Privacy Policy

PRIVACY & PERSONAL DATA POLICY

This Privacy Policy applies when you visit our site or you use our Services (described below):

1. Introduction

1.1 In this Privacy Policy, we offer information about the data we collect, use and share when you visit our Website or according the Agreement that you may have with DATAWAYS to use our products and services, and you should consider it as part of DATAWAYS’s Website Terms and Conditions and the relevant Agreement.

1.2 By continuing to use this Website, you agree to us, as data controllers collecting and using your personal information in accordance with this Privacy Policy and for the purposes of properly running the Website and offering our Products and Services to you.

1.3 We reserve the right to update this Privacy Policy from time to time. Please review this policy periodically for changes. If you do not accept this or the amended Policy, please stop using this Website.

1.4 Any question or dispute concerning privacy is subject to this privacy statement.

1.5 When you are visiting the Website, no information is collected and processed by us and in most cases you do not have to provide your personal information to us.

1.6 Depending the activity or our Agreement, we may ask you for information that may be mandatory or optional. However, for the latter if you choose to withhold requested information, we may not be able to provide you with some or all of the Products and Services. If you do not provide the mandatory information with respect to a particular product or service, you may not be able to engage in an Agreement. We will inform you of the mandatory and/or optional character of the requested and/or required information.

1.7 We may provide you with the option to subscribe to a periodic newsletter and product info. This newsletter allows us to inform you of new Products and Services, updates, as well as other news relevant to the company and the products or Services that you have received from us or our business partners.

2. Definitions

2.1 DATAWAYS, We, Us or Our: refer to Dataways S.A.

2.2 You or Your: These refer to the company or other legal entity for which you are accepting this Agreement and subsidiaries of that company or entity.

2.3 Services: refers to software, applications, tools and their updates, relevant services and platforms provided from DATAWAYS. Third Party Applications are excluded.

2.4 Third-Party Applications: refers to software, applications, tools and their updates provided by other entities/ third parties, that interoperate or communicate with DATAWAYS’s Services, commonly understood as third-party applications, including but not limited to our Partners.

2.5 User Content: data, information, material, and documents, stored within DATAWAYS’s applications and products, associated or not with accounts of the licensed or authorized user of the relevant applications and products.

2.6 User Account: a location on a network used to store data and information such as a computer username, password etc and which allows or does not allow a user to connect to a network, another computer, or other shares.

2.7 Platform: our Platform or the platform or systems that we may use by third parties or subcontractors, to provide software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS) according to our Agreement

2.8 Agreement: The Master Services Agreement and any relevant SLA and SoW between Dataways SA and any other person or legal entity to provide products and services.

2.9 Your Data: This refers to all electronic data or information submitted by you to the Service, while using the service that do not constitute personal data or personal identification information

2.10 Personal Data or Personal Identification Information: any information relating to an identified or identifiable natural person (‘data subject’).

2.11 Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

2.12 Controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data, within the context of these terms of service, it is You

2.13 Processor: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, within the context of these terms of service DATAWAYS.

2.14 Recipient: a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

2.15 Third party: a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

3. Data Collection of Simple Data or Non-Personally
Identifiable Information We Collect.

3.1 DATAWAYS may collect certain technical and routing information about your computer (also known as environmental variables) to facilitate the use of the Website and its Services. Examples of such information include the URL of the particular Web page you visited, the IP (Internet Protocol) address of the computer you are using, or the browser version that you are using to access the Website. All of this information may be collected and used to help improve the performance of our Website and our Services.

3.2 We may also collect information about the use of the Website, eg how many users we receive daily, in aggregate form, without identifying any user individually.

3.3 We may also collect information from your browser in order to make the Website function correctly and provide you the functionality that you see on the Website.

3.4 We also use this information to better understand how visitors use the Website and how we can better adjust the Website, its contents, and functionality to meet the needs of our users.

