Privacy Policy

1. Purpose – Field of Application

The purpose of this Policy is to describe the organizational and technical measures implemented by the company Sparta Gourmet S.A. during the processing of data which results in compliance with the General Data Protection Regulation (Regulation (EU) 2016/679) and provisions of Law 4624/2019.

This Policy applies to the logistics equipment, personnel and procedures and operations performed by the company in the exercise of all its activities related to data processing.

2. General Principles

2.1 Principles of processing

The company takes all necessary measures to ensure compliance with the following basic principles of processing:

a) Legitimacy, objectivity and transparency. Personal data shall be processed lawfully in a transparent manner in relation to the data subject.
b) Limitation of purpose. Personal data are collected for specified, explicit and legitimate purposes and are not further processed in a manner incompatible with those purposes.
c) Data minimization. Personal data are appropriate, relevant and limited to what is necessary for the purposes for which they are processed.
d) Accuracy. Personal data are accurate and, where necessary, updated.
e) Limitation of the storage period. Personal data are kept only for the period required for the purposes of the processing.
f) Integrity and confidentiality. Personal data are processed in a way that ensures security against unauthorized or unlawful processing and accidental loss, destruction or damage.
g) Accountability. The company is responsible and able to demonstrate compliance with the above principles.

3. Processing – Purpose

3.1 Legality

The processing of personal data by the company as Head of Processing is performed under the following conditions:

a) processing is necessary for the execution of a contract or compliance with a legal obligation.

The processing of personal data by the company is carried out in accordance with the Private Agreement concluded by the company.

3.2 Special categories

The company processes personal data related to health only when necessary for legal obligations.

 

4. Rights of the subject

4.1 General settings

The company provides information to the data subject regarding its processing rights and responds to requests regarding those rights.

4.2 Specific provisions

The company collects personal data from the data subject, does not process data for purposes other than those collected, does not transmit data internationally, and takes actions upon requests from the data subject.

5. Obligations of the company

The company ensures this policy is reviewed and updated when necessary and implements measures to secure data processing.

6. Processing security

The company implements security measures to protect personal data from unauthorized access, alteration, or destruction.