If you are a registered user, please enter your email and password.
Have a few seconds?
By creating an account you will be able to shop faster, be up to date on an order's status, and keep track of the orders you have previously made.
GDPR means the EU General Data Protection Regulation, Regulation (EU) 2016/679;
Personal Data means any information relating to “an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;” (Article 4 § 1.1.of the GDPR), and relates only to personal data, or any part of such personal data, of which [name of business] is the Data Controller or joint Data Controller;
Processing means “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction” Article 4 of the GDPR;
Recipient means “a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not”.
Third party means “a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data”;
Company KOSMOS (We) is the controller for the personal information we process, unless otherwise stated.
You may contact us in many ways, including by phone, email, live chat and post. More specifically you may contact us by:
KOSMOS RENT A CAR LTD
Address : 5 Syngrou Ave., Athens, 117 43
b. Email : email@example.com
c. For general contact please use https://kosmos-carrental.com/en/locations our website.
a. Directly from you
We collect information directly from you when you register on our site or enter information on our site, such as contact information, payment Information or any personal information you provide to us in your communications with KOSMOS.
b. Automatically from Your Use of the [name of business] website and application
When you use the KOSMOS Website and Application, we automatically collect information, including personal data, about the services you use and how you use them. Such information may include information about your interactions with the site, log data and device Information, IP address, access dates and times, hardware and software information, device information, cookie data, and other website usage information.
c. From Third Parties.
If you link or connect with KOSMOS with a third party service (e.g. Facebook,), the third party service may send us information such as your registration and profile information from that service. This information varies and is controlled by that service or as authorized by you via your privacy settings at that service.
4.1. Personal data about you
When using our service, as appropriate, we collect the following information:
A. your name, email address, phone number,
B. other details/information you provide to us in order to help you with your experience.
C. usage Information: we collect information about your interactions with the SOTMAN Website and application such as the pages or content you view, and other actions on the site, log Data and Device Information, IP address, access dates and times, hardware and software information, device information, geographical location, browser type and version, and operating system, cookie data.
E. information relating to services you use, through our website, which includes your name, address, telephone number, email address;
F. information contained in any communications that you send to us by email or through our website or blog including its communication content and metadata;
We may use the personal data we collect from you when you sign up for communication, surf the website, or use certain other site features to provide, understand, improve, and develop the website and application, create and maintain a trusted and safer environment and comply with our legal obligations. Specifically we use you data:
We rely on the following legal bases:
a. processing of the personal data is necessary for the performance of the contract between you and KOSMOS, specifically to create your account and provide the services requested.
b. processing is necessary for the purposes of the legitimate interests pursued by KOSMOS or by a third party. We will always balance your rights and interests in the protection of your personal data against KOSMOS rights and interests or those of the third party.
c. processing is necessary for compliance with a legal obligation to which we are is subject (such as tax law or lawful law enforcement requests).
We may disclose your personal data to any of our employees, officers, insurers, professional advisers, agents, suppliers, or subcontractors as reasonably necessary for the purposes set out in this policy.
In addition, we may disclose your personal information:
a. to respond to your requests for customer service;
b. to the extent that we are required to do so by law;
c. in connection with any ongoing or prospective legal proceedings;
e. to protect the rights, property or personal safety of S. TZANIDIS S.A., its users and the public
f. to third-party service providers which provide support services such as:
i. customer support;
ii. payment services. We use third parties to process payments. We might share information with relevant financial institutions if we consider it strictly necessary for fraud detection and prevention purposes.
We do not sell, trade, or otherwise transfer to outside parties your Personal Data except as stated above under paragraph 6.
We do not include or offer third-party products or services on our website.
Personal data we collect are processed in a cloud environment provided by ……………………….. Therefore, it is highly likely that your data may be stored outside the EU/EEA. Our cloud provider, Microsoft, complies with international data protection laws regarding transfers of customer data across borders. Specifically, for EU/EEA customers:
a. Microsoft business cloud services offer customers EU Standard Contractual Clauses that provide additional contractual guarantees around transfers of personal data for cloud services.
b. In addition to the Standard Contractual Clauses and other model contracts, Microsoft is certified to the EU-U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the EU to the United States. Microsoft participation in the Privacy Shield applies to all personal data that is subject to the Microsoft Privacy Statement and is received from the EU, European Economic Area, and Switzerland. Microsoft also abides by Swiss data protection law regarding the processing of personal data from the European Economic Area and Switzerland.
10. How long do we retain your personal data?
We retain your personal data for the duration of our contractual relationship. Personal information that we process shall not be kept for longer than is necessary for the performance of the contract and any directly derived services.
We may also retain personal data:
a. to the extent that we are required to do so by law (for instance in order to comply with tax legislation);
b. to comply with legal process, (any ongoing or prospective legal proceedings); and
c. in order to establish, exercise, or defend our legal rights, property or personal safety of [name of business], its users and the public.
If you have a question about a specific retention period for certain types of personal data we process about you, please contact us using the contact details provided below.
We have implemented appropriate technical and organizational measures and procedures to prevent unauthorized access to, and the missuse of personal data. We use security procedures and technical and physical restrictions for accessing and using the personal data. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. Only authorized personnel are permitted to access personal data in the course of their work. In addition, all information you supply to us is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user registers for our service, adds a new rental, adds a new channel, submits, or accesses their information to maintain the safety of your personal information
We will retain your personal data only for as long as it is necessary to enable you to use our services, to provide our services to you, to comply with applicable laws, resolve disputes with any parties and otherwise as necessary to allow us to conduct our business, including to detect and prevent fraud or other illegal activities (see above under 11).
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since every browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you disable cookies in their browser, please be advised that some of the features that make our site experience more efficient may not function properly.
You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to the supply of appropriate evidence of your identity. We may withhold personal information that you request to the extent permitted by law.
You have the following rights in connection with your data:
i. To request access to your personal data that we hold. You may request a copy of your personal data and we shall provide it to you free of charge. Should you request any further copies, we may charge a reasonable fee based on administrative costs
ii. To request that we rectify any inaccurate personal data about you and, taking into account the purposes of the processing, to have any incomplete personal data about you completed. In any case, please note that when you actively provide to us your personal data guarantee that they are true and accurate and you undertake to notify to us any change or modification of your data.
iii. To request that we erase your personal data to the extent that they are no longer necessary for the purpose for which we need to keep processing them, as we have explained above, or when we are no longer legally permitted to process them. Please be advised that, in such case we will retain only non-personal data and information for statistical and technical reasons. Also, when you want to stop using our service, you have the option to either:
1. PAUSE your account: In this case we retain all data in case you want to restart his subscription, OR
2. DELETE your account: in this case we delete all personal data except your email. Your email is renamed to “xxxxxx@[name of business].com-deleted” and is retained in a secure manner for new account -verification purposes.
Also, we shall retain some “Payment Information”, if such apply in your case, for as long we are obliged by the applied tax law or/and our contractual obligations with our service providers.
iv. To request that we cancel or limit the processing of your personal data, which entails that in certain cases you can request us to temporally suspend the processing of the data or that we keep them longer than necessary.
v. Where the processing of your data is based on our legitimate interest, you will also have the right to object to the processing of your data.
vi. Finally, we inform you that you have the right to file a claim before the responsible data protection authority, in particular, before the Greek Data Protection Authority ( www.dpa.gr).
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
You may instruct us at any time not to process your personal information for marketing purposes.
You may exercise any of your rights in relation to your personal data [by written notice to us] OR by email at firstname.lastname@example.org or by phone at 0302109234695 .
The services offered by [name of business] are not directed at children under 16 years old.