GDPR

Privacy Policy of Kalithea Star Car Rental

This present policy of editing and protecting data of personal character (hereinafter “Policy”) provides information about the collection, storage, processing and use of your personal data. The company under the name Kalithea Star (hereinafter referred to as “the Company” or “we” or “us”) located in 6th klm Rhodes Kalithea Ave., tel. +30 2241065662, email: info@kalitheastar.gr,  acting as the dpo, collects, stores, uses and generally processes your personal data.

What is personal data?
The term “personal data” refers to information of individuals, such as name, postal address, email address, telephone communication, etc., that identify or can identify you, hereinafter referred to as “personal data or data”.

What is Personal Data Processing?
Any act or series of acts performed with or without the use of automated means, in Personal Data or in personal data sets, such as the collection, registration, organization, structure, storage, adjustment or alteration, retrieval, search for information, use, disclosure, dissemination or any other form of distribution, association or combination, restriction, deletion or destruction.

What Data Do We Collect?
We only collect Data that is strictly necessary to serve the purpose for which it was provided and used solely for the purpose for which it was collected. Except for any Data collected by Cookies, the Data is limited to what you have provided expressly and for a specific purpose and with your consent. We also collect Data when you visit our site and if you have consented to this, consent is presumed by filling in the relevant fields.

  • Identity data, such as name, surname, surname, date of birth, driving license, VAT, ID
  • Product communication / shipping data, such as postal address, email address, telephone number.
  • Payment details, such as credit / debit card number, PayPal, bank account number.
  • Identification information such as username, IP address

How Do We Use Your Data?
The processing of your Data is carried out either by specially authorized personnel of our Company, or by computer and electronic equipment systems from our Company and exceptionally by third parties who, having contractually committed to our Company to maintain confidentiality and protect your Data, process it solely for the purposes for which we have provided it. In general, your Data is processed in order to provide you with the following services:

  • Submission offer: The Company processes your Data to bid for short or long term car leases.
  • Car Hire: The Company processes your Data in order to fulfill its contractual relationship with you, such as car hire, providing maintenance services (such as maintenance, body repair, repair, vehicle replacement etc.), comply with legal obligations, refuse, raise or bring legal requirements.
  • Car Purchase: The Company processes your Data to complete the used car purchase agreement.
  • Compliance with Applicable Laws: The Company processes your Data in order to be able to comply with its legal obligations, including in particular compliance with Tax and Insurance law or vehicle insurance resulting from an active insurance contract.
  • Creating a User Account: The Company processes your Data in order to provide you with account functions and to facilitate the conclusion of a lease or purchase of products and / or services.
  • Send a newsletter: The Company provides you with the opportunity to choose, if you wish, to be informed at your email address about the Company’s promotional / promotional activities (eg for new products and / or services available on the market, any offers, operation of our new car rental stations, tourist offices, etc.).
  • Website Information Services: The Company provides information services to its clients
  • Privilege programs for Customers: Through these programs, the Company offers a number of benefits to its customers, such as, priority service at rental stations, more advantageous spaces in the Company’s parking lots, discount coupons, offers, etc.
  • Communication: The Company uses your Data to respond to the requests / queries that you make through the Contact Center and contact forms.
  • Finding a Job: The Company processes your Data to evaluate your qualifications and abilities for the position you are applying for or for another position within the Company as well as for communicating with you for this purpose.
  • Online Promotions / Contests: The Company processes Data that you complete to participate in a Contest, in the event that you agree to contest, notify you if you are a Contest Winner and deliver your prize.
  • Participating in Online Market Surveys / Questionnaires: The Company processes Data that you complete for your online surveys, for example demographics (age, income etc.). You can register them all information or anything of your choice. The results of the surveys will only be used to improve the features of our site, to evaluate you and then to improve the services provided to you for no other purpose.

