BOOK NOW
Book Now

Personal Data Protection Policy

This personal data processing/protection policy (hereinafter “Policy”) provides information on the collection, storage, processing and use of your personal data.

The company AUTOGR GRILLIAS, hereinafter referred to as “the company”, located in Chalkida, 61 Evoias Street & Al. Chourmouziadou and 2221083830, contact address info@autogr.gr, acting as Data Controller, collects, stores, uses and generally processes your personal data.

1. What is personal data?

The term “personal data” refers to information of natural persons, such as, but not limited to, name, postal address, e-mail address, contact telephone number, etc., which identifies or can identify you, hereinafter referred to as “Personal Data”.

2. What is Processing of Personal Data?

Any operation or set of operations performed, with or without the use of automated means, on Personal Data or on sets of Personal Data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, erasure or destruction.

3. What Data do we collect from you?

We take care to collect only Data that is strictly necessary to serve the purpose for which it was provided and is used solely and exclusively for the purposes for which it was collected. As part of our activities, we will use your contact data to keep you informed about rental issues and new offers and services. With the exception of any Data collected by Cookies, the Data is limited to what you have expressly provided yourself for a specific purpose and where you have given your consent. We also collect Data during your visit to our website and if you have consented to this, consent which is presumed by filling in the respective fields.
Identity data, such as first name, surname, patronymic, date of birth, driver’s license, personal identification number, VAT number.
Contact/shipment data, such as postal address, e-mail address, telephone number.
Payment details, such as credit/debit card number, PayPal, bank account number.
Identifying information, such as username, IP address
Rental contract history data with our Company.
Data on any overdue debts owed to our Company.
Data of car accidents involving our Company’s vehicles.
Data on any abusive behaviour towards autoGr.
Geolocation data (gps), electronic application data (bluetooth, navigator), Telematics application data.

4. How do we use your Data?

The processing of your Data is carried out either by the specially authorized personnel of our Company, or through computer systems and electronic devices by our Company and exceptionally by third parties, who, having contractually committed to our Company for the confidentiality and protection of your Data, process them exclusively and only for the purposes for which they have been provided to us.
More generally, your Data is processed in order to provide you with the following services:
Submission of an offer: The Company processes your Data in order to submit an offer for short or long term car rental.
Car Hire: The Company processes your Data in order to fulfil its contractual relationship with you, which is the car hire, to provide service (such as maintenance, repair, repair, vehicle replacement, etc.), to comply with legal obligations, to oppose, raise or exercise legal claims.
Car purchase: The Company processes your Data in order to complete the purchase of used cars.
Compliance with applicable legislation: The Company processes your Data in order to be able to comply with its legal obligations, in particular in relation to compliance with tax and insurance legislation or vehicle insurance coverage under an active insurance contract.
Create a User Account: The Company processes your Data in order to provide you with account functions and to facilitate, for example, the conclusion of a lease contract or the purchase of products and/or services.
Sending a newsletter: the Company provides you with the opportunity to choose, if you wish, to be informed at your e-mail address about promotional/advertising activities of the Company (e.g. for new products/services available in the market, any offers, operation of new car rental stations, tourist offices, etc.).
Information services on the Website : The Company provides information services for its customers.
Data in electronic applications (navigator, Bluetooth, gps etc.): During use of the vehicle by you or a passenger, it is possible that data may be stored in electronic applications that may be pre-installed in the vehicle. Our company will never ask you to make such storage. If you do so, it will be entirely at your option and it is your responsibility to delete the data from the vehicle’s applications upon temporary or final delivery of the vehicle.
Geolocation (gps) data: geolocation (gps) systems can be installed on our fleet vehicles. These systems are only activated in the event of theft of the vehicle, following notification of the lessee/driver. The legal basis of the processing is the legitimate interest of protecting the legal interest of the company’s property.
Telematics application data: the installation of the Telematics application is available for our fleet vehicles. These systems are activated to track the vehicle in the event of theft or misappropriation or if the vehicle is not returned to the lessor on the agreed date and, at the same time, it is not possible to contact the lessee, following the latter’s notification. The data provided by the application is a) Smart Check – in, i.e. evaluation of the kilometres travelled during the rental period, fuel level etc., b) timely information on the maintenance status etc, c) asset management in case of significant damage to the vehicle etc. d) asset inventory, i.e. recording the exact location at all times of the vehicles (owned by the lessor) and updating the lessor’s reference points. The legal basis for the processing is the legitimate interest in protecting the legal interest of the company’s property.
Responding to your requests related to your personal data: In order to satisfy any of your rights (access, deletion, rectification, etc.) we will ask you at a minimum for your identification and contact data and your signature. The purpose of the processing is to settle your request and the legal basis is the compliance of the company with its legal obligation.
Contact: The Company uses your Data to respond to the requests/queries you submit indicatively by telephone and contact forms.
5. For what purpose do we process your Data?
We collect your Data for the purposes of the products and/or services provided, indicatively for:
a) the evaluation of your request for the submission of a tender and the conclusion of the lease contract.
b) the management of the lease of the car you have chosen, e.g. communication and information regarding the availability, the execution of the contract, the provision of maintenance, repair, replacement, vehicle pick-up, etc., the sending of the necessary documents for any products you may have purchased or services you may have been provided, the management of your debts to the Company, the making of returns.
c) compliance with the obligations imposed by the applicable legislation e.g. labour tax and insurance legislation.
d) to monitor, improve and adapt to your preferences and choices regarding our products and/or services,
e) the sending, by e-mail, of information about the Company’s products and/or services,
f) researching our customers’ satisfaction, promoting our products and/or services, sending newsletters for our products and/or services,
g) communication between us in the event of a competition.
(h) the assessment of the risks, credit or otherwise, for the Company’s vehicles and credit claims that are inherent in contracting with customers, with the aim of protecting the ownership of our vehicles, consolidating our transactions, avoiding further damage and, in general, protecting the Company’s commercial interests.

