PRIVACY POLICY

With the current policy on personal data protection regulation (“Policy”) information is provided regarding processing of your personal data.

Who we are

The company operating as «medbest SA», located in 282 Kifissias Avenue and 2 Ydras Street, post code 15232, Halandri, tel.nr. 2106856191, VAT Nr. 999399686, Tax Office FAE Athinon, (called “the Company” or “We”) acting as Data Controller, is collecting, saving, using and processing your personal data.

Our website address is: https://medbest.gr.

Definitions

What is personal data?

Any data that pertains to an individual (referred to as the Subject of Personal Data) and can be utilized, directly or indirectly, to identify them constitutes Personal Data under the law. This includes, but is not limited to, names, phone numbers, home addresses, bank accounts, email addresses, internet protocol (IP) addresses, etc. When in doubt about whether something qualifies as personal information, it’s best to err on the side of caution and treat it as such.

What is sensitive personal data?

Personal data is considered sensitive when it pertains to the following categories:

  • Racial or ethnic origin.
  • Political opinions or participation to a labor union.
  • Religious or philosophical beliefs.
  • Health related, medical or genetical data.
  • Social security data or data concerning a person’s sex life.
  • Criminal claims and convictions of a person.

 

What does processing personal data entail?

Processing encompasses various actions, whether automated or not, carried out on personal data or extensive sets of personal data. These actions include, but are not limited to, collection, input, recording, modification, organization, structuring, storage, retrieval, adaptation, alteration, consultation, use, transmission-based disclosure, dissemination through any means, correlation or combination, restriction, erasure, or destruction of data.

What data do we gather?

We carefully collect only the personal data necessary for their specific purpose and use them exclusively for that purpose. With the exception of the personal data gathered by Cookies, the personal data we collect are strictly limited to what you have provided and are utilized solely for the specific purpose for which you have consented.

  • Identification Data: This includes information such as name, surname, VAT number, IP address, etc.
  • Communication Data: This encompasses details like address, phone number, webmail, etc.
  • Photo Gallery: This comprises photos and videos.
  • Data essential for the provision of our company’s services, including quality control, participation in exhibitions, promotion of products/services, invoicing, and product shipment, are also collected.
  • Payment Information: Such as payment account or bank account information.
  • Additional Profile Information: Such as gender, photo, preferred language(s), city, and personal description.
  • Biometric Information: Facial recognition data derived from photos and identification documents you submit for verification, where offered and with your consent where required by applicable law.
  • Other Information: Such as when you fill in a form, add information to your account, respond to surveys, post to community forums and participate in promotions.

How do we utilize your personal data?

Your personal data is processed either by specifically authorized personnel of our company or by the software and hardware of our company, and only in exceptional circumstances by third parties. These third parties are contractually obligated to our company to maintain the confidentiality and protection of your data while processing it strictly for their authorized purposes.

In general, your data is processed to provide you with the following services:

  • Communication: Your data is used by the company to respond to claims or questions submitted via email or other communication channels.

  • Quality control: Your data is utilized by the company for regular quality checks.

  • Offer submission: Your data is processed by the company to submit an offer.

  • Shipment/invoicing: Your data is processed by the company to place and ship your order according to the products you have selected.

  • Participation in exhibitions: Your data is processed by the company to inform and invite you to exhibitions in which it participates.

  • Newsletters: The company provides you with the choice to receive information regarding its promotional efforts (e.g., new products, special offers) via newsletters.

  • Job search: Your data is processed by the company to assess your skills and attributes for the position for which you have applied or for any other job opening within the company. This is also used to communicate with you for the aforementioned purposes.

  • Website: Your personal data is processed to enhance your experience on medbest’s website and ensure its functionality, in the following ways:
    • enable you to access medbest’s website,
    • allow you to communicate with us,
    • perform analytics, debug, and conduct research,
    • develop and improve our products and services,
    • provide customer service training,
    • send you messages, updates, security alerts, and account notifications,
    • process, handle, or assess insurance claims or similar claims,
    • determine your country of residence based on automated review of your account information and your interactions with our site.

  • Policy adherence: We reserve the right to process this information to:
    • study and combat discrimination consistent with our Human Rights Policy,
    • detect, prevent, assess, and address fraud and security risks,
    • verify or authenticate information provided by you, including identity information,
    • conduct checks against databases and other information sources, including background checks,
    • comply with our legal obligations, protect the health and well-being of our employees, and the public,
    • enforce our agreements with third parties,
    • comply with law, respond to legal requests, prevent harm, and protect our rights
    • detect and prevent money laundering, fraud, abuse, and security incidents, as well as conduct risk assessments,
    • comply with legal and compliance obligations, such as anti-money laundering regulations and sanctions enforcement,
    • enforce the payment terms and other payment policies, and
    • provide and improve Payment Services.

