WELLBEINGR Non-Profit Organization, 7, Nimfeou Str., 115 28, Ilisia, Attiki, Greece,
Email. info@wellbeingr.org, URL. www.wellbeingr.org
a) Personal data processed for the purposes of Website operation
Information systems and software procedures used to operate the Website acquire, during the normal course of operation, some personal data whose transmission is implicit in the communication protocols of the Internet.
It concerns information that is not collected to be associated with specific individuals, but by their own very nature could, through the processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users who connect to the Website and the App, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method utilized to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters related to the operating system and the users.
Information collected in this way could be used for ascertaining responsibility in case of any computer-related offences that damage the Website and the App.
b) Data provided by users directly
The optional, explicit and voluntary mailing of data as requested by the various sections of this Website and of the App are used for the purpose of processing the user’s requests (including but not limited to: cases in which information or clarification is requested by writing to the e-mail addresses found on the Website and on the App).
Specific summary information dedicated to particular services on request will be provided or displayed on the Website pages and on the App.
c) Cookies
The Website makes use of cookies and similar technologies to ensure the proper functioning of procedures and to improve the experience of online applications.
For the use of cookies, please read the complete information by clicking here.
Website functioning
Data collected during browsing are used in order to obtain anonymous statistical information on the use of the Website and to monitor its correct functioning.
a) Legal basis for data processing
Execution of the contract involving the data subject (Website use).
b) Data retention period
Throughout the session on the Website.
Contact purposes
The data provided directly by the user shall be applied to the latter’s requests (e.g. registration on the website or contact request).
a) Legal basis for data processing
Execution of the contract involving the data subject (Website use).
b) Data retention period
As per the information provided upon data collection
After the above retention terms have expired, the Data will be destroyed, erased or anonymized, consistent with the technical procedures of erasure and backup.
Excluding the browsing data, required to implement IT protocols, the provision of personal data by users is free and optional. However, failing to provide such data will make it impossible to carry out the requests made or intended to by the user
Personal data may be communicated to parties acting as data controllers (such as supervisory bodies and authorities and public organizations authorized to request data) or processed on behalf of the Company by parties appointed as data processors, who are provided with suitable operating instructions. These parties include the following categories:
a) companies, working as data processors or for administrative and accounting purposes (e.g., purposes connected with internal, administrative, financial and accounting activities);
b) natural and/or legal persons providing different services to the Company (e.g., suppliers of services for the management of the Website, such as system outsourcers, companies that provide connectivity services to the Internet, etc.). Such parties may also work as Data Processors.
c) parties and/or public and private entities the data will be communicated to for the purposes of fulfilling or enforcing the fulfillment of specific obligations provided for by laws, regulations, and EU legislation. These subjects will operate as autonomous Data Controllers or Data Processors.
The data will be processed by employees, collaborators of the Company or external parties, in their capacity as processors and officers, performing on behalf of the Company technical and organizational tasks on the Website.
The data may be transferred to non-EU Countries, in particular to:
a) Extra UE Countries whose data protection level is deemed adequate by the European Commission in accordance with article 45 of the GDPR;
b) Extra UE Countries other than those referred to in the preceding paragraph a), after signing Standard Contractual Clauses adopted/approved by the European Commission in accordance with article 46, 2, letters c) and d) of the GDPR.
A copy of the above-mentioned safeguards can be obtained sending a specific request to the Controller, according to the modalities specified in the following paragraph “Data Subject’s rights – Complaint to the Supervisory Authority”.
By contacting the Wellbeingr Company via e-mail sent to info@wellbeingr.org, the data subjects can require the Personal Data Processor to access personal data, as well as the correction or deletion of personal data, and are also entitled to restrict processing of such data in the cases set out in article 18 GDPR, and object the processing in case of legitimate interests of the Personal Data Processor.
Furthermore, in the case where processing is based on consent or a contract and carried out with automated tools, data subjects have the right to receive the personal data in a structured, commonly used, and machine-readable format, and to transmit the data to another Personal Data Processor without obstruction.