3.5 We do not match such information with any of your personally identifiable information.

4. Personal Data or Personal Identifiable Information we collect as Data Controllers

We may use your personal information, or we may process personal information that you provide to us on the following basis:

4.1 To perform or execute a contractual obligation

4.1.1 We may have to use personal data to enter to an Agreement with you.

4.1.2 If you agree to a service or a product, such information is used according to the particular Terms of the Agreement, or other benefits that may be made available according to the Agreement to registered Users or Accounts, to respond to your requests and helping to process the service you have selected, communicating with you when you contact a consultant or authorized partner, processing, fulfilling, and following up on transactions for our products and services, support, and training, to process any request by you for information or advice, to deal with enquiries, complaints and feedback from you and our partners;

4.2 Legitimate interests

4.2.1 DATAWAYS  may use personal data or information to protect legitimate interest pursued by us such as:

i) to prevent fraud,

ii) ensuring network and information security, including preventing unauthorized access to electronic communications networks and stopping damage to computer and electronic communication systems

iii) reporting possible criminal acts or threats to public security to a competent authority

iv) the transmission of personal data within a group of undertakings for internal administrative purposes, including client and employee data,

4.3 Legal obligation

4.3.1 We may hold some of your information for complying with legal requirements. We reserve the right to contact you if compelled to do so as part of a legal proceeding or if there has been a violation of any applicable licensing, warranty and purchase agreements

4.4 Consent

4.4.1 When there is no obligation from the law or an Agreement, or we do not have any other right to process your personal data, we may ask for your consent to use your personal information in the following cases:

i) to develop and conduct our business eg improving our products and services;

ii) personalizing communications with you;

iii) conducting market research;

iv) conducting customer surveys;

v) engaging in more targeted, customer-specific advertising;

vi) processing and to keep you informed about new products, product upgrades, patches, special offers, and other products and services of DATAWAYS and selected third parties if you have consented to receive such communications.

4.4.2 We may periodically contact you via e-mail and provide information about special offers and promotions that may be of interest to you. These communications will relate to DATAWAYS offers and/or the promotions of select, reputable third parties with whom DATAWAYS has a strategic marketing relationship because they offer products or services that we believe would be of interest to you.

4.4.3 We may use a third-party e-mail service provider to send e-mails to you. That service provider is prohibited from using your e-mail address for any purpose other than to send DATAWAYS related e-mail. If you do not wish to receive e-mails with updates and information, please unsubscribe by contacting us here. Every time you receive an e-mail you will be provided the choice to opt-out of future e-mails by following the instructions provided in the e-mail.

4.5 Statistical Data | DATAWAYS  may use aggregate, non-identifying statistical data for statistical analysis, marketing, or similar promotional purposes to help improve our offerings to you, to help diagnose any problems with our server and administer the Website or to improve your browsing experience.

5. Disclosure of your personal data to Third Parties

5.1 DATAWAYS may use services of third parties, such as e-mail service providers and hosting providers that act as independent contractors on behalf of DATAWAYS . We will not share your information with any third parties for the purposes of direct marketing. We have contracts in place with our data processors and sub-processors, instructing them not to do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organization apart from us. They will hold it securely and retain it for the period we instruct.

5.2 In most cases the personal data of the residents of the European Union will be processed by DATAWAYS inside the European Union.

5.3 DATAWAYS acts in such events, always according to client’s request and do not store client’s data in its local database

5.4 DATAWAYS may be required by law enforcement or judicial authorities to provide personally identifiable information to appropriate governmental authorities. If requested by law enforcement or judicial authorities, DATAWAYS will provide this information upon receipt of appropriate documentation. DATAWAYS may also provide information to law enforcement to protect its property and the health and safety of individuals as permitted by statute.

5.5 DATAWAYS may disclose personally identifiable information if we believe in good faith that we are required to do so in order to comply with applicable law, a subpoena, or other legal process. DATAWAYS may also disclose personally identifiable information when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating this Privacy Policy, the terms of your Agreements with the Company (such as the Terms of Service) or to protect the safety of our users and the public or under confidentiality and licensing agreements with certain third parties which assist us in developing, operating and maintaining the Website and its content.

