Privacy and Personal Data Policy
Under this privacy policy, the Limited Liability Partnership named "TAXI OWNERS TRANSPORT CORPORATION", with the distinctive title “RHODES TAXI AND LIMO SERVICES” which has been incorporated and operates under the Greek laws, having its registered seat in Rhodes, Ydatopirgos- Hlioypoli area, Greece, with Tax Registration Number 997562204, Rhodes Tax Office, as it is legally represented (hereinafter referred to as "the corporation"), which provides customized and quality transport services from and to Rhodes Airport and ports, and all over the island, defines and discloses the terms by which it collects, stores, uses and generally processes your personal data, collected when you visit or use our website «https://www.rhodes-taxi.gr» (hereinafter referred to as the "Website") and/or when using the services provided by the corporation, based on the provisions of the General Data Protection Regulation (hereinafter referred to as "Regulation» or «GDPR»).
The processing of personal data by the corporation is carried out responsibly and safely, in full compliance with all the rules for the processing and protection of personal data, as applicable at all times, under Greek and European law. We assure you that your Personal Data is not publicly disclosed and is only used by the corporation. In processing your Personal Data, we apply a range of appropriate technical and organizational measures and technologies (encryption etc.) to protect your Data from any illegal processing or malicious activity.
1. The personal data being processed
The corporation collects and processes Personal Data, information, automated or not, relating to a natural person, which specify or might specify their identity, directly or indirectly.
1) Reservations via our call center
The corporation operates a call center so that telephone bookings are available, whereby telephone recordings technology is used 24 hours a day, in order to ensure quality of service and also your security. Your calls are recorded, after you have been informed by our recorded message and provided you have given your approval and are being maintained for transaction security purposes for as long as necessary taking into consideration the purpose of the commercial transaction. The personal information we ask you for the contract of carriage is as follows: name, surname, telephone number, route (pick up and drop off location). These data are registered in an application and stored in it as a client file, which is maintained for a reasonable period of time. If you would like a future airport reservation, the flight number is also requested.
2) Bookings via email or through our website
We accept e-mail bookings from our authorized partners, mainly tour operators and hotels, who send us customer vouchers for the purpose of carrying out the contract, which include the following data: name, surname, route (pick up and drop off location), date and time of the booking, and flight number if the route is to/from the airport. In case of booking through our website, the phone number, home address and email address, as well as payment details of the booking are requested. Should the payment be made through our site's payment service, Personal Data may be collected - stored for the purpose of completing the transaction with the payment service provider, who is thereby responsible for the security of your Personal Data and has taken all measures necessary to protect them by fulfilling all the criteria and prerequisites set by the Greek legislation. Our corporation stores only what is absolutely necessary in the context of the payment and in order to identify the commercial transaction.
3) Visit our website
During a visit to our site, data is automatically collected for technical reasons, namely the IP address of the access computer, the website you visit (recommendation), the visit date and time, the browser type and its settings browser, operating system, which constitute personal data subject to conditions. In principle, these data are collected to the extent necessary for technical reasons, for the operation and protection of the site, against attacks and malicious use, and in alias or anonymous form for statistical purposes. In addition, we provide visitors to our Website the ability to communicate through a contact form. The contact details are your full name and email.
2. Purpose of processing personal data
Your Personal Data may only be collected and processed for specified, explicit and legitimate purposes, when this is strictly necessary for the purpose pursued and stored for a minimum period, which is strictly necessary for the purpose pursued.
The corporation collects, stores and processes the above personal data to provide the services you request, when you contact us by telephone or when you wish to send us information in some other way, and therefore you transmit your data to us, in order to request transport services. Your data is processed both at the pre-contractual stage as well as during the execution of the contract and the processing your requests during the contract.
Calls are recorded, after you have been informed by our recorded message and provided you have given your approval and are being maintained for transaction security purposes for as long as necessary taking into consideration the purpose of the commercial transaction. We may also collect and store the content of the emails we exchange with you, when necessary to perform our services.
In addition, we store and use personal data and technical information to the extent necessary to prevent and address any malicious use or other illegal behavior on our site, e.g. to maintain data security in the event of attacks against our computer systems.
Finally, we store and use your data to the extent that we are legally obliged to do so, for example with a view to an official directive or a judicial or other decision of the Authorities, as well as to safeguarding our rights and requirements, and cases of defense of the company before the courts.
3. Legal basis for processing
With respect to the processing of personal data for the above purposes, we rely on the service, support and monitoring of our business relationships with our customers in the execution of the contract (in this case the processing required to take the necessary measures after the request of the customer, before the contract is concluded), optimizing the services provided, providing you with the best and most relevant content for the web our site, as well as for management, fraud detection and other legal purposes.
