Privacy Statement for Personally Identifiable Information of Dionysopoulos.me
Updated: May 1st, 2018
At Dionysopoulos.me (referred to as "me", "I", "we", "us") is committed to protecting your privacy and processing your personally identifiable information (referred to as "PII" or "personal data" or "personal information") with transparency. The PII we collect and process depends on the purpose of your visit and the service or services you have chosen to receive from us.
This privacy statement for personally identifiable information:
- provides an overview of how Dionysopoulos.me collects and processes your personal information and informs you about your rights according to the local laws for the protection of personal information and the European Union's General Data Protection Regulation (GDPR).
- is addressed to natural persons who are visitors of Dionysopoulos.me or are authorized representatives / assignees, or the beneficial owners of legal or natural persons who are visitors of Dionysopoulos.me
- is addressed to natural persons who had a relationship of this nature with Dionysopoulos.me in the past
- contains information regarding when your PII will be conveyed to / exchanged with other companies or subcontractors of Dionysopoulos.me and other third parties
For the purposes of this statement, personal information is understood to be any information which is relevant to you, with which your identity is or can be identified and which include, for example, your name, email address, IP address (only when we have collected it in conjunction with directly identifying information) or the information you submit in your private communication with us.
1. Who are we
This blog is operated by Nikolaos Dionysopoulos a.k.a. Nicholas Dionysopoulos who is not a company, but a private individual. You can contact me via regular mail at Piraeus Business Centre, c/o Nikolaos Dionysopoulos, Agiou Dimitriou 41, 18546 Piraeus, GREECE.
If you have any questions about your use of personal information you can contact me, also fulfilling the position of the Data Protection Officer per GDPR regulations, through the Contact Us form of my site or by emailing nichοlas αt diοnysοpοulοs dοt me.
If you want a copy of your personal information kept on file ("data portability right") or delete the personal information we keep on file for you ("right to be forgotten") please log into our site and use the Data Rights menu item.
2. Which personal information we process and where do we collect it from
We collect personal information of our visitors who volunteer comments and contact form requests through our web site. We never collect information in person, through any other means or using a third party representative.
IP address. Your IP address is temporarily collected whenever you are accessing our site in our web server's logs and our security software's logs. This information is used to ensure the security of our web site and to prevent abuse. IP address information is not directly identifiable information but if it's stored in conjunction with your user account ID it might be an indirect identifier.
Contact form information. Any information you volunteer by submitting a contact form through this web site's Contact Us page. We use this information to respond to your requests.
3. Personal Information of minors
We do not allow minors (persons under the age of 13) to use our site. Any accounts or comments (filed without the use of a user account) found in violation of this term will be terminated without a refund and all information pertaining to that user account will be erased.
4. Whether you are legally obliged to provide us your personal information
Your IP address in the context of security and abuse prevention is specifically exempt from requiring your consent per the European Union's GDPR. We are legally required to ensure the security of your personal information through any appropriate technical means and that includes collecting your IP address in that context.
Any other personal information is volunteered by you in order for us to be able to provide our services to you. You are not legally required to provide it.
5. Why we process your personal information and what is the legal basis
As we mentioned already, we process your personal information with transparency and as such we process your personal information per the GDPR and the local data protection laws for one of the following reasons:
5.A. Contractual obligations
We process your personal information to provide the free of charge blog post commenting service we offer and only if you voluntarily provide such a comment.
When logging in we automatically process your PII to protect you against unauthorized access to your account and ensure your account safety. We also display you parts of your PII for reasons of personalization of our site's pages and ensuring that it's clear who is the currently logged in user.
When you ask for a username reminder or password reset we automatically process your PII to provide the service requested.
When using our contact form we process your PII to reply to your request. We also automatically process your PII to send you automated email notifications about the handling of your request.
5.B To comply with a legal obligation
There are certain obligations in accordance to local and international laws, as well as Directives issued by the European Union. These legal obligations require the processing of your personal information. In other cases we may receive a court order or otherwise be legally obliged to process or convey your personal information to third parties.
5.C To protect our interests
We process your personal information to protect the legal interests of us and others. A legal interest exists when we have a business or commercial reason to use your information. Even then it must not be against what is fair to you and your best interests. Examples of such processing are as follows:
In case of a suspected abuse or an attempt to compromise, deteriorate, disrupt or otherwise interfere with of our services we may process PII to identify the perpetrator and pursue redress. Such steps may for example (not an inclusive list) include contacting the suspected offender or pursuing the matter legally.
In rare occasions we may send you a personal, manual email to address a concern regarding your comments, your behavior on the site or your account's security.
5.D Because you have given your consent
If you have explicitly provided your consent the processing of your personally identifiable information draws its legality upon your explicit consent. You have the right to withdraw your consent at any time. However, any processing which took place before your consent's withdrawal is not affected.
6. Who are the recipients of your personal information
While fulfilling our contractual or legal obligations your your personally identifiable information may be conveyed to our partners and subcontractors. These providers and suppliers are in contract with Dionysopoulos.me with which they are obliged to uphold the confidentiality and protection of your personal information in accordance to the local data protection laws and the GDPR.
