Personal Data Protection Policy

The Online Wellness Center with the name “STAMATINA KOUTROUMPI” and the distinctive title “BALANCED” based in Dionysos at Evmenous Street no. 18, with VAT number: 117121849 – Tax Authority Kifissias (hereinafter referred to as “the Company”), recognizing the fundamental importance of the protection of personal data, has fully complied with its obligations under the General Data Protection Regulation (EU) 2016/679 (GDPR).

This Personal Data Protection Policy in accordance with Article 13 of the General Regulation for Data Protection of the EU 2016/679 (GDPR), and also the relevant Greek legislation in force, informs you about the personal data that concerns you, which the Company collects and processes. Furthermore the legal basis and the purposes of their processing, the way it uses and protects them, the possibilities and the rights that you have based on the above legal framework.

This Privacy Statement, which provides to any person receiving or interested in receiving services from our Company, as well as employees or interested parties to work in it, accurate and thorough relevant information, which may be amended from time to time. In order to be always up to date and in accordance with the provisions in force at all times.

Please visit our website regularly https://balanced.gr/ in order to make sure that you are aware of any changes.

1. What is personal data? Basic Definitions

1.1. The term “personal data“, in accordance with Article 4§1 of the EU General Data Protection Regulation (GDPR), refers to any information relating to an identified or identifiable natural person (data subject), hereinafter referred to as “Personal Data” or “Data “. The identifiable natural person is one whose identity can be ascertained, directly or indirectly, in particular by reference to an identity identifier (such as name), identity number, location data, online identity identifier and generally one or more physical identifiers; physiological, genetic, psychological, economic, cultural or social identity of that natural person.

1.2. The term “processing” of personal data in accordance with Article 4§2 of the General Data Protection Regulation of the EU 2016/679 (GDPR), refers to any operation or series of operations carried out with or without the use of automated means, in personal data or sets of personal data, such as the collection, registration, organization, structure, storage, adaptation or alteration, retrieval, retrieval of information, use, disclosure, transmission and/or any other form of disposition, association or combination, restriction, deletion or destruction.

1.3. The term “Processor” of personal data, in accordance with Article 4§7 of the General Data Protection Regulation 2016/679 (GDPR), refers to a natural or legal person, public authority, service or other body that alone or together with others, determine the purposes and manner of processing personal data. Where the purposes and manner of such processing are determined by Union law or the law of a Member State, the controller or the specific criteria for his appointment may be laid down in Union law or in the law of the Member State.

1.4. The term “performs the processing” of personal data, in accordance with Article 4§8 of the General Data Protection Regulation 2016/679 (GDPR), refers to a natural or legal person, public authority, service or another body that processes personal data on behalf of the controller.

1.5. The term “consent” of the personal data subject in accordance with Article 4§11 of the General Data Protection Regulation of the EU 2016/679 (GDPR), refers to any indication of free will, or specific, that the subject is fully aware, and he agrees, with a statement or with a clear positive action, to process the personal data concerning him.

1.6. The term “health data” according to Article 4§15 of the General Data Protection Regulation of the EU 2016/679 (GDPR), refers to personal data related to the physical or mental health of a person. Including the provision of exercise services (not physical therapy) and which discloses information about his or her state of health.

2. What personal data do we collect about you?

We collect and process only the personal data that concern you and is absolutely necessary to serve the purpose for which it was given and used exclusively for this purpose and only after having previously obtained your explicit consent. Particularly:

2.1. Simple personal data concerning you.

We collect simple personal data concerning you which may include: name, patronymic, gender, age, contact details (residence – postal address, landline and / or mobile phone number, e-mail address), VAT number, Competent Tax Authority. This information and data will be included in the folder and / or in the tab that will be created either in electronic or printed form.