We also rely on the pursuit of legitimate interests coming from our dealings or applicable law. When we use personal data to serve our legitimate interests, we always give priority to your rights and interests, in relation to the protection of your data, over our own rights and interests.
Legal processing is, also, the processing performed in order to fulfill our obligations to the Public and in general Public Agencies, Organizations and Services, in accordance with the applicable legal and regulatory framework.
Finally, we rely on your express consent to the processing of personal data relating to you for one or more specific purposes, such as for statistical, organizational and operational reasons, provided that the processing is not based on any of the above-mentioned legal bases.
4. Location and Time of Personal Data Storage
Your Data is stored in our corporation Database, which is managed by our trained personnel. For the airport pickup process, the corporation also uses a physical archive with the above personal data (see Article 1), with daily bookings, which are processed by authorized employees to locate and serve you properly.
The storage period is the minimum required and is necessary to achieve the purpose of processing and to ensure compliance with the rules for the protection of personal data. We note that even if you request to delete your Data, we may retain some of it, solely because of legal obligations or for the foundation, exercise, and support of legal claims and for the duration of our legal pursuit. Withdrawal of consent applies only to the future and may not have retroactive effect.
5. Disclosure of Personal Data to our Professional Vehicle Drivers
You will be requested to disclose your Personal Data, as absolutely necessary (indicatively name and surname, telephone, address, route) so that the commercial transaction is processed, and which might be stored and processed only for the purpose of the proper operation of the commercial transaction. These Data will be forwarded to the driver of the vehicle who has accepted said route in order to identify the customer – passenger during its boarding. The driver has the right to contact you to clarify information regarding your boarding. The driver does not store or process or disclose your Personal Data to third parties, which shall be erased upon termination of the route.
Upon acceptance of the requested route by the driver, a contract is entered into between the driver and the passenger and the corporation does not bear any civil or penal liability from a potential improper performance of the contract. In any event, our drivers - associates have stated that they comply with the privacy and security requirements of the GDPR and have signed with our corporation a complete confidentiality clause and accepted all the terms of this policy. However, the corporation shall bear no liability for any use of your Personal Data by the driver, who is exclusively liable and against whom personally you shall raise your claims, in case of breach or use of your Personal Data by any means, either by using them in personal websites or by disclosing them to third parties or by any other culpable or illegal action.
6. Transmission of data to third parties
We may transfer your Personal Data to third parties that provide services to the corporation in order to facilitate and improve our customer service, as well as its compliance with the applicable legal and regulatory frameworks, set by our respective contracting entities, which are covered by declarations of confidentiality (tax and legal advisors, insurance companies, security technicians etc.). Any further transfer of personal data to a third party, law enforcement authorities or to other government authorities or to a country outside the European Union will only take place where this is provided for by personal data law or is strictly necessary for prevention, identifying or prosecuting criminal offenses and fraud.
7. General terms and conditions for the protection of personal data
The aforementioned personal data will be accessible and processed solely by authorized employees of the corporation, who will process the personal data solely for the aforementioned purposes and in no way for their own benefit. Our corporation processes the Data correctly and in accordance with the provisions of applicable law and takes all appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. Personal Data Processing is carried out using computers following organizational processes and functions that are strictly related to the stated goals.
Our corporation implements all appropriate measures to safeguard the Personal Data, using an encryption system and continuous and extensive controls on the electronic data storage and collection - processing systems we maintain, and have experienced and trained staff in place, in order to ensure and be able to demonstrate that data processing is carried out in accordance with the GDPR.
The Website uses SSL (Secure Sockets Layer) protocol for secure online commercial transactions. That way, all Data you provide are being encrypted, so that they cannot be deciphered or changed while transmitted through the Internet.
In the event of a breach of your data and where such breach may endanger your rights and freedoms and provided that this does not fall within one of the exceptions provided by law, the corporation undertakes to inform you relatively without undue delay.
The content and services of our corporation are intended exclusively for individuals over the age of 18, and we do not knowingly collect any information for people below this age, unless proven guardian consent has been obtained. As it is not technically feasible to effectively control your age at all times, we undertake to delete all relevant information immediately, subject to all legal rights, in the event of the reporting and verification of personal information, without prejudice to all our legal rights.
8. Your rights
You have the:
- Right to access your personal data. This enables you to obtain a copy of the personal information we hold about you and to confirm that we process it in accordance with the law.
- Right to rectification of the personal data we hold about you, namely the right to request rectification or update or modification or your Personal Data, although we reserve the right to ask you to validate the accuracy of the new data you provide.
- Right to erasure, namely the right to request deletion of your Data and more specifically when we process them based on your consent or for our legitimate interest, whereas when there is an obligation to process them imposed by law or public interest, such right is subject to restriction or does not exist.
