We are located in
Greece, Bulgaria, Romania, Serbia, China

Privacy Policy

    Privacy Policy

    The implementation of the General Data Protection Regulation (GDPR) is a priority for TEU SA SHIPPING & FORWARDING CO.

    Data Controller

    • Official Name: TEU SA SHIPPING & FORWARDING CO.

    • Vat Number: 099775920

    • Telephone:+ 30 2310-566788

    • Εmail:info@teu-group.com

     

    TEU SA SHIPPING & FORWARDING CO. accepts personal data: Any information relating to an identified or identifiable natural person alive. For example, this information includes name, home address, I.D. number, Internet Protocol (I.P.) code, information about their health and insurance capacity, employment status, and more.

    Special categories data, such as health, racial or ethnic origin, trade union activity, etc., receive special protection.

    The rules apply when collecting, using, and storing personal data digitally or in hard copy through a structured filing system.

    This policy is in line with the E.U. General Data Protection Regulation. (GDPR), and opinions/decisions issued by the Hellenic Data Protection Authority.

    Terms and Definitions

    1. ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

    2. ‘Processing’ means any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    3. ‘Restriction of processing’ means the marking of stored personal data to limit their processing in the future.

    4. ‘Filing system’ means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised, or dispersed on a functional or geographical basis,

    5. ‘Controller’ means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

    6. ‘Processor’ means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

    7. ‘Recipient’ means a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry by Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall comply with the applicable data protection rules according to the purposes of the processing.

    8. ‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

    9. ‘Consent’ of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

    10. ‘Personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

    11. 'Special categories data' means personal data disclosing racial or ethnic origin, political views, religious or philosophical beliefs, or trade union affiliation, as well as the processing of genetic, biometric data for the data relating to health or data relating to the natural sexual life or sexual orientation of a person.

    Categories of Personal Data Collected

    In the context of its activities and its regular operation, TEU SA SHIPPING & FORWARDING CO. may collect personal data of both its customers or associates, as well as its employees, as well as its associates in general, as well as other natural persons with whom it trades, in the context of its operation. Depending on the form and purpose of processing per service, TEU SA SHIPPING & FORWARDING CO. may collect and process personal data, such as the following: 

    CATEGORIES OF DATA SUBJECTS

    CATEGORIES OF DATA

    Clients

    Client data, whether natural persons or legal representatives of legal persons. These may include:

    1. Identity and demographics (e.g., name, patronymic, etc.)

    2. Contact information (e.g., postal address, telephone, Email, etc.)

    3. Business information

    4. Contracts

    5. Account balances

    6. Bank Accounts

    7. Other relevant information

    Suppliers / Contractors

    The data of the company's suppliers, in the case of private entities or legal representatives of legal entities. These may include:

    1. Identity and demographics (e.g., name, patronymic, etc.)

    2. Contact information (e.g., postal address, telephone, Email, etc.)

    3. Business information

    4. Account balances

    5. Bank Accounts

    6. Other relevant information

    Data of other natural persons

    The data of other natural persons who happen to visit the company’s facilities or belong to collaborating bodies.

    Employees (Active or Not) / Candidate Employees

    Data of the company’s employees, under any employment relationship, and data of former and prospective employees, which are kept in official files or any other services to operate their employment relationship with the legal entity. These may include:

     

    1. Identity and demographics (e.g., name, patronymic, etc.)

    2. Insurance details (e.g., AMKA and other Social Security Authority details if required)

    3. Contact details (e.g., postal address, telephone, Email, etc.)

    4. CV’s

    5. Health data (e.g., medical certificates and opinions, blood donation data, etc.)

    6. Financial data (e.g., bank accounts, tax returns, statement of assets, etc.)

    7. Marital status details (e.g., certificates and certificates, number and details of children, etc.)

    Table 1. The categories of Data Subjects and their data

    Purposes and Legal Basis of Processing

    TEU SA SHIPPING & FORWARDING CO. may collect and process the personal data of the individuals mentioned in the preceding paragraph who use its services and products. In principle, TEU SA SHIPPING & FORWARDING CO. may collect and process personal data for the following purposes with the corresponding legal processing bases:

