- Update on the processing of your personal data by the Mytilene Charity Institutions
At Mytilene Charity Institutions we respect your personal data and that is why when we process them we take technical and organizational measures to ensure their protection. With this Personal Data Protection Policy (hereinafter "Protection Policy") we inform you about the purposes of processing, the ways of using, managing and storing personal data.
For the personal data that you provide or disclose to the data controller are: "Mytilene Charity Institutions"
Mytilini: Karantza 2 & Karantoni 2, 81100
If you wish to contact us for issues related to the processing of personal data as well as to exercise any of your rights, as provided for in the General Regulation on the Protection of Personal Data (EU 679/2016), you can call us on 22510 -28518 or send us an email at: [email protected]
Who we are;
The Mytilene Charity Institutions are a foundation. Legal person of private law governed by the provisions of the N.D. 3414/55 and of A.N. 2039/39. Its purpose is: the administration and maintenance of the Care Unit for the Elderly and Chronically Suffering "Saint George of Mytilene", the administration and management of the legacies of: Georgiou Bostanis - Karatonio - Nikolaou Mitrelia - Nikolaou Mitrelia - Vassiliou Kamba - Erifilis Archontopoulos Thrasyvoulos Archontopoulos and the grant of scholarships for undergraduate and postgraduate studies. The Mytilene Charity Institutions, the Nursing Home and the Clergy are managed by a nine-member Board of Directors chaired by the respective Metropolitan of Mytilene and including presidents of the scientific and productive classes as well as two well-respected members of the local community, who manage the Foundation with prudence and sensitivity.
What constitutes processing of personal data?
Processing of personal data is any act or series of acts carried out with or without the use of automated means, on personal data or sets of personal data, such as the collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, information retrieval, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction. (art. 4 GDPR). The processing concerns personal data that comes to the knowledge of the Mytilene Charity Institutions, in the context of its coordination and operation.
For which subjects do we collect personal data?
At the Mytilene Charity Institutions we collect and process data of guests and their relatives that you share with us for the purpose of executing the contract between us and providing the best service. We also keep personal data about our employees, as well as our suppliers for our operational needs. Personal data is held securely and is not passed on to third parties, except (a) in the context of our legitimate activities, (b) when required to comply with a legal obligation. Personal data may also be transmitted to our partners for the needs of our operation and whenever this takes place we ensure the observance and processing of personal data with security and contractual terms of confidentiality. These details are kept in our files (physically and/or electronically) in order to fulfill the operating purposes of the Mytilene Charity Institutions
What information do we collect?
-For Hosts: We gather the information that is necessary for the arrival, treatment, accommodation and execution of the contract such as: Surname, first name, father's name, mother's name, citizenship, date of birth, marital status, Identity card number, VAT number, DOY, AMKA, telephone, address, email. We also process data of special categories related to health, such as opinions and medical examinations, which are necessary for the full and proper provision of our services. On our part, care is taken so that this data is kept with increased protection.
-For the guardians of guests: We gather the information necessary to inform them about their relatives who are being hosted as well as the relative pricing of our services, such as indicatively: full name, VAT number, social security number, home address, telephone and e-mail.
-For our staff: For staff, the information collected and kept is provided by labor legislation. These include the data necessary for the payment of salary and any allowances. Information relating to the health of employees is also kept, in order to provide sick leave and special allowances.
-For suppliers/partners: The necessary data for the processing of transactions, such as full name/surname, registered office address, VAT number, bank account, are kept. Will we use your data for other purposes? No, at Mytilene Charity Institutions we do not use your data for purposes other than providing our services and informing and communicating with you. In case we wish to use your contact information in order to inform you about our new activities, we will inform you in advance by first asking for your consent.
When do we delete your data?
At Mytilene Charity Institutions, we keep your data only for as long as is absolutely necessary for the processing of the transaction between us and subsequent cooperation, in the context of effective customer service, as well as based on what is required by the relevant legislation. The data we hold are not subject to any other processing than what is detailed in this Protection Policy.
What are your rights?
To process your personal data, you can exercise:
A. Right to access (or update) the personal data concerning you and to receive information on the purpose of processing, data categories and recipients, if there has been a transfer (art. 15 GDPR).
B. Right to rectification of your data, in order to remove inaccuracies or complete deficiencies (art. 16 GDPR).
C. Right to delete your personal data, subject to par. 3 of art. 17 GDPR, if there is a legal obligation, or there is a reason of public interest, or archiving is kept for reasons of public interest or for the establishment, exercise or support of legal claims (art. 17 GDPR).
D. Right to restrict processing, subject to legal authority (art. 18 GDPR).
E. Right to object, subject to legal competence (art. 21 GDPR).
How can you exercise your rights?
To exercise your rights, you can contact the Contact Person for personal data, Ms. Simantiris, or fill in the relevant form posted on the website of the Mytilene Charity Institutions and send it either to the address Karantoni 2, or electronically to the email: filamyt @otenet.gr Furthermore, if you consider that you are not satisfied, you reserve the right to submit a written complaint to the competent supervisory authority, the Personal Data Protection Authority (1-3 Kifisias Street, PO Box 115 23, Athens, T: 210 6475600, e -email: [email protected]).
When will we get back to you?
We respond free of charge and without delay, and in any event within one (1) month of receiving your request and processing the required identification. However, if your request is complex or there are a large number of requests, we will inform you within the month that we will need to obtain an extension of two (2) months within which we will respond to you.
*Policy Protection Update
Emphasizing the individual developments and specializations of the legislation for the protection of Personal Data, we intend to carry out a review of this Protection Policy, in order to achieve the best possible protection of your personal data.
Version 1, 27/09/2019