In addition, if the processing is based on consent or contract and is carried out by automated tools, the data subjects have the right to receive their personal data in a structured, widely used, and machine-readable form and, if is technically possible, to transfer them to another Data Protection Officer without hindrance.
Data subjects have the right to withdraw their consent at any time if their consent serves marketing or profiling purposes, as well as to object to the processing of their data for commercial purposes, including profiling related to the direct marketing. However, if a data subject prefers to be contacted for this purpose exclusively by traditional means, he will be able to express his objection only by communication based on automated methods.
Data subjects have the right to lodge a complaint to the competent Supervisory Authority in the member state where they are resident or where they work, or the member state where the alleged breach took place.
In more detail, the subjects of personal data have the following rights:
a) right of access, i.e., the right to be informed if the personal data concerning them is being processed,
b) right of rectification, i.e., the right to request the correction of inaccurate personal data,
c) right to erasure, i.e., the right to request the erasure of personal data concerning them,
d) right to limit processing when the accuracy of the data is disputed, or is illegal, or for other reasons,
e) right to portability, i.e., the right to request to receive the data concerning them in a structured, commonly used, and machine-readable format, as well as to transmit the data to another data processor and
f) right to object to the processing of their personal data, unless there are compelling and legitimate reasons for the processing, which override their interests, rights, and freedoms.
To exercise your rights, you can contact Wellbeingr by sending an email to: info@wellbeingr.org or by post to our above address.
Further, if you are in Greece and you consider that your rights regarding the protection of your personal data are violated, according to Regulation no. 679/2016, you have the right to file a complaint to the Personal Data Protection Authority, which is based in Athens (Kifissias 1-3, PC 115 23) and at phone +30 210 6475600 or at the e-mail address contact@dpa.gr.
INFORMATION NOTICE REGARDING THE PROCESSING OF USERS’ PERSONAL DATA ACCORDING TO EU REGULATION 2016/679 (“GDPR”) – “CONTACT US”
WELLBEINGR Non-Profit Organization, 7, Nimfeou Str., 115 28, Ilisia, Attiki, Greece,
Email. info@wellbeingr.org, URL. www.wellbeingr.org
The data provided by completing the relevant form in the “CONTACT US” form will be processed by the WELLBEINGR Company to deal with the request for information or about the Company and/or its services, as well to communicate with them.
a) Legal basis for data processing
The legal basis for processing personal data is consent when visiting our website and when collecting e-mail addresses, as well as when using the contact form.
b) Data retention period
Such data will be retained until the revocation of consent or termination of the relationship with the customer.
After the above retention terms have expired, the Data will be destroyed, erased, or anonymized, consistent with the technical procedures of erasure and backup.
The provision of the data requested in the data collection form is required to provide the information requested, therefore failing to provide such data will not allow the Company to fulfill the request.
Personal data may be communicated to parties acting as data controllers (such as supervisory bodies and authorities and public organizations authorized to request data) or processed on behalf of the Company by parties appointed as data processors, who are provided with suitable operating instructions. These parties include the following categories:
a) companies providing management and/or maintenance services for the Company’s website;
b) companies offering mailing services.
Data may be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorized to process the data and have received suitable operating instructions.
The data may be transferred to non-EU Countries, in particular to:
a) Extra UE Countries whose data protection level is deemed adequate by the European Commission in accordance with article 45 of the GDPR;
b) Extra UE Countries other than those referred to in the preceding paragraph a), after signing Standard Contractual Clauses adopted/approved by the European Commission in accordance with article 46, 2, letters c) and d) of the GDPR.
A copy of the above-mentioned safeguards can be obtained sending a specific request to the Controller, according to the modalities specified in the following paragraph “Data Subject’s rights – Complaint to the Supervisory Authority”.
