Current as of February 20, 2024 

 

Electobox Members CRM Privacy Policy  

  

Scope of the Privacy Policy  

‘CYBER EMPHASIS PRIVATE LIMITED COMPANY’ with registered office in Nea Smyrni, 7 Artis Street, Postal Code: 17124 and Tax Number: 801332412 (hereinafter the ‘Company’ or ‘Electobox’) aims, through this Privacy Policy, to inform the users of the website https://crm.electobox.com on the manner and purpose of processing of their personal data which are collected via Electbox, as well as on their rights. It is pointed out that the Company, as the Processor, shall collect and process the personal data of Electobox users for specific and legitimate purposes, pursuant to the applicable legislation on the protection of personal data.  

  

Definitions   

For the purposes of this Policy, the following terms shall be defined as set out below:  

"Personal Data": any information related to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;  

"Special categories of personal data": personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation;  

"Processing":any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;  

"Anonymization": the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject;  

"Pseudonymisation": the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that it cannot be attributed to an identified or identifiable natural person;  

  

"Controller": the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law; In this particular case, the applicable body from time to time shall act as the Controller.  

  

"Processor": a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller; In this particular case, the Company shall act as the Processor.  

  

"Data Subject": the natural person whose personal data are subject to processing. In this particular case, each Electobox user shall be deemed a data subject.  

  

"Consent of the data subject": any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;  

  

"Personal data breach": a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.  

  

"Applicable legislation": The national and Union law in force from time to time on the protection of personal data and, specifically, the General Data Protection Regulation (EU) 2016/679 (hereinafter ‘GDPR’), Greek Law 4624/2019, as well as the Decisions, Guidelines and Opinions issued by the Data Protection Authority (hereinafter ‘DPA’).  

  

 

 

Roles & Responsibilities 

If your Personal Data has been submitted to us by or on behalf of a Electobox Client and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Client directly. 

Electobox is largely unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users. 

  

Except as provided in this Privacy Policy, Electobox does not independently cause Client Data containing Personal Data stored in connection with the Services to be transferred or otherwise made available to third parties, except to third party Sub-processors who may process such data on behalf of Electobox in connection with Electobox’s provision of Services to Clients. 

Electobox is not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or its sub-processors’ servers) at the discretion of the Client or User nor is Electobox responsible for the manner in which the Client or User collects, handles disclosure, distributes or otherwise processes such information. 

 

Personal Data Collected and Processed by us, Processing Purpose and Legal Ground for Processing  

We collect different types of information from or through the Service. 

3.1 Information you provide directly to Electobox 

Account signup: When you sign up for an account to access one or more of our services, we ask for information like your name, contact number, email address, company name and country to complete the account signup process. You may also provide us with more information such as your photo, time zone and language, but we don’t require that information to sign up for an account. 

Event registrations and other form submissions: We record information that you submit when you (i) register for any event, including webinars or seminars, (ii) subscribe to our newsletter or any other mailing list, (iii) submit a form in order to download any product, whitepaper, or other materials, (iv) participate in contests or respond to surveys, or (v) submit a form to request customer support, or to contact Electobox for any other purpose. 

Payment processing: When you buy something from us, we ask you to provide your name, contact information, and credit card information or other payment account information. When you submit your card information, we store the name and address of the cardholder, the expiry date and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, if you have given us your approval, we may store your credit card information or other payment information in an encrypted format in the secured servers of our Payment Gateway Service Providers 

Testimonials: When you authorize us to post testimonials about our products and services on websites, we may include your name and other personal information in the testimonial. You will be given an opportunity to review and approve the testimonial before we post it. If you wish to update or delete your testimonial, you can contact us at contact@electobox.com

Interactions with Electobox: We may record, analyze and use your interactions with us, including email, telephone, and chat conversations with our sales and customer support professionals, for improving our interactions with you and other customers 

 

3.2 Information Collected by Clients 

A Client or User may store or upload Client Data into the Service. Electobox has no direct relationship with the individuals whose Personal Data it hosts as part of Client Data. Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed in or through the Service as part of Client Data. 

 

3.3 Automatically Collected Information 

Information from browsers, devices and servers: When you visit our websites, we collect information that web browsers, mobile devices and servers make available, such as the internet protocol address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer and mobile network information. We include these in our log files to understand more about visitors to our websites. 

Information from cookies and tracking technologies: We use temporary and permanent cookies to identify users of our services and to enhance user experience. We embed unique identifiers in our downloadable products to track usage of the products. We also use cookies, beacons, tags, scripts, and other similar technologies to identify visitors, track website navigation, gather demographic information about visitors and users, understand email campaign effectiveness and for targeted visitor and user engagement by tracking your activities on our websites. You can learn more about the cookies used on our websites here. 

