This Privacy Statement (“Statement”) sets out the basis which “Original Senses Tourism and Entertainment Services Private Company” (“we”, “us”, or “our”) may collect, use, disclose or otherwise process personal data in relation to newsletters, promotional material and other marketing information which is sent to individuals (“Subscribers” or “you”).
1. Who is responsible for processing your personal data?
Company name: “Original Senses Tourism and Entertainment Services Private Company” (“Original Senses P.C.”)
Postal address: 10, Solonos Str., 10673, Athens, Greece
Telephone number: (+30) 210-3641890, (+30) 210-3234464
2. What types of Personal Data or other information do we collect?
Contact data: When you consent to receive our newsletters and/or promotional material, you provide us with your name, surname and e-mail address.
Location data and Online data: When we determine, track and analyze your use of, or interest in our newsletters or promotional content, we or our service provider may use some information (such as your location, IP address, usage data, browser data). In general, we do not associate IP addresses with any other data held by third parties. We do not link, or seek to link, an IP address with the identity of a device user. When we send you an e-mail, we may use single pixel gifs, also called web beacons. Web beacons allow us to collect information about when you open the e-mail (time and date), your IP address or your browser data.
3. Why do we collect and use your Personal Data?
Promotional purposes: We collect the aforementioned contact data in order to send you our newsletters and promotional material.
Analytics purposes: Occasionally, we or our service provider may collect the aforementioned location data and online data, in order to obtain feedback on our newsletters and promotional material (e.g. number of views or clicks e.tc.) and/or to enhance our ability to provide relevant marketing content to you. We use data from web beacons to create reports about how our e-mail campaign performed and what actions you took.
4. Which is the legal basis for the use of your Personal Data?
Consent: To process your personal data as described above, we rely on your consent. You can withdraw your consent anytime by contacting us at the details mentioned at the beginning of this Privacy Statement.
Legal obligation: We may use your personal data if we have a good faith belief that access, use, preservation or disclosure of this information is reasonably necessary to: meet any applicable law, regulation, legal process, enforceable governmental request or investigation of potential violations, and/or to detect, prevent, or otherwise address fraud, security or other technical issues.
5. How do we share your data with third parties?
We may share your personal data with:
Service providers. We may share your personal data, with third parties that perform certain services on our behalf. These services may include e-mail distribution, other related customer service, marketing assistance and analytics services. All service providers enter into contract with us that protects your personal data; our service providers may have access to personal data needed to perform their functions and are not allowed to share or use such information for any other purposes.
* Our current e-mail service provider is the company under the name: “The Rocket Science Group C d/b/a Mailchimp” (MailChimp), a limited liability company located in the State of Georgia, USA. MailChimp platform facilitates features and integrations that allow sending marketing e-mails, creating campaigns, as well as tracking how recipients react to such e-mails (if they open or view an e-mail e.tc.).
Public authorities: When we believe disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing, we may share your personal data with competent public authorities.
6. What are your rights on your Personal Data?
You have the following rights concerning the use of your personal data:
Right of access You can ask us whether or not we are processing your personal data. You may also access your personal data.
Right to rectification You can review and update any inaccurate personal data. You may also ask for any addition to incomplete personal data.
Right to erasure (“right to be forgotten”) You can ask us to erase any of your personal data that is no longer necessary in relation to the purposes for which they were collected or in cases where you have withdrawn your consent.
Right to withdraw your consent You can withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Right to restriction of processing You can ask us to restrict the use of your personal data if such use is unlawful, or you deem that we no longer need your personal data for the above purposes.
Right to data portability You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and you can ask us to transmit this data to another controller without hindrance from us.
Right to object You have the right to object, on any legitimate grounds, at any time to processing of your personal data.
How can I exercise my rights? In order to exercise your above rights, you can contact us by any means of communication (see our contact details above).
7. How long do we hold your Personal Data?
- Your contact data is stored electronically for 5 years for the purpose of dispatching the newsletters and/or promotional material.
- Your location and online data is stored for 6 years for the analytics purposes.
All the above data is stored in the servers of our current mailing service provider (“The Rocket Science Group C d/b/a Mailchimp”), and managed by the same.
8. What security measures have we put in place to safeguard your personal data?
In accordance with European data protection laws, we and our service providers have taken all appropriate and reasonable security measures (including physical, electronic and procedural measures) to help safeguard your personal data from unauthorized access, misuse or disclosure.
9. How do we treat international data transfers?
We may transfer and process your personal data worldwide in places where our data processing operations are located.
Currently, the servers where personal data is stored are primarily located in the United States. This means that your personal data may be transferred to, or processed in the United States. Any transfer of your personal data by us to third countries (including Unites States) will take place only to countries which have data protection laws that provide an adequate level of protection within the meaning of EU Data Protection Law. To the extent that international data transfers take place, we will seek and obtain assurances that any information we may transfer is safeguarded adequately and in accordance with this Privacy Statement and the requirements of applicable privacy laws (including EU law when data subjects are EU residents).
Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by online service providers in order to (for example) make their websites or services work, or to work more efficiently, as well as to provide reporting information.
Our e-mail service providers may use other, similar technologies from time to time, like web beacons, pixels (or “clear gifs”) and other tracking technologies. These are tiny graphics files that contain a unique identifier that enable our providers to recognise when someone, in the case of web beacons, opened an e-mail sent to him.
Our e-mail service providers may automatically place single pixel gifs, also known as web beacons, in every e-mail sent to you. These are tiny graphic files that contain unique identifiers that enable them to recognize when you have opened an e-mail or clicked certain links. These technologies record your e-mail address, IP address, date, and time associated with each open and click for a campaign. We use this data to create reports for our subscribers about how an e-mail campaign performed and what actions you took.
11. Where can I submit my complaints about how you treat my personal data?
You have the right to submit any complaints about how we process your personal data to:
Hellenic Data Protection Authority (HDPA)
Postal Address: 1-3, Kifissias Ave., 115 23 Athens, Greece
Tel: +30 210 6475600
Fax: +30 210 6475628