The website https://oasispark.gr/ (hereinafter referred to as the “Website”) is managed by “OASIS ACTIVITY FARM PARK M. IKE,” located at Grammatiko and Plapouta Street, Karellas area, 194 00 Koropi, Tax Identification Number (TIN) 801103418 (Tax Office: Koropi), as legally represented (hereinafter referred to as “OASIS PARK”). Throughout the website, the terms “we” and “us” refer to OASIS PARK.

OASIS PARK is the data controller responsible for the collection, storage, and processing of users’ personal data, as collected and stored through this website and its associated social media pages. Your personal data, which includes all information that identifies you as individuals or can identify you directly or indirectly, is provided by you under certain circumstances voluntarily and under others mandatorily when you access the website. Any additional personal data requested at later stages is collected, processed, transferred, stored, and used by us in our capacity as the data controller, as well as by service providers, including those performing personal data processing.

We take the protection of your privacy and personal data very seriously and have taken all necessary technical and organizational measures to ensure the security and confidentiality of the information concerning visitors/users of the Website.

Please read this Privacy and Personal Data Protection Policy carefully to be informed about the information collected when you visit the Website, how it is used, and your rights. These terms may be improved, updated, or otherwise modified in whole or in part at any time.

This Policy serves as a notice to data subjects, in accordance with Articles 13-14 of the EU General Data Protection Regulation 679/2016. If you have any questions regarding this Policy and the way we collect and process your personal data, please contact us at contact@oasispark.gr.

Information Collected by Our Website

Our Website contains informative content about the services provided by OASIS PARK. Whenever you visit the Website and/or use its applications, OASIS PARK, as the administrator, may collect and use data concerning you. Some of this data is necessary for you to access the Website and the services it provides.

Specifically, merely by visiting and browsing the website, certain information may be automatically collected that can identify you directly or indirectly, such as:

  • Your computer’s Internet Protocol (IP) address
  • The type of browser and operating system
  • Connection speed and information about the software programs installed on your computer
  • Basic connection information to the server, and
  • Information collected through cookies and other technologies.

The recipient of this data is solely OASIS PARK, as the administrator of the Website, which will use it for the purpose of facilitating your comprehensive browsing of its Website and establishing an effective potential communication channel with you. OASIS PARK will not share your data with any third parties or use it for any other commercial or promotional purposes unless it obtains your explicit consent in this regard. In exceptional cases, it may be necessary to disclose part of this data to third parties in order to comply with applicable law or to protect its legitimate interests, such as in the context of a judicial process, after informing you as a data subject.

In any case, you have the right to access your personal data, to restrict its processing, to update, correct, or delete it (at no charge) in accordance with currently applicable data protection provisions, keeping in mind that in certain cases the deletion of data may make it impossible by default to provide services. You can exercise the above rights at no cost, as well as withdraw your consent, by contacting OASIS PARK at the following email address: contact@oasispark.gr with the subject “Exercise of GDPR Rights.” You can also contact the Hellenic Data Protection Authority (DPA) using the online forms available on its website at www.dpa.gr.

OASIS PARK takes all necessary technical and organizational measures to ensure the security and confidentiality of the records containing personal data collected from its Website, in accordance with applicable law and GDPR, as well as the security and confidentiality of communications. However, OASIS PARK cannot control the operations of the Internet and reminds you that there is a risk regarding the confidentiality of the data transmitted through it. Additionally, messages sent to OASIS PARK via your email may not be secure. OASIS PARK advises you not to send confidential information via email. However, if you choose to do so, you accept the risk that such confidential information may be intercepted, misused, or altered by third parties. Every effort is made, and all necessary measures have been taken to minimize the risk of unauthorized access and improper use of your personal data, such as using unique personal codes for accessing information systems and data, maintaining an electronic logging system (LOG) that records any changes to the data, opening them, or downloading (downloading). However, no system is considered immune to malicious actions by third parties.

Regarding the information automatically collected from your browsing of our website, please refrain from visiting it if you do not wish for such information to be collected and processed.

Minors

When collecting information provided directly by you, we take appropriate care to determine which of the collected personal information pertains to minors. In any case, if we find that we have collected any personal information from a minor under the age of 15 without verifiable parental consent, in accordance with the provisions of Article 21 of Law 4624/2019, we will delete the information from our database as soon as possible, with a corresponding notification to the parent or guardian of the minor. If you believe that we may have collected information from a minor under the age of 15, please contact us immediately.

