DATA PROTECTION POLICY
The INTERSALONIKA Group of Companies, which is comprised of the Companies INTERSALONIKA LIFE INSURANCE COMPANY S.A., INTERSALONIKA GENERAL INSURANCE COMPANY S.A., INTERSALONIKA EMPΟROTECHNIKI S.A., AIR INTERSALONIKA H.A.T.C.S.A., attaches the utmost importance to the protection of personal data of data subjects and therefore commits to use its best effort to ensure that data subject’s rights and data are respected and protected. This commitment shall be made through the establishment and implementation of the Data Protection Policy and a series of policies and procedures that constitute a data protection system in order to comply with the laws governing the operation of the Group’s Companies, the General Data Protection Regulation and the avoidance of risks and other legal implications for the benefit of the Group’s Companies, employees, customers, associates and shareholders.
Data Controller for the provision of air transport services and for the website www.airintersalonica.gr is the COMPANY:
Name: AIR INTERSALONIKA H.A.T.C.S.A.
VAT Nr.: 997994258
TAX Authority: F.A.E. Thessaloniki
Address: 15th km Thessaloniki – Peraia Road, P.C.: 55102
To comply with the requirements of GDPR, a Data Protection Officer is appointed who can be reached via the following contact details:
INFORMATION ON PROTECTION OF PERSONAL DATA at
AIR INTERSALONIKA H.A.T.C.S.A.
(According to the E.U. Regulation 2016/679)
1. WHY DOES AIR INTERSALONIKA H.A.T.C.S.A. COLLECT AND PROCESS PERSONAL DATA AND IN SOME CASES SPECIAL CATEGORIES OF PERSONAL DATA?
The collection and processing of personal data by AIR INTERSALONIKA H.A.T.C.S.A is carried out in the context of its commercial operation, i.e. the provision of air transport services. Exceptionally, it may be considered necessary that AIR INTERSALONIKA H.A.T.C.S.A. will request personal data of special categories in order to safely carry out emergency medical transport for health reasons. Personal data may be forwarded to all INTERSALONIKA Group’s companies for the promotion of relevant products and/or services they offer, and privileges to customers, cross sales and discounts.
2. WHAT KIND OF DATA ARE COLLECTED FROM AIR INTERSALONIKA H.A.T.C.S.A.?
The data collected by AIR INTERSALONIKA H.A.T.C.S.A. is necessary for the provision of air transport services.
Specifically, regarding the website of AIR INTERSALONIKA H.A.T.C.S.A.:
– With every visit and navigation of the website, the user’s network protocol address is automatically stored, but it does not reveal identifiable information of the physical user. This data is used solely for statistical reasons to estimate the company’s web page popularity. In addition to that, cookies are collected in the processing of which the data subject has consented to continue the navigation to the company’s site.
– With the use of the contact form information is collected such as the name, surname, e-mail address and telephone nr. of the user, who wishes to contact AIR INTERSALONIKA H.A.T.C.S.A..
– With the flight request form information is collected, which is necessary for the assessment and handling the flight request (name, surname, e-mail address, telephone number, etc.).
– With the online payments form, necessary data concerning the payment of the cost of air transport service to AIR INTERSALONIKA H.A.T.C.S.A., is collected. The company’s website, “www.airintersalonica.gr” does not, in any case, request or store any of the user’s credit card details whenever he/she uses it to pay for air transport services. All payments made using a credit card are processed through the “Alpha e-Commerce” electronic payment platform of Alpha Bank. S.A.
3. WHAT PROCESSION IS THIS DATA SUBJECTED TO?
Our company, AIR INTERSALONIKA H.A.T.C.S.A. applies security rules and takes technical and organizational measures to ensure data protection. Personal data is stored into information systems and subjected to processing both by automated and non-automated means, such as collection, registration, storage, organization, correction, adaptation, change, search.
4. LEGAL BASIS OF PROCESSING
AIR INTERSALONIKA H.A.T.C.S.A. collects and processes personal data for the above purposes only if this is strictly necessary to effectively serve those purposes. The legal basis for the processing of personal data when visiting our website, when collecting e-mail addresses, as well as when using the contact form, is the data subject’s consent in accordance with the provision of Article 6 paragraph 1 of Regulation 2016/679. If the data subject does not provide his/her personal data, except in the case of emergency medical transference in which – due to his/her state of health – the data subject is unable to provide his or her personal data, then it may not be possible to complete the provision of the requested service. In any case, the data subject has the right to withdraw the consent to the processing of his/her data at any time, without of course affecting the legitimacy of the processing based on, prior to its revocation, consent.
5. DOES AIR INTERSALONIKA H.A.T.C.S.A. PROCESS DATA FOR COMMERCIAL PURPOSES?
Provided that consent has been obtained, personal data may be processed for commercial, promotional, statistical or research purposes. This processing involves the promotion of products and services of the Group’s Companies, the granting of privileges, conducting inquiries regarding our services, etc. The processing that takes place for the above mentioned purposes makes necessary the storage of data for a period of five (5) years.
