Privacy Policy

Α. DATA CONTROLLER
A.1 METAL ERA company with the distinctive title ''metal-era'' (hereinafter referred to as ''the Company'') with its registered office at 22 Emmanouil Benaki 22 Athens, 106 78 Greece, e-mail: info@metalera.com.gr is responsible for the processing of your data.
A.2 The Company has appointed a Data Protection Officer and for any matter concerning your rights you can contact e-mail:info@metalera.com.gr

Β. GENERAL PRINCIPLES RELATING TO THE GDPR
B.1 The information you request from us and the information in this document is provided free of charge provided that it is valid, not excessive and not repetitive in nature. Otherwise, the company may impose a charge with a corresponding cost or refuse to provide the information of your request.
B.2 If the company has doubts about your identity when you make a request to exercise your rights, it may ask for more information to confirm your details and process your request.
B.3 The Company will respond to your above rights within one (1) month from the submission of the request or within four (4) months in special cases (e.g. complex request, request of great difficulty, large number of requests, etc.). If the Company has legitimate reasons as defined in the General Data Protection Regulation (GDPR 2016/679), it may refuse to provide information. In the event of a longer delay than foreseen or if you believe that your rights have been violated, you have the right to lodge a complaint with the supervisory authority at the following address: the Personal Data Protection Authority, 22 Emmanouil Benaki 22 Athens, 106 78 Greece, Athens e-mail: metalera.com.gr. You have the right to withdraw your consent by submitting a request to the Data Protection Officer at info@metalera.com.gr.
B.4 The effective protection of personal data requires the strengthening and detailing of the rights of data subjects. The General Data Protection Regulation refers to the way information is provided in a ''concise, transparent, intelligible and easily accessible form'' using clear and simple wording. The information may be provided either in writing or electronically.

Γ. PURPOSE OF PROCESSING THE DATA
Γ. 1 Partners - Customers - Suppliers - Employees
For current customers, suppliers, partners of our company, the purpose of processing your data is only the execution of the contract between us and compliance with tax legislation. The legal basis is the execution of the contract between us and compliance with the law. The retention period of your data is the one set by the tax legislation and after its expiry it will be deleted.
C.2 Candidate Partners - Customers - Suppliers
With regard to your potential partners, customers, suppliers, we know that your personal data (name, full name, telephone, e-mail, address, etc.) that you have provided to our company through digital or paper contact form, e-mail, telephone, etc. are intended to investigate the possibility of cooperation or transaction between us. The legal basis is to serve the legitimate interest of our company to enter into a commercial agreement with you. The data retention period is 12 months and after this period will be deleted.
C.3 Employee candidates
For prospective employees, the purpose of receiving your CV is to assess your employability by our company on the basis of your legal consent. The retention period is 6 months and after that time they will be deleted.
C.4 TRANSFER OF DATA OUTSIDE THE COMPANY
Transfer of your data outside the company is allowed if this is required by law (Labour Inspectorate, Insurance Companies, Tax Office, etc.). Also to computer and network technicians, computer software technicians for the purpose of computer support of the company as well as to anyone cooperating with the company for its smooth operation (such as accountants, transport companies, etc.)

Δ. RIGHTS
D.1 Right to information
You have the right to request information on the personal data we hold and have collected from you.
D.2 Right of access - rectification
Our company has the obligation, if requested, to give you access to the data we hold concerning you and to confirm whether or not your data is being processed, the purposes of processing, the categories of data, the recipients, etc. You also have the right to request a correction of the data if they have been changed or incorrectly recorded.
You reserve the right to complain to the supervisory authority if the information available has not been made available by you and you find out that profiling and automated decision-making has taken place.
D.3 Right to be forgotten - deletion
It is one of the flags of the regulatory reform effort.
If your personal data is not necessary for the purpose of collection or you consider it unlawful, you have the right to request its full or partial deletion. The company is obliged to reply to you within one month or four (4) months in special cases (e.g. complex request, request of high degree of difficulty, large number of requests, etc.) on the progress of your request. In case of failure to delete your data, you have the right to lodge a complaint with the supervisory authority (Personal Data Protection Authority, Kifissia 1-3, P.O. Box 115 23, Athens, e-mail:info@metalera.com.gr. tel. 2106475600) or to take legal action.
If you consider the processing of your data to be unlawful but do not wish to have them deleted due to a possible legal claim, if you question the accuracy of your data or if you consider that your rights override the reasons for processing by the Company, you have the right to request the restriction of the processing of your personal data (in terms of quantity, time and purpose of processing).
You have the possibility to object to the use of the processed data by the Company for the purposes of marketing and especially for profiling relevant to marketing.
D.4 Right of portability
You have the right to receive and transfer your data to a third party without any objection from the company and the possibility of direct transfer upon request without your intervention.

Ε. DATA SECURITY - GUARANTEES
The Company takes all necessary technical and organizational measures to protect your data as required by law and solely for the above purposes.
The Company will not forward your personal data except in cases required by law (tax authorities, insurance companies, etc.) and the providers of support for the Company's information systems.