Fraport Greece Data Protection Statement

The General Data Protection Regulation (Regulation (EU) 2016/679, or “GDPR”) is a regulation of the European Union laying down the rules on the processing of personal data by private companies and public authorities across the EU. The aim is not only to safeguard the protection of personal data within the European Union, but also to ensure the free movement of data within the European single market.

The GDPR replaces Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the national data protection acts which transposed the 1995 Directive into national law.

General information

Protection and security of personal data is of great importance to us. Below you will find the information required under the GDPR regarding the processing of personal data in connection to different categories of data subjects.

This Data Protection Statement is aimed at outlining the principles relevant to the processing of your personal data in accordance with our corporate Privacy and Data Protection Policy. It is our goal to provide you with exactly the right amount of information regarding the processing of personal data relating to you.

1. Who is responsible for data processing?

The company "Fraport Regional Airports of Greece Management Company S.A.” (hereinafter “Fraport Greece” or “we”), located at 10 Germanikis Scholis Athinon, GR-15123 Maroussi, Greece, e-Mail: [email protected], is in accordance with the law the Data Controller for the processing of personal data of the visitors of the corporate website: www.fraport-greece.com, as well as of the following websites:

• www.skg-airport.gr
• www.kva-airport.gr
• www.efl-airport.gr
• www.zth-airport.gr
• www.cfu-airport.gr
• www.pvk-airport.gr
• www.chq-airport.gr
• www.jsi-airport.gr
• www.jmk-airport.gr
• www.jtr-airport.gr
• www.rho-airport.gr
• www.mjt-airport.gr
• www.kgs-airport.gr
• www.smi-airport.gr 

2. General information on data collection and use when using our services

2.1. Personal data we collect

Depending on which website features you use, we collect from you and further process the following personal data:

a) When you contact us
Identification information, such as: name
Contact details such as: e-mail address
Details on your question, query or request

b) When you subscribe to our newsletter
E-mail address. We may also process your first/last name, company, job position as well as phone number (optional fields).

c) When you submit our Voluntary Safety Report form
Identification information, such as: name
Contact details, such as: phone number, e-mail address
Other information about you, such as: occupation, company
Information regarding any safety concerns/unsafe situations

d) When you apply for a job with us
Identification information, such as: name, age, nationality
Contact details, such as: postal address, e-mail address, mobile and/or landline phone number
Information regarding your education, professional experience and any certifications or other professional qualifications you have
Other information about you, as it may arise from any letters of recommendation and/or letter of interest
Evaluation of your suitability for working with us in relation to the subject-matter and the job post to which your application corresponds
Information regarding any reasons for rejecting your application

We also collect and further process information, which is necessary for the proper functioning of the website, including your IP address, as well as information on your device and browsing, as collected through internet trackers such as cookies.

2.2. Why we collect your personal data

The above personal data is processed by us exclusively for the following purposes:

a) When you contact us
Our website provides you with the information necessary, in order for you to be able to contact us through an email or the contact form. If you contact us for any matter, we will process the information you provide us with, in order to respond to you and handle any message, request, information or query that you have communicated to us. It is in our legitimate interests to handle such a communication and properly respond to you.

b) When you subscribe to our newsletter
If you subscribe to our newsletter, we will collect and further process your email address and any other personal data, as these have been indicated by you, in order to send you our press releases. We will process such data based on your consent, as provided via the relevant subscription form. You may withdraw your consent for receiving such communications by us, by directly contacting us. In case you withdraw your consent, this will not affect the lawfulness of the processing carried out previously.

c) When you submit our Voluntary safety report form
Our website enables you to fill in and submit a Voluntary Safety Report form. This allows us to improve the timely information on, and be able to look into, any safety related matters arising at the airports and to notify, where appropriate or necessary, our relevant corporate (safety) department and/or competent authorities accordingly.

d) When you apply for a job with us
When you apply for a job position by submitting your CV, we will process your data, in order to pre-contractually assess your qualifications. You will find detailed information about this processing operation, by accessing the Fraport Greece Privacy Notice for Candidate’s Employees.

3. With whom we share them

Apart from our authorized personnel, your personal data may be disclosed to website operators, online forms providers, corporate communications management companies and relevant suppliers who provide us with services related to the purposes described above and which are bound to comply with all necessary technical and organizational measures for the protection of your personal data. Where needed, we maintain appropriate data processing agreements or terms with such partners to ensure that any personal data transfers are in compliance with GDPR requirements and based on relevant adequacy decisions of the European Commission or appropriate guarantees.

4. Data security

Our website uses the widely used SSL (Secure Socket Layer) method in combination with the highest encryption level supported by your browser (usually 256bit encryption). Whether contents of our website are encrypted is indicated by the fact that a key or lock symbol is displayed in the top address bar of your browser, which is marked with a key symbol.

We also use appropriate technical and organizational security measures to prevent accidental or intentional manipulation, partial or total loss, destruction or unauthorized access by third parties as far as possible. We adapt these measures according to the technological development continuously.

5. How long we retain them

Your personal data is retained for as long as this is required for the fulfillment of each processing purpose. For example, your newsletter subscription data will be retained until you withdraw any consent given. Upon expiration of these terms, your personal data will be deleted, unless otherwise required under the applicable legal and regulatory framework or for the establishment, exercise or defense of legal claims.

6. Your Rights

In general, according to personal data protection legislation, you may exercise the following rights:

• the right of access, i.e. the right to be informed about whether your personal data is being processed by Fraport Greece and receive further information concerning the processing undertaken,
• the right to rectification of any inaccurate personal data of yours or the completion thereof
  
  as well as and provided that the legal requirements are met:
  
  
• the right to erasure,
• the right to data portability, i.e. the right to receive and transfer to another data controller your personal data, which you have provided to Fraport Greece, in an adequate format,
• the right to restriction of the processing,
• the right to object, in particular to processing operations based on our legitimate interest, such as the sending of a commercial/promotional communication
• the right to withdraw at any time the consent you have given us, without such withdrawal affecting the lawfulness of personal data processing having already taken place before its withdrawal.

The exercise of the aforementioned rights takes place by submitting a relevant written request to Fraport Greece, to which we commit to answer within one (1) month following its reception. This period may be extended for two (2) additional months due to the complexity of the request, or/and the total number of requests received.

7. Contact information

For further questions or suggestions concerning data protection and for making use of your individual rights as data subject please contact the data protection officer (DPO) of Fraport Greece in the following ways:

• By sending an email to: [email protected]
• By registered post to the attention of “Office of the Data Protection Officer, Fraport Greece, 10 Germanikis Scholis Athinon, GR-15123 Maroussi, Greece
• By filling in the electronic form through the following link: https://www.fraport-greece.com/ell/epikoinonia/feedback (in Greek) or https://www.fraport-greece.com/eng/contact/feedback (in English).

Right to lodge a complaint
In case you deem that we have not sufficiently satisfied your request and the protection of your personal data is affected somehow, you may lodge a complaint through a special web portal with the Personal Data Protection Authority (Athens, 1-3 Kifissias Avenue, PC 115 23 | tel: +30 210 6475600). Detailed instructions for submitting a complaint are provided on the Authority's website.