Privacy Policy

The company steps-med.gr located at 5 Apostolou Pavlou Pavlou 5 with Kizikou corner, Thessaloniki P.C. 55133 Kalamaria, issues the following privacy statement.

Respecting and protecting your personal data is a commitment. We understand and take seriously the fact that you are aware and interested in your personal data.

This Privacy Statement describes the personal data we collect about you, how we use and protect your personal data and the choices you have about the way we use that data.

We recognize that the protection of personal data is an ongoing responsibility and therefore, we will update and amend this Statement from time to time.

What personal data do we collect about you?

The personal data we process and maintain about you includes:

  • Contact Details. We collect your full name, address and general contact information (including your email address and landline or mobile phone number).
  • Pricing information. We collect your information that is necessary for the payment of our products and services or financial obligations to you, such as your VAT number, bank account information, social security number, etc.

How do we use (process) your personal data?

We use your personal data for the following purposes:

  • To process your orders (provision of services and sale of products)
  • To improve the quality of our services.
  • For our communication with you.
  • For our compliance with applicable tax laws and obligations
  • To comply with legal procedures and court decisions and to respond to requests from public and governmental authorities
  • To enforce and defend our legal rights and claims in order to protect our or our business operations or those of our business partners and to safeguard the rights, privacy, security or assets of our company or our business partners, your own legal claims or rights, or those of others, to pursue available remedies and to limit our damages.

Where do we collect your personal data from?

Your personal data is collected from various sources, such as:

  • From you, when the company provides products, goods or services to you, when you fill out online forms or send an e-mail (“e-mail”) in order to obtain information or use our services.
  • From your phone calls to us, sending e-mails, and your other communications with us.
  • From agreements or contracts you enter into with our company.

Legal basis for processing your personal data

  • The processing of your simple personal data and/or your special categories of personal data is carried out for the provision of our services to you, which is based on:

-in the conclusion and performance of a contract or -at your request- in preparatory actions for the conclusion and performance of a contract.

-our legal obligation to comply with national and/or European legislation (tax purposes)

-in our legitimate interest in establishing the exercise or support of our legal claims (e.g. collection of our claims for the provision of our services)

The processing of your personal data for marketing and/or promotional purposes is based on your consent.

Duration of retention of your personal data

  • Where we are required to comply with a legal or regulatory obligation, we retain your personal data for at least as long as required by law to comply with that obligation.

Guarantees we receive for the protection of your data

When you give us your personal data, we take steps to ensure that it is kept securely. In order to protect your personal data, we take physical, technical and organisational measures to protect it. We update and monitor the security technology we use on an ongoing basis. We restrict access to your personal data to only those employees who need to know your personal data in order to provide our benefits or services to you. In addition, we train our staff on the importance of maintaining the confidentiality and privacy and security of your personal data and bind them to confidentiality and privacy agreements for information they become aware of as a result of providing our services . Among other things, we have implemented the following technical and organizational measures and procedures to protect your personal data from any loss, alteration, unlawful processing or modification:

– Use of servers located in rooms with restricted access and subject to regular audits;

– Use of information systems and computer programs installed in a way that minimises the use of personal and/or authentication data of the user;

– Adoption of individual procedures for the retention of personal data and their secure deletion/destruction;

– Access to systems and databases on a need-to-know basis.

– Storage and retention of your personal data that is in hard copy, in a special storage area, protected and secure, to which there is no access for unauthorized persons.

When and how do we transfer your personal data to others?

Your personal data are collected and processed by the authorized employees of our company, for the purposes of providing our services only. They are disclosed only to authorized third parties (processors), who are bound to confidentiality and act in accordance with our instructions, when they are required to have access, in the context of providing these services to our competent control authorities or when required by law.

In each transfer, we always take every measure to ensure that the data transferred is always the minimum necessary and that the conditions for lawful, fair and transparent processing are always met.

Your rights

You have the right to request access to your personal data that we process. In addition, you have the following rights:

  • Right to rectification or deletion (under certain conditions) of your personal data.
  • Right to restrict processing or object to the processing of your personal data.
  • Right (subject to conditions) to receive your personal data so that you can use it elsewhere.
  • Where we process your personal data on the basis of your consent, you also have the right to withdraw your consent at any time, without affecting the lawfulness of the processing for the period prior to the withdrawal of your consent. Finally, you have the right to lodge a complaint with the competent Greek independent authority, which is the Hellenic Data Protection Authority (http://www.dpa.gr/).

Consequences of not providing your data

The provision of your personal data is necessary for the provision of our services to you, therefore, in case of your refusal to provide them, we will not be able to provide you with our services.

How to contact us?

You can contact us for any question regarding the processing of your personal data by sending an email to grsteps@hotmail.com

You can contact the Data Protection Officer by sending an email to grsteps@hotmail.com or by sending a form to the address 5 Apostolou Pavlou Pavlou and Kizikou Corner, Thessaloniki, P.O. Box 55133 Kalamaria, to the attention of the Data Protection Officer.

Publication information – Changes & Updates

This Statement was last updated on 30/11/2024.

We reserve the right to modify and update this Statement at any time, for any reason, without notice to you, other than by posting the updated Statement on our website. We may send periodic emails to remind you of changes and updates to this Statement, but you should check our website frequently to keep up to date with the current and applicable Privacy Statement.