5.6 In the event that all or substantially all of DATAWAYS’s stock and/or all or substantially all assets are transferred or sold to another entity, DATAWAYS may transfer personally identifiable information to the acquiring entity. If, as a result of such a business transition, your personally identifiable information will be used in a materially different manner, you will be given choice consistent with our policy regarding notification of changes.

6. Personal Data or Personal Identifiable Information
we collect as Data Processors

6.1 We understand that when DATAWAYS processes personal data, under no conditions owns the personal data.

6.2 You must also understand that if you act as a Controller, it is your responsibility with regards to the processing that we do, that our technical and organizational measures are appropriate in such a manner that processing will meet the requirements of any laws or obligations, regarding the protection of the rights of the data subject, that you have to follow.

6.3 We will process any data that you provide to us only according to the terms of our Agreement.

6.4 We will not engage another processor without prior specific or general written authorization from you and according to the terms of our Agreement.

6.5 We will only process the personal data that you will provide to us only on documented instructions from you, including with regard to transfers of personal data to a third country or an international organization, unless required to do so by EU’s or Greek law to which we are subject; in such a case, the processor will inform you of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest;

6.6 We ensure that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality

6.7 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of the processing activities, for further information please refer to our Security policy.

6.8 We will assist you by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of your obligation to respond to requests for exercising the data subject’s rights.

6.9 We will assist you in ensuring compliance with any legal or contractual obligations that you are subject to, taking into account the nature of processing and the information available to us.

6.10 We will respect and execute your choice and instruction to delete or return, any or all the personal data after the end of the provision of services relating to processing, and we will delete existing copies unless European Union or Member State law requires storage of the personal data;

6.11 We will make available to you all information necessary to demonstrate compliance with your legal or contractual obligations and allow for and contribute to audits, including inspections, conducted by you or another auditor mandated by you.

6.12 We will immediately inform you if, in our opinion, an instruction infringes the Greek or EU Data Protection Law.

6.13 PARTICULAR TECHNICAL AND ORANIZATIONAL MEASURES THAT YOU MAY NEED FROM US TO IMPLEMENT OR DEVELOP ARE SUBJECT TO AN AGREEMENT AND EXTRA CHARGES MAY APPLY.

7. Where we process Personal Data

7.1 The process of Personal Data that we execute as Controllers is taking place within the European Union. If and when we use third party service providers, as data processors or sub processors, they will only process information on our behalf and under our instructions to help run some of our internal business operations including email distribution, payment services providers or to provide advertising on the Website. These recipients are located also in the EU.

7.2 The process of Personal Data that we execute as Processors is executed according to the instructions of the Data Controller. If you, as a Data Controller, need us to send or process data outside EU, elsewhere in the world, such as for example the United States of America, you have to take into consideration that these countries may not offer an equivalent level of protection of privacy and personal data as in the EU. Different privacy laws may apply in these countries and you understand that if these transfers might be necessary for the performance of the agreement between you and DATAWAYS , you will have to take all necessary steps to ensure that adequate levels of protection are in place to protect any information held in that country and provide us with necessary instructions and guidance on how to process your personal data in compliance with applicable privacy laws.

8. Rights

8.1 DATAWAYS complies with EU and Greek Laws regarding personal data processing and according to these laws, individuals have the following rights concerning the processing of their personal data:

8.1.1 Right to access, i.e. to ask for information and even copies of your personal information.

8.1.2 Right to rectification, i.e. to ask to rectify information if a data subject thinks is inaccurate or to ask to complete information he/she think is incomplete.

