Nexia Eurostatus A.E. takes your privacy very seriously and considers the security and protection of your personal data as a top priority, in whatever capacity you communicate or work with us, such as, but not limited to, former or active customers, employees, suppliers or cooperating third parties.
Your personal data includes any information that can lead, either directly or in combination with others, to your unique identification or identification as a natural person.
This category includes indicative information such as name, tax number, social security number, your physical and electronic addresses, your landline and mobile phone numbers, your bank/debit/prepaid cards, your e-mail addresses, rating information, your online search history ( log files, cookies, etc.), and any other information that allows your unique identification according to the provisions of the General Regulation on the Protection of Personal Data (GPRD 2016/679) and the current Greek legislation and the decisions of the Personal Data Protection Authority (PDPA).
1. Who We Are
Nexia Eurostatus Certified Auditors S.A. is a member of the Nexia International group, a global network of independent auditors, business consultants and executives, and operates in Greece with headquarters in Athens.
Ambrosiou Frantzis 34,
11745, Neos Kosmos, Athens
Phone: 210 9008400
Fax: 210 9249568
2. Ways of collecting personal data
Nexia Eurostatus A.E. will always ask you for the minimum personal data required by law in order to receive our services, these include indicatively, as the case may be, first name, last name, email address, postal address for issuing or sending an invoice or proof of service provision, billing method which may also include credit card details, the account number in cases of receiving a transfer as well as details related to the service.
Your personal data is almost always collected for the performance of a contract between us in your capacity as a user of our services and/or as our supplier and/or as a visitor to our website.
Nexia Eurostatus A.E. keeps your personal data only for as long as is required by the contractual terms of each service, in combination with the relevant economic, tax and other legislation, based on the purpose of the processing, and then anonymizes or destroys them.
3. Personal Data of Minors
In general, for the performance of our activities, we do not collect or process personal data of minors, nor do we provide services to persons under 18 years of age.
We may process personal data of minors in the context of the processing of our work, for example payroll management of our customers or our employees, where it is a legal obligation to transmit data of minors to insurance funds and other public bodies.
4. Lawfulness of Processing
Nexia Eurostatus A.E. will use your information for at least one of the following lawful processing purposes:
For the signing and execution of a contract between us and the servicing of our contractual obligations.
Because it is necessary to comply with a legal obligation such as fulfilling our tax and accounting obligations.
To serve our legitimate business interests as well as the legitimate interests of third parties.
Legitimate interest is when we have a business or commercial reason to use your information.
But even then this use is in line with your fundamental rights, for example:
To provide you with effective service and support,
To respond to your requests,
To improve the security and usability of our website,
To conduct business with you,
To inform you about our new products and services,
To register your complaints.
Because you have given us your consent.
If we have received your valid consent, which you have freely provided, then the legality of the processing is based on this consent.
5. Transfer to third parties
In fulfilling our contractual and legal obligations, your personal data may be provided to specialized service providers and suppliers, such as external auditors, accountants and expert IT service providers, web hosting, storage providers, insurance funds as well as legal advisors with whom we cooperate and only to the extent necessary to provide our services to you and, respectively, theirs to our company.
These service providers and suppliers are bound by data processing agreements and are required to ensure confidentiality and data protection in accordance with the GDPR.
Your personal data may be transmitted to the competent Public Authorities, Insurance Funds, Supervisory Authorities and Judicial Authorities either for our compliance with our legal obligations or for the defense of our rights.
In any case, we take appropriate technical and organizational measures to ensure that your personal information is transferred, stored and processed in accordance with appropriate security standards and in accordance with the terms of this Policy and applicable data protection laws.
6. Transfer of Data to third countries (Outside the European Economic Area – EEA)
Nexia Eurostatus A.E. does not transmit your personal data to third countries.
7. How long we keep your data
We will process and store your Personal Data for the duration of our business relationship and for as long as is necessary to fulfill our contractual and legal obligations.
We will delete your data:
when it is no longer necessary for the purposes for which such information was collected and processed.
Upon your request or objection to processing, provided that there are no legal grounds that require us to retain this information.
When not necessary for the purposes of our compliance with legal obligations.
If the collection and processing of the data was based on your consent, after your consent has been withdrawn.
8. Automated decision-making and profiling
In carrying out our business activities, we do not use automated decision-making process. We may process certain aspects of your data in order to enter into a business relationship with you.
9. Use of your data for marketing purposes
We may process your personal data to inform you about our services and offers that may be of interest to you or your business.
The personal data we process for this purpose consists of information you provide to us and data we collect when you use our services. We may only use your personal data to market our products and services to you if we have your consent to do so or if we believe we have a legitimate interest in doing so.
You have the right to object at any time to the processing of your personal data for marketing purposes, including profiling.
10. Your Rights
You have the following rights in relation to the personal data we hold about you:
Have access to your personal data.
This enables you to e.g. receive a copy of the personal data we hold about you and check that we are processing it lawfully. To receive the relevant copy you can fill in the web form via the Company's website.
Request the correction of the personal data we hold about you.
This enables you to correct any incomplete or inaccurate data we hold about you.
Request the erasure of your personal information [known as the “right to be forgotten”]. This allows you to request that we delete your personal data when there is no legitimate reason for us to continue processing it.
Object to the processing of your personal data [known as the “right to object”] where we are based on a legitimate interest but there is something special about you that makes you want to object to the processing on this ground.
If you object, we will no longer process your personal data.
You also have the right to object in cases where we process your personal data for direct marketing purposes.
This also includes profiling to the extent related to direct marketing.
If you object to processing for direct marketing purposes, then we will stop processing your personal data for these purposes.
Request the restriction of the processing of your personal data.
This allows you to ask us to restrict the processing of your personal data, i.e. to use it only for certain cases.
Request to receive a copy of your personal data in a structured, commonly used and machine-readable format, in order to transmit that data to other organizations. You also have the right to request that your personal data be transferred directly from us to other organizations that you name [known as the right to data portability].
Withdraw the consent you have given us regarding the processing of your personal data at any time.
Please note that any withdrawal of consent does not affect the lawfulness of the processing that was based on the consent before it was withdrawn or withdrawn by you.
11. Right of complaint to the Authority
12. Security of personal data
We at Nexia Eurostatus A.E. we have trained and responsible staff, while we recognize the importance of protecting your privacy and all your personal information. For this purpose, we have appropriate security policies and use appropriate technical and operational tools, such as anonymization, pseudonymization, data encryption, use of firewalls, establishment of access levels, authorized employees, staff training, periodic audits.
Any of our partners who have access to the above information, uses it to exclusively serve the above purposes. We share the information you give us only in the ways described in this Policy.
13. Cookies Policy
In accordance with the EU E-Privacy Directive 2009/136/CE, which is being replaced by a Draft Regulation, our website accepts the use of "cookies". These are online tools for collecting and analyzing information that are necessary for the operation of the website, see our policy on cookies.
This Policy was published by Nexia Eurostatus A.E. on 5/25/2018 and is subject to periodic improvement and revision.
Any changes to this Policy will apply to information collected from the date the revised version is posted, as well as to existing information we hold. The use of the website after the publication of changes implies your acceptance of these changes.