Ogram - Privacy Policy for Companies

Privacy Policy

This Data Protection and Privacy Policy (“Policy” “Privacy Policy”) is applied by our Company "Ogram Single Member P.C." (“Ogram” "Company" “We”) acting as a Data Controller with reference to the processing of your personal data that is carried out when you are browsing to our website (“Ogram website”). It is explicitly clarified that the present privacy policy regulates only the use of our website and not the use of our application. For the use of our application, certain rules apply, including a separate privacy policy which is included in the relevant section of our application.

Our Company acts in accordance with the requirements of the General Data Protection Regulation (or GDPR) and according to other applicable relevant legislation. We respect and protect your privacy and your personal data and we make sure that the processing of your personal data is made with clarity, is limited to the absolutely necessary extent and is carried out exclusively for the purposes and on the legal basis which applies to each category of processing.

The present policy aims to give you clear and comprehensive information about who we are, why and for which purposes we collect your personal data, how we process them including when and to whom we disclose or transfer them, and which are your rights with reference to your data. We advise you to read carefully the present Privacy Policy which we make sure to update from time to time.

1. Browsing in our website

When you are visiting our website, certain information may automatically be shared by your browser. Such information include:

- Your device IP address
- The name and IP address of your internet provider
- Date and time of access to our website
- The website content which you choose to see
- Information relating to the referrer website or application
- Your browser details
- Your mobile device/PC operating system and your mobile device type
- Your geographical location
- Your login credentials

Purposes of processing: The above information is processed in order to safeguard proper connection and safe browsing in our website. Provided that you have allowed activation of your geolocation in your browser, or in your operating system, we may use your location in order to offer you personalized information relating to your current location. The above information will not be processed by our Company for any other purposes.

Legal Basis for data processing: The above processing is based on our Company's legitimate interest (art 6 par. 1, point f GDPR) in keeping our website safe, functional, efficient and able to provide you with our services, preventing its use for misleading purposes.

Data Transfer to third parties: We will not transfer your personal data to any third parties

Retention Period: We keep your data collected under this section temporarily for your session period alone. After your session period your data will be erased from our system automatically.

2. Contact form

Purposes of data processing and legal basis: If you are an employer and you visit our website looking to find solutions for your staffing needs, you will be able to fill in the ‘start hiring’ form and provide us with your name, email, phone number and company name of the employer company in order to contact you directly for more information relating to our services. We will use your data only for the above specific purpose, i.e. to process your request and provide you with more information as to our company’s services. The processing is based on our pre-contractual relationship aiming to conclude our cooperation.

Data Transfer to third parties: We will not transfer your personal data to any third parties

Retention Period: We keep your data collected under this section 2 for a period of one year. After such period and provided that you have not created any orders, your data will be erased from our system.

3. Business clients

If you use our website as a potential business client, we may ask you to create an account and fill in the personal details of the employer in case of an individual or of the employee acting on behalf of the employer legal entity. Such details include your first name and surname, VAT, address, email, your position at the employer, and your details relating to your digital signature, if any.

_Legal Basis for data processing:_The above processing is based a) on our common interest with the client to take the required steps prior to entering into an agreement or on the fulfillment of our contractual obligations (Article 6, paragraph 1, point b GDPR), b) on the necessity to comply with our legal obligations relating to the performance of an agreement signed between our company and any client (art 6 par. 1, point c GDPR), and c) if you are an employee or legal representative of one of our business clients, we collect and process your above data in the context of fulfilling our legitimate interests deriving from the contractual or pre- contractual relationship with our business client (art 6 par. 1, point f GDPR).

Access to your data is allowed only to the competent employees who have been contractually committed to keep your data confidential and to act in accordance with our company’s values and policies relating to processing of your personal data. We may also share your data with third parties acting as processors on our behalf, such as our accounting firm, which help us to fulfill our legitimate and contractual obligations. Again, compliance with the data processing requirements is contractually ensured.

Retention period: We keep your data collected under this section 3 as long as there is an active cooperation between us, i.e. for the term of our agreement, or, in case no agreement is in place, for the period for which you maintain your account on our website. We inform you, however, that based on our regulatory obligations, and in particular based on our tax obligations, maintenance of your data will in any case (if required) last for as long as our statutory obligations require.

4. Cookies and other tracking technologies data

We use cookies or other tracking technologies when you are browsing in our website https://www.ogram.co/uae/en/. Please visit our Cookies Policy for more information with reference to the processing of your personal data due to the use of cookies.

5. Newsletter/push notifications

If you have registered to receive newsletters, we will collect and store your email and if provided your name, in order to send you informative or marketing material relating to our services. Equally, we will process the IP address of your device and of your internet provider in order to send you push notifications with informative material provided you have consented to receive such notifications. The legal basis for such processing is your consent which is granted when you register for the receipt of newsletters. You can easily revoke your consent anytime either by clicking on the relevant link contained in any newsletter, or by turning off the receipt of the relevant push notifications in your browser settings.