For what purpose do we process your Data?
We collect your Data for the purposes of the products and / or services provided for, but not limited to:

  • the evaluation of your bid on the one hand and the conclusion of the lease on the other.
  • managing the rental car of your choice, e.g. communicating and updating your availability, contract performance, maintenance, refurbishing, repair, replacement, vehicle pick-up etc., sending necessary documents for any products you purchased or services you provided, managing your of your debts to the Company, making repayments.
  • compliance with the obligations imposed by applicable law eg. labor tax and insurance legislation
  • checking, improving and adapting to your preferences and choices regarding our products and / or services;
  • sending, by email, information about the Company’s products and / or services;
  • customer satisfaction research, promotion of our products and / or services, sending newsletters of our products and / or services;
  • the evaluation of applications and resumes for the purpose of recruitment to our Company;
  • communication between us in the event of a competition.

What is the legal basis for your data processing by the Company?
Your Data is processed in accordance with:

  • the terms of our contractual relationship,
  • your consent, where appropriate,
  • the Company’s obligations arising from the law (eg tax, labor, insurance laws, etc.),
  • the legitimate interest of our Company.

Who are your Data Recipients?
The Company guarantees that it will not transmit, notify, concession etc. your Data to third parties (other than those mentioned herein) for any purpose or use unless this is required by applicable law or required by public / judicial bodies / authorities.

Access to your Data is strictly required by the Company’s staff, who are committed to confidentiality and our affiliates, which process your Data as Joint Managers

Processing or as Executing the Processing on our behalf and in accordance with our instructions.

Indicatively, your Data recipients are:

  • The company that issues the payroll of our employees.
  • The insurance companies that work with our company.
  • Our affiliates and users of our brands and systems.
  • The cooperating tourist agencies regarding car hire.
  • The companies that work with our Company to provide repair, refurbishing, maintenance of vehicles leased to our customers.
  • Chartered Accountants Companies that audit the financial statements of our Company.
  • Partner companies to provide road assistance to drivers using our Company vehicles.
  • Companies that also manage the global car booking system located in or outside Europe), with whom we will share information related to our car rental activities, which may include personal booking information posted through this application. Your Data will not be used for any other purpose without your prior information and consent.

How do we ensure that Executors & Executors of Processing process your Data?
The executors of the processing on our behalf have agreed and are contractually bound by the Company:

  • keep confidentiality,
  • not send your Data to third parties without the Company’s permission;
  • take appropriate security measures,
  • comply with the legal framework for the protection of personal data and in particular Regulation 679/2016 / EU (otherwise GDPR).

Executives may, in the performance of their duties, employ other persons called Executors. In this case, the controller should have been given authorization to handle all or partial processing of the Data. As a consequence, the Subordinate shall have the same obligations and rights as the Executor, as set forth in this Policy, and always within the scope of its assigned responsibilities, and shall be fully responsible with the Executor.

When do we delete your Data?
We only retain your Data for as long as it takes to fulfill the purpose for which you have disclosed your data to us and in accordance with applicable laws.

Your statement of consent to send a newsletter is kept for as long as the Company has sent you a newsletter, unless you choose to terminate the newsletter.

We keep your CVs by email for work for two (2) years, unless you tell us that you wish to keep them for a shorter period (the minimum time limit you can choose is six months from their submission). ) or for deleting them.

The personal data you provide for your participation in the Customer Benefit Programs is deleted when the program expires or you are excluded from the program or you express a desire to stop participating in the program as described in the program’s terms of use.

The data processed during your participation in competitions and / or market surveys will be maintained for as long as is necessary for the completion of the competition or survey and subsequently deleted.

Is Your Data Safe?
The Company is committed to safeguarding your Data.

Recognizing the importance of securing your Personal Data, we have taken all appropriate organizational and technical measures that are continually improved based on technological advancements with the sole purpose of securing and protecting your Data from any form of accidental or unintentional processing.

What are your rights?
You have access to your Personal Data.

This means that you have the right to ask us if we are processing your Data. If we process your Data you can request to know the purpose of the processing, the kind of Data we hold, who we give it to, how long we store it, if we make automated decisions, but also about your other rights, such as correction, deletion of data, limitation of processing and reporting to the Data Protection Authority.

You have the right to delete / forget about.

You may ask us to delete your Data if it is no longer necessary for the above mentioned processing purposes or you wish to revoke your consent if this is the only legal basis.

You have the right to portability of your Data.

You can ask us to read the Data you provided, or ask us to forward it to another controller.

You have the right to limit editing. You can ask us to limit the processing of your Data for as long as your processing of objections is pending.

You have the right to object and withdraw consent in the processing of your Data.

