Every time you visit our website or use our network services, these events are logged. The resulting logs may contain any or all of the following information:
- time and date of the visit
- the IP address that your device is currently using
- the type of web browser that you are using and the operating system of your device
- the pages which you are accessing
These personal data are collected for the purposes of enhancing and optimising our website and our online services. This collection of personal data constitutes an act of processing on grounds of legitimate interest, namely our interest to protect our website and to improve the quality of our services. Furthermore, your personal data are only stored if you supply them of your own accord, for example when registering, filling out a survey, using an online application or making an online purchase. We have implemented appropriate security measures to ensure that the personal data which we obtain from users during their registration are adequately protected. These security measures include but are not limited to:
- access control
- separation of duty
- internal audits
In processing your personal data, we may engage the services of third parties, i.e. sub-processors, who may be based within or outside of the European Union (EU) and the European Economic Area (EEA).
We confirm that all such sub-processors will process your personal data in compliance with European legislature regarding personal data protection, guaranteeing an adequate level of protection of your personal data, even when the latter are transferred to a non-EEA country for which an adequacy decision has not been adopted.
We will not transfer your personal data to sub-processors except in cases where we are legally obligated to do so. For further information regarding appropriate security measures pertaining to the cross-border transfer of personal data or copies thereof, feel free to contact our Personal Data Protection officer.
2.3. Retention period
Personal data collected through our website are retained until the purpose for which they are being processed has been fulfilled. In cases where a deadline is prescribed by the legal regulations applicable to commercial entities and taxation, the retention period for certain data may be up to 2 (two) years. At any rate, we may alter the retention period on grounds of legitimate interest, for instance in order to guarantee the security of the personal data, to prevent their misuse or to prosecute a criminal offence.