Security and Personal Data Policy

Mycert Ltd hereinafter “Company”, as a Certification & Training Body, attaches great importance to the lawful processing, security and protection of your personal data, in whatever capacity you cooperate or communicate with us (such as, indicatively, as prospective or active Customers, Partners, Trainees, Suppliers, Employees, Individuals, website visitors or generally third parties cooperating with our Organization). Please read these terms and the relevant Security and Privacy Policy of our Company carefully.
By using our websites and signing the relevant declaration of consent, you unconditionally accept the practices described herein and the terms of which shall henceforth govern the contractual relationship between us and are incorporated into the terms of use of each of our services. Your personal data includes any information, on paper or electronic media, which can lead, either directly or in combination with other data, to your unique identification / identification or to your identification as a natural person.
This category includes, as the case may be, information such as Name, VAT number, VAT number, VAT number, your physical & electronic addresses (emails), your landline and mobile phone numbers, SMS/MMS recipient details, bank/debit card details / of your prepaid cards, identification details of your equipment or terminal devices - computer - smartphone - tablet, history of your online searches (log files, cookies, etc.),and any other information that allows your unique identification according to the provisions of the General Data Protection Regulation (GDPR 2016/679) For example, we process and protect your personal data within the framework of the law, and in accordance with the relevant Legislative & Regulatory framework for Certification / Training Bodies, data collection from Certifications / Inspections / Controls / Trainings, in the context of Marketing actions but also in the context of your communication / support / information as well as in any other activity of our Company.
Our Company will use your information for the following lawful processing purposes, within the framework of the Agreement between us or if you have given us your express and specific consent, per service (which you can freely revoke at any time), namely:
• For the management of your data & information within the framework of our Certification / Inspection / Audit / Training services • For your support / information about our Company's services / projects / response to your requests and questions as well as information and response to your suggestions and comments on improving our services.
• For reasons of "internal" assurance of the quality of our services To analyze website traffic and improve your experience and to provide you with information related to services, educational programs, general / technical information, etc.
• For internal operations and analysis such as internal management, fraud prevention, use of management, invoicing, accounting, billing and control information systems. In any case, you can change your preferences at any time by using the unsubscribe link at the end of every email you receive from us. This Privacy Policy aims to inform you about the terms of collection, processing and transmission of your personal data that we may collect as Controllers or Processors. Our Company and its trained Staff apply the ten Processing Principles of GDPR 2016/679 (lawfulness, objectivity, transparency, purpose limitation, data minimization, accuracy, storage time limitation, integrity, confidentiality and accountability).
Our Company protects and ensures your eight Rights regarding the use of your Personal Data (update, access, correction, deletion, restriction of processing, portability, opposition and non-automated decision-making based on profiles, as specified in GDPR ) . The above apply without any discrimination and are applied to all processing carried out and to all services provided by our Company.
Our Company collects your personal data with your consent and acceptance of the terms of use of each of our services, such as:

• When you call our numbers, when you send us an email or fill out a request for information / service offer / registration in an Educational program.

• In the context of the implementation of Inspections / Controls / Certifications / Trainings

• When you send us the postal address of issue or dispatch of an invoice or proof of service as well as delivery details of a document (eg a Certificate).

• When you voluntarily subscribe to print or electronic directories to receive printed, electronic or SMS newsletters or other marketing materials or renew such preferences

• When you visit our websites through which we collect, through cookies, the necessary information from your terminal device and browser.

Our Company will always ask you for the minimum required by law of your personal data for the implementation of our Services and the best possible service. Our Company keeps your personal data only for as long as is required by the contractual conditions of each service, in conjunction with the text for Certification / Training Bodies as well as the general telecommunications, tax and other legislation and Regulatory framework, based on the purpose processing
while then anonymizing or destroying them.

You can ask us and find out what data we collect about you and correct or delete it, unless its retention is required by law for tax, evidentiary or judicial purposes and for the prosecution of illegal acts.

In compliance with the relevant European E-Privacy Directive 2009/136/SE (which will soon be replaced by a Regulation) our website ([email protected]) uses "cookies". Cookies are online "tools" for collecting and analyzing information from partner websites of third parties or from social networking platforms, in order to measure traffic, improve the operation, content and overall appearance of our website and adapt to the needs of Our customers.

