adacom loader
Please Wait

Privacy Statement

The company ADACOM ADVANCED INTERNET APPLICATIONS S.A. with the distinctive title “ADACOM S.A.” located at 25 Kreontos Street, Athens, P.C. 10442 (hereinafter “ADACOM”, “Company” or “We”) has as its main priority the protection of the personal data it processes. The Company collects, maintains and processes personal data in accordance with the principles set out in General Regulation 2016/679 (hereinafter "GDPR") and in accordance with the applicable national and European legislation on personal data protection. The current Privacy Policy describes how personal data is processed, the purpose of the processing and its use, as well as your relevant rights under applicable law.

The Controller of your personal data, within the meaning of the GDPR, is ADACOM S.A.

1. Definitions

The following definitions are provided for the convenience of the user and are derived from the text of the GDPR on the processing of personal data:

“controller”: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data

“processor”: the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller

“personal data”: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

“processing”: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction

 

2. Categories of personal data

At ADACOM we collect only the absolutely necessary data, which are appropriate and clear for the purpose for which they are intended. The data include the following:

Subscriber data for the provision of electronic signature or seal services

As a Qualified Trust Service Provider (QTSP), ADACOM, collects, processes and stores Subscriber's personal data for identification purposes and the issuance of a qualified certificate for electronic signature or qualified certificate for electronic seal, in compliance with the eIDAS Regulation [Regulation (EU) 910/2014 as amended]. This personal information includes first name, surname, identity document details, tax identity number, email address, postal address, telephone number, and other personal information as necessary.

If you choose ADACOM's remote identity proofing as a method of verifying your identity before your qualified certificate is issued, you will be required to provide your express and specific consent for the collection and retention of all necessary data and documents, e.g., name, surname, identity document details, snapshot of your identity document, image of your face, video (including audio) recording of your identity proofing session. Your identity is verified by comparing facial biometric data extracted from the photo/video of your face, to facial biometric data extracted from the photo in your identity document. The authenticity of the images, videos and identity documents is also evaluate, in order to detect whether there is a genuine human or physical document in your photos/videos or signs of tampering. If you do not consent, we will not extract or process your biometric data, nor verify your identity.

 

Customer data

If you are either a customer for any of our products or services or simply a visitor to our website, we assure you that we do not collect your personal information unless you provide it to us on your own initiative by filling the relevant form. This information may include: contact information, such as first name, last name, postal address, email address, telephone number, etc.; shipping and billing information, such as credit/debit card and payment information and information you provide to us to obtain technical assistance

 

Data of our customers' executives, suppliers and partners and data processing in the context of implementing projects and providing services:

In the context of our cooperation with our customers and suppliers, we may be provided by them with information of their executives, such as their full names, contact details and position or role of their executives, for the purpose of executing the contract between us, managing projects or the provision of services that we jointly implement. In addition, in the context of project execution, the Company may process personal data to the extent required for the provision of services, as agreed and described in the Personal Data Processing Agreements with the client.

 

Data when creating a user account on the ADACOM website

If you choose to create a user account on ADACOM’s website or subscribe to our newsletter, we collect your full name, email and telephone number..

 

Data of subjects who submit an application/resume for employment

If you choose to apply for a job at ADACOM, we will process the information you provide us through your CV in order to evaluate and possibly hire you by our Company.

 

3. Purpose of processing of personal data

The collection and processing of personal data is carried out exclusively to the extent and degree necessary for the performance of the following processing purposes, as the case may be:

  • To manage the sale of our products and services, such as for example to process your requests for ADACOM products and services, to contact and inform you about the availability of products and the progress of your order, to issue and send your tax documents, to execute your order, to ship the products, to process your order, etc.
  • To provide technical support and customer service and complaint management.
  • To issue, revoke and manage qualified certificates for electronic signatures and qualified certificates for electronic seals in accordance with ADACOM Certification Practices Statement (CPS).
  • To verify your identity (identification or identity proofing) for the issuance of an electronic signature and/or seal.
  • To create and manage your account when you purchase from ADACOM's e-shop.
  • To evaluate your CV and contact you when you send us your CV by email or apply for a job via the online application form.
  • To subscribe to our newsletter and product/service promotion (marketing) via email. Please note that this processing is carried out in compliance with the applicable consent requirements and you have the option to opt out at any time by unsubscribing from marketing activities.
  • Enforcement of our legal rights or compliance with applicable laws.