2.2. Health data (special categories of personal data). In addition to the simple personal data, we have obtained special categories of personal data relating to specific health data; will be processed for the necessity for the safety provision by our Company of exercise services (not physiotherapy). Specifically, our Company processes your medical history, which you have informed us and for the processing of which you have given us your explicit consent, in order to be able to provide you with safe exercise (not physical therapy) services. This information and data will be included in the file that will be created in electronic and / or printed form, after your visit to our site or our website.

2.3. Data and Contact Information.

We collect your name, address and general contact information (including your email address and telephone number (landline and / or mobile).

2.4. Necessary Information for the Issuance of Legal Documents.

We collect your information that is necessary for the invoicing and payment of our services, as well as the management of payment issues, such as your VAT number, your tax data, your bank details or some payment details (eg IBAN ) etc.

2.5. State and official identification numbers.

We collect your tax registration number, or other identification number, issued by a competent government authority, only if necessary.

2.6. Online activity data.

We collect personal data concerning you when you use the services and websites of our company and if you have previously expressly given your consent for this purpose. These may include your social media account ID, IP address and other online IDs that you provide to us online on our website. The above applies only to the internet services and websites owned by our company and does not apply to information collected through any other website.

2.7. The Company declares that it will not collect or process personal data from minor individuals, without first obtaining the consent of the person exercising parental responsibility of the minor.

3. For what purpose do we process personal data concerning you?

We process the personal data that concerns you indicatively for the purposes listed below:

• For the fulfilment of our contractual obligations to you and specifically the provision of exercise (not physiotherapy) or counselling services.
• To improve the quality of our services provided to you.
• For any kind of communication with you, for your information within the framework of our provided services (including phone call, sending sms message, sending e-mail message for your information about new services, for reminder, appointment confirmation) .
• For the evaluation of your qualifications and skills for a job in our company, for which you as an employee have submitted an application and a CV and for reasons of communication with you for this purpos
• For our information about your studies and experience in order to receive mentoring services from our company.
• For our general compliance with our legal obligations and in particular with the applicable tax, insurance, labour legislation, the applicable laws for health, the provision of our services and our general legal obligations, including our obligation to comply medical record (no. 14 KID) and keeping a record of health data processing (no. 30 GDPR).
• For our compliance with legal procedures and court decisions, to respond to requests from public and state services and authorities in the exercise of their public authority.
• For the fulfilment of the legal interest of our company. We collect and process your personal data in a way that is reasonably expected as part of the operation of our business and that does not substantially affect your rights or interests.
• To defend our legal rights and claims in order to protect our legitimate interests and business activities, or those of our associates and to safeguard the rights, privacy, security or assets of our company and associates us, your own legal claims or rights, or other persons.

4. Where do we collect and process personal data concerning you?

The personal data concerning you is collected:

• From you, when you contact us by phone, when you fill out electronic forms or send an e-mail (“e-mail”), or with any other communication with us, in order to be informed or to use the services of our company.
• Automatically through the browser – “browser” or the mobile device you use to access our Website.
• When you visit and use our website only for informational purposes, we collect only the Personal Data concerning you which your browser transmits to our server, which are technically necessary for its Οur website to you and guarantee stability and security.
• . With the exception of any Personal Data relating to you which is collected by Cookies, the Personal Data relating to you is limited to what you have provided expressly and for a specific purpose and provided that you have given your explicit consent.
• We also collect Personal Data that concerns you during your visit to our website and if you have expressly consented to this, by explicitly completing the relevant fields.
• From social media pages, other social media content, our tools and applications.
• From you, when you visit our site to receive information about the services provided by us or about the provision of our services to you.

5. Legal basis for the processing of personal data concerning you.

The processing by our company of the simple personal data and / or the personal data of special categories that concern you, is done in the context of the fulfilment of our contractual obligations to you and in particular the provision of our services to you and is based on:

• Your positive, free, specific, explicit and full consent, which you can freely revoke at any time by sending an email with your request to our company.
• In the conclusion and execution between both parties of a contract for the provision of our services.
• At your request when you visit our site to receive informative information about our services.
• In our legal obligation, as a company providing exercise services (not physiotherapy) or consulting and for our compliance with applicable national and / or European legislation and the fulfilment of our legal obligations to public / government services and authorities.
• In our legal interest for the fulfilment of our professional purpose, ie the provision of our services, for the establishment, exercise or support of our legal claims.