By contacting the Wellbeingr Company via e-mail sent to info@wellbeingr.org, the data subjects can require the Personal Data Processor to access personal data, as well as the correction or deletion of personal data, and are also entitled to restrict processing of such data in the cases set out in article 18 GDPR, and object the processing in case of legitimate interests of the Personal Data Processor.
Furthermore, in the case where processing is based on consent or a contract and carried out with automated tools, data subjects have the right to receive the personal data in a structured, commonly used, and machine-readable format, and to transmit the data to another Personal Data Processor without obstruction.
In addition, if the processing is based on consent or contract and is carried out by automated tools, the data subjects have the right to receive their personal data in a structured, widely used, and machine-readable form and, if is technically possible, to transfer them to another Data Protection Officer without hindrance.
Data subjects have the right to withdraw their consent at any time if their consent serves marketing or profiling purposes, as well as to object to the processing of their data for commercial purposes, including profiling related to the direct marketing. However, if a data subject prefers to be contacted for this purpose exclusively by traditional means, he will be able to express his objection only by communication based on automated methods.
Data subjects have the right to lodge a complaint to the competent Supervisory Authority in the member state where they are resident or where they work, or the member state where the alleged breach took place.
In more detail, the subjects of personal data have the following rights:
a) right of access, i.e., the right to be informed if the personal data concerning them is being processed,
b) right of rectification, i.e., the right to request the correction of inaccurate personal data,
c) right to erasure, i.e., the right to request the erasure of personal data concerning them,
d) right to limit processing when the accuracy of the data is disputed, or is illegal, or for other reasons,
e) right to portability, i.e., the right to request to receive the data concerning them in a structured, commonly used, and machine-readable format, as well as to transmit the data to another data processor and
f) right to object to the processing of their personal data, unless there are compelling and legitimate reasons for the processing, which override their interests, rights, and freedoms.
To exercise your rights, you can contact Wellbeingr by sending an email to: info@wellbeingr.org or by post to our above address.
Further, if you are in Greece and you consider that your rights regarding the protection of your personal data are violated, according to Regulation no. 679/2016, you have the right to file a complaint to the Personal Data Protection Authority, which is based in Athens (Kifissias 1-3, PC 115 23) and at phone +30 210 6475600 or at the e-mail address contact@dpa.gr.
INFORMATION NOTICE REGARDING PERSONAL DATA PROCESSING IN ACCORDANCE WITH EU REGULATION 2016/679 (“GDPR”) – “RESERVED AREA”
WELLBEINGR Non-Profit Organization, 7, Nimfeou Str., 115 28, Ilisia, Attiki, Greece,
Email. info@wellbeingr.org, URL. www.wellbeingr.org
i. Enable registration to the Reserved Areas of the website to give access to the news, information and content made available by the Company through a personal account, issued by the Company to the users.
Legal basis for processing data is the performance of the contract involving the data subject.
ii. Generic marketing: by way of example, sending – by automated (such as text messages and e-mail) and traditional (such as telephone calls) methods – commercial information relating to services/products offered by the Company or reporting of company events, and carrying out market research and statistical analysis. Consent (which is optional and can be withdrawn at any time).
iii. Profiled marketing: analysis of data subject’s preferences, habits, behaviors, interests in order to provide personalized commercial information/targeted actions/offers and services tailored to data subject’s needs/preferences. Consent (which is optional and can be withdrawn at any time).
iv. Fulfilment of obligations provided for by regulations and by applicable national and international legislation. Legal basis for processing data is the need to fulfil legal obligations.
v. If necessary, in order to determine, exercise or defend the Controller’s rights in legal proceedings. Legal basis for processing data is the legitimate interest.
Collected data will be retained until revocation of consent.
After the expiration of the above-mentioned retention terms, the Data will be destroyed, erased or anonymized, consistently with the technical procedures of erasure and backup.
The provision of data marked with an asterisk (*) in the registration form is mandatory for the completion and pursuit of the contract; any denial to provide the above data does not therefore authorize registration in the Reserved Areas.
