Our company is committed to protecting the privacy of its customers
and takes seriously its obligation as to the security of their personal data.
We will be clear and honest with regard to the data we collect and the
purposes for which we collect them.
Our company "ESCAPE GAME OVER IKE", informs you that your personal data processed through
https://www.escapegameover.com or collected through the relevant contact form or
booking form is processed in accordance with applicable data protection
legislation (Regulation (EU) 2016/679 - (the "GDPR" Regulation)
and the Privacy Policy of the Website.
1. Data Processing Manager and Data Protection Officer
The Data Processing Manager is "ESCAPE GAME OVER IKE",
based in Katsiba 31, Agios Dimitrios , Athens . You may contact
the Data Protection Officer ("DPO") at the following
address: gdpr@escapegameover.com.
2. The Data We Process
With your consent, we process the following customary and sensitive
personal data you provide when interacting with the website and using
the services and features it provides. This data includes in particular
the name and surname, contact details, the content of your specific
requests or references and the additional data the Data Processing Manager
can obtain, including from third parties, in the course of his business.
In order to be able to fulfill the requests you submit through the
relevant contact form and / or to provide updates about the side effects,
it is necessary to consent to the processing of your data.
Without these mandatory data or your consent we can not go further.
In any case, even without your prior consent, the Data Processing Manager
may process
your data in order to comply with legal obligations under EU laws,
regulations and law, exercise rights in court proceedings, exercise
his own legitimate interests and in all cases provided for in Articles
6 and 9 of the GDPR Regulation.
The processing is done by both using computers and in printed form and
always involves the implementation of the security measures provided
by the current legislation.
3.Why and how we process your data
The data shall be processed for the following purposes:
-to handle your requests to provide information through the website
and the contact or booking form. The legal basis for the
processing of personal data for this purpose
is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation)
-to manage reports of side effects submitted through the website or the contact
or booking form. The legal basis for processing for these purposes
is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation).
In addition, but only with your optional consent, which constitutes the legal basis for the processing pursuant to Article 6 (1) (a) of the GDPR Regulation:
-To receive advertising material (direct marketing) from the Company.
By selecting the appropriate frames you agree to process your data for these purposes.
Your data may, in any case, be processed, even without your consent,
for the purpose of complying with the laws, regulations,
EU law (Article 6 (1) (c) of the GDPR Regulation, (Article 6 (1) (f)
of the Rules of Procedure) and the safeguarding or defense of
legitimate claims in the Company's interest.
Personal data is imported into the Company's IT system in full compliance
with data protection laws, including security and confidentiality profiles,
and are based on principles of good practice, legality and
transparency in terms of processing.
Data is stored for as long as it is strictly necessary to achieve the purposes
for which it was collected or for as long as you agreed.
In any case, the criteria used to determine this period is
based on compliance with the deadlines set by the law and the
principles of data minimization, storage constraints and rational
file management.
All your data will be processed in print or automated media,
ensuring in all cases the appropriate level of security and confidentiality.
4. People who have access to the data
Data are processed by electronic and manual means in accordance with
procedures and practices related to the above-mentioned purposes
and are accessible by the personnel of the Data Processing Manager authorized to
process the Personal Data and Supervisors, and in particular the
employees belonging to the following categories: technical staff,
IT staff and administrative staff, product managers as well as other
staff members who have to process the data to carry out their duties.
Data may also be shared in countries outside the European Union:
i) institutions, authorities, public bodies for institutional purposes
ii) professional, independent consultants - whether employed individually
or collectively - and other third parties and providers providing
the Data Processing Manager with the commercial, professional or technical services
required for the operation of the website (e.g. providing IT and Cloud Computing )
for the purposes mentioned above and to support the company
in providing the services you have requested.
iii) to third parties in the case of mergers, acquisitions,
transfers of undertakings or their branches, controls
or other exceptional operations.
The named recipients only receive the necessary data for their respective
functions and duly process them only for the purposes mentioned above and
in accordance with the data protection laws. Data may also be shared with
other legitimate recipients identified from time to time by applicable laws.
Except as stated above, data will not be disclosed to third parties,
natural or legal persons, who do not perform any commercial, professional
or technical duties for the Data Processing Manager and will not be
disseminated without
your express consent. The individuals who receive the data will process them,
as appropriate, as data controllers, processors or persons authorized to
process personal data for the purposes mentioned above and in accordance
with applicable data protection laws.
