“TITAN CEMENT COMPANY S.A.”, a legal entity having its registered office is at 22A Halkidos Street, 11143 Athens, hereby informs you that the processing of your personal data through the present website or of the data directly sent to our company by means of the contact form is carried out in accordance with the applicable personal data protection legislation (Regulation (EU) 2016/679, known as GDPR) and the Website’s Privacy Policy.

1. Controller

“TITAN CEMENT COMPANY S.A.” is the controller of personal data (the “Controller” or the ‘Company”).

To directly contact our Company, kindly go to “Contact” where you may select how you wish to contact us (by telephone, fax, email).

You may contact our company at dataprotection@titan-cement.com.

2. Data subject to processing

With your consent, we process the standard data you provide when you interact with our Website, especially when you use any available contact forms. Such data include your name and surname, contact information, professional qualifications, the content of your specific requests or reports and any additional data that the Controller  may obtain, including any such data provided by third parties, in the context of the performance of his business activities (the “Data”).

In order to allow us to respond to the requests you submit through the contact form and to provide you with the information you require in relation to the requests you submit or to any unsolicited actions, you must provide all data required in the blank fields, i.e. name, surname, email and area, and to state your query or request in a simple, clear and concise way. Unless you insert the data in the required fields, our Company will not be able to process your request and, therefore, will not be expected to reply.

Processing is performed both by electronic means and in printed form and is invariably subject to the rigorous application of the security measures prescribed by the applicable legislation.

3. Purposes of the processing

Data are processed for the following purposes:

(A) The handling of CVs and requests you submit for the provision of information through the Website and the contact form. The processing of personal data for this purpose is provided for under article 6, paragraph 1 (a) and under article 9, paragraph 2 (a) of Regulation (EU) 2016/679 – GDPR.

(B) The handling of unsolicited actions submitted through the Website or the contact form. The processing of personal data for this purpose is provided for under article 6, paragraph 1 (a) and under article 9, paragraph 2 (a) of Regulation (EU) 2016/679 – GDPR.

(C) The dispatch by our Company of promotional and information material, upon your optional consent, as provided for under article 6, paragraph 1 (a) of Regulation (EU) 2016/679 – GDPR.

By selecting the appropriate fields, you agree to the processing of your data for these purposes.

It should be noted that, in any case, your data may be processed, even without your consent, for reasons pertaining to compliance with national legislation and European Union laws, as provided for under article 6, paragraph 1 (c) of Regulation (EU) 2016/679 – GDPR, for the collection of statistical data in relation to the use and proper operation of this Website (article 6, paragraph 1 (f) of the Regulation), and for the protection of the Company’s lawful claims and interests.

The personal data entered in our Company’s records comply with the terms prescribed by the applicable legislation about the protection of personal data, including the security and confidentiality profiles, and are kept in accordance with the principles of good practice, lawfulness and transparency in the context of data processing, as established both by international practice and by the Guidelines of the Hellenic Data Protection Authority (HDPA).

Data are only stored for such time as is absolutely necessary for the fulfilment of the purpose for which they were collected. The criterion used to determine such time period is compliance with the time frame stipulated by the Law and by the principles of data minimization, storage limitation and file management rationalization.

4. Access to data

Data are processed by electronic and manual means in accordance with the relevant procedures and practices pertaining to the aforesaid corporate / business and promotional purposes. The right of access is only provided to duly authorized personnel of the Controller,  tasked with the processing personal data for the fulfilment of the business purposes of the Company. In particular, the right of access is provided to the following types of personnel: administrative and technical staff, systems-networks staff, product promotion (marketing) staff and any other members of the staff who are required to process personal data for the proper, timely and valid performance of their duties.

It is to be noted that any kept data may be transmitted to countries outside the European Union (“Third Countries”) for the following reasons:

(A) To institutional bodies, authorities and state organizations, provided such action is required for the fulfilment of any legal obligation.

(B) To professionals, independent consultants – whether working individually or collectively – and other third parties and providers who provide the Controller with commercial, professional or technical services for the purposes stated above.

(C) To third parties in the context of business agreements, contractual obligations, mergers, acquisitions, transfers of businesses or branches thereof, audits or other extraordinary actions.

Said recipients shall receive only data that are deemed absolutely necessary for the respective purposes and shall undertake to fully comply with the applicable Laws for the protection of personal data. Data may also be transmitted to any other legal recipients that may be designated by applicable Laws from time to time.

Except for the above, personal data shall not be disclosed to any third parties, whether natural persons or legal entities, who are not performing duties of a commercial, professional or technical nature for the Controller. Parties receiving data shall process them, as the case may be, either in the capacity of the Controller  or in the capacity of the Processor or as parties authorized to process personal data for the purposes stated above, at all times in line with the applicable regulatory framework for the protection of personal data.

As regards the transfer of personal data outside the EU, even to countries whose national legislation does not safeguard the same level of protection for personal data as the level of protection provided for under EU Laws, the Controller  informs you that such transfer shall invariably be performed in accordance with the methods allowed under Regulation (EU) 2016/679 – GDPR (obtaining consent by the user, on the basis of the standardized contractual clauses approved by the European Commission, through the selection of parties participating in international programmes for the free movement of data (e.g. EU-USA Privacy Shield) or implemented in countries regarded as safe by the European Commission).

5. Your rights

You may contact the Controller in order to exercise your legal rights pursuant to articles 15-22 of Regulation (EU) 2016/679 – GDPR (right to access, right to rectification of inaccurate data, right to erasure/right to be forgotten, right to data portability, right to restriction of processing and right to object to the processing of data, including the restriction to certain communication media or the dispatch of promotional material (direct marketing) by our Company.

In addition, you may report to the Controller your comments for specific uses of data with regard to specific personal circumstances which are deemed incorrect or unjustified or file complaints with the Hellenic Data Protection Authority. Moreover, you have the right to withdraw your consent at any time without affecting the lawfulness of any processing that has been performed prior to the withdrawal of your consent.