Data may be processed by external parties in the capacity of data controllers such as, by way of example, authorities and supervisory and control authorities and, in general, public or private parties entitled to request the data.
The data may also be processed, on behalf of the Company, by external parties appointed as data processors, entrusted with adequate operating instructions. These subjects are essentially included in the following categories:
a. IT support companies and hosting companies;
b. companies offering website management and maintenance services.
c. subsidiaries of the Company if consent is given
Data may be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorized to process the data and have received suitable operating instructions.
The data may be transferred to non-EU Countries, in particular to:
a) Extra UE Countries whose data protection level is deemed adequate by the European Commission in accordance with article 45 of the GDPR;
b) Extra UE Countries other than those referred to in the preceding paragraph a), after signing Standard Contractual Clauses adopted/approved by the European Commission in accordance with article 46, 2, letters c) and d) of the GDPR.
A copy of the above-mentioned safeguards can be obtained sending a specific request to the Controller, according to the modalities specified in the following paragraph “Data Subject’s rights – Complaint to the Supervisory Authority”.
By contacting the Wellbeingr Company via e-mail sent to info@wellbeingr.org, the data subjects can require the Personal Data Processor to access personal data, as well as the correction or deletion of personal data, and are also entitled to restrict processing of such data in the cases set out in article 18 GDPR, and object the processing in case of legitimate interests of the Personal Data Processor.
Furthermore, in the case where processing is based on consent or a contract and carried out with automated tools, data subjects have the right to receive the personal data in a structured, commonly used, and machine-readable format, and to transmit the data to another Personal Data Processor without obstruction.
In addition, if the processing is based on consent or contract and is carried out by automated tools, the data subjects have the right to receive their personal data in a structured, widely used, and machine-readable form and, if is technically possible, to transfer them to another Data Protection Officer without hindrance.
Data subjects have the right to withdraw their consent at any time if their consent serves marketing or profiling purposes, as well as to object to the processing of their data for commercial purposes, including profiling related to the direct marketing. However, if a data subject prefers to be contacted for this purpose exclusively by traditional means, he will be able to express his objection only by communication based on automated methods.
Data subjects have the right to lodge a complaint to the competent Supervisory Authority in the member state where they are resident or where they work, or the member state where the alleged breach took place.
In more detail, the subjects of personal data have the following rights:
a) right of access, i.e., the right to be informed if the personal data concerning them is being processed,
b) right of rectification, i.e., the right to request the correction of inaccurate personal data,
c) right to erasure, i.e., the right to request the erasure of personal data concerning them,
d) right to limit processing when the accuracy of the data is disputed, or is illegal, or for other reasons,
e) right to portability, i.e., the right to request to receive the data concerning them in a structured, commonly used, and machine-readable format, as well as to transmit the data to another data processor and
f) right to object to the processing of their personal data, unless there are compelling and legitimate reasons for the processing, which override their interests, rights, and freedoms.
To exercise your rights, you can contact Wellbeingr by sending an email to: info@wellbeingr.org or by post to our above address.
Further, if you are in Greece and you consider that your rights regarding the protection of your personal data are violated, according to Regulation no. 679/2016, you have the right to file a complaint to the Personal Data Protection Authority, which is based in Athens (Kifissias 1-3, PC 115 23) and at phone +30 210 6475600 or at the e-mail address contact@dpa.gr.
INFORMATION NOTICE REGARDING PERSONAL DATA PROCESSING IN ACCORDANCE WITH EU REGULATION 2016/679 (“GDPR”) – “NEWSLETTER”
WELLBEINGR Non-Profit Organization, 7, Nimfeou Str., 115 28, Ilisia, Attiki, Greece,
Email. info@wellbeingr.org, URL. www.wellbeingr.org
i. Send, by e-mail, informational communications (“Newsletter”) to those who make explicit request, by entering their e-mail address in the appropriate data collection form. Legal basis for processing data is the performance of the contract involving the data subject.
ii. Generic marketing: by way of example, sending – by automated (such as text messages and e-mail) and traditional (such as telephone calls) methods – commercial information relating to services/products offered by the Company or reporting of company events, and carrying out market research and statistical analysis. Consent (which is optional and can be withdrawn at any time).
iii. Profiled marketing: analysis of data subject’s preferences, habits, behaviors, interests in order to provide personalized commercial information/targeted actions/offers and services tailored to data subject’s needs/preferences. Consent (which is optional and can be withdrawn at any time).
