"Your brand grand IKE", hereinafter referred to as "impressme", considers the security and protection of your personal data, in whatever capacity you communicate or cooperate with us, as an indicative and not restrictive candidate or active customer, employee, supplier, as top priority traders, individuals, consumers or affiliated third parties.
Your personal information includes any information that may lead, either directly or in combination with others, to your unique identification or identification as a natural person. This category includes information such as your name, tax ID, social security number, your physical and electronic addresses, your landline and mobile numbers, your bank / debit / prepaid card numbers, your email addresses, your transaction details, your telephone and internet communications, your payment data, your equipment or terminal identifiers, such as POS, PC, smart phone, tablet, your internet search history (log files, cookies, etc.) etc), and any other information that enables your unique identification, in accordance with the provisions of the General Regulation on the Protection of Personal Data (GGD 2016/679), the applicable Greek legislation and the decisions of the Personal Data Protection Authority (ASCPD).
impressme and its trained staff apply the ten GDPR Processing Principles 2016/679
4. purpose limitation
5. data minimization
7. shorter storage time
with the aim of protecting your eight rights to Use of Your Personal Data
5. restriction of processing
8. profile-based manual decision-making
as specialized in Greek law. The above applies without distinction and apply to all the processing they perform and to all services provided by our company.
2. Ways to collect personal data
impressme will always ask you for the minimum personal data required by law to buy spectacle tickets, purchase our other products or services, or participate in competitions and promotions. These include, where appropriate, username / password, password, debit / credit / prepaid card number, expiry date and expiration date, contact phones, email address, posting or shipping address or invoice or service receipt as well as delivery details of your order.
impressme only retains your personal data for as long as required by the contractual terms of each service, in combination with the applicable financial, banking, tax, telecommunications and other laws, based on the purpose of processing and then anonymises or destroys them.
3. Cases of personal data collection
impressme collects your personal information in the following cases:
- When completing an application - form on our website to purchase a product and / or service.
- When you voluntarily subscribe to print or online directories to receive forms, electronically or by SMS informational or other marketing material or to renew your preferences or participate in competitions, questionnaires and surveys.
- When communicating with our offices or our Customer Service staff, with your comments and preferences for purchases, products you have searched for, and for posting your opinion or feedback.
- While visiting and navigating our sites where we collect, with appropriate data collection tools such as cookies, information from your terminal device, such as your anonymous Internet Protocol (IP) address, operating system you use, type and version of your browser, etc.
When submitting to us documents, documents, orders, reports, seizures, warrants, etc. of third parties, such as supervisory, prosecutor, judicial, tax authorities, banking organizations, card issuers, payment and credit card control agencies, providers credit information to protect you against fraud or black money trafficking or the fight against financial and cybercrime.
4. Cookies Policy
Our site uses small files, known as cookies, so as to work better and enhance your experience. These files are stored on your device if necessary for the operation of this website. For all other types of cookies, we obtain your necessary consent through an appropriate mechanism.
5. Principles of processing
We are committed to protect your privacy and handle your data in a transparent manner, therefore, we process your personal data in accordance with the GPDR and Greek data protection law for at least one of the following reasons:
A. For the performance of a contract
We process personal data in order to make transactions and offer our services based on our terms of service, but also to be able to complete the process of contracting with prospective partners and customers.
The purpose of the processing of personal data depends on the requirements for each service and the contractual terms and conditions provide more details about the purposes involved.
B. To comply with a legal obligation
There are certain legal obligations arising from the relevant laws applicable to us as well as regulatory / legal requirements, e.g. the Law on Money Laundering, the Tax Legislation, the Law on Payment Companies.
There are also a number of supervisory principles that we have to apply, such as: of the Bank of Greece. Such obligations and requirements impose the necessary activities for the processing of personal data for identity verification, compliance with court decisions / warrants, fraud reporting obligations and anti-money laundering controls.
C. In the interests of the protection of legal interests
We process personal data in order to safeguard the legitimate interests pursued by us or by third parties. There is a legitimate interest when we have a business or commercial reason for using your information. But, even then, you should not be opposed to what is right and better for you. Examples of such processing activities include:
Installation of surveillance systems (CCTVs) for the prevention of criminal activities and the protection of persons and goods.
Creation of legal claims and preparation of our defense in litigation.
Measures and procedures we take to ensure the security of our systems and to prevent possible criminal activity.
Measures and procedures for developing new services and expanding / managing our activities.
To communicate new services to our customers.
To provide technical support.
impressme's risk management.
D. Because you have given your consent
Once you have explicitly given us your consent to processing (except for the reasons stated above), the legality of this processing is based on that consent. You have the right to withdraw your consent at any time. However, any processing of personal data prior to the receipt of your recall shall not be affected.
6. Transmission to third parties
When you use our site and provide us with personal information, we at impressme act as intermediaries and do not transmit or share your information with third parties unless required to complete your order and fulfill requests regarding the services provided by us or to suggest ways to improve your overall experience with the services provided.
Such third parties may be spectacle producers, travel providers, airlines or ferry companies, telecommunications companies, reservation systems and other global distribution systems.