Data Provided by You

  1. Contact Form
    You have the option to contact us through an online contact form provided via the Website. When filling out the form, you provide us with your personal data, specifically: name, surname, phone number, email address, the subject that concerns you, and any other information contained in the message. We process this data to assist you and respond to your inquiries. Your messages are received exclusively by authorized personnel of OASIS PARK. The personal data completed is provided by you and collected at your own risk. By sending a message (communication, question, request) using the relevant form and filling in your personal details, you expressly consent to the use of this data by OASIS PARK. OASIS PARK, in the context of operating the Website, will process your personal data and any information you provide to communicate with you and fulfill any instructions you may have. You can request the deletion of the information you provided via the contact form at any time, knowing that this may, in some cases, hinder your further interaction with OASIS PARK.
  2. Minor Registration Form for the Summer Day Camp
    You can register your child/children for the OASIS PARK summer day camp via an online form provided through the Website. When filling out the form, you provide us with personal data concerning you and your minor children, specifically: the name and surname of the parent/guardian, phone number, email address, the number of children participating in the camp, and your payment card details. We process this data to assist you and register your children’s participation in the summer day camp. Your messages are received exclusively by authorized personnel of OASIS PARK. The personal data completed is provided by you and collected at your own risk. By using the relevant form and filling in your personal details, you expressly consent to the use of this data by OASIS PARK. OASIS PARK, in the context of operating the Website, will process your personal data and any information you provide to communicate with you and fulfill any instructions you may have. For more information about the processing of your personal data and that of your children, please refer to the detailed notice regarding the processing of your personal data in the context of the summer day camp.

Legal Bases for Data Processing

The legal bases for processing the data are directly related to the specific purpose pursued. The legal basis for processing your personal data collected through our website is the legitimate interest of OASIS PARK in accordance with Article 6 (1) (f) of the GDPR, which consists of providing you with information via our website about the services and activities we offer. In some cases, the legal basis for processing your personal data is your explicit consent in accordance with Article 6 (1) (a) of the GDPR (for example, for the request to communicate with you, certain categories of cookies). In the case of completing the form for the participation of children aged 5-11 years in the summer day camp, the legal basis for processing your personal data is taking measures prior to the conclusion of a contract and subsequently the execution of the contract between us, in accordance with Article 6 (1) (b) of the GDPR. The processing of your personal data is also based on the existence of a legal obligation in accordance with Article 6 (1) (c) of the GDPR (for example, data disclosure to competent authorities).

Recipients

We respect your right to privacy regarding your personal information, and for this reason, we use this information for the purposes mentioned above. Therefore, we do not disclose, transmit, or make your information accessible to third parties. We also do not transfer this information outside the European Union.

The recipients of your personal data are exclusively the authorized personnel of OASIS PARK. All employees of the data controller are bound by the obligations stipulated by the General Data Protection Regulation (EU) 2016/679 and the national Law 4624/2019 concerning the collection and processing of the above data, the instructions and orders of the data controller, and specific confidentiality and privacy clauses. The data controller is committed not to transfer, disclose, or share the above data with any third party.

We may make information about you available to third parties under the circumstances outlined below:

  • We may disclose aggregate information or information that does not directly identify you to third parties to help us develop the content and services of our Website.
  • We may use or may use in the future third parties to provide services related to our Website, such as database management, maintenance services, analytics, data processing, and distribution of emails and text messages. These third parties will have access to your information only for the performance of the above tasks on our behalf and with explicit contractual obligations regarding the protection of your privacy and personal data.
  • We may disclose information about you to investigate, prevent, or take action regarding illegal activities if there are suspicions of unlawful behavior or criminal acts against the rights and legal interests of any natural or legal person, in case of violation of the Terms of Use of our Website, or if required by law, as well as in other cases where we reasonably believe that the disclosure of information is necessary.
  • We may disclose information concerning you to respond to subpoenas, search warrants, legal proceedings, court orders, legal processes, or other law enforcement actions by any competent authority, including the Data Protection Authority and the supervisory data protection authorities of other EU member states, as well as to establish and defend our legal rights or to counter claims against us.