Collected data will be retained until revocation of consent (“unsubscription” from newsletter service)
After the expiration of the above-mentioned retention terms, the Data will be destroyed, erased or anonymized, consistently with the technical procedures of erasure and backup.
The provision of data marked with an asterisk (*) in the registration form is mandatory for the completion and pursuit of the contract; any denial to provide the above data does not therefore authorize the subscription to newsletter service.
The user is able to opt out of this service by clicking on the “unsubscribe” link present in every e-mail.
Data may be processed by external parties in the capacity of data controllers such as, by way of example, authorities and supervisory and control authorities and, in general, public or private parties entitled to request the data.
The data may also be processed, on behalf of the Company, by external parties appointed as data processors, entrusted with adequate operating instructions. These subjects are essentially included in the following categories:
a. IT support companies and hosting companies.
b. companies offering website management and maintenance services.
c. subsidiaries of the Company if consent is given
Data may be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorized to process the data and have received suitable operating instructions.
The data may be transferred to non-EU Countries, in particular to:
A copy of the above-mentioned safeguards can be obtained sending a specific request to the Controller, according to the modalities specified in the following paragraph “Data Subject’s rights – Complaint to the Supervisory Authority”.
By contacting the Wellbeingr Company via e-mail sent to info@wellbeingr.org, the data subjects can require the Personal Data Processor to access personal data, as well as the correction or deletion of personal data, and are also entitled to restrict processing of such data in the cases set out in article 18 GDPR, and object the processing in case of legitimate interests of the Personal Data Processor.
Furthermore, in the case where processing is based on consent or a contract and carried out with automated tools, data subjects have the right to receive the personal data in a structured, commonly used, and machine-readable format, and to transmit the data to another Personal Data Processor without obstruction.
In addition, if the processing is based on consent or contract and is carried out by automated tools, the data subjects have the right to receive their personal data in a structured, widely used, and machine-readable form and, if is technically possible, to transfer them to another Data Protection Officer without hindrance.
Data subjects have the right to withdraw their consent at any time if their consent serves marketing or profiling purposes, as well as to object to the processing of their data for commercial purposes, including profiling related to the direct marketing. However, if a data subject prefers to be contacted for this purpose exclusively by traditional means, he will be able to express his objection only by communication based on automated methods.
Data subjects have the right to lodge a complaint to the competent Supervisory Authority in the member state where they are resident or where they work, or the member state where the alleged breach took place.
In more detail, the subjects of personal data have the following rights:
a) right of access, i.e., the right to be informed if the personal data concerning them is being processed,
b) right of rectification, i.e., the right to request the correction of inaccurate personal data,
c) right to erasure, i.e., the right to request the erasure of personal data concerning them,
d) right to limit processing when the accuracy of the data is disputed, or is illegal, or for other reasons,
e) right to portability, i.e., the right to request to receive the data concerning them in a structured, commonly used, and machine-readable format, as well as to transmit the data to another data processor and
f) right to object to the processing of their personal data, unless there are compelling and legitimate reasons for the processing, which override their interests, rights, and freedoms.
To exercise your rights, you can contact Wellbeingr by sending an email to: info@wellbeingr.org or by post to our above address.
Further, if you are in Greece and you consider that your rights regarding the protection of your personal data are violated, according to Regulation no. 679/2016, you have the right to file a complaint to the Personal Data Protection Authority, which is based in Athens (Kifissias 1-3, PC 115 23) and at phone +30 210 6475600 or at the e-mail address contact@dpa.gr.