Privacy policy

Event planning company

Privacy Policy

WHO WE ARE

White stories Events is an event planning company, specializing in destination weddings in Greece. By accessing this website, at whitestories.gr and all of its pages, you are agreeing to this Privacy Policy. If you do not agree with any of these terms, you are prohibited from using or accessing this site.

Our company is dedicated to the protection of the confidentiality of information we receive and is operating according to the current General Data Protection Regulation (GDPR). Under the GDPR, you have the following rights, which we will always work to uphold:

the right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions;

the right to access the personal data we hold about you;

the right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete;

the right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have;

the right to restrict (i.e. prevent) the processing of your personal data;

the right to object to us using your personal data for a particular purpose or purposes;

the right to data portability. This means that if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases; and

rights relating to automated decision-making and profiling. We do not use your personal data in this way.

You are kindly requested to study this privacy statement (referred to as “statement”) in order to learn more about the type of information we are gathering on your behalf through the current website and the way in which we are using it. In addition, our company is gathering personal data in order to provide professional services. (Please check below for further information). We only ask for personal information when we truly need it, to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used.

As part of this fundamental obligation, our company has made a commitment to protect and use in an appropriate manner the personal information (which is often referred to as “Personal Data” or “PII”) that has been gathered either online or through the professional services it offers or through communication/collaboration with a third party.

Generally, our goal is to gather only personal data acquired voluntarily from the website visitors in order to be able to provide them with information and/or improve their interaction with the company as well as our services by customizing them accordingly through the data gathered. You are kindly requested to read the following statement in order to learn more about the way we gather, store, use, forward and protect the information/ Personal Data that we receive.

DATA WE COLLECT AND WHY

We receive your personal data only if you agree to it – for example if you contact us via email or register to our website in order to receive some services. In some cases, it is possible you have already given our company access to your data in the past. If you choose to register or log in to our company’s website through a third service’s registration which verifies your identity and connects your information from the social media platforms (e.g. LinkedIn, Google or Twitter) to our company, we then only collect the data you have consented to share with us through your agreement with the third party, such as your e-mail and name. As the information we gather could depend on the privacy settings of your agreement with the social media provider, you are kindly requested to review the aforementioned agreement as well.

We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we’ll protect within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification. After replying to your request, your data & email are deleted. We don’t share any personally identifying information publicly or with third-parties, except when required to by law.

By registering and/or submitting your personal information to our company’s website, you automatically agree to our use of these data according to this statement. Your personal data won’t be used for other purposes unless your either consent to it or it is permitted by the law and/or the professional standards. For example, if you register on our website and give information about your preferences, we will use this information to customize your experience as a user. When you register through a third registration service it is possible that we still identify you as the same user even through different login points and still customize your experience. In case you send us your CV to apply for a job position in our company we will use the information you send us to see if you are sufficiently qualified for any of the positions available in our company.

In some cases, when you register to receive some of our services it is possible we temporarily store your email address until we get a confirmation of the personal information you have submitted via email (the confirmation message will be sent to the email address you submitted when you registered on our website in order to complete the registration).

If a person tries to access the admin area of our site without having permission, then we keep his IP address in our logs. This suggests improper use and malignant effort and therefore we have the right to keep such logs and process them.

Your continued use of our website will be regarded as acceptance of our practices around privacy and personal information. If you have any questions about how we handle user data and personal information, feel free to contact us.

In general, our company gathers personal data which are necessary to meet your requests. For example, if you are using our services we will use your personal data in order to deliver these services to you according to the terms of our agreement. In addition, the data that you provide are being used to protect our legal interests such as offering the best and more suitable content on our website, email and newsletter, improving and promoting our products and services as well as managing other legal issues like preventing fraud. Even when we use personal information for our legal interests, your rights and interests are still priority. Wherever additional information is required you will be informed accordingly.

AUTOMATIC PII COLLECTION

In some cases, when you visit our website or exchange emails with us, our company as well as its service providers use cookies, web beacons and other technologies in order to gather specific data groups. Collecting these data helps us customize your experience, improve the performance of our company’s online presence and assess the effectiveness of our services’ marketing tools and strategies.

IP ADDRESSES

An IP address is a unique number which is attributed to your electronic device every time you connect to the internet. It establishes the recognition and communication between the servers and the online devices. The visitors’ IP addresses might be recorded for IT safety purposes as well as system diagnostics. This type of data may also be used in a collective form for website performance and trend analysis purposes.

