Privacy Policy
Introduction
Welcome to "https://spotlightpos.com/el/", a website (hereinafter “Website"), owned and administrated by the company under the name “SPOTLIGHTPOS HELLAS MONOPROSOPI IKE" and the distinctive title “SPOTLIGHTPOS HELLAS", which has its registered office in Greece, Athens (ARISTAIOU 25- 27, ATHENS, 11636) [hereinafter "SPOTLIGHTPOS" or "Company"/"we"].
This Privacy Policy & Cookies Policy (hereinafter simply "Privacy Policy") was posted on [date].
The use of our website is subject to the Terms & Conditions and the present Privacy Policy.
We regularly review our Privacy Policy to ensure that it is up-to-date and accurate, in accordance with applicable law. SPOTLIGHTPOS may modify the Privacy Policy from time to time without prior notice, for reasons of compliance with the regulatory and legislative framework, including any recommendations and guidelines of the Hellenic Data Protection Authority (hereinafter simply "HDPA"), as well as for operational purposes. Any updated version of the Privacy Policy is posted with a date indication, so that you know which is the most recent and current version of it. We encourage you to regularly review the present terms, as your continued use of our website implies that you have accepted such amendments.
By using our website you unconditionally declare that you have reviewed, understood and accepted all the terms included in the Terms & Conditions and this Privacy Policy. If you do not agree with any of the terms included in the Terms and Conditions and/or the Privacy Policy, you must refrain from browsing and using our website and its services.
SPOTLIGHTPOS is committed to respecting and protecting your privacy. This Privacy Policy describes how SPOTLIGHTPOS, as a controller under the law, collects and processes personal data and other information of the users of our Website and how our Website uses cookies.
About Us
The full details of our company, which is responsible for the processing of your personal data, are as follows:
Name: SPOTLIGHTPOS HELLAS MONOPROSOPI IKE
Distinctive Title: SPOTLIGHTPOS HELLAS
Address: ARISTAIOU 25-27, ATHENS, 11636
GEMI Number: 131085703000
VAT number: 800590071
T.: +30 210 3256600
The purpose of the Privacy Policy
The Privacy Policy explains how we process your personal data when you contact us or when you use any of the services of our Website. Specifically, by reading the Privacy Policy you will be able to understand, among other things:
- the reason for which we collect and process your personal data; as well as the legal basis of their processing;
- which personal data we collect directly from you;
- how long they are kept;
- the categories of recipients – if any – of your personal data;
- if we intend to transmit personal data to a country outside the European Union (EU) or the European Economic Area (EEA);
- if we perform automated decision-making or profiling; and
- your rights in relation to the processing of your personal data and how you can exercise such rights.
To facilitate your perusal, the Privacy Policy is divided into units-chapters.
1. When and why we collect and process your personal data
Most of the personal information we process is provided directly by you for one of the following reasons:
- You directly contact us for whatever reason (e.g., through our Website or using our other contact particulars provided on our Website).
- You choose a service or one of our products, when you choose for your business one of the user licenses available through the Website.
- You send us an application as prospective employee-partner/job applicant to cover a job position at SPOTLIGHTPOS, either after we have placed an advertisement/post or on your own initiative.
- When you subscribe to our newsletter, to receive newsletters/ informational material (e.g., about our services, upcoming events) from our company.
- In general, when you simply navigate our Website, we do not collect any personal data. Regarding the use of cookies, please see in more detail the Cookies Policy of our Website.
2. Categories of data collected and how it is used
Personal data includes any information about you from which you can, directly or indirectly, be identified.
When you visit the Website, when you contact us and when you order our services/products, we may collect and process specific personal data about you, so that you may benefit from the functions and services provided through the Website.
Please note that we do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.
We also note that the Website is not intended for use by underage persons, and we do not knowingly collect personal data pertaining to underage persons.
Data collected directly from you
We may collect some personal data about you for communication purposes, such as to answer your requests for information, as well as to understand better your expectations and needs. Specifically, when you contact us via the contact form of our Website, we collect and process information about you, which you provide to us directly, such as your name, telephone number and the content of the communication you address to us. We will use this information to communicate with you and provide you with our services.
When you purchase a service, for example, when you select one of the available user licenses to access a range of tools to support your business, we collect and process certain information about you, our customers, such as information about your identity (e.g., name, identification details of your legal representative) and contact information about you (e.g., contact details; e-mail, content of our communications), including your registration information (e.g. your subscription information), as well as information regarding your billing as our customers (e.g. VAT number, payment details).
We will also collect and process certain information about you when you submit a job application to our Company, such as your identity and contact details and information about your education and professional experience. In this case, a separate privacy policy applies, namely the Job Applicants’ Privacy Policy, which is available here.