Information from application logs and mobile analytics: We collect information about your use of our products, services and mobile applications from application logs and in-house usage analytics tools, and use it to understand how your use and needs can improve our products. This information includes clicks, scrolls, features accessed, access time and frequency, errors generated, performance data, storage utilized, user settings and configurations, and devices used to access and their locations. 

 

3.4 Processing Purpose and Legal Ground for Processing  

The purpose of processing and collecting the said personal data is the performance of the contractual obligations undertaken by Electobox vis-à-vis the applicable organization. The legal ground for the processing of personal data is the performance of contractual obligations (GDPR article 6 (1) (b)).  

  

3.5 Personal data of Underaged Users  

Electobox does not address underaged persons and does not wish to collect and process the personal data of underaged persons (i.e. persons that have not completed their 18th year of age). However, because it is impossible to cross check and verify the age of Electobox users, we urge the parents/custodians of underaged persons, in the event they find out of any unauthorized data disclosure on the part of the underaged persons in their care, to communicate promptly with the Company so that the latter may take the necessary protection measures (e.g. delete their data). In the event that Electobox becomes aware of having collected the personal data of an underaged person, it undertakes to delete them immediately and take every necessary measure for the protection of such data.  

  

Transfers to Third Parties  

Electobox may transfer the foregoing personal data to third parties to whom it has assigned the processing of personal data on the behalf of the Company (such as service providers, analysis and information providers who help us improve and optimize Electobox, email and sms providers, etc.). In any event, third parties to whom user data may be transferred shall be bound by contract vis-à-vis Electobox so that the confidentiality obligation is ensured together with all the obligations set forth by the Applicable Legislation. At the same time, user personal data may be transferred to public authorities, independent authorities, etc. (e.g. police stations, public prosecution authorities, court authorities, tax authorities, customs authorities, the DAP, etc.) when said authorities exercise their duties by operation of law or upon the request of a third party stating a legitimate interest, in adherence to all legal procedures.  

  

Personal Data Transfers to non-EU countries  

In the event of transfers of user personal data collected via Electobox to non-EU and/or non-EEA countries, Electobox shall check beforehand whether:  

a) the Commission has issued a relevant adequacy decision with regard to the third country which the transfer shall take place to.  

b) The appropriate safeguards are implemented according to the Regulation with regard to the said data transfers.  

Otherwise, the transfer to a third country shall not be permitted and Electobox shall not transfer user personal data to the said country, unless any of the specific derogations provided for by GDPR applies (e.g. the user's explicit consent and the user being informed on the risks entailed in the transfer, where the transfer is necessary for the performance of a contract upon the data subject's request, for reasons of public interest, where the transfer is necessary to defend legal claims and vital interests of the user, etc.).  

  

Period of Data Retention  

The personal data of users shall be collected and kept for a pre-determined and limited period, depending on the processing purpose, after which the data shall be deleted from our records. When processing is imposed as an obligation by current law provisions or a specific retention period is provided for, your personal data shall be stored for the period set forth by the respective provisions. The personal data of users which are collected and are subject to processing for the performance of a contract, shall be kept for as long as necessary for the performance of the contract and for the establishment, exercise or defence of legal claims based on the contract. Specifically, the data of each Account shall be deleted upon the lapse of a six(6)-month period as of subscription expiry, whereas the account information of each Client shall be deleted upon the lapse of a two(2)-year period as of subscription expiry.  

  

Personal Data Security  

  

Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of users posed by the processing, the Company shall implement the necessary technical and organisational measures in order to protect the personal data of the users. Although no method of transferring data through the Internet or online storage method is perfectly secure, Electobox shall take all the necessary digital security measures for the data, such as the use of SSL certification, encryption, anonymization, firewall installation etc., in compliance with its obligations as these arise from the Applicable Legislation.  

  

Rights of Personal Data Subjects  

  

Electobox shall provide the Customer with the necessary assistance so that the Customer can respond promptly to user demands with regard to the exercise of their rights pursuant to the Applicable Legislation.  

  

Disclaimer for Third Party Websites  

  

In the event that Electobox comprises links that redirect users to third party websites, we hereby inform you that Electobox neither controls nor is responsible for the content of these websites or for the manner in which these websites process the personal data of users.  

  

Privacy Policy Updates  

  

Τhe present Privacy Policy may be modified/revised in the future within the context of regulatory compliance on the part of Electobox and for the purpose of optimizing and upgrading Electobox services. Therefore, we recommend that you check regularly the updated version of the present Policy so that you can be sufficiently informed.