Log in / Sign up
+30 2310402088
en

Privacy Policy

1. Privacy Policy – Personal Data Protection Policy

OTO S.A. FOR THE PROVISION OF SUSTAINABLE URBAN MOBILITY SERVICES AND CONSUMER GOODS TRADING operates in the fields of shared bicycle rental services, parking services, and the trade and sale of petroleum products.

With a large fleet of mountain and city bikes, certified personnel, and cooperation with the specialized organizations THESSBIKE and EASYBIKE, our company guarantees a unique experience, guided by the sense of freedom that cycling can offer.

The company's full legal name is "OTO S.A. FOR THE PROVISION OF SUSTAINABLE URBAN MOBILITY SERVICES AND CONSUMER GOODS TRADING". Its registered office is located at 6–8 Papakyritsi Street, Kalamaria, Thessaloniki. The contact telephone number is +30 2310 403999, and the corresponding contact email address is info@otoparking.gr.

Our company considers the secure provision of its services and the protection of your personal data to be a top priority. For this reason, we process your personal data with the utmost care and diligence, in accordance with Greek and European legislation, including Law 2472/1997 (as well as any subsequent legislation replacing it) and Regulation (EU) 2016/679 (GDPR – General Data Protection Regulation).

Your personal data has been collected lawfully and fairly. The legal basis for retaining your personal data includes your interest in our activities, the performance of a service agreement, our legal obligations, and your consent, which reflects the trust you place in us.

By accepting these Privacy Policy and Personal Data Protection Terms and by confirming and renewing your trust and consent, you provide your explicit and unambiguous consent to the collection and processing of your personal data for specific purposes, including receiving news and updates regarding our activities, information about potential participation in future activities, allowing us to contact you by telephone, SMS, or other multimedia communication technologies, exchanging views on matters related to our activities, informing you about meetings, and sending informational brochures and promotional material regarding our activities and events to your postal address.

At any time, twenty-four hours a day, you may withdraw your consent for one or more of the purposes described above, update your information to ensure its accuracy, or request its complete deletion.

The collection and processing of users' personal data by our company are governed by these terms and by applicable national, European, and international legislation concerning the protection of individuals with regard to the processing of personal data.

2. What Information Is Considered Personal Data

Personal data refers to any information that can be used to identify an individual or communicate with them, as well as any information that may be linked to an identifiable person in any way.

In order to maintain communication with you solely for the purposes described above, we retain the personal data that you have previously provided to us and collect additional personal information only after obtaining your explicit consent and ensuring that you have been fully informed of your rights, as provided for under Articles 11, 12, and 13 of Law 2472/1997, or any provisions replacing them under subsequent legislation, as well as the corresponding provisions of Regulation (EU) 2016/679 (GDPR).

The personal data we hold on your behalf and collect through our contact forms, based on the purposes described above and with your consent as the legal basis for processing, include your first name, last name, email address, and telephone number. Participation in our activities may also require the presentation of an identity card or passport for trips abroad.

We do not collect or process sensitive personal data under any circumstances.

3. Purpose of Collecting Personal Information

As mentioned above, our company collects, stores, and processes personal data only when users voluntarily provide it with their explicit consent, for the following purposes:

  • To communicate with customers within the framework of a service agreement.
  • To comply with the legal obligations of our company.
  • To conduct research related to the operation and statistical analysis of our website.
  • To communicate with you by telephone, SMS, or any other available multimedia communication technology in order to provide information and respond to any inquiries submitted through our contact form.

For the purposes described above, we may contact you via email, telephone, or SMS messages.

4. Where Do We Collect Your Personal Information From?

The provision of all personal information is voluntary and based on your explicit consent regarding both the personal data you provide and the specific processing purposes you choose to authorize. However, your consent and its confirmation are necessary for the use of the purposes described above.

We collect personal information voluntarily provided by you, either directly or through any devices (including mobile devices) that you use when:

  • Completing the contact form available on our website.
  • Completing a consent form and participation declaration in written form.
  • Browsing our website, provided that you have enabled or configured the relevant cookies.

5. Personal Information We Collect

What types of personal information do you provide while browsing our website?

