1.1 By using this contact form, I accept and agree that the société anonyme under the corporate name "MYTILINEOS S.A.", trading as "MYTILINEOS" (hereinafter referred to as "Protergia"), acting as the Controller, will legally process the personal data collected when submitting this contact form and the attachments thereto, and keep a record of personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) (hereinafter referred to as the "GDPR") and the generally applicable laws.
1.2 Types of personal data being processed: (a) Identity and contact details, such as full name, tax ID number, ID card details, property address, billing address, telephone number, mobile phone number, fax number, email address that I have provided to Protergia for my identification and being contacted by Protergia, information regarding my classification as a special category customer from the relevant operators (e.g. vulnerable customer or social home tariff beneficiary), copies of connection contracts with the respective operators, business commencement certificate issued by the tax office (in the case of a supply contract for business purposes), specific features justifying the provision of a specific tariff (e.g. maintaining a contractual relationship with a specific third party); (b) details of the meter on the facility for which a supply contract is or will be entered into, supply number, proof of using the facility legally (e.g. rental agreement, title deed), copy of the land registry record, Protergia bills or bills from a previous supplier, consumption data obtained by me and/or the competent operators for identification and verification, bank account numbers disclosed to Protergia by me, transaction and payment details for transactions and payments carried out under the contractual relationship with Protergia, information obtained when I contact Protergia’s customer service (including requests, complaints, etc.).
1.3 Processing Purposes: (a) exploring the possibility of entering into a contract; (b) managing a pre-contractual relationship (preparation stage for entering into a contract); (c) ensuring that Protergia complies with its statutory obligations (tax, insurance, customs, accounting, etc.), as well as safeguarding its overriding legal interests, such as the transmission of data to competent authorities.
1.4 Legal basis of processing: Unless otherwise specified upon the data collection, the legal basis for data processing is one of the following: (a) explicit consent given by the person (Article 6(1)(a) of the GDPR); the processing is necessary for compliance with Protergia's legal obligation or for the purposes of the legal interests pursued by Protergia (Rule 6 (1)(c) or (f) of the GDPR).
1.5 Recipients and transmissions: I agree that Protergia may transmit personal data to other subsidiaries or third parties, judicial, administrative, tax, customs, arbitration or other public authorities regulatory bodies and lawyers if and to the extent that such transmission is strictly required by these entities for the above purposes. Further, I agree that Protergia may assign part or all of the processing to third parties (Processors) including their managers and employees, and in particular: (i) to parties contracted with Protergia to provide postal services, computerised support services, record keeping services, IT services, and (ii) parties contracted with Protergia to assess the creditworthiness and ability of the customer to fulfil its contractual obligations from the supply contract with Protergia. In such cases, Protergia shall ensure through contractual terms and regular controls that, if and where they have access to personal data, the applicable protection laws are adequately respected.
1.6 Data Retention Period: I accept that Protergia will retain the personal data for as long as is necessary to fulfil the purposes described above, unless a longer period is required or permitted by applicable law.
1.7 Technical and organisational measures: Protergia effectively implements the appropriate technical and organisational measures, both at the time of defining the means of processing and at the time of processing, such as pseudonymisation, designed to implement data protection principles, such as data minimisation and integration of the appropriate safeguards during processing to ensure that the requirements of applicable law are met and that the rights of the person are protected.
1.8 Right to withdraw consent: If the person consents to the processing of certain personal data by Protergia, he or she has the right to withdraw his or her consent at any time, with effect for the future.
1.9 Rights of the data subject: (a) Right of access: The data subject has the right to be informed whether Protergia processes his or her data, access the data and receive additional information about their processing; (b) Right to rectification: The data subject has the right to request the updating, rectification, supplementation of his or her personal data; (c) Right of erasure: The data subject has the right to request the erasure of his or her personal data, which will be satisfied provided that there is no other legal basis of processing (such as an obligation to process personal data required by law), (d) Right to restriction of processing: The data subject shall have the right to request a restriction of processing of his or her personal data in the following cases: (i) when the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; (ii) when the data subject opposes the erasure of the personal data and requests the restriction of their use instead; (iii) when the personal data are no longer needed for the purposes of the processing, but they are required for the establishment, exercise or defence of legal claims, and (iv) when the data subject has objected to processing and pending the verification whether the legitimate grounds of Protergia override those of the data subject; (e) Right to object to the processing: The data subject has the right to object to the processing of his personal data at any time where such processing is based on: (a) the legal basis (Article 6(1)(e) or (f) of the GDPR), which shall be satisfied unless Protergia has provided compelling and legitimate reasons for their processing; (f) Right to portability: The data subject has the right to receive the personal data concerning him or her in a structured, commonly used, machine-readable format or request to have the personal data transmitted directly from one controller to another, where technically feasible; (g) Right to object to decision-making based on automated processing: The data subject has the right to request not to be subject to a decision based on automated processing, including profiling.
1.10 Controller / Competent Authority: The Controller is "Mytilineos S.A.", with registered office in Marousi, Attica, 8 Artemidos Street, GR-15125. You may contact the Controller by email at DPO@mytilineos.gr or by post at: Mytilineos S.A., Attention: DPO, 8 Artemis Street, GR-15125, Maroussi. Right to lodge a complaint with the competent authority: In the event that the natural person wishes to lodge a complaint with the competent authority, the competent authority for such matters is the Hellenic Data Protection Authority (HDPA), 1-3 Kifisias Avenue, Ampelokipi, GR-11523, Athens, website: www.dpa.gr, telephone (+30) 210 6475 600, fax (+30) 210 6475 628.