top of page

Website Privacy Policy

FIVE DOORS I.K.E. (hereinafter referred to as the "Company" or "we") makes every effort to offer an experience that meets the needs of the visitors to our Website by responsibly using the information collected through it. We are committed to respecting your privacy and complying with the applicable data protection and privacy legislation.

The processing of your personal data is governed by these terms, by the relevant provisions of the Greek and European legal framework on data protection, including the General Data Protection Regulation (2016/679), and by related decisions, guidelines, and regulations issued by the Hellenic Data Protection Authority.

This Website Privacy Policy (hereinafter referred to as the "Policy") may be subject to amendments. We advise you to regularly check the Policy to stay informed about any changes. By visiting and browsing our Website, you accept the Policy as in effect. If significant amendments are made, we will ensure the publication of a relevant notice to the visitors of our Website.

This Policy explains how we collect, process, and/or use the data we receive through our Website, as applicable from time to time. This Policy also describes how we collect, process, use, and share your personal data that you provide to us. It also outlines your options regarding the use, access, transfer, correction, and deletion of your personal data.

1. Definitions

For the purpose of applying this policy, the following terms must be clarified:

- "Personal Data" refers to information concerning a living natural person who can be identified, directly or indirectly, particularly through reference to an identifying element such as a name, identification number, location data, online identifiers, or one or more factors specific to the physical, physiological, economic, cultural, or social identity of that natural person.

- "Data Processing," in relation to information or data, means the collection, recording, or possession of information or data, or the execution of any operation or series of operations on the information or data, including: (a) the organization, adaptation, or alteration of the information or data, (b) the retrieval, consultation, or use of the information or data, (c) the disclosure of the information or data by transmission, dissemination, or any other form of making available, or (d) the correlation, combination, restriction, deletion, or destruction of the information or data.

- "Data Subject" is the natural person who is the subject of personal data.

- "Data Controller" means a person who (either alone, jointly, or together with others) determines the purposes for which and the manner in which personal data are or are to be processed.

- "Data Processor," in relation to personal data, means any natural or legal person other than the data controller who processes data on behalf of the Data Controller.

- "Third Party," in relation to personal data, means any person other than: (a) the data subject, (b) the data controller, or (c) any processor or any other person authorized to process data on behalf of the data controller or processor.

2. Principles Governing the Processing of Personal Data

We ensure full compliance with the applicable Data Protection Legal Framework, including the General Data Protection Regulation (GDPR), and process personal data in accordance with the following key principles. In this context, we ensure that personal data:

a) Are processed lawfully and fairly, with transparency regarding the data subjects.
The lawful bases for processing are outlined below. We ensure that one of these bases applies when processing personal data:

  • Consent: The individual has given clear and unambiguous consent, allowing us to process personal data for a specific purpose.

  • Contract: Processing is necessary for the performance of a contract between us and the individual or for steps requested by the data subject prior to entering into a contract.

  • Legal Obligation: Processing is necessary for compliance with a legal obligation (not including contractual obligations).

  • Vital Interests: Processing is necessary to protect someone's life or other vital interests.

  • Public Interest: Processing is necessary for the performance of a task carried out in the public interest.

  • Legitimate Interests: Processing is necessary for the legitimate interests pursued by the controller or a third party, unless those interests are overridden by the data subject's interests.

b) Are collected for specific, explicit, and legitimate purposes and are not processed further in ways incompatible with those purposes. Further processing for archiving purposes in the public interest, scientific or historical research, or statistical purposes is not considered incompatible with the initial purposes.

c) Are adequate, relevant, and limited to what is necessary for the purposes for which they are processed. Personal data must be sufficient, relevant, and not excessive in relation to the purpose(s) for which they are processed.

d) Are accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that inaccurate data, in relation to the purposes for which they are processed, are erased or rectified without delay.

e) Are kept in a form that permits identification of data subjects only for as long as necessary for the purposes for which personal data are processed. Personal data may be stored for longer periods if they are processed solely for archiving purposes in the public interest, for scientific or historical research, or for statistical purposes, provided that appropriate technical and organizational measures are applied, as required by the applicable regulatory data protection framework, to safeguard the rights and freedoms of individuals.

f) Are processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing, and accidental loss, destruction, or damage, through the implementation of appropriate technical and organizational measures. Appropriate technical and organizational measures will be taken against unauthorized or unlawful processing of personal data and accidental loss or destruction.

g) Are not transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

3. Data We Collect

We collect information about you in order to provide our services. To offer our services to you in the best possible way, and to communicate with you and respond to your requests, it is necessary for us to collect and use data as described in this Policy.