 

4. Recipients of the data

Access to the personal data processed by ADACOM is granted to the Company's personnel, that are bound to confidentiality obligations, as well as, where applicable, to the personnel belonging to the same group of companies, depending on the type and purpose of the processing. In addition, ADACOM may use external partners to carry out the processing on its behalf ("processors"), always in the manner required by the applicable personal data protection legislation. The external partners we use are bound by a contract for the protection of personal data and they further undertake confidentiality obligations, as defined by the relevant legislation.

With regard to the provision of trust services, and in particular in case you choose remote identity proofing as a method of verifying your identity for the issuance of your qualified certificate, ADACOM uses "Signicat SLU" with registered office in Spain, EU, as a processor of your personal data related to the remote identity proofing, according to the instructions and on behalf of ADACOM. ADACOM has entered into a data processing agreement with this third-party processor, in compliance with the GDPR, to safeguard your personal data. After successfully completing your remote identity proofing, your personal data will be securley maintained by ADACOM for the period described in Section 7. ADACOM as Controller remains responsible toward you for the processing of your personal data undertaken by this third party. For further information on how Signicat processes your personal data, please visit https://www.signicat.com/about/privacy-statement-identity-validation and https://www.signicat.com/about/signicat-biometric-data-collection

If, for any reason, we need to transfer your personal data outside the EEA, we will do so only in accordance with appropriate requirements and safeguards and only to recipients that ensure an adequate level of protection of personal data and in any event in accordance with the provisions of Articles 44-49 of the General Data Protection Regulation [Regulation (EU) 2016/679 (GDPR)].

 

5. Lawfulness of processing

The Company processes your personal data as described above by virtue of:

  • your consent to the processing of your data for one or more specific purposes (Art. 1 (a) GDPR).
  • a contract and/or agreement you have entered into with the Company to serve the purposes of that contract/agreement (Art. 6 para. 1 (b) GDPR).
  • safeguarding ADACOM's legitimate interests (Article 6(1)(b) of the GDPR).
  • the purposes of complying with its legal obligations (e.g. in case of compliance with warrants issued by courts or public authorities, etc.) (Art. 1 (c) GDPR).

 

6. COOKIES

ADACOM may also automatically collect information about you when you visit our websites using cookies. Cookies are small text files that are stored by the browser on your computer or mobile device when you visit a website. Cookies allow web applications to tailor their functions to your needs by collecting and remembering information about your preferences. For more information about cookies and how you can set them to work, please refer to the Company's Cookies Policy which is posted on our website.

 

7. Retention period of personal data

Your personal data are retained for the period of time provided for by the applicable legislation and for as long as there is a need to carry out actions necessary to achieve the purpose(s) of the processing. At the end of this period, your personal data will be securely deleted.

 

Subscriber data for the provision of electronic signature and/or seal services

Your personal data, which are processed by ADACOM for the issuance of a qualified certificate for electronic signature or qualified certificate for electronic seal, are stored in a physical and electronic record, which is protected with all necessary technical and organizational measures and is accessible only by persons specifically authorized for this purpose. ADACOM will retain your personal data for a period of at least seven (7) years from the date of expiry or revocation of your qualified certificate, in accordance with the eIDAS Regulation and national regulatory requirements. If a qualified certificate is not eventually issued, the retention period of the data in the above record is two (2) years. In the case of remote identity proofing, if for any reason the process is not completed (i.e. you are disconnected from the video session), your personal data will not be recorded by ADACOM.

