The company Indigital SA, owner of the website "inspeech.gr" fully complies with the provisions of the General Data Protection Regulation (EU) 2016/679 (GDPR or GDPR) and Law 4624/2019 for the protection of personal data . Indigital may process part or all of the information sent by visitors/users/partners/contractors/customers for reasons related to legislation, for statistical reasons and for reasons of improving its services.

Basic Definitions of Personal Data

"Personal data": any information concerning an identified or identifiable natural person (e.g. name, age, profession, activities, financial situation, etc.).

"Sensitive personal data": data relating to racial or national origin, political opinions, religious or philosophical beliefs, trade union membership, health, welfare and love life, criminal prosecutions or convictions , as well as the participation in associations of persons related to the above.

"Processing": any operation or series of operations carried out with or without the use of automated means, on personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, information retrieval, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.

Subject: subject of personal data is any natural person who is connected by virtue of one or more capacities to Indigital SA and whose personal data is processed in the context of said transaction or other relationship and/or capacity.

PERSONAL DATA PROTECTION POLICY Categories of personal data

During your visit to the Company's website, the Company may process:

• The data you have entered to register on the website and the services offered (username, password to enter the page, name, contact phone number, e-mail address, Service Number, VAT number, content of communication)
• Personal data automatically collected during your browsing (IP address, device type, browser, redirecting website, company websites you visited, date and time of visit).

Processing purposes

Personal data is processed for the following purposes:

• The service of pre-contractual or contractual relationship so that you receive the information personalized for you and have access to your individual documents as well as to respond to your requests or to contact you after your request.
• The establishment of any legal claim or defense of the Company against attempted fraud, potential cyber attack or other illegal activity.
• The creation of statistics through anonymization methods for statistical reasons, the traffic and accessibility of the main website, as well as the subsequent pages, so that we can take the necessary actions to improve them in order to improve your browsing experience.

The processing of your personal data is necessary for the fulfillment of the aforementioned purposes.

Personal data of minors.

Indigital bears no responsibility if its website is visited by persons under the age of 18. In the event that during the collection of the data it is realized that the user is underage, the Company will not process his personal data. process his personal data. The website and the services it provides are aimed at people who have reached the age of 18. In the event that during the collection of the data it is realized that the user is underage, the Company will not process his personal data.

Processing of personal data related to your transactional relationship with the Company.

Categories of personal data and sources

In the context of an upcoming or existing business relationship with the Company, the Company may process the following categories of personal data of its business partners:

• Identity and contact information, such as name, tax ID number, social security number, address, telephone number, mobile phone number, fax number, e-mail address provided to us by the transaction partner or his representatives for his identification and our communication with him,
• Data that was processed in the context of a project, a purchase and sale of a product or service, or provided by the business partner, such as personal data related to orders, payments made, requests and reports in the context of the implementation of a project or a collaboration in general.

Processing purposes

Management of the contractual relationship with business partners such as receipts, deliveries of products, provision of services, execution of projects, collections, payments, audits, execution, support and monitoring of the contract, fulfillment of contractual obligations, etc.

Conduct customer satisfaction surveys, conduct advertising campaigns, or other promotions or events.

Ensuring the Company's compliance with legal obligations (tax, insurance, customs, accounting, etc.) for the purposes of compliance checks of business partners for the prevention of financial crimes as well as the safeguarding of its superior legal interests such as the transmission of data to law firms companies or competent authorities.

Recipients and transmissions

The Company may delegate part or all of the above processing to third parties (processors), including their directors and employees:

• to parties that have contracted with the Company to promote the company's services, to provide different  services such as IT support, record keeping, statistical services, IT services, advertising services, certified public accounting firms, etc.

It is ensured in every case that the provisions for the protection of personal data are fully respected

Data Retention Time

The Company will keep your personal data for as long as is necessary to fulfill the purposes described in this policy, or in order for the company to ensure its legal interests or to comply with applicable legislation

Technical and organizational measures

The Company effectively implements, both at the time of determining the means of processing and at the time of processing, appropriate technical and organizational measures, such as pseudonymization, designed to implement data protection principles, such as data minimization, and the integration of the necessary guarantees in this processing in such a way as to meet the requirements of the applicable legislation and to protect the rights of natural persons.

Right to withdraw consent

If you have given your consent to the processing of specific personal data by the Company, you have the right to withdraw your consent at any time, with future effect. Withdrawal of consent does not affect the lawfulness of processing that was based on consent before it was withdrawn. In case of withdrawal of consent, the Company may further process the personal data, only in cases where there is another legal reason for the processing.

Right to delete data

The subject has the right to request the deletion of his data in accordance with the applicable legislation on the "Right to be Forgotten" (unless there is another legal processing obligation imposed by law) through his request which will be considered within a reasonable time.

Right of access

You have the right to be informed if the Company is processing your data, to have access to the data and to receive additional information about its processing.

Right of rectification

You have the right to request the updating, correction, completion of  of your personal data.

Right to restriction of processing

You have the right to request restriction of the processing of your personal data in the following cases: (a) In case of dispute  of the accuracy of the personal data and until it is verified (b) when the personal data is not needed for the purposes of processing, but is nevertheless necessary for the establishment, exercise, support of legal claims, and (c) when you object to the processing and until it is verification that there is a legal basis that concerns Indigital and outweighs the reasons for which you object to the processing.

 Right to portability

You have the right to receive your personal data free of charge in a structured, commonly used and machine-readable format or to request, if technically feasible, that we transmit the data directly to another controller.

Right to object to a decision based on automated processing

You have the right to request your opt-out from decision-making based on automated processing, including profiling.

Personal Data Controller

The Data Controller is Indigital AE IKE, with headquarters in Vrilissia, 31 Dirfys Street.

The Company provides support for all questions, comments, concerns or complaints related to the protection of personal data or in case you wish to exercise any right regarding the protection of your data. Contact can be made via email at info@inspeech.gr

Right of appeal to the Authority

The competent authority is the Greek Personal Data Protection Authority. You have the right to appeal to the Personal Data Protection Authority for issues related to the processing of your personal data. There must have been a previous attempt on your part to exercise your rights with the Company before appealing to the competent Authority. For the Authority's competence and how to submit a complaint, you can visit its website (www.dpa.gr > My rights > Submit a complaint), where there is detailed information.