural monitoring data from the Website, such as how you use it, what pages a user visits, the time of each visit, the number of pages visited, from which websites he came on our website. These data may be stored in third services such as Google Analytics for the purpose of improving advertising activities carried out by the company. This data do not identify users and these data are retained for up to two (2) years. When you visit the Website, the web browser sends data to our servers. This information may include the following:
5.2 During the use of this website are collected and stored in log files of our server information such as the user’s IP address, the browser, the operating system, the date and time of each call to the server and other similar information. These items cannot identify the user, but are needed to monitor the smooth operation of our server, but also the protection of the site. Then, and if we have received your consent as above, we can provide these data to advertisers and other partners, to improve our services or to provide other ancillary services. None of these items may be connected with the identities or other Personal Data of individual users. We allow third-party companies to serve ads and/or collect certain anonymous information when you visit the Website. These companies may use anonymous, non-personal identifiable/identifying information during your visits to the website or to other websites in order to provide advertisements about services that may be of interest to you.
5.3 Third-party Applications Google Analytics (Google Inc.)
For advertising purposes, visit data are provided to third-party services, such as the Google platform and Facebook, for displaying promotional messages. These are retained for up to two (2) years. Google Analytics service is provided by Google Inc. (“Google”) and uses the data collected in order to monitor and examine the use of this application, to prepare reports on its activities and to share with other Google services. Google may use the data collected in order to create context and adapt the advertisements of its own advertising network.
Through our website we do not knowingly collect personal information from minors under the age of 16 without the previous consent of parents/custodians/or persons practising the parental care of minors. If we realise that we have collected any personal information from minors under 16 years old without verifiable parental consent, we will erase the information from our database as soon as possible. If you believe that we may have collected information from minor under the age of 16, please contact us