The recipients of your personal information are as follows.
- Google, Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Provides analytics for our site. Only anonymized information is sent to Google. Evan as such, it's unclear whether they should be listed as a data processor. The only way to resolve ambiguity is to list them here but clearly state that to the best of knowledge and technical ability we do not send any personally identifiable information to them.
7. Remittance of your PII to a third party country or international Organization
Your personal information may be conveyed to third countries (countries outside the European Economic Area) in certain cases, e.g. whenever this is mandated by law or if you have explicitly consented. All the Processors are obliged to comply and conform to the European Union's data protection norms and provide appropriate assurances regarding the remittance of of your personal information according to Article 46 of the GDPR.
8. To which extent is there automated decision making, including profiling
This web site does not perform automated decision making or profiling of its visitors.
9. How we deal with your personal information for marketing purposes and whether we use profiling for such activities
In general, we do not engage in marketing activities. If we ever launch a marketing campaign it will be generic and the same for everyone, without using any kind of personal information or profiling to achieve its goals.
10. How long do we keep your personal information
By volunteering public comments to a public web log ("blog") you agree that your comments and all associated personal information (name, email address and IP address) are to be kept indefinitely.
Other logs which may contain personal information such as server access logs and security logs are kept for up to FOURTEEN (14) months.
We may retain your personal information longer than that for regulatory, technical or legal reasons.
Your information may be stored longer than that in encrypted backups. However, we have technical means in place to remove your PII upon restoring those backups unless otherwise legally required, e.g. in assisting a criminal investigation.
11. Your data protection rights
You have the following rights with regards to the personally identifiable information we keep on file for you:
- Access your personal information. This lets you for example get a copy of the personal data we keep on file for you and confirm taht we are processing it legally.
- Request the correction of the personal information we keep on you. This allows you to correct incomplete or inaccurate information we keep on file for you. This can be done from the My Profile menu item on our site after logging into our site.
- Ask for the deletion of your personal information (a.k.a. "right to be forgotten"). This lets you request that we delete your personal information when there is no real reason for us to process it.
- Object to processing your personal information (a.k.a. "right to objection") when we base our processing on protecting our interests bit there is something special in your situation which makes you want to object to the processing for this reason. If you object we will no longer process your personal information unless we can prove pressing legal reasons for the processing which trump your interests, rights and freedoms.
- You have the right to object in cases where we process your personal information for reasons of direct marketing. This also includes profiling, to the extent that this is used for direct marketing.
- Ask the limitation of the processing of your personal information. This allows you to ask us to limit the processing of your personal information, that is to use it only for specific cases, if:
- they are inaccurate;
- they have been used illegally but you do not wish us to delete them;
- they are no longer necessary but you want us to retain them for their use in potential legal demands;
- you have asked us to stop using your personal information but you are waiting us to confirm if we have legal reasons to use them.
- Ask for a copy of the personal information pertaining to you in a structured, commonly used and machine readable format, to convey this information to other organizations. You may also request that we directly convey that file to another organization of your choice. This is also known as "data portability right".
- Withdraw your consent regarding the processing of your personal information at any time. Please note that withdrawal of your consent at any time does not invalidate the legality of the processing based on your consent before that was revoked or withdrawn by you.
To exercise any of your rights we kindly ask you to use the tools offered on our site after logging in. Alternatively, or if you have questions about the use of your personal information from us, you can contact us through the Contact Form and use the appropriate contact category. Or you can contact our Data Protection Officer directly as explained earlier in this document.
According to the law, we will reply to your requests promptly and within 30 business days. If you have not received a reply from us for over three weeks (21 days) please retry contacting us with alternate means; most likely your request never reached us. Kindly note that we reserve the right to direct you to our site's tools and / or this Privacy Statement if your concern is readily addressed by it. Per the law, we reserve the right to not reply to your requests if they are too often or are otherwise in abuse of the provisions of the law.
Right to file a complaint
If you have exercised some or all of your rights to data protection and you still feel that your concerns about the way we use your personal data have not been addressed satisfactorily by us, you have the right to file a complaint by filling in the Contact Us form on our site. You also have the right to file a complaint with the Hellenic Data Protection Authority. On http://www.dpa.gr/ you will find information on how to file complaints.
12. Changes in this Privacy Statement
We may periodically modify or amend this privacy statement.
When this happens we will change the date on the top of the page and keep a change log at the end of this page. We do not have the technical means to notify our clients about any changes. We recommend that you re-examine this statement periodically so that you are always updated on the way we process and protect your personal information.
13. Cookies Policy
Our site uses small text files, known as Cookies, to enhance your experience and work better.
NOTICE: The European Union's General Data Protection Regulation 2016/679 is in effect on May 25th 2018. Until then the Laws for Processing Personal Data Information (2472/1997 and 3471/2006) are still in effect.
Changelog (changes made to this page)
- May 1st, 2018: Initial version with the wording and sections required by the European Union