8.1.3 Right to erasure. This right is applicable when one of the following applies:

i) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

ii) the data subject withdraws consent on which the processing is based or where there is no other legal ground for the processing;

iii) the data subject objects to the processing and there are no overriding legitimate grounds for the processing;

iv) the personal data have been unlawfully processed;

8.1.4 Right to restriction of processing, for example when processing is restricted, personal data will be stored, but not further processed;

8.1.5 Right to data portability, i.e. to receive your personal data, in a structured, commonly used and machine-readable format and transmit that data to another controller from the current controller if: the processing is based on consent or on a contract, and the processing is carried out by automated means;

8.1.6 Right to object, on grounds relating to the particular situation of the data subject.

8.1.7 Right to withdraw consent at any time;

8.1.8 Right to lodge a complaint with a supervisory authority.

8.2 If we are the controller regarding the processing of your personal data, you may exercise your legal rights by contacting us here. Your request must include at least the following information: your complete name, notification address, copy of your ID card or passport, if necessary to verify your identity, and explanation of the right that it is exercised. We will respond to your requests within all applicable timeframes. IF WE ARE ACTING AS A PROCESSOR, YOU SHOULD CONTACT THE CONTROLLER, we will provide you with information on how to contact him

9. Information Relating to Children

9.1 We do not knowingly collect personal information from children under 15 without the consent of the child’s holder of parental responsibility. Parents and Legal Guardians may contact us here.

10. Security

10.1 DATAWAYS is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information and to ensure that appropriate security measures are in place to protect your Personal Data. We apply the security measures foreseen in the applicable regulations as well as our own technical and organizational security measures including policy, governance, procedures, responsibilities, risk assessment; network and sub-processor security.

10.2 DATAWAYS operates secure data networks protected by industry standard firewall and password protection systems. Our Security and Privacy and Personal Data policies are periodically reviewed and enhanced as necessary. Only authorized individuals have access to the information provided by our users. DATAWAYS takes steps to ensure that your information is treated securely and in accordance with this Privacy Policy.

10.3 Unfortunately, the transmission of information via the internet is not completely secure and so we cannot guarantee the security of your Personal Data transmitted through the Website; any transmission is at your own risk. Once we receive your information, we will use strict procedures and security features to try to prevent unauthorized access.

10.4 We treat the information you provide to us, including the Files, as confidential information; it is, accordingly, subject to our company’s security procedures and corporate policies regarding protection and use of confidential information. After personally identifiable information reaches DATAWAYS, it is stored on a server with physical and electronic security features as customary in the industry, including utilization of login/password procedures and electronic firewalls designed to block unauthorized access from outside of DATAWAYS. Because laws applicable to personal information vary by country, our offices or other business operations may put in place additional measures that vary depending on the applicable legal requirements. Information collected on the sites covered by this Privacy and Personal Data Policy is processed and stored in Athens, Greece. However, because for some clients we act as processors, our clients may store their personal data in other countries and possibly other jurisdictions and in other countries.

10.5 All DATAWAYS employees are bound by our privacy and security policies. Your information is only accessible to those employees who perform technical support of the service.

10.6 If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Do not share this information with anyone. If you are sharing a computer with anyone you should always log out before leaving any site or service to protect access to your information from subsequent users.

11. ISO 9001 and ISO/IEC 27001 certifications

11.1 DATAWAYS commitment to security is certified with ISO 9001 Quality Management Systems and ISO/IEC 27001 Information Security Management. For more information that is technical please see our security policy.

12. General

12.1 DATAWAYS takes and addresses its users’ privacy concerns with utmost respect and attention. If you believe that there was an instance of non-compliance with this Privacy and Personal Data Policy with regard to your personal information or you have other related inquiries or concerns, you may write or contact DATAWAYS here.

12.2 In your message, please describe in as much detail as possible the nature of your inquiry or the ways in which you believe that the Privacy and Personal Data Policy has not been complied with. We will investigate your inquiry or complaint promptly.

12.3 Please note that if you provide DATAWAYS with inconsistent privacy preferences (for example, by indicating on one occasion that third parties may contact you with marketing offers and indicating on another occasion that they may not), DATAWAYS cannot guarantee that your most recent privacy preference will be honored.

12.4 DATAWAYS operates under Greek and EU law and for any dispute jurisdiction have the Courts of Thessaloniki, Greece.

12.5 You may exercise your legal rights by contacting us here.

12.6 Copyright © 2022 DATAWAYS, Inc. All rights reserved. DATAWAYS and related logo, and all related product and service names, design marks and slogans are the trademarks and/or registered trademarks of DATAWAYS SA.

Close menu