6. Retention time of personal data concerning you.

– After the provision of any service for which you have provided us with your personal data, we maintain simple personal data concerning you, such as name, address, telephone, email and other contact details, for commercial communication purposes in accordance with the requirements of Law 3471 / 2006, unless you wish to no longer receive informative newsletters or you wish to unsubscribe altogether from the news sending system of our company. You can inform us by using the contact form of the site or send an e-mail to unsubscribe@balanced.gr

– For the safe provision of exercise services (not physiotherapy) by our Company it is very important that you inform us of your medical history. This information and data will be kept by our company for as long as the contractual relationship between us lasts and for six (6) months after its expiration and will be kept throughout this period in a file, which will be protected from encryption and will not be available online.

– For as long as the relevant legislation stipulates and in particular for as long as Law 3418/2015 stipulates, according to which, we are obliged to keep the personal data that concerns you for at least ten (10) years after your last visit or communication on our site (for tax reasons).

– When we are going to comply with a legal or regulatory obligation or for the protection of our legal interest, we retain the necessary personal data concerning you, at least for the period required by law to comply with that obligation.

• When it comes to covering a job and sending you a CV for a period of six (6) months from receipt.

7. Guarantees and measures we take to protect your data.

When you provide us with your personal data, we take appropriate technical and organizational measures to ensure that it is kept secure.

We update and control the security technology we use, on an ongoing basis. We restrict access to the absolutely necessary personal data concerning you and only to those of our partners who need to know your data in order to provide their services to you.

In addition, we train the potential staff of our company and our external partners, regarding the importance of confidentiality and confidentiality and security of personal data that concern you and we bind them with contracts of confidentiality, confidentiality and confidentiality of the information that become aware of the provision of their services to us.

Among other things, we have implemented the following appropriate technical and organizational measures and procedures to protect your personal data relating to you from any loss, alteration, illegal processing or alteration:

• Use of servers located in areas with classified and restricted access and subject to regular inspections.
• Use of computer-compliant computer systems and programs, programs that are installed in a way that minimizes the use of personal data.
• Adoption of individual procedures for the preservation of personal data and their secure deletion / destruction.
• Business continuity measures.
• Storage and preservation of personal data concerning you (both simple and special categories – sensitive) either in electronic or printed form, in a special storage space, protected and secure, to which there is no access of unauthorized persons.
• Encryption, encryption of the most sensitive data.
• Continuous adaptation and updating of the operation of our processes and systems.

8. Who are the recipients of your personal data?

The processing of personal data concerning you is done by specially authorized personnel of our company, including its external collaborators (indicatively mentioned financial advisers – accountants, legal advisers, etc.), who, however, are committed to us for the protection of confidentiality, confidentiality and for the protection of personal data that concern you and only for the purposes provided to us through computer systems and electronic devices and / or manuscripts, and which, by order and on our behalf – will act as “processors”.

8.1. Our company guarantees that it will not proceed with transmission, notification, concession, etc. of the personal data concerning you (other than those mentioned above here) unless required by applicable law and required to be made available to public / judicial / audit bodies and authorities.

8.2. In each transmission for processing on our behalf, we take the appropriate technical and organizational measures, so that the data to be transmitted is the minimum necessary and that the conditions for their legal proper processing will be met.