You may object to the processing of your Data, and we will stop processing your Data unless there are other compelling and legitimate reasons that prevail over your right. If you have indicated your consent to the collection, processing and use of your personal data, you may withdraw your consent at any time with future effect.

How can you exercise your rights?
To exercise your rights you can apply by sending us a letter – request to the Company’s postal address or its email address with the title “Exercise of Right” and we will take care consider it and answer it as soon as possible.

Exceptionally:
if you wish to withdraw your newsletter consent you can do so by selecting the link “To delete from the” newsletter mailing list “click here” at the bottom of each newsletter.

When Do We Answer Your Requests?
We will respond to your Inquiries free of charge without delay, and in any case within one (1) month after we receive your request. However, if your Request is complex or there is a large number of your Request we will let you know within the month if we need to receive an extension of another (2) two months within which to respond.

If your Claims are manifestly unfounded or excessive in particular because of their recurring nature, the Company may charge a reasonable fee, taking into account administrative costs for providing the information or performing the requested action or refusing to respond to the Request .

Where can you turn for the development of your Requests?
For information about the progress of your request you can call us on the phone or send us an email.

What is the law applicable to the processing of your Data by us?
The applicable law is Greek law, as formulated in accordance with the General Regulation on the Protection of Personal Data 2016/679 / EU, and generally the applicable national and European laws and regulations on the protection of personal data.

Any dispute shall be brought before the locally competent Greek Courts.

Where can you appeal if we violate applicable law to protect your Personal Data?
You have the right to file a complaint with the Privacy Authority (Kifissias Post Office 1-3, 115 23, Athens, tel. 210 6475600, e-mail contact@dpa.gr ), if you believe that the processing of your Personal Data violates applicable national and regulatory law on the protection of personal data.

How will you be informed of any amendments to this Policy?
We update this Policy whenever necessary. If there are significant changes to the Policy or the way we use your Personal Data, we will post this update on our site, and we will notify you in any appropriate manner.

We encourage you to read this Policy from time to time to know how your Data is protected.

1. General Information

The use of our web pages and the services provided to the visitor/user on the site kalitheastar.gr requires your agreement with the privacy policy of this site.  Therefore, the visitor/user must carefully read the contents of this page before using the services of our website and if he does not agree, he must leave this website and never make use any of its services or content. This privacy policy may change from time to time according the relevant legislation.

We will not explicitly notify our customers or our website’s visitors/users about these changes. Instead, we recommend you to occasionally visit this page for any changes to this privacy policy. The continued use of the kalitheastar.gr website even after any changes to the privacy policy implies the unconditional acceptance of these terms by you.

2. Privacy and data protection – Relevant legislation

We collect and process your personal data only when absolutely necessary. We will never sell, rent, distribute or publicize in any way your personal data.

If you are under 16 years old, you must have your parents’ consent before using the services of this site.

Along with our company’s internal IT systems, this site is designed to comply with the following laws/regulations regarding the protection of user’s personal data:

EU Data Protection Directive 1995 (DPD)

General Data Protection Regulation 2018 (GDPR)

3. Personal information collected by this site and why we collect it

This site collects and uses personal information for the following reasons:

3.1 Website traffic monitoring

This site uses Google Analytics (GA) to track visitors/users activity. We use this data to determine the number of our site visitors, to better understand how they find and use our web pages and to see their course inside the site. Although GA records data such as your geographic location, your device, your web browser and your operating system, none of this information identifies you to us. GA also records your computer’s IP address, which could be used to identify you, but Google does not provide us access to it. We believe that Google is a third data processor that is compliant with the requirements of European legislation.

3.2 Contact forms and e-mail links

If you choose to contact us using a contact form or an email link, none of the data you provide will be stored to our site or transferred or processed by any third party data processor. Instead, these data will be sent to us via an email with SMTP protocol (Simple Mail Transfer Protocol). Our SMTP servers are protected by a TLS security protocol (also known as SSL), meaning that email content is encrypted before being sent over the Internet. The content of the email is decrypted by our local computers and devices.