At impressme we choose trusted providers and we strive to put contractual restrictions on third parties who receive your personal data to ensure that they use it in accordance with this Policy and applicable in Europe (GPDR 2016/679) and international data protection laws.
However, we cannot guarantee that they will not use or disclose this data without your permission. Therefore, we recommend that you carefully review the privacy practices of any third-party providers whose products you purchase through our websites.
In addition, third parties may contact you, when necessary, to obtain additional information about your potential service, payment or booking.
In order to process your data, we may need to transfer your information to other countries, including countries basically within and exclusively outside the European Economic Area (EEA) on the basis of EU competence decisions, corporate binding rules, standard contracts and approved codes of conduct.
In all cases, we take the appropriate technical and organizational measures to ensure that your personal information is transferred, stored and processed, in accordance with appropriate security standards and in accordance with the terms of this Policy and applicable data protection laws.
Finally, we may transmit or disclose your personal information to official, national or foreign, government and supervisory bodies (e.g. police, Bank of Greece, international tax authorities, etc.) when required to comply with the law and to prevent illegal actions (e.g. fraud, money laundering, etc.) against us and our customers.
7. Security of personal data
At impressme we have trained and responsible staff, while recognizing the importance of protecting your privacy and all your personal information. To this end we have appropriate security policies and use appropriate technical and operational tools such as anonymization, pseudonymization, data encryption, use of firewalls, establishment of access levels, authorized employees, staff training, periodic data protection audits.
Any affiliate with access to the above information uses it solely for the purposes above. We share the information you give us exclusively in the ways described in this Policy and in accordance with your express and specific consent to any type of processing that you may at any time freely revoke by contacting us.
8. View targeted ads
We may use your personal information together with other information we have collected, following the human intervention of our merchant department, to display ads related to your obvious preferences, on our site or on another site.
However, we never associate automated customer data about your consumer profiles and preferences with other personal information (such as your email address) to serve ads or send you personalized profiling offers. In addition, we do not share your personal information with third parties so that they will be able to send you relevant ads.
If you would like us to stop sending you updates or offers, you can use the unsubscribe link at the end of the email you received from us.
9. Links to Third Party Websites
Impressme's websites may contain links to other third-party websites, such as, for example, theme producers, transport providers, payment service providers, etc., which are operated and maintained solely by them, and which we do not control, as mentioned above.
We as impressme have no responsibility whatsoever for the content, actions or policies of these websites. Please read carefully the respective data protection policies on the different websites you visit, as they may differ significantly from ours.
10. Unsolicited commercial communication
We do not in any way allow the collection of email addresses or general information of our customers and subscribers through our website or our services. We do not allow or authorize any attempt to use our Services in a way that could harm, disable, overburden any part of our Services or prevent anyone wishing to use our Services.
If we believe that any unauthorized or inappropriate use is made of any of our services, we may, without notice, at our sole discretion, take appropriate measures to prevent messages from a particular domain, a server. emails, or an IP address. We may immediately delete any account that makes use of our services, which at our sole discretion, transmits or is associated with the transmission of any messages in violation of this policy.
11. Your data protection rights
You have the following rights to the personal data we hold about you:
2.Ask for the correction of the personal data we hold about you. This enables you to correct any incomplete or inaccurate data we hold about you.
3. Ask for the deletion of your personal information [known as the "right to be forgotten"]. This allows you to request that we delete your personal data when there is no valid reason to continue processing it.
4. Oppose the processing of your personal data [known as a "right of opposition"] when we are based on a legitimate interest but there is something special about your situation that makes you want to oppose the processing for this reason. If you file a complaint, we will no longer process your personal data unless we can prove compelling legitimate reasons for processing that override your interests, rights, and freedoms. You also have the right to object to cases where we process your personal data for direct marketing purposes. This also includes profile training, in so far as it relates to direct marketing. If you object to the processing for direct marketing purposes, then we will stop processing your personal data for those purposes.
5. Request to limit the processing of your personal data. This allows you to ask us to restrict the processing of your personal data, that is, to use it only in certain cases if:
a. they are not accurate,
b. they have been used illegally, but you don't want to delete them,
c. they are no longer needed, but you want to keep them for use in possible legal claims,
d. You have already asked us to stop using your personal data, but wait for us to confirm if we have legitimate reasons to use it.
6. Ask to receive a copy of your personal data in a structured, commonly used, and machine-readable format to transmit this data to other organizations. You also have the right to request that your personal data be transmitted directly from us to other organizations you designate [known as a data portability].
7. Withdraw your consent to the processing of your personal data at any time. Please note that any revocation of consent does not affect the legality of the consent-based treatment before it is withdrawn or revoked by you.
12. Right to lodge a complaint with the Data Protection Authority
If you have exercised any or all of your data protection rights and still feel that your concerns about how we use your personal data have not been adequately addressed, you have the right to complain to the Data Protection Authority (DPA).
13. Validity of Personal Data Protection
This Policy was published by impressme on 26/02/2020 and is subject to periodic improvement and revision.
Any changes to this Policy will apply to the information collected, from the date the revised edition is published, and to the existing information we hold. Your use of the Website after posting the changes implies that you accept these changes.