- Right to restriction of processing, namely to reserve, upon certain conditions, delimitations to your Data being processed by us and more specifically and indicatively, when you challenge accuracy of your Personal Data and for as long as such dispute lasts until verification etc.
- Right to withdraw your consent at any time in the event that our processing of your personal data is based on your consent. However, this is something that may not affect the legal processing that took place before you withdrew your consent.
If you wish to exercise any of the rights described above, please contact us at the email below. In case of exercising one of the above-mentioned rights, our corporation will take all possible measures to promptly satisfy your request, in accordance with the specific provisions and conditions of the GDPR, and shall notify you in writing of the satisfaction of your request, or for reasons that prevent you from exercising your right or satisfying one or more of the above rights in accordance with GDPR. If your claims are manifestly unfounded or excessive, in particular because of their repeated nature, the corporation may either impose a reasonable fee, considering administrative costs for providing the information or for the communication or execution of the action requested, or refuses to respond to the request. In addition, you have the right to file a complaint with the Hellenic Data Protection Authority, if you believe that the processing of your personal data is in breach of the Regulation.
9. Social Media Sites
The corporation operates an official account in Facebook. The reason for processing all the Personal Data we collect for you by using the aforementioned social media site (social network platform), whether anonymous or not, is to provide updates with regard to our content or to contact you by replying to your messages. The legal basis of this process is your consent.
Your consent is given when you click like or follow to our pages and may be revoked by the same way, namely by clicking unlike or unfollow. By giving your consent, you accept our Data protection policy, which is displayed on a visible and accessible point at each page. If you do not agree with our policy, you shall revoke your consent accordingly (by unlike or unfollow). Our corporation is considered to be a Controller jointly with the social network platform. Administering social network is part of our Personal Data protection internal policy and, thus, in order to protect them we apply a series of appropriate technical and organizational measures, such as to delimit the people having access to social network administration, so that we ensure secure processing of your Data. We are not responsible for the way or the means each of these platforms process your Data. Keep yourself updated for such platforms policy.
10. Intellectual property rights
Except as expressly stated herein (the copyrights of third parties, affiliates, and entities), all content on our site, including images, graphics, photographs, drawings, texts, services provided, and generally all files on this website, is copyright property, registered trademarks and service marks of the corporation and protected under the relevant provisions of Greek law, European regulation and international conventions. Therefore, none of them may be wholly or partly sold, copied, modified, reproduced, republished or uploaded, transmitted or distributed in any way.
11. Cookies Policy
Cookies are small pieces of code that are sent and stored in the user's computer memory while you are in our site. They are used to facilitate the operation of the site, the user's easy access to it, for statistical purposes, for advertising purposes and in any case, cookies perform no other function than the privacy policy mentioned in this policy. Cookies do not in any way contain any personal information or information that will allow anyone to contact the site visitor by phone, e-mail, etc. By using cookies, there is no access to your computer's documents or files. Using cookies makes it easier for the website to memorize information about your visit by collecting useful information about your search preferences. So, the search experience will be improved the next time you visit us. In addition, cookies help the Company to see the performance and traffic of its website, improving its presentation and content, according to visitors' preferences. Some or all of the cookies described below may be stored in the browser. You can view and manage cookies in the browser (however, mobile browsers may not offer this visibility). Of the different types of cookies that exist, the Company uses the following:
A) Absolutely Necessary: Technically necessary cookies are essential to the proper operation of the site, allow you to browse and use its functions. These cookies do not recognize your individual identity. Without these cookies, we cannot provide our site with effective functionality. In addition, these cookies allow the site to remember your choices such as font size, or if you've responded to a poll in order to provide improved and personalized features.
B) Performance Cookies (Google Analytics):
These cookies collect information about how you use the site, for example, which pages you visit most often. Collect aggregated, anonymous information that does not identify a visitor. They are used solely to improve the performance of a website.
You can enable, disable or even completely delete cookies through the setup options in your browser. If you choose to disable cookies, some parts of the site may not work properly.
12. Amendments and Modifications to the Privacy Policy
As our corporation continually evolves, this Privacy Policy may change. If you want to see changes made to this Cookie Policy from time to time, please visit the Policy to view them.
13. Governing Law
The governing law is the Greek law, as applicable in accordance with GDPR and the applicable national and European legislative and regulatory framework in relation to Personal Data protection. The courts of Rhodes shall have exclusive jurisdiction to settle any dispute that may arise out of or in relation to your Personal Data protection.
14. Communication
For any clarification regarding this Privacy Statement, including any request to exercise your legal rights, please contact us electronically via [email protected].