COOKIES

It is a common practice among professional websites to use cookies, which are tiny files that are downloaded to your browser, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or ’break’ certain elements of the sites functionality.

The possible use of cookies on your online device allows its recognition by the website while serving other purposes as well. When you visit our website an alert banner requesting your consent for the use of cookies will appear, if you don’t consent to it your device won’t be monitored for promotional purposes. Another type of cookies, known as “user-input cookies”, might be necessary for operational safety. This type of cookies will not be excluded through the alert banner. Your answer will be saved on a cookie and will be valid for a 90-day time period. If you wish to retract your answer you can always do it by deleting the cookies from your browser.

Even though most browsers automatically accept cookies, you can choose to accept them or not through your browser’s settings (an option often found under “Tools” or “Preferences” menu of your browser). In addition, you can always delete the cookies from your device whenever you wish. However, you should be aware that if you decline the use of cookies you might not be able to have full access to some of our website’s features. Unfortunately, in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave on all cookies if you are not sure whether you need them or not in case they

are used to provide a service that you use. Additional information concerning the use of cookies can be found either under “Help” menu of your browser or on websites such as www.allaboutcookies.org.

TYPES OF COOKIES USED ON OUR WEBSITE

Our website has been developed with the use of common internet platforms. These platforms include cookies which help with compatibility issues (e.g. browser type identification) and performance improvement (e.g. faster content loading).

Our cookies might also keep record of those of your preferences which are relevant to our website (e.g. language), or those that contribute to the improvement of your experience (e.g. content or greeting customization). This concerns regions you have registered in order to create an account or gain access to.

We use a wide range of analysis tools to help us understand the way our website is being used by its visitors. This contributes to the improvement of the quality and the content of our page. The collective data cover subjects such as the number of visits or views of the website and external links to our page. These cookies will be erased after 2 years since you haven’t visited the website.

We are using a third party’s tool in order to ask from a percentage of our visitors to leave their comment. In this case cookies are used to prevent a visitor from being asked multiple times. The first cookie is being used if the visitor has not been invited to leave a comment and makes sure that first time visitors are not requested to do so. The second cookie is used when the visitor is requested to leave a comment and ensures that he/she are not asked again within a 90-day period.

We use social media widgets and virtual buttons to provide you with additional options in order to be able to share the content of our page through social media platforms and via email. A cookie will be used to give feedback and facilitate this process. We encourage you to revise the Privacy Policy of any provider before using such services. For more information on widgets and social media applications please check below. The cookies will be erased after 2 years since you haven’t visited the website.

Third Parties’ tools and widgets is possible to be used through our website to achieve additional functionality. The use of these tools and widgets might require the installation of a cookie on your device in order to facilitate their services for you and to ensure that your activity appears correctly on our website.

Cookies on their own do not either identify you or share your email address in any way. Through our report analysis we receive identification data that include the IP address for the only purpose of the count of our website visits and their geographic location, never for personal identification.

You can choose to enable or disable Cookies in your internet browser. Most browsers also enable you to choose whether you wish to disable all Cookies or only third-party Cookies. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your browser or the documentation that came with your device. You can choose to delete Cookies on your computer or device at any time; however, you may lose any information that enables you to access our Site more quickly and efficiently including (but not limited to) login and personalization settings.

You should keep your browser and operating system up-to-date and consult the help and guidance provided by the developer of your browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.

GOOGLE ANALYTICS

This site uses Google Analytics (GA) which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience and to monitor visitors’ activity. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content. We use these data to define the number of visits on our website, to get more information on the way users come across our page and their overall activity on the website. Even though GA is recording data such as your geographic location, your device and its operating system, none of this information exposes your personal identity to us. GA also records the IP address of your device which even though technically could be used to identify you, this information is not shared with us. We consider Google as a third carrier of data processing. GA uses cookies of which you can be informed through Google’s programming drivers. For your information, our website uses the GA application analytics.js.

In order to provide visitors with more options on the way data is collected by Google Analytics, Google has developed Google Analytics Opt-out Browser Add-on. This Add-on communicates with Google Analytics JavaScript (ga.js) to make sure the information concerning the website’s visits cannot be sent to Google Analytics. By disabling cookies through your browser’s settings, GA won’t be able to monitor any of your activities on the website. Google Analytics Opt-out Browser Add-on doesn’t prevent information to be sent to the website itself or other web analytics services. More information on the way Google Analytics is being used on our website can be found here: http://www.google.com/analytics/learn/privacy.html

EMBEDDED CONTENT

Articles on this site may include embedded content from other websites (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

WEB BEACONS

Web beacon is a small image file on a website which can be used for the collection of some data off your device such as your IP address, the duration of your stay on the website, the type of browser you are using and cookies that have already been placed from the same server. Our company only uses web beacons according to the current legislation. Both are company and its service providers may use web beacons in order to get informed on the effectiveness of other websites which provide us with promotional services or are collecting data for statistical purposes and cookie management. You can disable some web beacons through rejecting the respective cookies. Web beacon will still record an anonymous visit from your IP address but cookie information will not be on the record.