 

Data Usage

Who we share your data with

Our company ensures that your data will not be disclosed, transmitted, etc., for any purpose or use unless mandated by the prevailing legal framework or required by public or judicial authorities.

Access to your data is restricted to essential personnel of the company who are bound by confidentiality agreements and have been instructed upon hiring both verbally and in written form via our Employee Handbook to maintain confidentiality. Additionally, affiliated companies may have access to your data as either joint or delegated data controllers, operating under our instructions.

How do we guarantee that data processors uphold your data?

The data processors, acting on behalf of our company, have consented to and are contractually obligated to:

  • Maintain confidentiality.
  • Refrain from disclosing your data to third parties without our company’s permission.
  • Implement all necessary precautionary measures.
  • Adhere to all legal frameworks concerning the protection of personal data, particularly Regulation 679/2016/EU (GDPR).

When is your data erased?

We retain your data only for the duration necessary to fulfill the purpose for which they were provided, in accordance with applicable legal requirements.

Your consent is utilized solely for the duration during which newsletters are sent to you, unless you opt to unsubscribe from the newsletter.

Curriculum vitae data submitted via email for job applications within the company is retained for three (3) years, unless you request a shorter retention period or request deletion. Curriculum vitae of current personnel are maintained in the company’s personnel files for the duration of their employment and for 3 years afterwards, unless otherwise requested by the person upon resignation or termination of employment.

Is your data secure?

Our company is committed to safeguarding your data.

Recognizing the critical importance of protecting your personal data, we have implemented comprehensive organizational and technical measures. These measures are continuously enhanced in line with technological advancements to ensure that your data remains secure and protected against unauthorized or unintended processing.

Rights

What rights do you have concerning your data?

You have the following rights:

  • Right to access your data: This includes the right to know if your data is being processed, how it is being processed, and for what purpose.
  • Right to rectification: You have the right to request the correction of any inaccuracies or incompleteness in your personal data.
  • Right to erasure (right to be forgotten): You can request the deletion of your personal data under specific circumstances and after the expiration of the aforementioned period.
  • Right to restriction of processing of your data: You can request the limitation of the processing of your personal data under specific circumstances.
  • Right to data portability: You have the right to request that your data be transferred to a third party (e.g., another company).
  • Right to data transfer: You can request the transfer of your data to another party.
  • Right to withdraw your consent for the use of certain or all cookies and, therefore, the processing of your personal data.

 

How can you exercise your rights?

To exercise the rights mentioned above, you can send your request to our company’s address at 282, Kifissias Av. & 2 Ydras Str., Halandri, or contact us via telephone at 210 6856 191 or email at marketing@medbest.gr.
 
Alternatively, you may submit a complaint to the Data Protection Authority at 1-3, Kifissias Av., post code 115 23, Athens, or contact them via telephone at 210 6475600 or webmail at contact@dpa.gr.

 

Note: If you are under 16 years of age

If you are under the age of 16, please ensure that you obtain parental or guardian consent before providing us with any of your personal data.
We do not permit individuals under the age of 16 to submit their personal information to us without such consent.

Policy Changes

We reserve the right to modify this Privacy Policy at any time in accordance with applicable law. If we do so, we will post the revised Privacy Policy on our website.

Changes to GDPR

The General Data Protection Regulation (GDPR) may be amended at any time. Therefore, we recommend that you regularly review the current regulation. The GDPR came into effect on May 24, 2018, and was amended on September 1, 2019. If there are any changes, the date of the amendment will be specified. The most recent version of the GDPR is always applicable.

Security

While no organization can guarantee perfect security, we are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unlawful or unauthorized access, loss, destruction, or alteration.

Requests & Contact Information

When do we respond to your requests?


We aim to respond to your requests promptly and free of charge, within one (1) month from the date we receive your request. However, if your request is complex or if there is a high volume of requests, we may inform you within the month if we require an extension of up to two (2) months to respond.

If your requests are obviously unfounded or excessive, such as being repetitive in nature, the company may choose to either charge a reasonable fee, taking into account administrative costs for processing the requests, or deny the request.

Where can you find updates on the progress of your requests?


For updates on the progress of your request, please contact us at 2106856191 or via our email at marketing@medbest.gr.

Are you interested?

Enter your email address below and we’ll notify you.