9. Your rights

You have the following rights under the GDPR legal framework:

• Right of access – The right to receive information about whether data is being processed and the right to access it.
• Right to information about this processing (who, for what purpose, recipients, retention period, etc.).
• Right to correction – Right to correct inaccurate personal data and to complete incomplete information.
• Right of deletion (Right to be forgotten) – Right to request the deletion of any data concerning the subject under certain conditions and if this does not conflict with another provision of law (data that is no longer necessary, revocation of consent, data that have been illegally processed). Right to Restrict Processing – when the accuracy of the data is questioned, when the processing is illegal, when the data is no longer needed by the controller, when the data subject has objected to the automated processing.
• Right to data portability – Right to request the transfer of personal data to another Processor in a structured, widely used and machine-readable form, provided that this does not conflict with another prohibitive provision of law.
• The right to address the APDPX for any issue that concerns its competence in relation to the above described processing of personal data concerning you.

You can exercise your above rights after submitting a relevant written application to the company, at the email address info@balanced.gror at the postal address of the company, Evmenous 18 – Dionysos – 14576. The company must respond to you without charge and within 30 days from the date of submission of the relevant application.

10. Consequences of not providing your data

The provision of personal data concerning you is necessary for the provision of our services to you and the fulfilment of our contractual obligations; therefore, in case of your refusal to provide them by you, we will not be able to provide you our services.

11. Is your data secured?

We are committed to keeping your personal data safe.

Recognizing the importance of the security of your personal data, we have taken all appropriate organizational and technical measures to secure and protect your data from any form of accidental or improper processing. We use modern methods to ensure maximum safety.

These measures shall be reviewed and amended as necessary.

12. How to contact us?

We hope this Privacy Policy has helped you understand how we handle your personal information and your rights and how you can control how our business handles them. You can contact us for any questions regarding the processing of personal data concerning you, either by sending an e-mail or by sending a postal letter to the above mentioned details.

In our company Responsible for the Protection of Personal Data is Mrs. Stamatina Koutroumpis. You can contact her to exercise your rights.

13. Release Information – Changes and Updates

We reserve the right to modify and update this Personal Data Protection Policy at any time, for any reason, without notice to you, except for the posting of the updated Personal Data Protection Policy on our website and you should check it out frequently, to be informed about the current and valid Privacy Statement.

Cookies Policy

What are cookies?

Cookies are small text files that a website stores on your computer or mobile device when you visit that website. This way, the site remembers your actions and preferences for a period of time, so you do not have to enter those preferences every time you visit the site or browse its pages. Cookies do not collect information individually, but when read by a server through a web browser; they can provide information to provide a more user-friendly service.

Cookies do not pose a risk to the computer of the user / visitor of the website. If you do not want to collect information through cookies, you can configure your internet browser to delete the existing cookies on your hard drive and choose either to automatically reject all new cookies, or to ask any once a cookie is about to be installed on the computer hard drive if it wants to reject or accept it. However, users / visitors should be aware that choosing to decline cookies will make it more difficult or impossible to use parts and services of the website.

What types of cookies are used on our business website?

The types of cookies used by the website are permanent cookies (persistentcookies) and temporary cookies (sessioncookies).

The temporary cookies (sessioncookies) used by the website are deleted after the end of your browsing and / or after the closing of the browser.

Persistent cookies (persistentcookies) remain on your computer or device until you delete them, or for a predefined cookie period.

Also, when you visit our website, some of our partners (GoogleAnalytics, GoogleAdWords, Facebook, Instagram, Messenger) place cookies (third-partycookies) on our behalf. With these cookies they collect data for the performance of the promotion of our services and your interaction with our website. This data may be used by our above partners to draw statistical conclusions and improve your relevant visitor experience.

Which cookies are used on our website and what information is collected?

Our company website uses cookies for various purposes depending on their function:

Absolutely necessary / Basic Cookies (Essentials). The absolutely necessary cookies are essential for the proper functioning of the website; they allow you to browse and use its functions, such as access to safe areas or use the shopping cart. These cookies do not recognize your personal identity. Without these cookies, we cannot offer effective operation of our website.

