Privacy policy

PERSONAL DATA PROTECTION POLICY

INTRO

Yuboto Limited (hereinafter Yuboto) as the Data Controller processes the necessary data in order for the Customers to access and use the Services offered, to browse our Webesite and for the purposes described in detail here in this Policy.

YUBOTO, being committed to legality and transparency, manages with absolute respect the personal data received and the processing operations are limited to the minimum possible and only for the fulfillment of their purposes.

Any processing activity is operated in accordance with the General Data Protection Regulation 2016/679 /EU, the Greek Law 4624/2019 and in general the current national and European legislative and regulatory framework for the protection of personal data.


CONTACT INFO

Yuboto LTD
Katsantoni & Olympias, Metamorfosi Athens, 14452
(+30) 211 114 4111
For any clarification as well as for related requests regarding Personal Data, we have designated a "Data Protection Officer" who can be contacted directly at This email address is being protected from spambots. You need JavaScript enabled to view it.


PURPOSE OF PROCESSING

The purpose of data processing is the smooth execution of telecommunication and subscription services in accordance with the law, customer service during the contractual relationship and promotional activities, as long as we have your permission. This purpose includes:

- Provision of the Service you obtained.

- Provision of Technical Support and Customer Service.

- Provision of Billing and Information Services.

- Serving Access Requests and Complaints.

- Provision of General Information, Account Balance information, Payments and Settlements.

- Compliance with regulatory requirements, including legislation on the communication security and privacy and the identification of crimes in cases of public authorities’ requests.

- Protection of the legitimate interest and function of YUBOTO, privacy, your security and the effective troubleshooting.

For direct marketing purposes, if you give your consent, YUBOTO may proceed with decision making or profiling, based on automated data processing.

The Legal Basis of Data Processing is the terms of the contractual relationship described either by a written agreement or by the Terms of Use of the Service, the regulatory framework of telecoms legislation and client’s consent in cases it is required.


CATEGORIES OF DATA

For the above reasons, YUBOTO may collect and process:

  • User Identifying information: * Name * Surname * Address * Birth Date
  • Unique User Identifying information: * VAT number* ID Number
  • User Billing Elements: * Name/Business name * Billing Address * Bank Account
  • Connection Details: * Address to install the connection
  • User Contact Details: * Phone * Email
  • Items that can be imported/created by the user: * End User / Recipient Telephone Numbers * Messages History * Messages Statistics
  • User Identifying information when browsing: * Address of the connection provider (IP) * Cookie
  • Data generated during use: * Communication Data * End User Actions

For more details on Data Categories, please refer to the relevant section of the Terms of Use of each Service.

More information about Cookies and data processed while browsing our Websites, can be found here.


DATA RECIPIENTS

Data Recipients may be the following:

- YUBOTO and its employees in the framework of their responsibilities.

- Its agents and / or subcontractors for the purpose of supporting, promoting and performing the contract.

- Relevant Public Authorities, including the National Telecommunications Commission, the Hellenic Authority for Communication Security and Privacy and the Judicial Authorities.

- The providers with which we are interconnected in order to serve the traffic.

YUBOTO partners have contractually agreed:

  • To keep confidential personal information they may know, including their employees.
  • Not to transfer data to third parties without the written permission of YUBOTO.
  • To take organizational and technical data security measures that protect their logic and physical security.
  • To design their systems so that by design and by definition they can be assured that they will be able to fulfill these obligations.
  • Promptly inform YUBOTO of any incident relating to the violation of CUSTOMER personal data, comply with the legal framework for the protection of personal data and in particular the General Data Protection Regulation (GDPR) as data processors.

DATA RETENTION / DELETION

YUBOTO keeps the data in a physical / electronic file for the entire duration of the contract.

Data of dormant contracts are held for a necessary period of 14 months after expiry of the telecommunication contract, for winding-up purposes, and 2 years for other services’ contracts, unless they have to be held according with the law until the final settlement of cases or if a longer period is defined by other legislation (eg tax provisions). They are then completely deleted without the possibility of recovery.


TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES

Any data processing in any way is only allowed to authorized persons, employees and partners solely for the purposes mentioned above.

YUBOTO has taken the necessary and appropriate organizational and technical measures for the security and protection of your Data in the context of the Information, Communications and Personal Data Security Policy, in accordance with the Hellenic Authority for Communication Security and Privacy regulatory Framework. Furthermore, it is certified according to ISO 27001/2013 and ISO 9001/2015 standards.

These measures shall be reviewed and amended as necessary.


DATA SUBJECT RIGHTS

In any case, the CUSTOMER, at the stage of data collection, has the right to information about YUBOTO’s identity, the purposes of the processing, the recipients of the data, any third parties to whom data is transmitted.

The CUSTOMER has the right to have full access to his / her data. This means that the CUSTOMER has the right to be updated about how and if his / her data is processed. The CUSTOMER may request information about the above, in writing or electronically, has the right to correct inaccurate personal data, the right to delete it (if it is no longer necessary for the above mentioned processing purposes or in case of withdrawal of consent, where applicable), the right of data portability in mechanically readable form, the right to restrict processing (for as long as your processing objections are pending), the right to recall / oppose the processing of the data.

In the event of any objection to processing, YUBOTO will cease processing the data if there are no compelling and legitimate reasons that prevail over the CUSTOMER's right or if they are no longer necessary for the above-mentioned processing purposes.

The CUSTOMER's request is addressed free of charge without delay, and in any case within (1) one month from the date of receipt. However, if the request is complex or there is a large number of requests, YUBOTO will inform if it is necessary to take an extension of another (2) two months. If the requests are manifestly unfounded or excessive, in particular because of their recurring nature, YUBOTO may charge a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action; or refuse to comply with the request, giving reasons for its reply.


AMENDMENT OF THE PERSONAL DATA PROTECTION POLICY

YUBOTO reserves the right to change the Privacy Policy. In this case, however, it should properly inform the user.


REQUESTS - QUESTIONS - COMPLAINTS

For any request and exercise of a right, in relation to your personal data and for the provision of specialized information, the CUSTOMER may contact electronically by sending it to mail: This email address is being protected from spambots. You need JavaScript enabled to view it..

The CUSTOMER has the right to file a complaint with the Personal Data Protection Authority (Kifisias 1-3, PC 115 23, Athens, tel. 210 6475600, This email address is being protected from spambots. You need JavaScript enabled to view it.) if he/she considers that the processing of Personal Data violates the current national and regulatory framework for the protection of personal data.

This Policy entered into force for the first time on 24/05/2018 and was last updated on 20/10/2020.