When you subscribe to receive our newsletter, we collect and process information you provide about you and specifically your name, e-mail address and the subject of the newsletter you are interested in.
Data collected using cookies and other tracking technologies
We also use cookies and other tracking technologies and we may collect information about how you use our website, technical data (including data and time of access, data volume transmitted, status of transmission, browser type, version and language, browser plug-in types and versions, your internet protocol (IP) address, operating system and interface, time zone setting and location, language and version of browser software) and profile data, including your referral website, pages you visit, actions you take, patterns of page visits and information from forms you fill in. On the basis of your prior consent, we may use your data in order to deliver advertising relevant to you based on the use of cookies. For further details on this and how to opt-out of such processing, please see the ‘Cookies and other tracking technologies‘ section of this Privacy Policy.
Data collected by third parties
We receive some of the above-mentioned technical data, relating to your device details (e.g., manufacturer, model, display characteristics, operating system, etc.), or information about your behavior (e.g., clicks, choices), from analytics providers such as Google.
Aggregated data
We may collect aggregated data, such as statistical information, for any purpose. While aggregated data may derive from your personal data, it is not considered personal data because such data does not directly or indirectly reveal your identity (for example, we may aggregate usage data to calculate the percentage of users who have access to certain elements of the website). However, if we combine aggregated data with your personal data so that it can directly or indirectly identify you, we will treat this combined data as personal data, which will be used in accordance with this policy.
Special Categories of Data - Sensitive Data
We do not knowingly collect through our website any special category of your personal data, such as information about your health, race or ethnicity, religious or philosophical beliefs, sex life, etc.
3. How we share your data?
SPOTLIGHTPOS may transmit data to third parties, when this is provided for by existing legislation as an obligation or alternatively in accordance with the guarantees and conditions provided by applicable law.
We do not share your personal data with third parties for the purposes of promoting products or services.
Service Providers
SPOTLIGHTPOS may engage external/third party service providers, who act as data processors of SPOTLIGHTPOS and provide specific services to SPOTLIGHTPOS, such as internet service providers, advertising service providers or service providers providing technical support. When providing such support services, external service providers may process your personal data as data processors of SPOTLIGHTPOS only on the basis of our instructions. The processing of your personal data by any data processor is governed by a contract that binds, among other obligations, each processor to the protection of your personal data.
Other recipients
SPOTLIGHTPOS may transmit, in order to comply with the applicable data protection legislation, personal data to judicial and/or law enforcement authorities, independent authorities, governmental authorities.
International transfers of personal data
SPOTLIGHTPOS transfers personal data in accordance with applicable law. To the extent that, in the context of and for the needs of the above-mentioned purposes, your personal data need to be transferred outside the EU/EEA, such data transfer will take place in accordance with applicable law and SPOTLIGHTPOS will ensure an adequate level of data protection. By entering into appropriate data transfer agreements based on Standard Contractual Clauses, accessible upon request to info@spotlightpos.com, or by taking other measures to provide an adequate level of data protection, SPOTLIGHTPOS ensures or confirms that all data recipients will provide an adequate level of protection for your personal data.
4. Legal basis for processing
We process your personal data when the law allows us to do so, that is, when we have a lawful basis for the processing. On a case-by-case basis, we process your personal data on the following legal bases:
- You have provided your consent to the processing of your data for one or more specific purposes (e.g., for the installation and use of specific, optional types of cookies, when you subscribe to our newsletter, when you contact us directly).
- The processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (e.g., when you select an available subscription/license to use the available SPOTLIGHTPOS tools).
- The processing is necessary to comply with a legal obligation of SPOTLIGHTPOS (e.g., obligations under tax legislation to which SPOTLIGHTPOS is subject to).
- The processing is necessary for the purposes of the legitimate interests pursued by SPOTLIGHTPOS (or those of a third party), provided that your fundamental rights do not override those interests. Such legitimate interests include (a) monitoring in order to ensure the efficient and secure running of the website and fraud and misuse detection and prevention; (b) the improvement of our services and website; (c) monitoring how our website is used, e.g., via data analytics, to help us improve the layout and information available on our website, our services, marketing and customer relationship.
If you choose not to provide your personal data in certain cases, it may result in disadvantages for you, such as we may not be able to provide you with a service or respond to your request or provide you with a promotion which you may find valuable.
5. How long do we keep your data?
Your personal data will be retained for as long as necessary to fulfil the purposes we collected it for, e.g., for as long as necessary to provide you with the functionalities of the website and the services requested. Once the data processing purpose is completed, we will either delete your personal data or anonymize your personal data, unless statutory retention requirements apply (e.g., tax legislation).
Especially:
- We retain your personal data which we collect from you when you subscribe to our Newsletter (e.g., email address) for as long as you remain subscribed on our recipients’ list, and we delete them if you revoke your consent.