     

    PURPOSE OF PROCESSING

    LEGAL BASIS

    The collection, processing, cross-referencing, and transmission of data of the Tax, Insurance, and Labor Administration exclusively for the support and operation of the framework of their responsibilities

    1. Processing is necessary for compliance with a legal obligation [Art. 6 §1 case. c) GDPR] and/or

    2. Processing is necessary for the purposes of the legitimate interests [αρθ. 6 §1 case. f) Γ.Κ.Π.Δ.]

    The collection and processing of the necessary data of employees and / or prospective employees and associates for the proper service of existing employment or cooperation relationships or the consideration of possible future cooperation

    1. Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract [Art. 6 §1 case. b) GDPR] and/or

    2. Processing is necessary for compliance with a legal obligation [Art. 6 §1 case. c) GDPR] and/or

    3. Processing is necessary for the purposes of the legitimate interests [Art. 6 §1 case. f) GDPR]

    4. Processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law [Art. 9 §2 case. b) GDPR]

    Provision of products and services

    1. Processing is necessary for compliance with a legal obligation [Art. 6 §1 case. b) GDPR] and/or

    2. Processing is necessary for the purposes of the legitimate interests [αρθ. 6 §1 case. f) Γ.Κ.Π.Δ.]

    For any other form of processing, TEU SA SHIPPING & FORWARDING CO. requests special written, free, and after prior informed consent of the subjects before the start of the processing, if required.

    Table 2. The main purposes and legal bases of processing

     

    The reference to more than one legal basis of processing does not mean that TEU SA SHIPPING & FORWARDING CO. changes them (lawful basis swapping) undermining the rights of data subjects, but that there are cases where more than one legal basis is applicable.

    Finally, TEU SA SHIPPING & FORWARDING CO. does not use the consent of the data subjects (whether it is simple data or special categories) as the main processing base, recognizing the inherent inequality that exists about the data subjects at any time and under the recommendations of its Working Group No. 29 (now European Data Protection Council). However, and exceptionally, for a few cases where additional service is provided to the subjects (beyond the legal ones), the consent is used to a limited extent as a legal basis for processing and only then.

    Data Transfer to third parties

    The personal data collected may be shared or transmitted to third parties as long as this is required to fulfill obligations by law or is necessary to perform our services provided in compliance with the guarantees of the relevant legislation. We may outsource some of our services to individuals or legal entities. Only the personal data necessary for the fulfillment of the assigned services are transmitted to these entities, which are committed to our Company in terms of confidentiality and secure processing of personal data.

     

    Rights of Data Subjects

    TEU SA SHIPPING & FORWARDING CO. recognizes individuals' rights concerning the protection of their personal data. Thus, natural persons have the right to:

    1. Be informed about the processing of their personal data.

    2. Gain access to the personal data concerning them.

    3. Request the correction of incorrect, inaccurate, or incomplete personal data.

    4. Request the deletion of personal data when it is no longer necessary or if the processing is illegal. If applied as a legal basis for processing Art.6 par.1 case. e ) GDPR (processing for the fulfillment of a duty performed in the public interest or during the exercise of public power and the Art.9 par.2 case b ), g), j) in most of the processes of the TEU SA SHIPPING & FORWARDING CO., the right of deletion is limited and will be evaluated ad-hoc. According to Art. 4 of the Explanatory Memorandum of the GDPR, the right to personal data protection is not absolute; it must be valued concerning its functioning in society and weighed against other fundamental rights under the principle of proportionality.

    5. Oppose personal data processing for reasons related to their unique situation, subject to Art.21 par.6 of GDPR.

    6. Apply for a restriction on personal data processing in specific cases.

    7. Submit a complaint to the Hellenic Data Protection Authority (1-3 Kifissias Ave., 11523 Ampelokipi, tel. 210.647.5600, www.dpa.gr) or to the supervisory authority of the EU Member State where they reside or work or to the supervisory authority of the place of the alleged infringement.