Regarding the transfer of data outside the EU, even in countries
whose laws do not guarantee the same level of protection of privacy as that
provided by EU law, the Data Processing Manager informs that the transfer will in any
case be made in accordance with the methods allowed by GDPR,
for example based on user consent, on the basis of the standard contractual
clauses approved by the European Commission, selecting parties participating
in an international program for the free movement of such data
(e.g. EU-US Privacy Shield) or carried out in countries that are
considered safe by the European Commission.
5. Your rights
You can contact the Data Processing Manager at the email address listed above at
any time to
exercise the rights under Articles 15-22 of the GDPR Regulation such as,
for example, to obtain an up-to-date list of people who have access to the
data you may receive confirmation of the existence or non-personal data
relating to you, check their content, origin, correctness and location
(also in relation to any third country), request a copy,
request the correction them and, in the cases provided for in GDPR Regulation,
request limitation of processing, deletion, opt out of direct communication
activities (including restrictions on certain media),
receive advertising material (direct marketing) from the company.
Similarly, you can always report observations about specific uses of the data with respect to specific personal
situations that are considered to be incorrect or unjustified by the existing relationship with the Data Processing Manager or
to file complaints with the Data Protection Authority. You can withdraw your consent at any time,
without however affecting the legitimacy of the processing that has taken place before the withdrawal of the consent.
The company "ESCAPE GAME OVER IKE", which is based in Katsiba 31, Agios Dimitrios , Athens takes very seriously the privacy of users and undertakes to fully comply with the applicable law (Regulation (EU) 2016/679 - hereafter "GDPR"). This Privacy Policy ("Privacy Policy") provides information on how to process personal data collected by the Company through this site (https://escapegameover.com) and constitutes an informational notice to the data subject in accordance with Article 13 of the GDPR Regulation. Special informational disclosures about the confidentiality of information are usually published in the sections of the Website where the user's personal data is collected and are in any case supplemented by this Privacy Policy.
Data Processing Manager and Data Protection Officer
The Data Processing Manager is ESCAPE GAME OVER IKE,
based in Katsiba 31, Agios Dimitrios , Athens. You can contact the Data Protection Officer ("DPO") at the
following address gdpr@escapegameover.com .
The Data We Process
The following data can be processed:
the normal personal data you may provide when using the features of the website,
including browser data or requests for use of the services offered on the website
(e.g. registration in restricted areas, competitions and other initiatives that may exist on the website,
use of applications, requests for information and reports also submitted via communication forms, etc.)
as well as data collected from cookies as specified in the Cookies Policy.
Why and how we process your personal data
With your consent, the company may process your normal personal data to ensure that you can take
advantage of the services and features available and optimize their performance,
gather statistics on how to use it, manage the requests and reports received through the website and
manage your registration in any restricted areas and initiatives (e.g. competitions) that may be on the
website in accordance with Article 6.1.a of GDPR Regulation.
The Company may also process your personal data for the fulfillment of obligations arising from laws,
regulations and European Union law: the legal basis for processing for this purpose is
Article 6 (1) (c) of the GDPR Regulation.
Additionally, with your voluntary consent, your normal personal information may also be used
in official publications of the company or in advertising (marketing), that is,
in the context of sending advertising material and / or commercial communications relating
to the Company's services to the contact information (e.g., mail, telephone, etc.) or automatic means
(e.g. Internet, fax, e-mail, text messaging, mobile apps such as smartphones and tablets, social media
accounts, such as Facebook or Twitter, etc.).
The legal basis for processing for this purpose is Article 6 (1) (a) of the GDPR Regulation.
Finally, the Company may process your normal and sensitive personal
data to protect its rights in court proceedings. All of your data is processed using automated
and online tools that are appropriate to ensure full security and confidentiality.
Necessary processing and optional editing
The forms to be filled in on this website require that you provide the personal data that is
absolutely necessary for the processing of your messages and requests.
These data are marked with an asterisk [*]. If you do not wish to provide them,
we will not be able to process your messages / requests. Instead, some forms may provide the
possibility of providing personal data that is not strictly necessary for processing your requests:
provision of such data is optional and their non-submission has no effect.
Browsing data
If you simply visit the website (that is, without sending any message or using any of the services / features
available), your data processing is limited to the browsing data, that is,
the data that must be sent to the Website for the operation of the computers in which
the website operates and the Internet protocols.
This category includes, for example, IP addresses or computer domains used to visit the website
and other parameters related to the operating system used to link to the website.
