Privacy Policy

PRIVACY NOTICE

The Company “BREW RATIO ΙΚΕ” with trading name “BREW RATIO” (hereinafter “the Company”, “Data Controller”, «BREW RATIO», “we”) fully shares your concern regarding your personal data in accordance to the enhanced requirements of Regulation (EU) 2016/679 (hereinafter “GDPR”), law 4624/2019 and, the relevant legislation about the protection of Personal Data, as the Data Controller, informs the natural persons (hereinafter “Data Subjects”, “you”) about the processing of their personal data through this Privacy Notice.

 

Ι. What personal data we collect, for which purposes and which are the legal bases

 

 

PURPOSE PERSONAL DATA COLLECTED LEGAL BASIS
1.       Contact (Contact Form, Telephone, Fax,  Email message) Name, surname, telephone, email address, subject of your message, any personal data included in your message Article 6(1)(b) GDPR: processing is required in order to satisfy user’s request
2.      Newsletter Email address Article 6(1)(a) GDPR: the data subject’s consent
3.      Expressing interest for our Franchise Full name, email address, landline phone and mobile phone, area of interest for a franchise, any personal data included in your message Article 6(1)(b) GDPR: processing is required in order to satisfy user’s request
4.      Career Opportunities Full name, telephone, email address, subject of your message, any personal data included in the candidate’s message, job position of choice, area of choice for work, any personal data that is included in the candidate’s CV Article 6(1)(b) cl.(b) GDPR: processing is required in order to satisfy user’s request prior to entering into a contract
5.      Social Plugins Through the plugins in use in our website we may be granted access only to publicly shared information found on the respective Social Media platforms. The use of the plugins found on our website is governed by the terms and conditions of each platform. Article 6(1)(a) GDPR: the data subject’s consent, as explicitly given by clicking each social media icon that transfers the user to the corresponding social medium.
6.      Geolocation Location Data Article 6(1)(a) GDPR: the data subject’s consent, as explicitly given by accepting the tracking alert pop up, and

Article 6(1)(b) cl.(b) GDPR: processing is required in order to satisfy user’s request, to find a nearby Coffee Lab shop

 

7.      Blog posts comments Name, email address, web page, any personal data included in your comment Article 6(1)(b) cl.(b) GDPR: processing is required in order to satisfy user’s request

 

 

  1. How long your personal data is retained for

Personal data shall be retained for as long as necessary for data collection purposes, as specified in section I, unless otherwise specified by law.

 

If retaining your data is not needed for an explicitly described and legal purpose, we safely delete and/or destroy them in accordance to our “Policy for Keeping and Deleting Personal Data”, excluding your contact information, that shall be retained until the removal of your consent regarding receiving our products and services Newsletters.

 

 

ΙΙΙ.To whom your personal data are disclosed and/or transmitted

Our company shall disclose your personal data to authorized employees of our Company.

 

Furthermore, we may disclose personal data collected through this website to:

  1. a) Entities entrusted with the execution of specific tasks such as, but not limited to, lawyers, product suppliers and/or IT service providers and/or support service providers of all kinds of computer-based information systems or electronic systems and networks, logistics companies, marketing companies, business consulting firms. Those entities offer adequate assurance for the implementation of necessary technical and organizational measures, so that data processing is conducted in accordance to GDPR and other relevant legislation for data protection.
  2. b) Third parties cooperating with or rendering services to our Company, including, but not limited to, courier services.
  3. c) Supervisory, independent, judicial, prosecuting, public and/or other authorities, bodies or parties assigned to control/monitor the Company’s activities within the scope of their responsibilities.

 

ΙV. Rights of the data subject

The General Data Protection Regulation provides you with rights and options that we are committed to satisfying. Thus, you may:

  • request information about your stored personal data and the way it is processed. If you so wish, we shall provide a copy of your personal data undergoing processing, free of charge (Right of Access).
  • request rectification of inaccuracies or errors, correction of incomplete data or an update of your data (Right to rectification).
  • request erasure of personal data, if no longer retained for specific, legal or stated purposes (Right to erasure or Right to be forgotten).
  • request restriction of processing a) when the accuracy of the personal data is contested, b) when the processing is unlawful (but you oppose the erasure of the data), c) when the data is no longer needed for the purposes of the processing, and d) for as long as the verification whether the legitimate grounds of the controller override those of the data subject are still pending.
  • object on grounds relating to your particular situation, at any time, to processing of personal data, especially when this data is processed for direct marketing purposes or profiling. More specifically, you may object to a decision based solely on automated processing. In such a case, you may exercise your right of intervention (Right to object – Automated individual decision-making).
  • receive your personal data in a structured, commonly used and machine-readable format or transmit this data to another controller at your behest, where technically feasible and at all times under the specific conditions of the law (Right to data portability).
  • Revoke your once granted consent for your data processing at any time. As a result, we will not be allowed to continue the data processing based on this consent in the future.

 

You may address any requests via email to our Company’s Data Protection Officer (DPO).

Our Company shall fulfill all your requests within one (1) month. In the extremely rare cases that such a fulfillment is proven unfeasible, we shall immediately inform you explaining the reasons in detail.

 

If you believe that the provisions for personal data are being violated, you may file a complaint to the Hellenic Data Protection Authority (www.dpa.gr).

  1. Contact Information

 

DATA CONTROLLER
Brew Ratio ΙΚΕ
Kyprou 10, Moschato
2168004940
info@coffeelab.gr
DATA PROTECTION OFFICER
Revival Consulting Services Α.Ε
dpo-custom@revivalsa.gr
Lenorman 194-196, Athens
210 5156800

 

  1. Effective date – Amendments

Version 1.0, Posted on 17/1/2021