 

Data of subjects submitting an application/CV for employment:

When you apply for a job in our company, your data will be retained for a period of six (6) months.

 

Data of ADACOM's customers and partners regarding the implementation of projects and the provision of services/products:

Personal data may be processed during the provision of our services, which will be deleted within a reasonable time after the completion of the delivery of services, unless otherwise contractually agreed or unless a longer retention period is required or permitted by law.

 

8. Your rights

ADACOM facilitates the management of your personal data and the exercise of your rights in accordance with the applicable national and European legislation. In particular, your rights are the following:

Right of Access: You have the right to be informed by our Company whether we process and maintain your personal data. If the answer you receive is affirmative, you may submit a request to obtain information about the processing, its purpose, the type of data, the recipients of your data, the period of retention, the existence of automated decision-making, as well as the possibility of exercising your other rights, such as rectification, erasure, restriction of processing, opposition to the processing carried out, lodging a complaint to the relevant Data Protection Authority and so on.

Right to Rectification: You have the right to request the rectification of inaccurate or incomplete personal data.

Right to erasure: Furthermore, in the event that the data we hold is no longer necessary for the purposes for which it was collected or in the event that your consent is withdrawn or, in general, if there are no longer legitimate reasons for maintaining them, you may request their erasure.

Right to restriction of processing: Where the cases of Article 18 of Regulation (EU) 679/2016 on the protection of personal data apply, you can request the restriction of processing.

Right to data portability: You may request to receive your data in a readable format or transfer your data to another controller in case this is feasible.

Right to object: You can object to the processing of your data and request its termination. Your request may be refused by the controller in the event that there are demonstrable legitimate grounds for processing that override your right to object.

Right to revoke your consent: In the event that your data is processed on the legal basis of your consent, you can revoke it at any time in order to stop the processing of data carried out on the basis of it.

You may submit your request by sending an email to dpo@adacom.com or by post to the address given below. ADACOM will respond to your request, depending on its merits, within 30 days. If for any reason we refuse to comply with your request, we will provide you with a detailed and reasoned response.

Finally, if you believe that your rights have been violated, you have the right to lodge a complaint to the relevant Data Protection Authority at the following details: Address: 1-3 Kifissias Avenue, Athens, P.C. 11523, Contact Phone: 210 6475600, Email: contact@dpa.gr

 

 

9. Protection of Data

ADACOM implements all appropriate technical and organizational measures to ensure the protection of your personal information. We use sophisticated technologies and security procedures to protect your personal information from unauthorized access, use or disclosure. The personal information you provide is stored in a controlled, secure environment, protected from unauthorized access, use or disclosure, e.g. we encrypt all data you submit when ordering our products or services using the Secure Sockets Layer (SSL) protocol. Moreover, our information security procedures are audited annually by an internationally recognized auditing company.

 

10. Links to other websites

Our website may contain links to other websites of interest. However, when you use these links and leave our site, you should note that we have no control over the other site you visit. Therefore, we cannot be responsible for the protection and privacy of the information you provide when you visit them as these sites are not governed by this Privacy Policy and are outside the sphere of ADACOM's responsibility. You should be careful and read the Privacy Policy for the protection of personal data applicable to that site.

 

11. Protection of minors

ADACOM is committed to protecting the privacy of children. Our website does not address or knowingly collect information from children under the age of 18. In the event that we determine that we have collected personal information from a child without verified parental consent, we will delete that information as soon as possible.

 

12. Changes to this Privacy Policy

ADACOM may modify this Privacy Policy and its related practices at any time. We encourage you to periodically check this page for the most current information about our privacy practices. This Privacy Policy was updated on June 14, 2024.

13. Contact Information

There are the following options if you wish to contact us, make a complaint or manage your account details:

  • You can send us your request in writing to the following postal address: Kreontos Street 25, P.C. 10442 Athens, Greece.
  • You can call us at: + 30 2105193740
  • You can send an e-mail to: dpo@adacom.com
login