Functionality Cookies. Functionality cookies help the website remember your choices, such as your username, language and region. Thus, we provide you with improved and personalized functions. In addition, they help provide the services you have requested, such as video viewing or social media use. They do not allow us to track your activity on other websites.

Performance Cookies (Analytics). Performance cookies collect information about how you use the website, such as which pages you visit most often and if you receive error messages. The information they collect is aggregate. We only use them to improve the performance of our website.

Our site uses GoogleAnalytics, a web analytics tool service provided by Google Inc. GoogleAnalytics uses cookies to help this site analyze how you use it. The information generated by the cookie about how you use this website will be transmitted to Google, which will store it on servers in the US. Google will use this information to evaluate how you use this site, report activity on the site to its administrators, and provide other services related to your site activity and internet usage. Google may also transfer this information to third parties if required by law or if such third parties process the information on behalf of Google. Google will not associate your IP address with any other data in its possession.

Third party vendors, including Google, may use cookies to update, optimize and display ads based on a user’s previous visit to our site.

Targeting cookies / promotions and usage statistics (Advertising). These cookies are used to provide content that best suits you and your interests. They can be used to send targeted promotions / offers, limit promotions or measure the effectiveness of a promotion. They can be used to remember the sites you have visited to determine which online channels are most effective and allow us to reward external websites and affiliates who have referred you to us. Also, to improve our website, we use cookies to collect information about when and how you interact with our website, listings, updates and services offered by our website. For example, how many times have you seen a particular product or service and if you chose to share it on a social networking platform.

Our website may also use cookies from your previous visit to the website for repetitive promotion / communication.

You may opt out of such use of cookies by Google.

Our site may use GoogleAnalytics features for promotion promotions (e.g. dynamic repetitive communication, Network display reports, Google display and demographic reports, interests, etc.).

Using Promotional Settings, you can opt out of GoogleAnalytics for display ads and customize Google Display Network ads.

Social networking cookies. These cookies are necessary for the connection of your social media account with our website. For example, to allow you to republish and share with your friends on social media information on our website or to indicate that you want to follow our social media page. Social networking cookies are not required for your navigation on our website.

Third party vendors, including Facebook, may display ads of our Company on Facebook.com and its affiliate sites and use cookies to update, optimize and display ads based on a user’s previous visit to our website.

Our website may also use cookies from a previous visit to our website for dynamic repetitive communication.

You can choose your exception from such use of cookies by Facebook here. More information about Facebook ads can be found here.

The following cookies are used in detail from our business website:

NAME   SOURCE               USEFULNESS

1. cookielawinfo-checkbox-necessary

This cookie is an integral part of the Privacy Policy add-on. Used to store user consent for cookies in the “Necessary” category.

2. cookielawinfo-checkbox-non-necessary

This cookie is an integral part of the Privacy Policy add-on. Used to store the user’s consent for cookies in the “Not Necessary” category.

3. wordpress_sec_64259efa54d04645fb10a00f4fe8e106

This cookie is used to provide protection against hackers and to store account information.

4. woocommerce_cart_hash

This cookie stores an encrypted string representing the contents of the shopping cart.

5. woocommerce_items_in_cart

This cookie is used to store products in the shopping cart.

6. wordpress_logged_in_64259efa54d04645fb10a00f4fe8e106

This cookie is used to keep users logged in.

7. jet_apb_add_to_calendar

This cookie is used for calendar-related items.

8. tk_ai

This cookie is used to store the unique user ID, the ID.

9. wordpress_test_cookie

This cookie is used to store the acceptance or not of the use of cookies by the visitor of the website.

10. wp-settings-time-1 and wp-settings-1

WordPress also defines some cookies called wp-settings- {time} – [UID]. The number at the end is the unique user ID that stands out from the user database table. This is used to customize the view of the administrator interface and possibly the main site interface.

11. _ga

This cookie is used for Google Analytics.