The personal information collected by our company may include:

  • Personal details such as first name, last name, and email address.
  • In certain cases, a telephone number.
  • Tax-related information (company name, business activity, Tax Identification Number (VAT Number), Tax Office, and bank account number) for the issuance of relevant invoices and receipts.
  • IP address, provided that you have enabled or configured cookies.

    6. Personal Information We Collect Through Cookies

    We use cookies to collect information about the pages you view, the links you click, and other actions you take while using our services. These cookies are strictly necessary for the operation of the website and for improving its performance. For more information regarding the use of these technologies and how to control them, please refer to our Cookie Policy.

    We do not allow third parties to track or collect your personal information through our website for their own advertising purposes without your consent.

    What Rights Do Users Have Regarding Their Personal Data?

    We respect your right to access, correct, request deletion of, or request restriction of the use of your personal information, as required by Law 2472/1997 and Regulation (EU) 2016/679 (GDPR). We have also taken measures to ensure that the personal information we collect is accurate and up to date.

    You have the right to know what personal information we hold about you and to request the portability of your data. Upon request, we will provide you with a copy of your personal information in a structured, commonly used, and machine-readable format.

    If your personal information is incorrect or incomplete, you have the right to modify it yourself, provided that you are a registered user, or to request that it be corrected.

    You may request that we delete your personal information or restrict the way we use it. However, this right is subject to applicable law and may affect your access to certain activities and purposes described above.

    • You have the right to request the restriction of the processing of your personal data and to object to such processing.

    Upon your request, we will delete all your information and remove your personal data as soon as possible, in accordance with applicable national laws.

    The standard response time for processing any such request is 30 days. This period may be extended if necessary, in which case you will be informed accordingly.

    7. Processing of Personal Data on the Website

    We retain your personal information in a secure environment, in accordance with our company's operational needs and technological infrastructure. We have implemented all necessary technical and organizational measures to ensure confidentiality, maximum security, and the proper and efficient operation of our systems.

    Upon request and following a relevant application submitted by you, we will securely delete your personal data from our database in accordance with our data retention and deletion policies.

    8. How Do We Protect Your Personal Information?

    We protect your personal information by implementing security measures designed to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration of your personal data.

    We safeguard the security of your information during transactions through the use of Secure Sockets Layer (SSL) technology, which encrypts the information you enter.

    At the same time, we have adopted an internal acceptable-use policy for our technical departments to ensure that all system users comply with common technical security standards, thereby maximizing the security of our technical systems.

    9. What Procedures Have We Established in the Event of a Data Breach?

    In the event of a data breach, the following procedure is followed: information regarding the breach is collected and subsequently provided to the competent authorities; the breach is contained using appropriate technical measures; the relevant authorities and any affected parties are informed; and the scope and extent of the breach are assessed in order to ensure proper reporting to all parties with a legitimate interest.

    In addition, full cooperation and assistance are provided to the legally competent authorities for the investigation of incidents involving breaches of communication confidentiality and personal data protection.

    10. Automated Decision-Making and/or Visitor Profiling

    To protect our website, we use multiple security measures that make automated decisions regarding the nature of each visit in order to safeguard our source code and the integrity of our databases.

    These systems may block your access to our website. Should this occur, you may contact us so that the restriction can be reviewed and removed where appropriate.

    11. Our Company's Partners

    Our company may share certain personal data with third-party partners in order to facilitate personal data management activities and communication processes carried out through our contact forms.

    Our company expressly assures and declares that it will not sell, transfer, disclose, or otherwise make available users' personal information to third parties unrelated to our company (subject to internal personnel access controls) without the users' consent, for purposes that are inconsistent with our activities or not described in this policy.

    Your personal data may be disclosed to judicial or law enforcement authorities upon a lawful request and in accordance with applicable Greek and European legislation, without requiring your consent.

    12. Right to Lodge a Complaint

    In accordance with Law 2472/1997 and Regulation (EU) 2016/679 (GDPR), if you believe that your rights regarding the protection of your personal data have been violated, you have the right to lodge a complaint with the Hellenic Data Protection Authority or any other competent supervisory authority.

    13. Who is responsible for the collection and processing of your personal data?

    For the exercise of your rights, you may contact the data controller responsible for the collection, processing, and protection of the above data for our company, Mr. Apostolos Symeonidis, resident of Thessaloniki, at the email address info@thessbike.gr and at the telephone number 6978008141.