3.1 Data We Collect Through the Contact Form
When you provide your personal data by entering them in specific fields on the XENOS Packaging A.E. Website, we collect and retain your data exclusively for the purposes outlined below. In this context, we collect the data you voluntarily provide, such as your first name, last name, phone number, email address, physical address, and the content of your communication.

3.2 Data We Collect Through Automated Means
When you use our website, your device automatically provides us with data, allowing us to serve you and tailor our response to your needs. The type of information we collect through automated means generally includes technical information about your computer, such as your IP address or other device identifiers, the type of device you are using, and the version of the operating system. The data we collect may also include usage information and statistics regarding your interaction with the Website. This can include information such as the URLs of the pages you visited on our website, referring and exit pages' URLs, page views, time spent on a page, the number of clicks, platform type, location data (if location services are enabled), and other details about how you used the platform.

This information is collected using Cookies. We recommend reviewing our Cookies Policy (find it here) to learn more about what cookies are, how we use them, and how you can control their use.

4. Purpose and Legal Basis for Processing

4.1. We process your data exclusively for the following purposes:

(a) Communication in the context of service provision:
When you communicate with us through our Website, you are required to provide your personal data. We collect your personal data to serve our pre-contractual or contractual relationship, enabling us to meet your needs when using our services, provide you with personalized information, give you access to your personal documents, and respond to your requests or contact you upon your request.

(b) Access to downloadable material:
If you provide your consent by requesting access to downloadable material, we will register your data in order to deliver the item(s) you requested.

(c) Exercise of legal claims:
Your data may be processed to establish any legal claims or defend the Company against fraud attempts, potential cyberattacks, or other illegal activities.

(d) Improvement of services:
We retain your data and your service usage history to derive statistical data that help us better evaluate user visits and navigation through our Website, thus improving its content and structure.

4.2. Legal Bases for Processing
The processing of your personal data is necessary to fulfill the aforementioned purposes. Unless otherwise specified at the time of data collection, the legal basis for processing your personal data is one of the following:

(a) The processing is necessary for the performance of the contractual relationship with you (Article 6§1(b) of the General Regulation).


(b) The processing is necessary for the purposes of the legitimate interests pursued by the Company (Article 6§1(f) of the General

Regulation).


(c) You have given your explicit consent to the processing of personal data (Article 6§1(a) of the General Regulation).

5. Recipients of Your Data

Access to your data is limited to appropriately authorized employees or external partners acting on our behalf for the above-mentioned processing purposes. These parties provide IT services for recording and storing your data and for the operation of our Website.

6. Duration of Processing / Data Retention Period

The retention period may vary significantly depending on the type of data and how it is used. The determination of the data retention period is based on criteria such as legal retention deadlines, ongoing or potential disputes, intellectual property or ownership rights, contractual requirements, business directives or needs, and historical archiving.

7. Organizational Measures

Appropriate physical, electronic, and organizational measures have been taken to prevent unauthorized access to your personal data, maintain data integrity, and ensure data availability.

8. Your Rights

Our Company ensures your rights regarding the processing of personal data and their exercise:

  • Right to Information: You have the right to be informed about the collection and use of your personal data.

  • Right to Access: You can request confirmation from the Company about whether your personal data is being processed and, if so, gain access to the data in a concise, clear, transparent, and easily accessible format.

  • Right to Rectification: You can request the correction of inaccurate or incomplete personal data, and the Company will ensure this is done without undue delay.

  • Right to Erasure: You have the right to request the deletion of your personal data without undue delay, and the Company is obligated to proceed under the conditions defined by law.

  • Right to Restriction of Processing: You can request that the Company limits processing activities to specific purposes, under the conditions defined by law.

  • Right to Object: You have the right to object at any time, on grounds related to your particular situation, to the processing of personal data. The Company will no longer process the data unless it demonstrates compelling legal grounds that override your interests or for the establishment, exercise, or defense of legal claims.

  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and the right to transfer it to another controller without objection from the Company.

  • Right to Obtain Human Intervention: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

  • Right to Withdraw Consent: If you have given consent for the processing of certain personal data, you can withdraw your consent at any time, with future effect. The withdrawal does not affect the lawfulness of processing carried out before it was withdrawn. The Company may continue to process your personal data if another legal reason for processing exists.

To exercise any of these rights, you can send an email to 5doorsdpo@gmail.com or a written request using the contact details below.

If you believe your data protection rights have been violated, you have the right to file a complaint with the Hellenic Data Protection Authority (www.dpa.gr).

Contact Information
FIVE DOORS Ι.Κ.Ε.
Straitsa 2,
P.C.: 57001
Email: 5doorscontact@gmail.com

Last updated: September 2024

bottom of page