UPDATE STATEMENT ON THE PROTECTION OF PERSONAL DATA

INTRODUCTION

1.1 In order to manage our partnership and/or contractual relationship, our company will collect and use your personal information in electronic and/or paper form.

1.2 This update aims to provide you with information about how the Company manages your personal data as well as about the rights you have as data subjects.

LEGAL BASIS OF PROCESSING

2.1 The legal basis and necessity on which the processing of the subjects' personal data is based is in this case the fulfillment of the Company's obligations and rights based on the terms of the existing contract / business relationship between us and/or the statutory obligations, or for the satisfaction of the legitimate interests of the Company, such as the pursuit of legitimate business purposes.

PROCESSING MANAGER

3.1 The Company, with regard to your personal data that it collects, acts as a Data Controller, within the meaning of Regulation (EU) 2016/679 (hereinafter "Regulation"). The purposes as well as the way in which your personal data is collected, processed and used and/or possibly shared with third parties by the Company, are clarified by this Policy/Information Statement.

TYPE OF PERSONAL DATA AND METHOD OF PROCESSING

4.1 In the context of the existing relationship between us, we will collect simple and possibly sensitive personal data, such as indicatively:

4.2

(i) Name/surname, contact details of the data subject and other identification details such as e.g. phone (landline and mobile), fax, VAT number, DYO, address, email.

(ii) Information of a financial nature, such as credit/debit card details, bank account details and other relevant billing information.

(iii) Any other information you disclose to the Company on your own initiative against the above communication and transactional relationship with us.

4.3 Data provided by you to the Company regarding other persons (e.g. your partners, etc.) will be processed by us in accordance with the terms of this Statement. You are responsible for the accuracy of this data and information and you must also ensure that the above subjects are aware of the personal data provided by you to the Company as well as the manner in which it will be processed by the Company.

HOW WE USE YOUR PERSONAL DATA

5.1 Your personal data will be used in the context and for the needs of service and management of our partnership relationship, in particular to fulfill the obligations based on the terms of our contract and/or the legal obligations of the Company or, if any, or for the legitimate business purposes of the Company.

5.2 Only those personal data that are relevant and related to a specific processing purpose will be processed and we will always try to limit the use of your personal data to what is absolutely necessary.

5.3 Your personal data may be used for the purposes indicated below:

(i) Managing our business relationship and monitoring the course of our cooperation, including conducting and monitoring any financial transactions or conducting judicial and extrajudicial actions, where required;

(ii) For internal operational and computer service purposes or for statistical and historical purposes.

(iii) For the supply of the commercial and accounting software of the Company's activity and the processing of the Company's legally required tax formalities.

(iv) To improve the operation of our company but also for our communication with you, always in accordance with the framework defined by the current national and European legislation on the protection of personal data.

WITH WHOM YOUR PERSONAL DATA IS DISCLOSED

6.1 Your personal data will be made available only to duly authorized employees or, to a lesser extent, external partners of the Company (external accountant, transport companies, lawyer), who are charged with tasks related to the management of the relationship between us and the execution of the transactions.

6.2 We expressly prohibit all of the above persons to use your personal data for purposes other than those specified here or to share them with anyone and for any other purpose.

6.3 We may decide, for strategic or other business purposes, to sell or transfer our business in whole or in part. In the context of such sale or transfer, we may transfer information we have collected and stored, including your personal information, to any party involved in the sale or transfer.

6.4 As an exception, we may share your personal information with third parties, including the competent police and prosecutorial authorities, only if there is a relevant legal obligation to do so, or we are obliged by virtue of a decision/order of a judicial, regulatory or public authority.

WHERE YOUR PERSONAL DATA IS STORED

7.1 Your personal data that we collect is stored on secure servers located in Greece.

7.2 In the context of the processing described in this Information Statement, we may outsource the processing of, or share your personal data with, third parties located in countries outside the EEA. Therefore, your personal information may be processed by staff operating outside the EEA who work for us or one of our suppliers. Such personnel may be employed, among other things, in the provision of support services.

7.3 Regardless of which country your personal data is shared, we will only share your personal data in those cases where there is a strict need to do so and always in accordance with appropriate security guarantees (such as Approved Standard Contractual Clauses).

7.4 You have the right to request a copy of the above by contacting us at info@assea.gr.

HOW LONG ARE YOUR PERSONAL DATA KEPT

8.1 We will keep your personal data for that period of time that is absolutely necessary to achieve the purpose of their collection and also in accordance with the relevant legislation. Your personal data that we collect in accordance with this Statement will be kept even after the termination of the existing cooperation between us in order to comply with any legal obligations and also to serve the legitimate business interests of our Company.

8.2 Where your personal data is not necessary for the above purposes, it will be securely destroyed.

WHAT ARE YOUR RIGHTS

9.1 Subject to applicable law, you have a right of access, i.e. at your request to be informed as to whether or not your personal data is being processed and to receive further information about it.

9.2 In addition, you have the right to request the correction of your inaccurate personal data or to notify us of a change in any of it. Also, as long as the conditions of the law are met, you have the right to erasure, the right to limit processing, the right to portability of your data and the right to object to processing.

9.3 Insofar as the processing is based on your consent, you can withdraw your consent at any time, without however affecting the lawfulness of the processing based on your consent before its withdrawal.

9.4 Finally, you can file a complaint with the competent Personal Data Protection Authority.

9.5 You can exercise your above rights by contacting the aforementioned email address info@assea.gr.

9.6 If such a request would result in a breach of your legal or contractual obligations, or would jeopardize the fulfillment of our obligations or the protection of our legitimate interests, your request may not be accepted.

DATA SECURITY

10.1 We promise that the Company has the appropriate technical infrastructure and has adopted internal procedures in order to protect the integrity and security of all our information, including your personal data.

CONTACT THE COMPANY

11.1 If you have any question regarding this Company Statement or if you wish to exercise one of the rights you have as a data subject, you can do so by contacting the email address info@assea.gr.