- We retain your personal data which we collect from you when you submit a query or complaint, when you contact us via our Website or by any other available means of communication, for as long as necessary and until the relevant issue is duly addressed, or until any related claims are time- barred.
- We retain your personal data which we collect from you in the context of our contractual relationship for as long as such relationship lasts and after its expiration or termination for the maximum period of time in order to comply with our legal obligations (e.g., obligations arising from tax legislation) and until any related claims are time-barred.
- We retain your personal data which we collect from you when send us your CV during the recruitment process, if we have posted a job vacancy announcement, until the relevant vacancy has been filled. If you send an application for employment on your own initiative (unsolicited by us) and if we are not interested in such cooperation, your personal data shall be deleted one month from receipt. If your application – whether sent on your own initiative or in response to our advertisement – is approved, you shall be informed when you assume your post about how we will be processing your data as your employer from that time onwards. If your job application is rejected, we retain your personal data for a period of one year, only if you have given us your prior consent and you have asked us to inform you about any future co-operation opportunities, or until you withdraw your consent before the end of such periods. You can find more detailed information in the separate Privacy Policy of Job Applicants here.
- Cookies are stored on a per-session basis, to aid your navigation of our website. Persistent cookies may be set to store display related preferences. For further details on how to control cookies, please see the ‘Cookies and other tracking technologies‘ section of this Privacy Policy.
6. Data security
Considering the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing.
7. Your rights
Under the conditions provided for in the relevant legislation (EU General Data Protection Regulation 679/2016 and national implementing Law 4624/2019), you have the following rights regarding the protection of your personal data:
Right of Access
You can contact SPOTLIGHTPOS if you would like us to inform you about and explain if we keep data about you and which data we do keep, as well as the way in which we process them. You may also request a copy of your personal data which SPOTLIGHTPOS keeps about you.
Right to rectification
If you believe that your data are not accurate or that they should be updated, you are entitled to request the rectification of inaccurate personal data and the completion of incomplete particulars.
Right to erasure
Under certain conditions, e.g., when data are no longer required, when you have revoked your consent, or when data have been subjected to illegal processing, you may request SPOTLIGHTPOS to erase them.
Right to restriction of processing
If you believe that your data are not accurate or that their processing is illegal or if you believe that such data are no longer required by SPOTLIGHTPOS, you may request that processing be restricted.
Right to object
You may object to the processing of your personal data by SPOTLIGHTPOS for reasons which concern you and which pertain to your particular status, unless – among other things – there are imperative and legal reasons for processing, which should prevail over your interests, rights and freedoms.
Right to Data Portability
You may also request to receive the data pertaining to you in a structured, commonly used and machine-readable format and to have such data transmitted to another organization (controller) which you will make known to SPOTLIGHTPOS.
For additional and more detailed information about your rights, you may visit the website of the Hellenic Data Protection Authority (https://www.dpa.gr/).
Right of Complaint before the Hellenic Data Protection Authority
We inform you that you have the right to submit a complaint to the Hellenic Data Protection Authority (HDPA) for issues relating to the processing of your personal data. The Hellenic Data Protection Authority is based in Athens (Kifisias 1-3, PC 115 23). Regarding the competence of the Hellenic Data Protection Authority and how to submit a complaint, you can visit the website of the Hellenic Data Protection Authority (https://www.dpa.gr/).
Response Time to the Exercise of Your Rights
We are obliged to respond without delay and at the latest within one month from your submission of a request to exercise one of your aforesaid rights to SPOTLIGHTPOS. The one-month period may be extended by two months, in the event that your request is complex or if the number of requests is big. In the event of an extension, we shall in any case inform you within one month from your submission of a request. For any extension of the response time, we inform you in any case within one month from the submission of your request. As a rule, your requests are generally submitted and addressed free of charge. SPOTLIGHTPOS may impose a reasonable charge in the event that a clearly unfounded or excessive request is submitted, especially due to the repetitive character of such request, or it may refuse to satisfy an inappropriate request, in accordance with the conditions of the applicable legislation. In case of rejection of your request, SPOTLIGHTPOS informs you in detail about the reasons that your request was declined and about your right to appeal to the Hellenic Data Protection Authority or to the courts of law.
To exercise your rights, please contact SPOTLIGHTPOS in writing at the following email address: info@spotlightpos.com.
8. How we use cookies and other tracking technologies
Our website uses cookies, therefore when you visit the website, a cookie may be installed in your device. A cookie is a small text file that is downloaded onto ‘terminal equipment’ (e.g., your computer or smartphone) when you access the website. It allows SPOTLIGHTPOS to recognize your device, gather information about your usage patterns when you navigate our website, store some information about your preferences or past actions, improve your online experience and enhance your personalized experience. Cookies may also be used in order to provide advertising tailored to your interests on websites you visit and to analyze the effectiveness of such advertising.
