Personal Data Protection Policy
According to the Regulation (ΕΕ) 2016/679 (GDPR)
«FINARTIX Fintech Solutions S.A.» with GEMI number 140459601000 and distinctive title “FINARTIX” was established in Athens in 2019, as applicable, with the main purpose: a) The development, support, and marketing of software, hardware, telecommunications, multimedia products, and related items, and the provision of related services, b) The representation/brokerage of software or hardware manufacturers, c) Provision of consulting services and evaluation of software and equipment. d) Preparation of studies related to the company’s subject matter. e) Research and development of new technologies, f) Participation in European and National development programs.
FINARTIX Fintech Solutions S.A. (hereinafter “FINARTIX”), as controller or processor (as defined in the GDPR), commits to protect personal data and apply the GDPR as well as national legislation to protect personal data. This policy concerns physical or legal entities, which provide us with personal data, with the aim of receiving personalized information regarding the products and services provided by our company, and specifically so that we can respond to and address any questions or requests you may submit via our email address or by phone, with the aim of providing all the information you request. It also concerns physical entities who visit for any reason the facilities of FINARTIX (hereinafter “Data Subjects”).
COLLECTION AND PROCESSING OF PERSONAL DATA
FINARTIX collects and processes different types of personal data, only to the extent necessary depending on the purpose of the processing and the time required in each case, which it receives from the Data Subjects themselves and through third parties who allow access to personal data based on the consent of the Data Subjects or other legal basis.
More specifically, FINARTIX collects and processes the following categories of personal data:
- Identification data: name, patronymic, police or other identity card or passport, TIN and competent Tax Office, AMKA, date of birth, gender, etc.
- Contact details: home address, phone numbers, email address, etc.
- Economic, financial, property and family situation data: occupation, salary, marital status.
- Image data recorded by the video surveillance system installed on its premises.
- Data of visitors who come to its facilities for any reason.
FINARTIX collects the above data from:
- Directly from the “Data Subjects”.
- publicly accessible sources such as telephone directories, courts, mortgage offices, cadastral offices, etc., media, internet, commercial records, provided that this data is necessary for the purposes of the processing,
- third parties (natural or legal), acting on behalf of or related to data subjects.
FINARTIX collects and processes personal data:
- for the compliance of the company with its legal obligations such as a) the prevention and suppression of money laundering and terrorist financing, as well as the prevention, detection and suppression of fraud against the company or other customers, b) the company’s compliance with the obligations imposed by the applicable legal, regulatory and supervisory framework, as well as the decisions of any authorities (public, supervisory, etc.) or courts.
- for the purposes of the legitimate interests of FINARTIX, including:
- the business development of the company; including the investigation of the degree of customer satisfaction with the services provided, with a view to improving them and in general with the general business relationship with them.
- the judicial defense of its interests;
- compliance with the company’s internal policies and procedures;
- the protection of persons, assets and premises of the company.
PROFILING or AUTOMATED DECISION-MAKING
FINARTIX does not make decisions solely on the basis of automated processing, including the profiling. If such processing which produces legal effects that affect you or significantly affect you in a similar manner becomes necessary, the company will provide you with more specific information and, where required, request your consent.
RECIPIENTS OF PERSONAL DATA DISCLOSURE
For the proper execution and fulfillment of the contractual, legal and regulatory obligations of FINARTIX, the employees of the company’s business and operating units have access to your personal data, within the framework of their responsibilities, who are bound by a confidentiality obligation to respect protection of data in accordance with national data protection legislation and the GDPR.
In addition, your personal data may be transmitted to service providers (processors) who have been appointed by us to process personal data and are bound by a contract to maintain confidentiality and data protection in accordance with national data protection legislation and the GDPR, as well as tax and supervisory authorities or where designated by legal or regulatory provisions.
For the purposes of your debt management, the following may be indicative of the following data:
- FINARTIX employees who are responsible for the evaluation of your requests, the fulfillment of the obligations arising therefrom, as well as the relevant obligations imposed by law;
- archiving, storage and file management companies;
- systems for support, processing and storage in the computing cloud “cloud”;
- insurance companies;
- web design and support companies;
- other recipients to whom the transmission or notification is required by the applicable regulatory, legislative and generally regulatory framework or court decision (eg supervisory or judicial authorities, tax authorities, supervisory bodies, intermediaries) It is noted that the FINARTIX will also provide more specific information to the data subjects regarding any transfer of your data to the above recipients, provided that it is provided by the current legislation.
Recipients of the image data recorded by the video surveillance system of the company are, in principle, the authorized employees of FINARTIX, in the context of performing their duties. They may also be police and judicial authorities, in the event of an incident that falls within their remit, as well as a third party with a relevant legal interest (e.g. victim of an illegal act).