By using our website, you agree (opt-in) with the processing of your personal data collected by search engines or social networks, such as e.g. Google Analytics, Facebook social plug-ins, Google+ etc. (in which there is no involvement, influence or control on behalf of our Company) and which are transmitted either inside or outside the European Economic Area (28 EU member states plus Iceland, Liechtenstein and Norway), for which such third parties are solely responsible.

If you do not wish third parties, such as Google, Facebook, Twitter, etc. to receive information from your browser, when you visit the Company's websites, you can opt out by making the corresponding choice as provided by the respective Usage Policy available on the website of each such third party part.

Although most browsers automatically accept the use of cookies, you can always change the settings on your computer, choosing not to accept cookies, or being asked to accept each of them separately. However, you should be aware that this will limit the range of browsing options available to you on each website.

As a rule, our Company does not transmit your personal data to third parties except when clearly required by the Legislation / Regulatory Framework or when we act as "intermediaries" and to the extent that this is required to complete one of our services and fulfill requests regarding services provided by us. Such third parties may be official Supervisory / State Bodies (eg ESYD, ADPPH etc.) and/or Mycert Ltd, when we are called upon to comply with legislation / regulations for Certification / Training Bodies and/ or prevent at our expense and illegal actions at the expense of our Customers (e.g. fraud, insult, insult to personality, etc.).

At the Company, we select reliable Partners and try to set contractual restrictions on third parties who may receive your personal data, in order to ensure as far as possible that they use it in accordance with this Policy and applicable European and international data protection laws. In order to process your data, we may need to transfer your information to other countries, including countries primarily within and exceptionally outside the European Economic Area (EEA) based on EU adequacy decisions, binding corporate rules, standard contracts and approved codes of conduct.

In any case, we take appropriate technical and organizational measures to ensure that your personal information is transferred, stored and processed in accordance with appropriate security standards and procedures and in accordance with the terms of this Policy and applicable data protection laws. In the Company we recognize the importance of protecting your privacy and all your personal information.

For this purpose, we have appropriate security policies and use appropriate technical and operational tools, such as anonymization, pseudonymization, data encryption, use of firewalls, establishment of access levels, authorized employees, staff training, periodic audits), compliance with international security and business continuity standards . Any of our partners who have access to the above information, uses it to exclusively serve the above purposes. We share the information you give us only in the ways described herein Policy and in accordance with your express and specific consent per type of processing which you can freely revoke at any time by contacting us.

We may use your personal data together with other information we have collected (basic contact information such as Name / Company / Telephone / Address / email), after human intervention by our Commercial Department or other Executives, in order to perform, for your own better information / information, relevant Marketing promotions (emails, informative Newsletters etc.). However, we do not use automated tools to identify and evaluate your consumer profile and general preferences with other personal information (such as your email address) in order to display advertisements or send you personalized offers. In addition, we do not share your personal information with third parties so that they can send you relevant advertisements, unless you have expressly consented to them.

The websites of our Company may contain links that lead to other websites of third parties, independent entities, such as indicatively, companies providing services, which are operated and maintained exclusively by them, and which we do not control, as we mentioned above. Therefore we bear absolutely no responsibility for the content, actions or policies of these websites. Please read carefully the respective data protection policies of the different websites you visit, as they
may differ significantly from ours.

Our company does not allow the use of our website or our services for the transmission of bulk or unsolicited commercial e-mail messages (spam). Furthermore, we do not allow sending messages from and to our Customers that use or contain invalid or falsified headers, invalid or non-existent domain names, techniques to hide the origin of each message, false or misleading information or violate the website terms of use.

We do not in any way allow the collection of email addresses or general information of our customers and subscribers through our website or services. We do not permit or authorize any attempt to use our services in a manner that could damage, disable, overburden any part of our services, or interfere with anyone wishing to use our services.

If we believe there is any unauthorized or inappropriate use of any of our services, we may, without notice, at our sole discretion, take appropriate action to block messages from a particular domain, server emails, or an IP address. We may immediately delete any account using our services that, in our sole discretion, transmits or is associated with the transmission of any messages that violate this policy.

If you have questions or comments about this security and privacy policy, or if you believe that we have not followed the principles set out in it, please email us at [email protected]

This Policy was published by our Company on 1/11/2022 and is subject to periodic improvement and revision. Any changes to this Policy will apply to information collected from the date the revised version is posted, as well as to existing information we hold. The use of the website after the publication of changes implies your acceptance of these changes.