4. About cookies

4.1 What is a cookie? 

The term “cookie” refers to a small data file consisting solely of a set of text information that the site transmits to the web browser on your computer’s hard disk, either temporarily throughout your visit, or sometimes for longer periods, depending on the type of cookie. Cookies perform different operations (for example, you are distinguished from other site’s visitors or remember certain info for you like your preferences) and are used by most websites to improve your experience as a user. Each cookie is unique to your browser and contains some anonymous information. A cookie typically contains the name of the cookie field, the cookie’s lifetime and a value (usually in the form of a randomly generated unique number).

4.2 Types of cookies

The basic types of cookies are described below:

– Session cookies

These are temporary cookies that remain in the cookie file of your device’s browser only during your visit and are deleted when you close the browser.

– Persistent cookies

These remain in the cookie file of your device’s browser even after the browser closes, sometimes for one year or more (the exact length of stay depends on the lifetime of each cookie). Permanent cookies are used when the site administrator may need to know who you are for more than one visit (e.g. to remember your username or your site configuration preferences).

– First-party cookies

These are cookies installed on your browser and/or hard drive of your device from the site you are visiting. This includes assigning a unique ID to you, in order to monitor your site navigation. Site administrators often use first-party cookies to handle visits and for identification purposes.

– Third-party cookies

These are cookies used by third parties, such as social networks to track your visits to the various sites they advertise. The site administrator has no control over these third-party cookies.

4.3 Cookies on this site and how to manage them

See the following information about the third-party cookies we use on this site, including how to disable them and the effect of disabling on the site’s functionality. If you need any help on how to manage certain types of cookies, including how to check or delete them, please visit https://aboutcookies.org/. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

– Google Analytics cookies

Google Analytics cookies are performance analytics/logging cookies that allow us to collect anonymous information about how visitors use our site. These cookies can inform us on how many visitors use the site, the visit’s time & duration and also provide information on how visitors navigate across the site. This information helps us improve the way our site works. They are anonymous information and do not contain personal data. The information collected by the Google Analytics cookies about our site is transferred and stored on Google’s servers in accordance with Google’s privacy policy. Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website. For more information on Google Analytics and its cookies you can visit:

https://support.google.com/analytics/answer/6004245
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

You can disable Google Analytics tracking by clicking here. If you disable these cookies, your activity will not be counted or used in the statistics we collect to improve the services we provide through this site. Website functionality will not be affected.

– Video providers cookies

Video providers can place cookies on your device if you watch their video on our site. If you disable these cookies you may not be able to see the embedded videos on our site.

5. How we manage your personal data

At kalitheastar.gr we place the highest priority on the protection of your personal data and comply with the European General Data Protection Regulation (GDPR). We have taken the technical measures to ensure the protection of personal data while transmitting, managing and storing, but the nature of the internet is such that nothing can guarantee absolute protection. For this reason, you can also contact us by alternative means (e.g. by telephone).

6. Your rights about your personal data

You have the right to request details about the information we collect about you and to request us to correct inaccuracies in them, to object to or request the restriction of processing, as well as to request access, erasure or portability of your information. This does not include data that we are required to keep for administrative, legal or security reasons.

Under the laws of some jurisdictions, we may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardise the privacy of others, are extremely impractical, or for which access is not otherwise required by local law.

You may lodge a complaint with the relevant supervisory authority if you consider that our processing of your personal data infringes applicable law. Contact details for all EU Supervisory Authorities can be found here.

7. Data breaches

For any of your personal information stored in our database, all necessary steps will be taken to secure them. We will report any unlawful violation of the database of this site or the database of any third party data processor to anyone and to all relevant stakeholders as well as authorities within 72 hours of the violation, if it is obvious that personal data stored in an identifiable form, have been stolen.

8. About this site’s web server

All web traffic (file transfer) between this site and your browser is encrypted and transferred via the HTTPS protocol using Secure Sockets Layer (SSL).

9. Connections and third party products in our website

Our website maintains web-links to other sites. We are not responsible for the terms of protection and the use of the personal data of each site. You should be careful and check the privacy statements that apply to the third-party websites and services you use.

10. Terms of use

The website kalitheastar.gr contains material that belongs to the business. This material includes the design, layout, appearance, graphics, photos and texts of the individual pages. It is strictly forbidden to reproduce the above material in any way for commercial purposes without the prior written consent of the business.

Scroll to Top