1. Protection of personal data and data protection & cookies
Data need to be used as an obligation, where necessary it must be collected and processed.
Our company will never sell, rent or distribute in any way or disclose your personal information.
Cookies are small text files that are stored on our browser as we browse the web. Their purpose is to notify the site the user is visiting of their previous activity. They usually, though not always, describe our information such as user name and (password)* in order to visit us on the same website later, to “remember” us and not to login.
Cookies may come from the site we have visited or from someone else (third-party cookies), for example through ads. There are programs that clean up malicious cookies, and if the user wishes to delete them, this feature is provided through the web browser.
* The website www.bmwmotorent.gr does not require and does not use your personal information such as a user name and password.
2. Relevant legislation
This site is designed to comply with the following national and international data protection and privacy laws:
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation (GDPR) 2018
- United Kingdom Data Protection Act 1988 (DPA)
3. Personal information collected by this site and why we collect it
This site collects and uses personal information for the following reasons:
3.1 Monitoring Site Traffic
Like most sites, it also uses Google Analytics (GA) to track user activity. We use this data to determine the number of people who use our site, to better understand how they find and use our websites, and to see their way through the site.
Although GA records data such as your geographic location, your device, your web browser, and your operating system, none of this information makes you personally known to us. GA also logs the IP address of your computer, which could be used for your authentication, but Google does not provide us with access to it. We believe that Google is a third party data processor.
Disabling cookies in your browser will prevent GA from tracking any part of your page visits within this site.
3.2 Contact forms and email links
If you choose to contact us using the Contact Form or an email link like this, none of the data you provide will be stored by this site or transmitted or processed by any third party processor. data, as defined in section 6.0. Instead, this data will be sent to us via email via the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS security protocol (sometimes also known as SSL), which means that email content is encrypted using SHA-2, 256-bit encryption before being sent over the internet. The content of the email is decrypted by our local computers and devices. In addition, our email platform is hosted by Microsoft using Office 365, which is fully GDPR compliant.
3.3 Online newsletter
If you choose to subscribe to our email newsletter, the email address you submit to us will be forwarded to MailChimp, which provides us with email marketing services. We consider MailChimp to be a third party data processor (see section 6.0). The email address you submit will not be stored in the database within the site or in any of our computer systems.
Your email address will remain in the MailChimp database for as long as we continue to use MailChimp’s services for marketing our email or until you explicitly request removal from the list. You can do this by using the delete link that contains all the email newsletters we send you.
If you are under 16, you MUST have your parents’ consent before subscribing to our email newsletter.
As long as your email address remains in the MailChimp database, you will receive periodic (about once a month) email newsletters from us.
4. How we store your personal information
As detailed in section 3 above, some personal information will be stored in the database of this site. This data is stored by a pseudonym, that is, the data requires additional processing using a separately stored “key” before it can be used to identify an individual.
Nickname is a requirement of the GDPR and we have implemented it on this site.
5. About the server of this site
All web traffic (file transfer) between this site and your browser is encrypted and transmitted via the HTTPS protocol. (SSL)
6. Our third-party data processors
We use a number of third parties to process personal data about us. These two entities have been carefully selected and all comply with the legislation set out in Section 2. Both of these entities are based in the US and comply with the transnational agreement known as the EU-U.S Privacy Shield.
7. Data breaches
We will report any unlawful breach of the database of this site or the database of any third party data processor to any and all interested parties as well as to and within 72 hours of the breach, provided that the personal data that is stored in identifiable form have been stolen.
8. Data controller
The editor of this site is: Papanikolaou Angelos, 51-53 Kanellopoulou, 264 42 Patras