DECLARATION OF CONFIDENTIALITY

Information on the Processing of Personal Data

Introduction

We would like to assure you that for INTRAKAT, the protection of the personal data of the natural persons is of paramount importance. That is why we are taking appropriate steps to protect the personal data we process and to ensure that the processing of personal data is always carried out in accordance with the obligations laid down by the legal framework, both by the company itself and by those third parties that process personal data on behalf of the company.

Controller

The company under the name «INTRACOM CONSTRUCTIONS SOCIETE ANONYME TECHNICAL AND STEEL CONSTRUCTIONS» with the distinctive title «INTRAKAT», having its seat in 19th km Paiania – Markopoulo Ave, Paiania Attica Greece, Postal Code 19002, email: info@intrakat.gr, tel: 210-6674700, website:  http://www.intrakat.com, informs that, for the purposes of its business activities, processes the personal data of natural persons (including, as an example, its clients, its suppliers, its shareholders and its prospective staff) in accordance with applicable national law and European Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as the “Regulation”), as such is in force.

For any matter relating to the processing of personal data, please contact Mr Theodoros Pistiolis, email: pistiolis@ptlegal.eu, tel: 210. 3626971 or Mrs Zoe Nikolaidi, email: zonik@intrakat.gr, tel: 210-6674643.

What personal data do we process?

The personal data you provide us (indicatively your full name, contact details, email address, phone number, date of birth, marital status, as well as additional information resulting from the curriculum vitae if you submit it via the special resume form are being processed only when we have a legitimate ground to do so.

Which are the legitimate grounds for processing your personal data?

Legitimate grounds for processing your personal data constitute:

(a) the performance of a contract you assign to us or which you intend to assign to us, such as the execution of a project or the provision of services in order to fulfill our contractual obligations in the above framework;(b) the safeguarding and protection both of your, as well as our, legal interests. Thus, we use CCTV and security cameras, in order to be able to protect the safety and security of individuals, materials, and other facilities of the company, as well as for the same reason we record the data of the visitors of the company and give them access cards in the company’s premises; (c) the compliance with an obligation imposed by law, such as the publication of documents and data of the limited liability company (including natural persons, such as shareholders) in accordance with Art. 7b of Law 2190/1920, the disclosure of transactions by liable persons on the Stock Exchange, the handling of claims for compensation for accidents caused during the execution of a project, the management of court cases;

(d) the consent you provide us with under the specific conditions set out in the legal framework;

(e) the explicit disclosure by the subject of the data and the processing necessary to protect the vital interests of the data subject or other natural person (if the subject is physically or legally incapable of consent) are the legitimate grounds that we use to process any provide information on health data;

How and why do we use your personal data?

·         To fulfil our contractual obligations and maintain communication between us From our contractual relationship (whether it is a contract for the execution of works by a contractor / subcontractor, a supply contract, a service contract, etc., or the processing of personal data at pre-contractual stage), we draw and use the information required for smooth development of our co-operation, such as for the signing of amendments to the main project contract, the management of financial pending issues resulting from cooperation, etc. ·         To communicate with you and manage our relationship with you We may need to contact you via email or phone for management reasons, such as for information on the progress of our collaboration, for defining a professional meeting of candidates, for handling other requests or complaints, etc.  ·         To comply with our legal obligations For example, when we publish decisions of the General Meeting of the Company (including shareholder data) on our website, on the GEMI web site or in the ATHEX, we announce significant participations in the Hellenic Capital Market Commission, in accordance with the provisions of Law 3556/2007, with statutory authorization we define and disclose as representatives of the company third natural persons for carrying out operations related to its business activities.

  • To safeguard our legal interests and to protect individuals and goods

We use closed circuit television (CCTV) and security cameras to be able to protect the safety and security of individuals, materials and facilities.

Do we share your personal data?

INTRAKAT informs you that may share personal data with the following categories of recipients:

  • Public authorities, Law enforcement institutions

 

When this is necessary to conduct an audit (eg, Hellenic Capital Market Commission) and in accordance with the prescribed legal procedures. –          Partners of our company (associate subcontractors banks, insurance companies, audit firm etc)

INTRAKAT shares your data with third parties which have been assigned with the processing of your data on its behalf (eg subcontracts, bank transactions, audit of the transfer of shares by a Statutory Auditor). In those cases, INTRAKAT remains responsible for your data processing, defines the specifics of the processing and concludes data processing agreements with the third parties, in order to ensure the compliance of the process with the current legal framework, and the exercise of the rights of every natural person.

 

Our company may also share your data with other companies, as a member of Intracom Holdings Group, as well as with cooperating third companies (eg members of Joint Ventures or associations of companies), in order to provide information about the company’s image, under the condition that your written consent has been provided, as mentioned above.

 

Storage Time

The data storage time is decided on the basis of the following specific criteria, as the case may be:

When processing is imposed as a requirement under provisions of the applicable legal framework, your personal data shall be stored for as long as required by the relevant provisions.

When processing is done on a contractual basis, your personal data will be stored for as long as necessary for the performance of the contract and for the foundation, exercise, and / or support of legal claims under the contract.

 

What are your rights in respect to your personal data

Every natural person whose data are being processed by INTRAKAT enjoys the following rights:

 

Right of Access:

You have the right to be aware and verify the legitimacy of the processing. So, you have the right to access the data and get additional information about their processing.

Right to Correct:

You have the right to study, correct, update or modify your personal data, by contacting the Data Protection Officer (DPO) at the above contact details.

Right to Delete:

You have the right to request the deletion of your personal data when we process it based on your consent or in order to protect our legitimate interests. In all other cases (such as, by way of indication, where there is a contract, obligation to process personal data required by law, public interest), such right shall be subject to specific restrictions or shall not exist, as the case may be.

Right to limit processing:

You have the right to request the limitation of the processing of your personal data in the following cases: (a) when the accuracy of the personal data is questioned and until such data is verified, (b) when you object to the deletion of personal data and request the limitation of their use rather than their deletion, (c) when such personal data are not needed for processing purposes, they are, however, indispensable for the foundation, exercise, support of legal claims, and (d) when you oppose to the processing and until it is verified that there are legitimate grounds that concern us and supersede the reasons for which you are opposed to the processing.

Right to oppose the processing:

You are entitled to oppose the processing of your personal data, at all times, in case where, as described above, this is necessary for the purposes of legitimate interests pursued by us as controllers.

Right to portability:

You have the right to receive your personal data free of charge in a format that allows you to access, use, and edit them with commonly used editing methods. Moreover, you have the right to ask us, if technically feasible, to pass the data directly to another controller. Such right to do so exists for the data you have provided to us and their process is carried out by automated means based on your consent or performance of a relevant contract.

Right to revoke your consent:

Last, INTRAKAT informs you that, where processing is based on your consent, you have the right to revoke it without affecting the legality of consent-based processing in the period prior to said revocation.

Right to lodge a complaint to the Personal Data Protection Authority

You have the right to file a complaint with the Personal Data Protection Authority (www.dpa.gr): Switchboard: +30 210 6475600, Fax: +30 210 6475628, E-mail: contact@dpa.gr

Security of Personal Data

INTRAKAT shall implement appropriate technical and organizational measures aimed at the safe processing of personal data and the prevention of accidental loss or destruction and the unauthorized and/or unlawful access to, use, modification or disclosure thereof. In any case, the way in which internet operates and the fact that it is free to anyone cannot guarantee that unauthorized third parties will never be able to violate the applicable technical and organizational measures gaining access and, possibly, using personal data for unauthorized and/or unfair purposes.