GEOGRAPHIC LOCATION BASED TOOLS

These location data are collected in order to provide you with suggestions and possible services which may interest you based on your location. In addition, these data will help us improve the products and services we offer based on location.

CONTACT FORMS AND EMAIL LINKS

In case you decide to contact us through either the “contact us” form or an email link of our company, none of the information you provide us with will be saved, shared or edited by this website or any other third party. On the contrary, these data will be sent to us with an email message through SMTP (Simple Mail Transfer Protocol). Our SMTP servers are protected by the TLS (SSL) security protocol, which means that the email content will be encrypted with SHA-2, 256-bit encryption before it gets sent through the web. The content is only being decrypted by our local computers and other devices.

NEWSLETTER

By filling and submitting a contact form you provide us with the information we need to contact you regarding your request. Those data are not kept on our database or our server. We do not share this information with other parties. We do not use this information for future marketing purposes, unless specifically requested. Your email address will remain on MailChimp’s database for either as long as we continue to use their marketing services or until you request its removal from the list in writing. You can do so by using the respective link which you can find on all our newsletters. If you are under 16 years of age your parents’ consent in mandatory in order to register for our newsletter. For as long as your email address remains on MailChimp’s database, you will be receiving our newsletter once a month.

SOCIAL MEDIA WIDGETS AND APPLICATIONS

Our company’s website might include functionality that allows you to share through social media applications such as through the Like/Share option on Facebook and Twitter’s widget. These social media applications can gather and use information on your use of our website (see above for more information on the “social media” cookies). Whichever personal information you provide through social media applications can be used by other members of the social media application. This type of data sharing is regulated by the Privacy Policy of the company that carries the application. We are not responsible and have no control on the use of information from these companies. In addition, our website can host blogs, forums, crowd-sourcing and other applications or services (overall referred to as “social media services”).

Social media services’ purpose is to facilitate the content and information exchange. All the data you provide to social media services of our company can be shared with other users of the social media service (unless otherwise specified on the point of collection) on which we probably have limited or no control at all.

MINORS

Our company is aware of the importance of the protection of minors’ personal information, especially on the web environment. Specifically, our website is neither developed intentionally nor is addressing to minors under 13 years of age. Our policy is to never collect or keep to our knowledge data concerning a person who is under 13 years old.

PERSONAL INFORMATION SHARING

We do not keep any persona data on our website. Our contact forms are sent via email and any data provided are deleted. Newsletter subscription data are hosted by Mailchimp, a procedure mentioned above in the respective section. You can request to receive a file of the personal data we hold about you, that you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

We never share personal information with third parties that are not connected with us, unless required by our legal professional purposes and needs in order to meet your requests or/and only if it is permitted by law. With your consent, in some cases our company may share your personal information with third parties such as companies, service providers or sales departments who are employed by us in order to fulfil your requests. Our company might also share personal information in case of sale, assignment or handover of the web company responsible for the personal data in order to meet government and legal requests, court orders or regulations. Such information shares can be required for PII protection control, safety controls or complaint and threat investigation. Our company never sells or shares personal information to any third parties.

WHERE WE SEND YOUR DATA

Our hosting company is in the European Union and it is GDPR compliant. Our newsletter services are hosted by Mailchimp, based in Atlanta, USA and is GDPR compliant. Any information is sent over SSL / HTTPS to ensure security.

HOW WE PROTECT YOUR DATA

Our server has malware protection mechanisms, internal reporting systems and an email notification system if any suspicious activity is detected. Moreover, we are entirely using SSL/HTTPS throughout all our sites. This encrypts our user communications with the servers so personal identifiable information is never captured by third parties without authorization.