6. HOW DOES AIR INTERSALONIKA H.A.T.C.S.A. PROTECT PERSONAL DATA?
AIR INTERSALONIKA H.A.T.C.S.A. applies appropriate technical and organizational measures to ensure an optimal level of security against all possible risks. In particular, a secure connection (https: //) is used to protect the personal data of users and visitors of our website www.airintersalonica.gr.
7. HOW LONG IS THE PERIOD OF PROCESSING AND FOR HOW LONG ARE PERSONAL DATA STORED?
AIR INTERSALONIKA H.A.T.C.S.A. stores personal data either in paper or electronic form until the end of the limitation period of each claim, unless additional retention time is imposed under other legislative mandate (i.e. for tax reasons).
8. WHERE ARE THE DATA TRANSMITTED TO?
Data stored is transmitted for processing to each of the AIR INTERSALONIKA H.A.T.C.S.A.’s departments, and possibly to some other departments of INTERSALONIKA Group of Companies which are related to the request made to AIR INTERSALONIKA H.A.T.C.S.A. concerning the provision of air transport services and for the purpose for which it is either necessary for the execution of the transaction service or has been given the required consent. Furthermore, data may be transmitted to either individual or legal entities which, as Processors, will be able to process them on behalf of AIR INTERSALONIKA H.A.T.C.S.A., on the basis of a contract signed between them. The recipients of the data are the Anonymous Travel and Airline Company named “MOTUS TRAVEL”, which undertakes on behalf of AIR INTERSALONIKA H.A.T.C.S.A. the management of airline requests and other Companies of the INTERSALONIKA Group (INTERSALONIKA LIFE INSURANCE COMPANY S.A., INTERSALONIKA GENERAL INSURANCE COMPANY S.A., INTERSALONIKA EMPOTERTECHNIKI S.A.), travel and airline companies, advertising companies and public authorities (for example the Hellenic Civil Aviation Authority – HCAA or equivalent authorities based abroad). In the case of an explicit obligation stemming from the law or a transnational contract or contractual reinsurance obligation, the data may be transmitted to third countries or organizations or reinsurance companies for the purpose of carrying out tax audits, for money laundering, compliance with transnational agreements etc. In cases of patient transport, in addition to the above, recipients of data may also be hospitals, doctors, public authorities, third-party insurance companies and intermediaries. Transmission of data from the Company to abroad may take place only on the basis of an explicit legal obligation.
9. WHICH ARE THE DATA SUBJECT’S RIGHTS?
The data subjects may at any time exercise the rights provided by the Regulation, namely: (a) the right to obtain from the controller a confirmation as to whether or not the personal data relating to them are processed and, if so, whether or not they have the right of access to personal data, (b) the right to require from the controller, without unjustified delay, to correct inaccurate personal data relating to them, (c) the right to ask from the controller to erase personal data relating to them, (d) the right to request the limitation of data processing, (e) the right to receive personal data concerning them, which they have provided to a controller in a structured, commonly used and machine-readable format and the right to transmit these data to another controller, (f) the right to oppose, at any time and on grounds relating to his particular situation, the processing of personal data concerning them,(g) the right not to be subject to a decision taken solely on the basis of automated processing, including profiling, which produces legal effects concerning them or significantly affecting them in a similar way.
10. HOW ARE THE RIGHTS OF THE DATA SUBJECTS EXERCISED?
All the subject’s data rights are exercised free of charge – unless the requests are repeated frequently and their handling entails administrative costs and therefore there might be a related charge – by sending a letter to: INTERSALONIKA GROUP, 15th km Thessaloniki – Peraia Road, P.C. 55102, Thessaloniki, Greece (c/o the Data Protection Officer) or via e-mail, at the e-mail address: email@example.com If a data subject’s right is exercised, a response must be given within a thirty (30) days period after the receipt of the subject’s letter or e-mail, containing the information, either for the satisfaction of the request or for the reasons which might hinder its satisfaction. In any case, you always have the right to contact the Hellenic Data Protection Authority, for issues concerning the processing of your personal data. If you need information about filing a complaint, you can visit the Data Protection Authority’s official website (www.dpa.gr -> My Rights -> Submitting a Complaint), where more detailed information is available.
1. What are Cookies and where are they used?
2. Type of Cookies
Α) Necessary cookies
These are the cookies that are necessary for a website’s function. Without these cookies, the website cannot function properly. For this category of cookies we do not ask for your consent. For all other types of cookies your consent is required.
Β) Functional Cookies
They are cookies that improve the functionality of the website. Thanks to these cookies, browsing is tailored to your interests and time is saved that would otherwise be lost, if information was re-entered.
C) Sessional Cookies
Sessional cookies are temporarily stored for the time span of navigation and they are erased from the computer when the browser is closed.
D) Third-party cookies
3. Cookies’ Control
Internet Explorer http://support.microsoft.com/kb/278835
4. List of cookies used
|Our website||Cookie Consent||Necessary||1 year|
|Google Analytics||_ga||Used to distinguish visitors||2 years|
|Google Analytics||_gid||Used to distinguish visitors||24 hours|
|Google Analytics||_gat||Used for the submission rate of requests||1 minute|