Effective date 18/3/ 2019
1. Who we are
Costo.menu. is a web based recipe costing application created to give users the tools to better manage their day-to-day business. The website is owned and managed by the business that operates under the name Antonios G. Parousis, VAT no 050294073, Tax Office DOY PAROY with registered seat and first branch in Paros island (Alyki 5, PB 55406, PC 84400) and second branch office at 9-11 Chios Parodos, 18541, in Piraeus (+30 210 4208731) and it is active in the online software and consulting sector. For the purposes herein, our business will be mentioned as “CostoMenu ” and/or “the Company”.The Company is the Controller of the user's personal data collected during the use of the Costo.menu. website. CostoMenu informs the visitor/registered user and the user acknowledges that he/she is aware of the following:
GDPR means the EU General Data Protection Regulation, Regulation (EU) 2016/679;
Personal Data means any information relating to “an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;” (Article 4 § 1.1.of the GDPR), and relates only to personal data, or any part of such personal data, of which CostoMenu is the Data Controller or joint Data Controller;
"Processing" means “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction” Article 4 of the GDPR;
"Controller" means “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law”;
"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
"Recipient" means “a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not”.
"Third party" means “a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data”;
3. How do we collect your personal data?
- Directly from you
We collect information directly from you when you register on our site or enter information on our site, such as contact information, payment Information or any personal information you provide to us in your communications with CostoMenu.
- Automatically from Your Use of the Costo.menu. website and application
When you use the CostoMenu Website and Application, we automatically collect information, including personal data, about the services you use and how you use them. Such information may include information about your interactions with the site, log data and device Information, IP address, access dates and times, hardware and software information, cookie data, and other website usage information.
- From Third Parties.
If you link or connect with CostoMenu with a third-party service (e.g. Facebook,), the third-party service may send us information such as your registration and profile information from that service. This information varies and is controlled by that service or as authorized by you via your privacy settings at that service.
4. What personal data do we collect from you?
When using our service, we collect the following information:
- your name, mailing address, email address, phone number;
- payment information (e.g. tax information);
- other details/information you provide to us in order to help you with your experience;
- usage information: we collect information about your interactions with the CostoMenu. Website and application such as the pages or content you view, and other actions on the site, log data and device information, IP address, access dates and times, hardware and software information, device information, geographical location, browser type and version, and operating system, cookie data;
- information contained in any communications that you send to us by email or through our website contact form including its communication content and metadata;
Please note that we do not collect “special category” data (sensitive personal data) on our website.
5. How do we use your information (purposes)?
We may use the personal data we collect from you when you register, submit a request, respond to a communication, surf the website, or use the site features to improve and develop the Costo.menu. website and application, create and maintain a trusted and safer environment and comply with our legal obligations. Specifically, we use your data:
- To enable you to access and use the CostoMenu. service;
- To enable the operation of our service and supply services purchased through our website;
- To respond to your customer service requests;
- To send statements, invoices, and payment reminders to you, and collecting payments from you;
- To send you notifications and non-marketing commercial communications;
- To enforce our Terms of Service and other policies;
- To comply with legal obligations;
- To send you promotional messages, marketing, advertising, and other information of our products or/and services;
- To detect and prevent fraud, spam, abuse, security incidents, and other harmful activity and conduct security investigations and risk assessments;
- To improve our services and enhance the user experience, for testing purposes, troubleshooting, and improving the functionality and quality of our online services and in general to optimize and customize our online platform to your needs, making our site easier and more efficient to use.
We will only use your personal data for the purposes listed above; no other use of the user’s personal data shall be made, without prior notification, and where required, your express consent. If we reasonably consider that we need to use your data for another purpose, it will be a purpose which is compatible with the purpose we relied upon when we initially collected the data and before we use the data for an alternative purpose we will also take into account, inter alia, any link between the purposes for which the personal data have been collected and the purposes of the intended further processing, the context in which the personal data have been collected, the nature of the personal data, the possible consequences of the intended further processing for data subjects and the existence of appropriate safeguards.
6. What legal bases do we rely on for processing your personal data?
CostoMenu relies on the following legal bases:
- processing of the personal data is necessary for the performance of the contract between you and CostoMenu, specifically to create your account and provide the services requested.
- processing is necessary for the purposes of the legitimate interests pursued by CostoMenu or by a third party. CostoMenu will always balance your rights and interests in the protection of your personal data against CostoMenu‘s rights and interests or those of the third party.
- processing is necessary for compliance with a legal obligation to which CostoMenu is subject (such as tax law or lawful law enforcement requests).
CostoMenu also reserves the right to contact the user via phone, by post, e-mail, SMS or through any other appropriate means of communication using the user’s contact information (which has been lawfully obtained during the registration in CostoMenu website) relying on their transactional relationship (article 11 par. 3 of L.3471/2006), and for as long as the user has not objected to the communication. This communication may include information about its products or/and offers or/and survey purposes for the improvement of the products and services provided to its users as well as any other promotional actions of CostoMenu and similar purposes.
7. Do we disclose your personal data?
We may disclose your personal data to any of our employees, officers, insurers, professional advisers, agents, suppliers, or subcontractors as reasonably necessary for the purposes set out in this policy.
In addition, we may disclose your personal information:
- to respond to your requests for customer service;
- to the extent that we are required to do so by law;
- in connection with any ongoing or prospective legal proceedings;
- to third-party service providers which provide support services such as:
- fraud detection and prevention services, including anti-fraud screening service.;
- payment services. We use third parties to process payments. We might share information with relevant financial institutions if we consider it strictly necessary for fraud detection and prevention purposes.
