HUMAN RESOURCES DATA PROTECTION INFORMATION STATEMENT

Our Company Grecotel SA seated in Rethymno city in the capacity of Data Controller of your personal data, provides you with this information statement to enable you to effectively exercise the rights afforded to you by the applicable laws.

1. Definitions

For your better understanding of the current statement, the following terms are used as follows:

a) "personal data": any information relating to an identified or identifiable natural person (“data subject”),

b) "processing": any operation which is performed on personal data, such as collection, organisation, storage, correction, destruction and its general use,

c) "data controller": the natural or legal person, which determines the purposes and means of the processing.


2. The personal data which we will process

The data which you will submit with your CV or any other paper and/or electronic document which you consider appropriate to submit to us in order to be hired.


3. Purpose and legal basis of processing

The processing of your personal data is aimed at your evaluation which is necessary for possibly entering into an employment contract with you (art 6 para.1 b of the General Data Protection Regulation/GDPR). Our company does not transfer, disclose personal data to third parties for any purpose. Companies connected to the company cannot be considered as third parties.


4. Retention period of your data

Your personal data is collected and kept exclusively for the above mentioned purposes. The time that the personal data will be kept cannot exceed three (3) years.
If you wish to withdraw your consent, exercise your rights or if you have any questions regarding the protection of your personal data, you can address your respective request by contacting us at the email address: [email protected].


5. Means of processing and security of data

We process your data in paper and electronic format and all the relevant records are kept in a separate (restricted) space in our offices. We take and regularly update all the necessary technical and organisational measures for the protection of your data.


6. Communication and exercising rights

You are entitled at any time to submit a written request to the Data Protection Officer of Grecotel, ([email protected]) in order to be informed of whether we hold your personal data and if so, to exercise the rights which are provided by the applicable laws (correction, deletion, restriction of processing, portability etc.) and generally to request any information or clarification regarding their processing. Additionally, you can submit a complaint to the Data Protection Authority (www.dpa.gr).