6. What is the lawful basis for the processing of your Data by the Company?

The processing of your Data is carried out in accordance with:
a) the terms of our contractual relationship; b) your consent, where required; c) the Company’s obligations arising from the law (e.g. tax, labour, insurance legislation, etc.); d) the legitimate interest of our Company.

7. Who are the recipients of your Data?

autoGr guarantees that it will not transfer, disclose, share, assign, etc. your Data to third parties (other than those mentioned herein) for any purpose or use unless this is required by applicable law or required by public/judicial bodies/authorities.
Access to your Data is available to the Company’s staff, who are bound by confidentiality obligations, and to our affiliated companies, which process your Data as Joint Controllers or as Processors on our behalf and in accordance with our instructions.
Indicatively, recipients of your Data are:
The insurance companies cooperating with our Company.
The users of our trademarks and systems who cooperate with our Company.
The partner tourist agencies regarding the rental of cars.
The companies cooperating with our Company to provide repair, repair and maintenance services for vehicles leased to our customers.
Partner companies for the provision of roadside assistance to drivers using our Company’s vehicles.
Banks and online payment companies,
Lawyers or law firms to defend the interests of autoGr,

8. How do we ensure that Executors & Processors respect your Data?

The Processors processing on our behalf have agreed and contractually bound themselves to the Company:
(a) maintain confidentiality;
b) not to send your Data to third parties without the Company’s permission,
(c) take appropriate security measures,
d) comply with the legal framework for the protection of personal data and in particular Regulation 679/2016/EU (otherwise GDPR).
The Executors may, in the performance of their duties, employ other persons, who are called Sub-Executors. In this case, the controller should have given an authorisation to handle the processing of the Data in whole or in part. The consequence of this is that the sub-executor shall have the same obligations and rights as the Processor, as detailed in this Policy and always within the scope of his/her assigned responsibilities, and shall be jointly and severally liable with the Processor.

9. When do we delete your Data?

We retain your Data only for as long as necessary to fulfil the purpose for which you have provided us with your data and in compliance with the applicable legal provisions. All Data that we keep in the context of the contractual relationship is retained for a maximum period of twenty (20) years from the end of the rental relationship
Your declaration of consent for sending a newsletter is kept for as long as you receive a newsletter from the Company, unless you choose to stop receiving it.
The personal data you provide for your participation in the customer benefits programs will be deleted when the duration of the program expires or you have a reason to be excluded from the program or you express your wish to stop participating in the program, as described in the terms of use of the program.
The Data processed during your participation in competitions and/or market research will be kept for as long as necessary for the completion of the competition or research and then deleted.
The Data processed for the purpose of compiling a list of customers who are not allowed to rent a vehicle due to previous insolvent actions or behaviours are stored for five (5) years from the expiry of the rental contract.
Our policy on the Data collected by Cookies is described (here, see more Cookies Policy).