- internet services, internet service providers and e-commerce providers, technical support
Please note that any third party with whom CostoMenu collaborates, is subject to the special strict terms of personal data processing in compliance with GDPR (see below under 12).
8. Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personal Data except as stated above under paragraph 7.
9. Third-party links
Our website may include links to third party websites and applications. These links have been placed for the sole purpose of facilitating visitors during their Internet browsing and such placement does not indicate in any way acceptance or approval of the content of the third-party websites by CostoMenu. By following these links, you will be leaving our website. We do not control the third-party websites and are not responsible for any of their contents or any further data collection which may take place on third-party. If you follow a link to a third-party website, we encourage you to read the privacy notice on the third-party website.
10. Do we transfer your data Internationally?
We do not transfer your data to third countries. Personal data we collect is processed in servers located in the EU or EEA.
11. How long do we retain your personal data?
We retain your personal data for the duration of our contractual relationship. Personal information that we process shall not be kept for longer than is necessary for the performance of the contract and any directly derived services.
We may also retain personal data:
- to the extent that we are required to do so by law (for instance in order to comply with tax legislation);
- to comply with any ongoing or prospective legal proceedings; and
- in order to establish, exercise, or defend our legal rights, property or personal safety of CostoMenu , its users and the public.
The data of the user shall be kept and processed by the company until the user requests the deletion of his/her account or, until the user decides to withdraw of his/her consent, for any data processing based on consent. Nevertheless, some personal data relating to the user’s transactions with CostoMenu as well as the information on user notification, consent and withdrawal of consent, may be retained as necessary information in order to enable us to establish lawfulness of the user’s data processing by CostoMenu and for ensuring the legal claims of the parties.If you have a question about a specific retention period for certain types of personal data we process about you, please contact us using the contact information provided below.
12. How do we protect your data?
We have implemented appropriate technical and organizational measures and procedures to prevent unauthorized access to, and the misuse of, personal data. We use security procedures and technical and physical restrictions for accessing and using the personal data. Your data is stored in secure networks and is only accessible by a limited number of persons who have special access rights to such systems and are bound by a duty of confidentiality. Only authorized personnel are permitted to access personal data in the course of their work. In addition, all information you supply to us is encrypted via Secure Socket Layer (SSL) technology. Also, CostoMenu, the data processors acting on behalf of CostoMenu and its agents/assistants are committed to keeping the confidentiality of the user’s personal data and not to disclose or allow access to any third party without the prior notification of the user except in cases explicitly provided by law. In addition, the data processors acting on behalf of CostoMenu and its agents/assistants for the performance of its duties are contractually bound to apply the appropriate technical and organizational measures for the best possible protection of the personal data against any incidental or illegal destruction, damage or loss, alteration, or unauthorized access and in general unlawful processing of data. These measures aim to ensure and to demonstrate that processing is performed in accordance with GDPR, taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons. We will retain your personal data only for as long as it is necessary so as you may use our services, and we are able to provide our services to you, to comply with applicable laws, resolve disputes with any parties and otherwise as necessary to allow us to conduct our business, including to detect and prevent fraud or other illegal activities(see above under 11).
13. Do we use ‘cookies’?
14. What are your Rights?
You have the following rights in connection with your data:
- To request access to your personal data that we hold. You may request a copy of your personal data and we shall provide it to you free of charge. Should you request any further copies, we may charge a reasonable fee based on administrative costs
- To request that we rectify any inaccurate personal data about you and, taking into account the purposes of the processing, to have any incomplete personal data about you completed. In any case, please note that when you provide to us your personal data guarantee that they are true and accurate and you undertake to notify to us any change or modification of your data.
- To request that we erase your entire personal data to the extent that they are no longer necessary for the purpose for which we need to keep processing them, as we have explained above, or when we are no longer legally permitted to process them. Please be advised that, in such case we will retain only non-personal data and information for statistical and technical reasons. Also, in case you decide to delete your account, we will retain email information, in a secure manner, for new account-verification purposes. Also, we shall retain some “Payment Information”, if such apply in your case, for as long we are obliged by the applied tax law or/and our contractual obligations with our service providers.
- To request that we cancel or limit the processing of your personal data, which entails that in certain cases you can request us to temporally suspend the processing of the data or that we keep them longer than necessary.
- Where the processing of your data is based on our legitimate interest, you will also have the right to object to the processing of your data.
- To request that we transfer the information you gave us from one organisation to another, or give it to you (Data Portabiity). The right only applies to information you have given us, if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
- Finally, we inform you that you have the right to file a claim before the responsible data protection authority, in particular, before the Greek Data Protection Authority ( www.dpa.gr).
- To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
You may instruct us at any time not to process your personal information for marketing purposes.Please note that in order to respond to any of the above requests we shall require your providing us with appropriate proof of your identity. We may withhold personal information that you request to the extent permitted by law.You may exercise any of your rights in relation to your personal data by mail at 9-11 Parodos Chiou, 18541, in Piraeus, by phone at 210 4208731 or by email at email@example.com
CostoMenu does not target or market to non-adults and we do not knowingly collect any information about users under this age. If you are under the age of 16 you are not permitted to use the service at any time or manner.Since it is not yet technically feasible to effectively verify the user age at all times, if we become aware that personal data has been collected by the website from children under 16 years of age and without verifiable parental consent,we will immediately delete all relevant information. This deletion is without prejudice to the need to respect the data in case of foundation, exercise or support of our legal claims, or the provision of consent from a guardian.
16. Contact us
- by mail, 9-11 Parodos Chiou, 18541, Piraeus
- by using our website contact form; by telephone, at +30 210 4208731; or +30 6973286811
- by email, using firstname.lastname@example.org