Terms of use
Terms of Use of the Website Terms of Use of the Website
The use of this website is subject to the terms outlined below, and its use by the visitor is considered as evidence of acceptance and understanding of these terms. If the visitor/user does not agree with the terms of use, they must refrain from using the services and content of the website. These terms of use may be revised and updated at any time without prior notice. Security of your Personal Data
Taking into account the latest technological developments, the cost of implementation, and the nature, scope, context, and purposes of processing, as well as the varying levels and extent of risks to the rights and freedoms of data subjects resulting from the processing of their personal data, the Attica Region Public Markets Authority complies with and implements the applicable Greek and European data protection legislation and adheres to all obligations concerning the processing of personal data in accordance with GDPR 2016/679.
Specifically, it takes all necessary technical and organizational measures to protect the personal data of individuals interacting with it, particularly ensuring digital security, in compliance with obligations derived from applicable legislation.
Data Collection
During navigation and use of services, personal data may be collected and processed, exclusively for the provision of the services, including identification and contact details. Examples include:
Personal Data
Full name, father’s name, ID number, contact details.
For the fulfillment of requests and lawful competencies, additional data may be collected, such as VAT number, ID number, AMKA (Social Security Number), email address, postal address, phone number, and date of birth.
Purpose
User identification and citizen service to process their requests.
To serve the public interest, in accordance with legal competencies and the exercise of these, as per GDPR.
Legal Basis The processing is carried out legally in accordance with Article 6 of the GDPR for the fulfillment of the legal responsibilities of the Agency and in particular concerns:
- Processing necessary to comply with a legal obligation
- Processing necessary for the performance of a task carried out in the public interest or in the exercise of public authority delegated to the controller
- Processing necessary for archiving purposes in the public interest
Retention Period The preservation of the personal data of the subjects exists for the period of time until the fulfillment of the intended purposes in the exercise of the Organization’s responsibilities and for the processing of requests to the Organization and in any case until the end of the limitation period for any claims. The minimum retention of personal data under GDPR is sought. Recipients of Personal Data
The Organization as well as any legally required recipients and the technical support provider acting as the data processor under the GDPR on behalf and under the instructions of the Authority.
Automatically Collected Data via the Website
Visitors and users of the website explicitly accept the collection and processing of certain automatically gathered information, which may constitute personal data. This includes, but is not limited to:
IP address
Location
Device settings and operating system
Activity data
Referrer URL
Browser version
Operating system
Browsing history and outcomes
Data collected through the use of cookies. Rights of Data Subjects
During its operation, the Organization ensures and seeks the immediate and full response to data subjects’ requests regarding the exercise of their rights and informs that according to the GDPR they have the following rights:
- Access and updating of personal data
- Correction of personal data in case of inaccurate or incomplete registration
- Objection to processing
- Delete personal data
- Restriction of processing
- Data portability
In the event of exercising any of the above rights, the Organization, through its competent bodies and in accordance with applicable legislation as well as the Code of Administrative Procedure, responds and informs the data subject. It is noted that data subjects retain these rights at any time during the retention or processing of their data and may submit the relevant requests. Communication with the Organization regarding Personal Data
In the event that an incident of violation takes place, the Organization applies a specific Policy for the Management of Incidents of Personal Data Security Breach. If you realize or suspect that a personal data breach may or has occurred, please notify the Agency without delay at the email address laikesagores@flla.gov.gr.For any question or complaint regarding personal data protection issues or this notice, contact the Agency at dpo@flla.gov.gr and if your request is not satisfied, you can contact the Personal Data Protection Authority in accordance with the law through the following link: https://www.dpa.gr/el/polites/gkpd Definitions For the purposes of this personal data protection policy by the Agency, the following definitions apply:
- “Personal Data”: any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.
- “Processing”: any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Controller”: the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law.
It is noted that for the purposes of this site and any related action from it as well as for any matter concerning personal data, the FARMERS’ MARKETS OPERATING ORGANIZATION OF ATTICA acts as the Data Controller.
- “Processor”: the natural or legal person, public authority, agency or other entity that processes personal data on behalf of the controller.
- “Data Subject”: the natural person whose personal data is processed, e.g. Users of the complaint form.
- “Consent” of the data subject: any freely given, specific, explicit, and informed indication of will, by which the data subject signifies their agreement, through a statement or a clear affirmative action, to the processing of personal data relating to them.
- “Existing Legislation”:The applicable national and Union legislation on personal data protection, specifically the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation”), Law 4624/2019, Law 3471/2006, the case law of the Court of Justice of the European Union, as well as the Decisions, Guidelines, and Opinions of the European Data Protection Board and the Hellenic Data Protection Authority (hereinafter referred to as “HDPA”).