PERSONAL INFORMATION RIGHTS

You may exercise in occasion the following rights: access right (in order to be informed of which of your information we process, for what reason and who is the recipient), your correction right (to correct possible inaccuracies, give additional info or delete information from our registry if its process is no longer necessary), the right to limit data processing (in case of data inaccuracy), Portability rights (receive your information in a structural usable file). These rights can be exercised free of charge on your part by sending a letter or email to our company. You will be only charged with a fee if our administrative cost related to

volume is elevated due to request frequency. Since you exercise any of your aforementioned rights, we will take any measure possible to meet your request within a 30-day period from the reception of the request after updating you on if it is possible to grant or not and the reasons why. In addition, you can always deny the process of your personal information for professional services’ purposes by revoking your consent. However, this action will terminate the services. This is because, as explained above, no professional services can be provided without personal information processing.

Generally, you are not required to provide our company with your personal information online, but we may ask for some of it in order to send you updates on our services and events. Our company may also ask for your permission to use some of your information to which you can consent or decline.

If you wish to receive services such as our newsletter you will be able to remove your email from the recipients list at any time following the instructions given on the newsletter. If you decide no longer to participate in any of our services, we will try to delete your personal information as soon as possible even though it may take us some time and additional info to grant your request.

As mentioned above under “cookies” section, if you wish to avoid being tracked by cookies while you navigate our website you can do so through your browser’s settings by either rejecting all cookies or by informing you when a cookie is being used. We owe to inform you though that parts of our website may not function properly if all cookies are rejected.

FOR HOW LONG WILL MY PERSONAL INFO BE KEPT ON FILE

We will keep your personal information on record for as long as you are conventionally related to our company either electronically or in writing, when this relationship is terminated we will keep your personal info until the possible claim period of time expires. The criteria used to determine the period of time include: a. the time period you are related to our company, b. the possible legal obligation effect and legal obligations of our company.

PERSONAL INFORMATION INTEGRITY AND SAFETY

Our company applies policies and organizational/technical security processes to ensure the safeguarding of your personal information and to prevent it of being lost, wrongly used, altered or destroyed. In addition, we try to secure and limit the access of your personal information to only the necessary recipients. People involved with your personal information are bound by the confidentiality of these data.

You are kindly requested to keep in mind that information transmission through the web is not entirely secure. Even though we make great effort to protect your personal information, we cannot guaranty the safety of data transmitted through our website. After we receive your information we apply strict security processes and technics to prevent its unauthorized usage. We are making great effort to keep your personal information no longer than the time needed in order to fulfil the purpose it was collected for or up until you request them to be erased (if that happens earlier on and until its permitted by the law).

LINKS TO OTHER WEBSITES

Our company’s website may include links to other websites which are governed by Privacy Policies with different content from ours. You are kindly requested to study the Privacy Policy of every website you visit before submission of any personal information. Even though we try to provide links only to websites that share our high standards and specifications as well as respect to your privacy, we cannot be held responsible for the content, safety or privacy practices that other websites apply.

PROVIDING PROFESSIONAL SERVICES

Our company receives personal information during professional service offering-mostly to individual recipients, employers, the public sector and businesses whose clients are individual physical persons. Our relations with our clients are governed by our business agreements and the general terms of transactions including the use of the personal information we receive.

Our company offers a variety of services and its role may not often be obvious to the individuals who are subjects to the data. However, our company complies with the responsibilities that come with the European and Greek personal information legislation and the applicable instructions about personal information processing.

INFORMATION BREACH

We will report any possible illegal breach of either our database or every third information processing carrier’s database to everyone directly concerned within 72 hours of the breach as long as there is evidence that the personal information stored have been intercepted.

INFORMATION CONTROLLER

The person responsible for the processing of information on our website is the legal figure which represents the current webpage and is legally represented.

CHANGES ON THE CURRENT STATEMENT

Our company often re-evaluates the current Statement. As a result of which we hold the right to update or modify it periodically. We encourage you to study periodically the current Statement for possible changes to the way we manage your personal information. However, in case we decide on a significant change that directly affects you (for example the aforementioned personal information processing purposes change) we will contact you. Any changes will be posted on our Site and you will be deemed to have accepted the revised Policy on your first use of our Site following the changes. You should therefore check this page regularly.

CONTACT US

If you have any questions, comments or reports concerning our management and protection of your personal information, or if you wish to edit your personal information or exercise any of your rights as subject of your information, you are kindly requested to contact us on the main email address of our company. If you want to know what personal data we have about you, you can ask us for details of that

personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”. There is not normally any charge for a subject access request. However, if your request is manifestly unfounded or excessive (for example, if you make repetitive requests) we may charge a fee to cover our administrative costs in responding. We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data, within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request and, if relevant, your fee. If you have any questions about our Site or this Policy, please contact us by email at info@whitestories.gr.

This policy is effective as of 21 May 2018.