6. Personal data collected through questionnaires

Your opinion and remarks are significant to us. Therefore, during our cooperation, we might ask you to provide us with your feedback as to our cooperation. Although you may fill in our questionnaire anonymously, if you choose to provide us with your personal information (name, address, contact details working position) such processing will be based on our legitimate interest to improve our services and detect any problems concerning our cooperation aiming to solve them.

7. Links to third-party websites

Our website may host third- party links redirecting you to other websites. Ogram is not responsible for the content of the websites where these links lead to, as these websites fall under the sole responsibility and management of the concerned third party. Therefore, we strongly recommend that you read carefully the privacy policies applicable to these websites as these websites don’t necessarily apply the same level of protection for your personal data. In case you realize that the content of any website where a third-party link leads to is misleading or fraudulent, we urge you to contact us in order to remove such link from our website.

8. Transmission of data to third countries

If needed, we will transmit your personal data to a third county, apart from the EU, only provided that one of the following two conditions is met:
-There is an adequacy decision issued by the Commission concerning the country where transmission is to be made or
-Certain safeguards have been adopted regarding the data processing as provided in article 46 of the GDPR.
If none of the above conditions is met, we will refrain from transmitting your personal data to any third country except for certain circumstances which are provided in article 49 of the Regulation such as when there is your explicit consent to the proposed transfer, after having been informed of the possible risks of such transfers, or when the transfer is necessary for the performance of a contract between the data subject and the controller, or when the transfer is necessary for important reasons of public interest etc.

9. What rights do you have with reference to your personal data?

- Right to access your personal data:

You have the right to be informed by us accurately and clearly if we collect and process your personal data. You may be informed inter alia and in particular, of the purpose of the data processing, of the data categories that we collect, of your data sources and of their recipients, if any, of their maintenance period or, when this is not possible, of the maintenance criteria, of your ability to exercise the right to rectification, to erasure, to restriction and right to object to their processing, of the existence of an automated decision-making process, including profiling and of the existence of any relevant protection guarantees.

- Right to data rectification:

If you realize that your provided data are inaccurate and need to be corrected, you may ask us to rectify such data by contacting us in any of the available contact details.

- Right to data erasure or ‘right to be forgotten’

You have the right to ask us to erase your data. We will proceed with their immediate erasure provided that their maintenance is not necessary for the fulfillment of our legal obligations. In particular, if you wish to revoke your consent and provided that your consent is the only legal basis for the collection and processing of your data, we will delete your data as soon as we receive your request.

- Right to data portability

You have the right to ask us to deliver the provided data in an easily readable form or to ask us to transmit them to another controller.

- Right to restriction of processing

You have the right to request the restriction on the processing of your personal data in case a) their accuracy is questioned and for the required term to verify the accuracy of your data, b) the processing is illegal, c) we no longer need your data, d) you have objections as to their automated processing.

- Right to object

You have the right to object to the processing of your data at any time when processing is made for the performance of a task carried out by our Company in the public interest or when processing is made for the purposes of the legitimate interests pursued by our Company.

If your personal data are used for direct marketing purposes concerning our services, you have the right to object at any time to such processing, including profiling, if related to such direct marketing.

You have the right at any time to revoke your consent to process your data when processing of your data is based solely on your consent. In the event of your objection, termination of your data processing will be made immediately unless there are other compelling and lawful reasons that prevail over your right.

10. How can you exercise your rights?

You can exercise any of your rights by contacting the appointed Data Protection Officer of our Company to the following contact details:

Ogram Single Member PC
Thessaloniki, 26, 26th Octovriou str., PC 54627
Εmail address: greece@ogram.co.

Our Company will make sure to respond to you as soon as possible regarding the progress of your request and in any case not later than (1) one month from the date of your request receipt.

In any case that you consider that our Company has violated your rights in relation to the processing of your personal data, you have the right to file a complaint to the Personal Data Protection Authority (www.dpa.gr).

11. Are your data safe?

Our Company, recognizing the importance of your data security, has ensured to take all the appropriate technical and organizational measures in order to keep your data secured. Although internet can never be a completely safe place, we have taken care to implement the security measures required to prevent, up to the possible extent, any unlawful or illegal processing of your data, any accidental or unlawful loss, alteration, prohibited transmission or access to your data by third parties.

12. Applicable law and dispute resolution

In order to resolve any dispute that may arise in connection with this Privacy Policy, we will make every effort to resolve it out of court in accordance with good faith and business ethics. If such an attempt does not succeed, Greek law will be applicable for the settlement of such dispute and the competent courts of Athens will have exclusive jurisdiction.

This policy is reviewed and updated when deemed necessary. We encourage you to visit frequently the relevant section of our website where our updated privacy policy is posted. This Privacy Policy was last updated on the 21st of March 2023.