     

    Communication of Natural Persons

    The above rights, as well as any rights related to personal data, are exercised upon a written request submitted to any point that is accessible to the public or via electronic communication by sending a message to dpo@teu-group.com and is also examined by the Data Protection Officer, as appointed by TEU SA SHIPPING & FORWARDING CO.

    Processing principles

    TEU SA SHIPPING & FORWARDING CO. accepts the basic principles governing the processing of personal data. According to article 5 of GDPR, personal data shall be:

    1. Processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’).

    2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’).

    3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’).

    4. Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’).

    5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to the implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’).

    6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

    Records of processing activities

    TEU SA SHIPPING & FORWARDING CO. keeps a record of the processing activities for which it is responsible. That record contains all of the following information:

    1. The name and contact details of the controller and, where applicable, the joint controller, the controller’s representative and the data protection officer.

    2. The purposes of the processing.

    3. A description of the categories of data subjects and of the categories of personal data.

    4. The categories of recipients to whom the personal data have been or will be disclosed, including recipients in third countries or international organisations.

    5. Where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards.

    6. Where possible, the envisaged time limits for erasure of the different categories of data.

    7. Where possible, a general description of the technical and organisational security measures referred to in Article 32(1).

     

    Protection of Personal Data

    Considering the nature, the scope, the context, and the purposes of the processing, as well as the risks of the different probability of occurrence and seriousness for the rights and freedoms of natural persons, TEU SA SHIPPING & FORWARDING CO. applies appropriate technical and organizational measures to ensure and be able to prove that the processing is carried out under the GDPR, adopting and implementing a holistic personal data security policy.

    During the assessment of the appropriate security level by TEU SA SHIPPING & FORWARDING CO., account shall be taken of the risks arising from the processing, particularly from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data transmitted, stored, or otherwise processed.

    To prevent personal data breaches, TEU SA SHIPPING & FORWARDING CO., as the controller, has adopted and implements a policy against attacks on the information systems it owns and manages and a specific policy for the management of any cases of personal data breaches.

    Staff Training

    TEU SA SHIPPING & FORWARDING CO., accepts that personal data protection presupposes the awareness of its human resources regarding personal data protection. In this regard, it accepts adopting and implementing the principle of proper education guidance using Fair Information Practices (FIP), which condense a set of standards governing the collection and use of personal data and addressing privacy issues and accuracy. TEU SA SHIPPING & FORWARDING CO., seeks to raise awareness of fundamental concepts of personal data protection on its human resources.

     

    Notification Regarding the Processing of personal data through Social Media

    Our Company has an account on LinkedIn.

    In the aforementioned Social Network, our Company processes personal data (such as your username and possibly your photo) to provide information about our activities and services and an additional way of communication.

    In any case, we declare that we do not know and are not responsible for whether the Social Network in question carries out further processing of personal data, whether it has additional processing purposes, whether it carries out transfers to third countries, whether it uses processors and sub-processors for the processing of your data if it carries out profiling and the way they carry out the overall processing of personal data.

    We recommend that you consult the personal data protection policy of the Social Media in question before providing any consent. You are responsible for this processing if you upload your photos to our page on the above Social Network or additional personal data by your actions. Due to the ease of sharing photos and other personal data on Social Networks, we recommend using them while assessing the possible risks arising from their publication.

    Our Company does not and cannot exercise influence and control regarding the nature and extent of personal data collected and held by Sonail Network as a condition or result of their use and bears no responsibility for collecting and processing personal data. For more information on the purposes of collection and further processing and use of personal data by social networking platforms as well as on the rights and available settings to protect your privacy and your data, please consult the privacy policy of the respective social networking platform.

    Modification

    This policy may need to be amended regarding the processing of personal data. Suppose the modification of the terms in question is of such nature and extent that the above data processing terms do not cover it. In that case, TEU SA SHIPPING & FORWARDING CO. must make public the new version of the policy.