The Company collects these and other data (such as the number of visits and time devoted to the website)
for statistical purposes only and in anonymous form in order to monitor the operation
of the Website and improve its performance. This data is not collected to link to other user
information or to identify users.
However, this information may by its nature allow the Company to identify users by processing
and linking data held by third parties. Browsing data is usually deleted after being edited
in an anonymous form but may be stored and used by the Company to identify
the perpetrators of any computer offenses committed against or through the website. Subject to this
and the provisions of the Cookie Policy, the browsing data described above is stored only temporarily,
in accordance with the law.
Links to other sites
This Privacy Policy applies only to the website defined above.
Although the Site may contain links to other sites (known as third party sites),
we inform you that the Company does not have access to, or use cookie tracking,
Internet lightning or other user tracking technologies that may be active on third party sites ,
the content and material posted to them or the methods of processing your personal data.
For this reason, the Company expressly disclaims any responsibility for such matters.
Therefore, you should verify the privacy policies of such third-party sites and collect
information about the terms and conditions and the way in which your personal data are processed.
How we store the data and for how long
According to Article 5 (1) (c) of the GDPR Regulation, computers and programs used by the Company
are created in such a way as to minimize the use of personal data and identification data.
These data are processed only to the extent necessary to achieve the purposes stated in this Policy
and will be stored for as long as is strictly necessary to achieve the specific purposes,
unless you expressly consent to something else. In any case, the criteria used to determine
the storage period is based on compliance with the time limits allowed by law and the
principles of minimizing data, limiting the storage or rational management of our records.
How do we ensure the security and quality of your personal information
The Company undertakes to ensure the security of the user's personal data and to comply
with the statutory security provisions to prevent data loss, unauthorized or unlawful
use of data or unauthorized access to data, with particular but not exclusive reference
to Articles 25-32 of the GDPR.
The Company uses many types of advanced technologies and security procedures to protect the user's
personal data. For example, personal data is stored on secure servers located in protected
and controlled access. The user can help the Company update and correct its personal data by
announcing any change of address, qualifications, contact information, etc.
People who have access to the data
Persons belonging to the following categories are authorized to process user data:
technical and administrative staff, IT staff, product managers, and other staff members
who need to process the data to perform their tasks.
Data may also be communicated to third countries: (i) to institutions, authorities,
public bodies for institutional purposes; ii) to professional, independent consultants - whether
working individually or collectively - and other third parties and providers providing
the Company with commercial, professional or technical services required for the operation
of the Website (e.g. providing IT and Cloud Computing) for the purposes outlined above and to
support the Company in providing the services you have requested
(iii) to third parties in the case of mergers, acquisitions, transfers of undertakings or their branches,
controls or other exceptional operations. The named recipients only receive the necessary data
for their respective functions and duly process them only for the purposes mentioned above and
in accordance with the data protection laws.
Data may also be shared with other legitimate recipients identified from time to time by applicable laws.
Except as above, Data will not be disclosed to third parties, natural or legal persons,
who do not perform commercial, professional or technical duties for the Data Processing Manager
and will not be disseminated. The parties receiving the Data are processed as data processors,
processors or persons authorized to process personal data, as appropriate, for the purposes stated
above and in accordance with applicable data protection laws. Regarding the transfer of
data outside the EU, even in countries whose laws do not guarantee the same level of
protection of privacy as that provided by EU law, the Data Processing Manager informs that the transfer
will in any case be made in accordance with the methods allowed by GDPR, for example
based on user consent, on the basis of the standard contractual clauses approved by the
European Commission, selecting parties participating in an international program a for
the free movement of such data (e.g. EU-US Privacy Shield) or carried out in countries that are
considered safe by the European Commission.
Your rights
You may exercise at any time the rights provided by GDPR Articles 15-22,
including the right to confirm the existence of personal data relating to you,
to check their content, origin, correctness, location ( also in relation to any third country),
request a copy, request a correction and, in cases provided by law, request limitation of processing,
deletion, oppose direct communication activities , or to object to direct marketing activities
(which also limited to certain media).
Likewise, you can always withdraw your consent and / or make comments on specific issues
regarding the processing of your personal data that you believe are wrong or unjustified
in your relationship with the company or to file a complaint with the Personal Data Protection Authority .
You may contact the Editor and / or the Data Processing Manager at the addresses shown above to submit any claims
regarding the processing of personal data by the Company, exercise your legal rights,
and obtain an up-to-date list of parties that have access to your data.