10. Is your Data safe?

autoGr is committed to safeguarding your Data.
Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures that are constantly improved based on technological developments with the sole purpose of ensuring the security and protection of your Data from any form of accidental or unlawful processing.

In addition, the data used to identify you as an account user are two: your email address and your Personal Secret Password. Each time you enter your details, you are granted access to your personal account. This process is achieved securely through encryption during their transfer to the Internet and the Company’s servers. Following the same standards, you are given the opportunity to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired password, the new password is encrypted and stored in the Company’s systems. For this reason, the only person who knows your password is you, and you are solely responsible for maintaining the secrecy of the password from third parties.
These measures shall be reviewed and amended when necessary.

11. What are your rights?

You have the right to access your personal data.
This means that you have the right to be informed by us if we process your Data. If we process your Data, you can request to be informed about the purpose of the processing, the type of your Data we hold, who we give it to, how long we store it, whether automated decision-making is carried out, and your other rights, such as rectification, erasure of Data, restriction of processing and lodging a complaint with the Data Protection Authority.
You have the right to correct inaccurate personal data.
If you find that there is an error in your Data, you can submit a request to us to correct it (e.g. correction of your name or update of a change of address).
You have the right to erasure/right to be forgotten.
You can ask us to delete your Data if it is no longer necessary for the above mentioned processing purposes or you wish to withdraw your consent in case this is the only legitimate basis.
You have the right to portability of your Data.
You may request to receive the Data you have provided in a readable form or request us to transfer it to another controller.
You have the right to restrict processing.
You can ask us to restrict the processing of your Data for as long as your objections to the processing are pending.
You have the right to object and withdraw consent to the processing of your Data.
You may object to the processing of your Data and we will stop processing your Data, unless there are other compelling and legitimate reasons that override your right. If you have consented to the collection, processing and use of your Personal Data, you may withdraw your consent at any time with future effect.

12. How can you exercise your rights?

To exercise your rights you can submit a request by sending us an email to info@autogr.gr and we will make sure to examine it and reply to you within one month of receipt.
Exception:
if you wish to correct your Data in your user account, you can log in to it and make any correction/change without having to submit a Request.
if you wish to withdraw your consent for sending a newsletter you can do so by selecting the link “To unsubscribe from the newsletter mailing list click here” located at the bottom of each newsletter.

13. When do we respond to your Requests?

We will respond to your Requests free of charge without delay, and in any case within one (1) month of receiving your request. However, if your Request is complex or there are a large number of Requests, we will let you know within the month if we need to obtain an extension of another (2) two months within which we will respond to you.
If your Requests are manifestly unfounded or excessive, in particular due to their repetitive nature, the Company may impose a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action, or refuse to follow up on the Request.

14. Where can you contact for the progress of your Requests?

For information on the progress of your application, please contact info@autogr.gr
15. Do we use automated decision-making/including profiling when processing your Data?

We do not make decisions or perform automated profiling based on an automated process when processing your Data, except in the case of the use of “cookies” on our website.

16. Where can you go if we breach the applicable law on the protection of your Personal Data?

You have the right to lodge a complaint with the Personal Data Protection Authority (postal address 1-3 Kifissia Street, P.K. 115 23, Athens, tel. 210. 6475600, e-mail address (e-mail) contact@dpa.gr), if you believe that the processing of your Personal Data violates the applicable national and regulatory framework for the protection of personal data.

17. How will you be notified of any changes to this Policy?

We update this Policy whenever necessary. If there are significant changes to the Policy or the way we use your Personal Data, we will post an update to this Policy on our website and notify you by any appropriate means.
We encourage you to periodically read this Policy to know how your Data is protected.
The Privacy Policy was updated on 10/04/2024.

Select Dates
Select Dates
Select Dates