12. wp_woocommerce_session_64259efa54d04645fb10a00f4fe8e106

The name of this cookie comes from wp_woocommerce_session_hhhh, where hhhh is a version of the website’s URL. The cookie contains information that identifies the customer and the expiration time of the session. For buyers – visitors this is a randomly generated cryptocurrency ID.

Note: Because the cookie name is predefined with wp, caching systems such as batcache will not cache pages when they are set. Its duration is configurable.

13.https://wordpress.org/support/article/cookies/#utm_medium=referral&utm_source=facebook.com&utm_content=social

These are all cookies that wordpress uses to store new members.

How to control cookies in general

Cookies are stored on your computer or device, after being informed of the privacy settings and giving your consent for each of these categories, with the exception of the Basic Cookies, the Functionality Cookies and the Traffic Management Cookies for which no explicit consent is required. If you do not accept cookies or some categories of them, some of the features of our website may not be fully available, but in no case will you be excluded from accessing our website.

It is at your discretion to revoke, whenever you want, your consent or to oppose the use of cookies on your computer or device, to check and / or delete cookies.

You can delete cookies from the computer or device you use, at any time by simply clicking on any of the following paths:

Mozilla Firefox

Google Chrome

Internet Explorer

Safari

In this way you revoke your consent to the use of cookies on your computer or device.

You can also configure the browser you use in such a way that it either warns you about the use of cookies in certain services of the websites, or does not allow the acceptance of the use of cookies in any case.

What are your rights?

You have the right to request information about the processing of your personal data, to access it, to correct it and to complete it at any time. In addition, you have the right to request their deletion, restrict their processing or withdraw your consent to the use of some or all of the cookies and consequently to the processing of your data.

To exercise your rights at www.balanced.gr, you can submit your request to the email address info@balanced.gr.

Where can you find more information on the protection of personal data collected by cookies

Information on the protection of your personal data, but also on your rights can be found in the Privacy Policy.

Changes to the Cookies Policy

This Cookies Policy is subject to change at any time. For this reason, we consider it appropriate to refer to this Policy regularly. This entered into force in 2020. In case of modification it will indicate the date on which it took place. The Cookies Policy is always considered valid, as formulated by the most recent modification.

DECLARATION OF CONSENT

Having read all of the above, I DECLARE THAT I PROVIDE MY EXPRESS AND UNDERTAKING AGREEMENT FOR THE MAINTENANCE AND PROCESSING OF MY PERSONAL DATA (name, surname, city, address, PO Box, telephone, e-mail and what else necessary) which have notified to the Balanced website, through the contract or request between us to activate a service or communication in order to obtain and maintain a personal history and not only for the needs of exercise (not physiotherapy) and / or counselling always in accordance with the requirements of No. 679/2016 Regulation of E.U. on the protection of personal data. At the same time I declare that for my safe exercise it is necessary to state accurately my medical history and I was informed that:

• The relevant processing will be done by BALANCED as the Controller.
• Further recipients or performers of the processing of my data, will be or may become third parties responsible for the processing provide computer services, computerization, storage, management and organization of files, printing, accounting and legal support.
• The above personal data will be stored in physical and / or electronic form for at least as long as my contractual relationship with the controller lasts. In case for any reason the contractual relationship between us ends, my special category data will be kept for an additional period of six (6) months, while my simple personal data will continue to be kept for as long as required by the current national or community legislation. Finally, it is pointed out that in case of a pending court dispute, my data will be kept for the entire necessary period of time until the final conclusion of the court case, either out of court or by an irrevocable court decision.
• I reserve the right to request the controller to access and correct or delete my data or restrict the processing or right to object to the processing, as well as the right to the portability of my data.
• I reserve the right to revoke this consent at any time, as easily as I now provide it, although I know that for the safe provision of Responsible Treatment services it is necessary to take into account my medical history and revocation may result, expose me to risks to my health and physical integrity for which I take full responsibility.