You can opt in or out of cookies at any time – except strictly necessary cookies (these are used to help make our website work efficiently) and you can delete cookies installed on your device at any time, prevent new cookies being saved and receive notification before installation of a new cookie by configuring your browser software.
When certain types of cookies require your prior consent in order be installed and used, you are asked through a relevant banner displayed on the front page of the website. If you choose not to enable or delete certain cookies, you’ll still be able to browse our website, but it will restrict some of the functionality of our website.
Types/ Categories of cookies
We may use ‘persistent’ cookies as well as ‘session-based’ cookies. A ‘persistent’ cookie will remain for a period of time set for that cookie. A ‘session-based’ cookie is allocated only for the duration of your visit to our website and automatically expires when you close down your browser.
A
Strictly necessary cookies
Used to help make our website work efficiently and enable you to browse around our website and use its features; used e.g. to keep track of your input when filling online forms over several pages and help us ensure that the content of your page loads quickly and effectively by distributing the workload across numerous computers (load balancing).
These cookies are session cookies that are erased when you close your browser.
B
Analytical/ performance cookies
Used to analyse the way our website works and how we can improve and optimize it; e.g. for statistical audience measuring, to estimate the number of unique visitors, to detect the most preeminent search engine keywords that lead to a webpage or to track down website navigation issues.
We use such cookies only on the basis of your prior consent. These are typically persistent cookies, because they remain on your device for us to use during a next visit to our website.
C
Functionality cookies
Help to enhance your experience by doing things like remembering preferences, choices you make while browsing or past actions; e.g. such cookies may remember preferences such as text size, fonts, and other customizable site elements.
We use such cookies only on the basis of your prior consent. These are typically persistent cookies, because they remain on your device for us to use during a next visit to our website.
D
Targeting/advertising cookies
Used to share some information with third parties who we advertise with, so we know how you’ve reached our website. These cookies record your visit to our website, the parts of the website you have visited and you are interested in and the links you have followed to recognize you as a previous visitor and to track your activity on our website and other websites you visit. This information is used to show you advertisements we think may be of interest to you, to tailor how we communicate with you, or to tailor the contents of the communications we send to you.
We use such cookies only on the basis of your prior consent. These are typically persistent cookies, because they remain on your device for us to use during a next visit to our website.
SPOTLIGHTPOS cookies (first-party cookies):
Source
Name
Type – Purpose
Retention
Category
https://spotlightpos.com/el/
[0]
This cookie name is associated with a WordPress multilingual plug-in from WPML. It stores a language value for the website. Where the cookie is set in response to a user action or request, and as long as it has a short lifespan, it can be treated as strictly necessary.
[0]
A
https://spotlightpos.com/el/
[0]
Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.
A
https://spotlightpos.com/el/
__utma
This is one of the four main cookies set by the Google Analytics service which enables website owners to track visitor behaviour and measure site performance. This cookie lasts for 2 years by default and distinguishes between users and sessions. It is used to calculate new and returning visitor statistics. The cookie is updated every time data is sent to Google Analytics. The lifespan of the cookie can be customised by website owners.
2 years
B
Third party cookies:
Source
Name
Type – Purpose
Retention
Category
datr
This domain is owned by Facebook, which is the world’s largest social networking service. As a third party host provider, it mostly collects data on the interests of users via widgets such as the ‘Like’ button found on many websites. This is used to serve targeted advertising to its users when logged into its services. In 2014 it also started serving up behaviourally targeted advertising on other websites, similar to most dedicated online marketing companies. This cookie identifies the browser connecting to Facebook. It is not directly tied to individual Facebook the user. Facebook reports that it is used to help with security and suspicious login activity, especially around detection of bots trying to access the service. Facebook also say the behavioural profile associated with each datr cookie is deleted after 10 days. This cookie is also read via Like and other Facebook buttons and tags placed on many different websites.
10 days
D
How do I change my cookie settings?
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, or www.aboutcookies.org or www.allaboutcookies.org.
Find out how to manage cookies on popular browsers:
9. Miscellaneous
The Privacy Policy, in any amendment thereof, and the processing of your personal data by our company in general shall be governed by Greek Law 4624/2019, as well as by the General Data Protection Regulation [Regulation (EU) 2016/679], and generally by the applicable national and European legislative and regulatory framework about personal data protection, including the guidelines, recommendations, consultation papers, and acts of the Hellenic Data Protection Authority (HDPA).
The Privacy Policy is available in Greek and in English. In case of any inconsistencies between the two versions, the Greek version shall prevail.
Go above and beyond. Enter the spotlight.
Fill in the form and we will reach out to you for a quick demo of how Spotlight can help your business shine.