The company with the name “Mind the Hack SA”, with principal offices at Amfitheas Av., Palaio Faliro, 17563, Greece, with Tax Identification Number EL801925033, General Commercial Registry No. 166059709000, hereinafter the “Company”, in its capacity either as a Data Controller or as a Data Processor on behalf of a Controller in the context of the General Data Protection Regulation EU 2016/679 in force since 25/05/2018 and as currently in force, including any national implementing laws and regulations such as Greek law 4624/2019, hereinafter collectively “GDPR”, hereby provides you with the following information concerning the processing of your personal data and your rights as a data subject.
Obligation to protect Personal Data
The Company undertakes to comply with the provisions of the legislation in force concerning the protection of personal data and to protect the personal data of the visitors and/or users (registered or not) of the Company’s website (https://mindthehack.ai/) as well as the personal data provided to the Company in its capacity as Data Processor from its customers, in the context of the Company’s business activities and for the provision of the Company’s services to its customers. The Company does not collect information relating to visitors’/users’ personal data unless they themselves provide such information. Personal data are requested by the Company only for the special and specific purposes mentioned herein and are communicated by any appropriate means at the time of their communication.
Personal and business Data that Company may collect
Information which we may collect and may constitute personal data is the following:
Parties Affected | Data Type | Purpose | Retention time |
|---|---|---|---|
Website visitors | IP (cookies visitor’s preferences) | Kept in firewall logs for security reasons. | Under Cloudflare (WAF) retention policy. |
Website visitors interested in receiving more information about the Company, using our contact form or other means of communications. Third parties sending us an e-mail. | First name, last name, e-mail, or other personal information provided by the data subject at its own initiative. | To provide additional information and to seek new business opportunities. | For 36 months from the last contact and/or communication. |
Individuals, third parties-data controllers and individuals whose personal data is collected by such third parties-data controllers, who have entered in a contract with our company for the provision of services, such as customers and registered users of cloud services. | First name Last name Tax ID No. Address Telephone number | To provide services to such third parties-data controllers and individuals. To comply with tax and other legal obligations. | For as long as the customer or the registered user maintains a valid contract, subscription or license, unless the customer, registered user or licensee elects to delete such data prior to termination of the contract. Certain data are kept for as long as necessary to comply with tax and other legal obligations. |
The information mentioned above is provided either by the data subjects, or by third parties-data controllers who possess and lawfully process it, (a) when they make contact or when we contact them for the first time; (b) when they transact with us or with third parties through the websites and the web pages of the Company and through the services, programs and tools provided therein; (c) when they visit and browse the websites and web pages of the Company; or (d) in the context of our business activities through our products and cloud services, for the purpose of providing our services to our customers in accordance with the respective contractual obligations. The provision of the information mentioned above may take place at various instances and by different means, such as via printed or online forms, telephone or email, online delivery or providing access to such information remotely or online, through a member of our personnel or of a business partner, through the employer or a member of the personnel of the data subject or a third-party data controller or their business partner. We may also collect information concerning the data subject, for example when, either the data subject, or the third party-data controller who possesses and lawfully processes personal data of the data subject:
asks for information or submits a request, a query etc. through our websites or by other means way using the contact information of the Company;
registers with any update service (newsletter etc.) or any promotional activity or research of the Company;
registers and/or creates an account for the use of the services provided by the Company through its websites and web pages, whereby a registered user is able to post content;
enters into a contractual agreement with our Company for the provision of services which require the processing of personal or other data which is lawfully in the possession of the third party-data controller;
the personnel of the Company visits web pages on which the information mentioned above has been lawfully posted and made publicly available.
Purpose for collecting and processing personal data by the Company
The Company uses the personal data it collects for the following purposes:
Mail and contact on behalf of the Company in order to perform its business activities and conduct all of its transactions.
Entering into and executing agreements.
Sending of promotional material and marketing activities.