Please note that third parties may independently collect data about you, including your IP address and information about the websites you visit and the links you click on, through cookies, clicks on links, or other means during your visit. In cases where you provide us with personal data of third parties, you guarantee that you have informed them of the purposes and the manner in which we should process their personal data.

Hyperlinks

Through the Website, users may have the opportunity to visit third-party websites through special links (hyperlinks), the content of which is exclusively the responsibility of those persons and is not controlled by us. Therefore, since these hyperlinks have been included on the Website solely to facilitate your navigation on the Internet, we are not responsible for the content, advertisements, products, or services of these websites as used by the User. Additionally, we are not responsible for any direct or indirect damage to users arising from the use of the linking feature to a third-party website through special links (hyperlinks) or from the use of information and data contained in each third-party website. By choosing to visit a third-party site, you acknowledge that you assume full responsibility and proceed with this navigation at your own risk. We bear no liability for any damage you may suffer, for any reason, from your visit to third-party websites.

Please note that the terms of use, legal terms, and security of third-party websites you visit may differ from the terms and security of this website. For this reason, we recommend that you carefully read the terms of use of the website you are visiting.

Data Retention Period

The personal data we collect through the Website, depending on the category to which they belong, are kept only for the strictly necessary period to fulfill the above processing purposes and in accordance with applicable legislation or to comply with agreements or terms of this Policy. Once this time period has elapsed, the information may be stored in an unrecognizable summary form. If you revoke your consent to the collection and processing of your personal data, we will delete your data from our electronic and physical records unless retention is necessary to comply with our legal obligations or for the exercise, establishment, or defense of our rights or legal interests before judicial authorities.

Data Security

The security of your personal data is our absolute commitment. To achieve this, we implement all modern and appropriate technical and organizational measures for the processing purposes to reasonably protect your personal data from unauthorized and illegal access and processing or accidental loss, destruction, damage, theft, use, or disclosure, the response and adequacy of which we regularly check (for example: using unique personal passwords to access information systems and data, maintaining an electronic logging system (LOG) that records any changes to the data, opening or downloading, etc.).

The file of personal data is kept exclusively in physical and electronic form and is secured and accessible only by authorized personnel. In any case, the maintenance of the file is done only with appropriate security measures, without providing access to unauthorized third parties and for a period of one year.

We make every possible effort to ensure the safe use of our website as fully as possible. We recommend that you do not include any confidential information when using email or filling out the contact form. For your protection, our email responses to you will not include any confidential information.

Rights

You may exercise the following rights, as applicable:

  • The right of access, to know which of your data we are processing, for what purpose, and the recipients of this data.
  • The right to rectification, to correct any deficiencies or inaccuracies in your data.
  • The right to erasure (the right to be forgotten), to have your personal data deleted from our records, provided that the processing of your data is no longer necessary, or the retention of your data is not required to comply with our legal obligations or to safeguard our legal interests before the Courts.
  • The right to restriction of processing, in case of contesting the accuracy of your data.
  • The right to data portability, to receive your data in a structured, commonly used format.
  • The right to object, to object at any time and for reasons related to your particular situation, to the processing of personal data concerning you. We do not engage in profiling based on the personal data collected through this Website.

To exercise your rights, please send your request via email to contact@oasispark.gr.

We will make every effort to respond to your request within thirty days of receipt. However, if due to the complexity of your request or the volume of information, we cannot fulfill your request within thirty days, we are committed to informing you in writing within the above timeframe regarding the reasons for the delay and to make every effort to fulfill your request as soon as possible and in any case within two additional months.

We reserve the right not to fulfill your request if it is deemed manifestly unfounded or excessive, informing you of the reasons for such refusal.

In any case, you have the right to lodge a complaint with the Personal Data Protection Authority (www.dpa.gr).

Contact

If you have any questions regarding this Policy or generally regarding our activities, you can contact us at the email address: contact@oasispark.gr.

Changes to the Policy

OASIS PARK reserves the right to modify this Policy in accordance with applicable privacy and data protection laws. Visitors to our Website should periodically read the Privacy and Data Protection Policy to be informed about any changes made, and we commit to adequately updating our visitors and users by any appropriate means, in compliance with the provisions set by the General Data Protection Regulation of the EU 679/2016 and other applicable legislation.