Travel information COVID-19 Update
Web check in
_deluxe suite 12_resized

Processing of personal data through video surveillance system

Processing of personal data through video surveillance system

 

  1. Data Controller:

“GREENMYL SINGLE MEMBER PRIVATE COMPANY” – business: “ATHENS IKON”, address: Mitropoleos Street 21, Athens Greece 105 57.

  1. Purpose of data processing and legal basis:

We use a surveillance system for the purpose of protecting our property as well as our staff, our customers and third parties legally located in the area under surveillance. Processing is necessary for the purpose of the legitimate interests “ATHENS IKON” pursues as data controller (article 6 paragraph 1 GDPR).

  1. Analysis of legal interests:

Our legitimate interest consists in the need to protect our facilities and the goods located in it from illegal acts, such as theft. The same applies to the safety of life, physical integrity, health as well as the property of our staff, our customers and third parties legally located in the area under surveillance. We only collect image data and we limit the collection to places where we assess that there is an increased possibility of committing illegal acts e.g. theft, as at our reception and at the entrance without focusing on places where the privacy of the recorded persons may be severely restricted, including their right to the protection of their personal data.

  1. Recipients of your personal data:

Your personal data are accessible only by our competent / authorized personnel who are in charge of the security of our facilities. Your personal data are not transmitted to third parties, except in the following cases: (a) to the competent judicial, prosecutorial and police authorities when it contains information necessary for the investigation of a criminal offense involving personnel or property of the data controller; b) to the competent judicial, prosecutorial and police authorities when requesting data, lawfully, in the performance of their duties; and (c) to the victim or perpetrator of a criminal offense in the case of data which may constitute evidence of the offense.

  1. Data retention time:

We keep your personal data for seven (7) days, after which they are automatically deleted. In case we detect an incident during this period, we isolate the specific part of the video and keep it for another (1) month, in order to investigate the incident and initiate legal proceedings to defend our legal interests while if the incident concerns a third party, we will keep the video for up to three (3) more months.

  1. Rights of the data subjects

Data subjects have the following rights:

  • Right of access: you have the right to know if we are processing your image and, if applicable, to receive a copy of it.
  • Right to restrict processing: you have the right to ask us to restrict the processing of your personal data, such as not deleting data that you deem necessary to establish, exercise or support legal claims.
  • Right to object: you have the right to object to the processing of your personal data.
  • Right to erasure: you have the right to get your data deleted.

You can exercise your rights by sending an e-mail to the email address: info@athensikon.com or a letter to our postal address or by submitting the request to us in person. To examine a request related to your image, you should tell us about when you were within range of the cameras and give us a picture of you to make it easier for us to locate your data and hide the data of third parties depicted. Alternatively, we give you the opportunity to come to our facilities to show you your personal data. We also note that exercising the right to object or the right to erasure does not imply the immediate deletion of data or the modification of the processing. In any case, we will answer you in detail as soon as possible, within the deadlines set by the GDPR.

  1. Right to lodge a complaint with a supervisory authority

In case you consider that the processing of your personal data violates GDPR, you have the right to lodge a complaint with a supervisory authority. Competent supervisory authority for Greece is the Hellenic Data Protection Authority, address: Kifissias 1-3, PC 115 23, Athens, Greece, telephone: +30-210 6475600, e-mail: contact@dpa.gr, website: https://www.dpa.gr/