PERIOD OF RETENTION OF PERSONAL DATA
The personal data processed by FINARTIX must be retained throughout the duration of the purpose for which they are processed and / or the current legal and regulatory framework and in any case for a period of twenty (20) years from last calendar day of the year ending the respective transaction relationship with FINARTIX or the principal of the receivables. In case of a legal dispute, the data are kept for a longer period of time, until the irrevocable completion of the judicial process. FINARTIX may retain personal data for less than the abovementioned period provided that this is provided for in the management contract of a particular portfolio(s).
Telephone calls in particular are kept for a shorter period, as the law stipulates (today: one year).
Also, the image data from the security cameras are kept for fifteen (15) days, after which they are safely deleted. In the event that an incident is detected during this period, the specific data are isolated and kept for up to one (1) month, in order to investigate the incident and the possible initiation of legal proceedings to defend the legal interests of the company. In case the incident concerns a third party, these data are kept for up to three (3) more months.
It is noted that FINARTIX may retain the data even after the expiration of the processing purpose, if it is not allowed to delete them for legal or regulatory reasons.
TRANSMISSION OF PERSONAL DATA OUTSIDE THE EEA (EUROPEAN ECONOMIC AREA)
Personal data is not initially transmitted to third countries (i.e. to countries outside the European Economic Area). In case this becomes necessary, FINARTIX will forward the personal data in compliance with the relevant provisions of the regulatory framework.
SECURITY OF PERSONAL DATA
FINARTIX implements appropriate organizational and technical measures (such as anonymization, pseudonymization, data encryption, firewalls, privacy by design and by default, strict procedures and policies, continuous training of staff, etc.) for the security of your data, ensuring its confidentiality, processing and protection against accidental or unlawful destruction, accidental loss, alteration, prohibited dissemination or access and any other form of unlawful processing in order to ensure the application of the law.
YOUR RIGHTS WITH REGARD TO YOUR PERSONAL DATA
After verifying your identity, as Data Subjects you have the following rights:
- Right to information: FINARTIX must inform you of the processing to which it submits your data, including but not limited to what data it processes, for what purpose, for what period of time it will retain it, in a transparent, comprehensible and easily accessible form, using clear and simple wording.
- Right of access: You have the right to receive a confirmation from FINARTIX as to whether or not your personal data is processed and, if so, you have the right to access that data.
- Right to correction: You have the right to require from FINARTIX the correction of any inaccurate personal data and the completion of any incomplete data.
- Right of deletion: You have the right to request from FINARTIX the deletion of personal data, subject to the obligations and legal rights of FINARTIX for their retention based on the applicable legal and regulatory provisions.
- Right to restrict processing: You have the right to be provided by FINARTIX with the restriction of processing, provided that certain conditions are met.
- Right of objection: You have the right to object, at any time, to the processing of personal data concerning you. FINARTIX in this case should stop processing, unless it demonstrates compelling and legitimate reasons that prevail over your interests, rights and freedoms as a data subject or for the establishment, exercise or support of legal claims.
- Portability: You have the right to request from FINARTIX to obtain your personal data, which you have provided in a structured, commonly used and machine-readable format, or to forward it to another controller by FINARTIX.
- Right to withdraw consent: You have the right to withdraw your consent at any time for the processing of your personal data, provided that such processing is based on your consent.
Regarding the above rights, FINARTIX ensures the development of internal procedures in order to respond in a timely and efficient manner to your relevant requests.
To exercise any of your rights or if you have any other questions regarding the use of our personal data by us, you may contact FINARTIX, or fill out the form on the FINARTIX website. You can also contact the Data Protection Officer of FINARTIX at: dpo@finartix.com.
Postal address
FINARTIX Fintech Solutions S.A.
Data Protection Officer,
112a Vasilissis Sofias Ave.,11527, Athens, Greece,
or in person at the company’s headquarters at the address above.
Finally, if you consider that your personal data protection is affected in any way or if you have exercised any or all of your rights to protect your data and still feel that your concerns about how we use your personal data has not been satisfactorily addressed by us, you can, if you wish, also appeal to the Personal Data Protection Authority, with the following contact details:
Website: www.dpa.gr
Postal Address: 1-3 Kifissias Avenue, PC 115 23, Athens
Call Center: +30 210 6475600
Fax: +30 210 6475628
Email: contact@dpa.gr
INFORMATION ON ANY AMENDMENTS TO THIS POLICY
FINARTIX will update this policy whenever necessary. If there are significant changes to the policy or the way it uses your personal data, it will post a notice in a prominent place on its website before the changes take effect. In any case, the Data Subjects are encouraged to read this Policy periodically to know how their personal data is protected.