Developing and marketing products, software, applications, tools etc. and providing related services in the area of artificial intelligence and cybersecurity.
Legal basis for processing
The Company processes the personal data it collects under any of the following legal bases :
Processing is a legal or contractual obligation of the Company.
Processing is necessary for the Company to enter into or execute an agreement, or to carry out, complete transactions and provide services in the context of its commercial activities.
Processing serves the operational needs as well as the business and commercial interests of the Company, such as compliance with legal and contractual obligations, the defense - legal protection and exercise of its rights, or the provision of information about and the promotion of the Company’s services .
The data subject has in advance expressly, explicitly and specifically consented to the processing of personal data in a specific way and for a specific purpose.
Disclosure of personal data
The Company may disclose the personal data it collects to third parties only in the following cases:
To the personnel or to business partners of the Company on a need-to- know basis in order for them to perform their tasks and/or to provide their services to the Company, in the context of the business activity of the Company and under a relevant contract which includes specific terms and conditions, covenants and obligations concerning the protection of personal data by such persons.
If disclosure is obligatory by law or results from an order, a decision, an investigation or an inspection by any competent administrative, judicial, police or other authority etc.
The data subject has in advance expressly and specifically consented to the disclosure of the personal data in a specific way and for a specific purpose.
The Company does not transfer personal data outside the European Economic Area.
Retention of Personal Data
The Company retains the personal data it collects for as long as necessary to fulfil the purpose of their collection as well as any for additional period of time required by any applicable legislation or following a prior written and specific consent of the data subject.
Security of Personal Data
The Company takes all necessary organizational and technical measures to protect the data from accidental or unlawful destruction, accidental loss, alteration, prohibited dissemination or access and any other form of unlawful processing.
Rights of the Data Subject
In brief, the data subject has the following rights towards the Company:
Right to information: To request information, in addition to the above- mentioned in this Privacy Notice, regarding the way in which the Company uses his/her personal data and his/her rights.
Right of access: To obtain access to his/her own personal data and to related information such as the processing purposes, the data categories, their origin and their recipients, if any.
Right to rectification: to rectify his/her personal data if they are inaccurate or incomplete.
Right to erasure: To request the erasure of his/her personal data when (a) they are no longer necessary for the purposes for which they were collected or (b) there is no lawful justification for the Company to continue using them or (c) if the data subject has withdrawn his/her consent.
Right to restriction of processing: To restrict, in some cases, further processing of his/her personal data.
Right to data portability: To receive his/her personal data and/or request that the Company transmits them to another data controller.
Right to object: to object at any time to the processing of his/her personal data for reasons relating to the performance of a duty carried out for reasons of public interest or in exercise of public authority or the existence of a legitimate interest, following the balancing of interests, including profiling.
For any further questions or queries concerning the use of personal data, the Company shall make best efforts to respond in writing to the data subject within thirty (30) days from the date of the request. Within the same period of time the Company will inform the subject of any important reasons which do not allow the Company to respond to such request.
In any event, the information will be provided free of charge with the exception of profoundly groundless, exaggerated or repeated requests, for which a reasonable fee may be charged for Company’s administrative costs.
In all cases mentioned above, as well as in case of contact for any of the topics mentioned above, you may send us your request at [email protected].
Cookie policy
The Company uses cookies to improve the services offered from its website and the browsing experience of the visitors. Most browsers offer choices that allow or prevent the use of cookies. If you opt to restrict or block the use of cookies, your browsing experience on the Company’s website may be affected.
The Company uses the following cookies:
Cloudflare: Sets cookie to support Cloudflare Bot Management.
Google Analytics: allows website owners to track visitor behavior and measure site performance. Also, stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. Furthermore, it calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
Changes to the Privacy Notice
The Company reserves its right to amend this Privacy Notice at any time in order to adapt it to adjust it to the Company’s personal data protection policy of the Company and the applicable legislation as in force. The date of the latest version will be first written above.