Last update: February 2024
Web Privacy Policy
Introduction
This Privacy Policy specifically covers the conditions for the collection and processing of personal data of guests/users (hereinafter: the users) of the website www.finartix.com. Please read this Privacy Policy carefully so that you know all the information relevant to the processing of personal data collected through our website.
The controller is FINARTIX Fintech Solutions S.A. (hereinafter FINARTIX), with headquarters in Athens, 112a Vasilissis Sofias Ave., 11527.
Users Personal Data Protection
In FINARTIX we recognize the importance of keeping this information safe, as well as informing you about how we intend to use it. That is why we will process this information in strict compliance with all the requirements laid down in the provisions of Greek and European Law, including the General Regulation on Data Protection (EU) 2016/679 (GDPR) and N. 4624/2019.
Which personal data we collect
The term “personal data”, as used in this Policy, refers to information such as your name, email address, phone number, IP address (internet protocol), or any other information that can be used as your ID.
How we collect personal data through our website
We may collect your personal data in the following situations:
- When you contact us by email: In this case, you will make available to FINARTIX on your website, your name, telephone number and e-mail address, as well as any other information provided by you, as part of expressing interest in working with our company or by submitting a job application to FINARTIX on sending a curriculum vitae.
- Using automated data collection media when you visit our website: In addition to the information, you will provide us voluntarily, some information is automatically collected when you visit our website through data-detection technologies that we use from time to time, such as cookies. Cookies, each time you visit our website, collect information from your computer, including technical information, such as your IP address, your operating system, the type and version of your browser, your referral website, and information about your activity on our website. You may choose not to receive cookies, either in total or on a case-by-case basis. In order to know all the information about the use of cookies and the data we collect while you navigate through our website, please visit our Cookies Policy.
How we use personal data collected through the website
First of all, in FINARTIX we trust that all personal data you provide through the website is accurate, complete and true, and that, if necessary, you are bound to notify us of any amendment to it. In addition, we believe that, should you provide us with personal data from third parties, you have already obtained prior information and consent to provide us with this data and that they will be processed in accordance with our Data Protection Policy.
In FINARTIX we will use personal data to provide you with personalized information about your loan and the services provided in connection with it by our company, in particular to be able to answer and respond to any question or request that you submit via our email address or by telephone in order to provide all the information you request. We also use the curriculum vitae you submit through our website to assess you for a career opportunity in our company. The recipients of your personal data are only authorized employees of FINARTIX who process them only to the extent necessary.
How long personal data collected through the website is retained
Personal data submitted by you shall be retained only for as long as you receive the communication requested. The CVs are kept in our company until the end of the month following the end of each recruitment procedure and are then safely destroyed.
Secure your personal data
We recognize the importance of protecting your personal data and use appropriate technical and organizational measures to protect it. However, an online data transmission can never be described as 100% secure. Therefore, although we are making reasonable efforts to protect your personal information, we cannot ensure, nor guarantee, the protection of the data you provide through the website. In order to protect the information stored in our system, we have put in place appropriate security measures, including data encryption technology and firewalls, so that unauthorized people cannot access your personal data. In any event, the User shall be encouraged to report to the Personal Data Protection Officer of FINARTIX and by any means, through the contact details provided on the website, in writing or orally, a possible breach of his personal data or any illegal and non-verbal behavior identified by FINARTIX, another user or a third party. FINARTIX commits to doing its utmost to resolve the problem in cooperation with the relevant regulatory authorities, if necessary.
Connecting to third party websites
Our company cannot take responsibility for how to protect and process personal data on behalf of third parties, whose websites our website interconnects. Therefore, Users should be informed in advance by these websites.
Your rights related with your personal data
As a Data Subject (within the meaning of the GDPR) you have the following rights: right of access and information, right to rectification, right to be deleted, right to restrict processing, right to object, right of portability and right to withdraw consent. For more information on these rights please refer to the FINARTIX Data Protection Policy that can be found here. In order to exercise your rights, you can contact FINARTIX Personal Data Protection Officer Tel. communication: 2107472200, e-mail: dpo@finartix.com . Also, if you consider your rights to be infringed, you have the right to appeal to the Personal Data Protection Authority via its website www.dpa.gr>My Rights>Lodge a complaint.
This Privacy Policy was reviewed and published by FINARTIX on 27/05/2020. We may review the Privacy Policy at any time (each version comes into force once published), so please check it periodically. Changes to the Privacy Policy will apply to the information collected, from the date the revised version is published, as well as to the existing information that we have. Using the Web page after publishing changes means that you accept these changes.