Purpose and Legal Basis for Data Processing
This policy outlines the procedures for recording visitors to the premises of PIRAEUS EUROPE ASIA RAIL LOGISTICS, S.M.S.A. (PEARL S.M.S.A.), in order to ensure the security, protection, and confidentiality of operations, employees, and data, based on the Company’s legitimate interests in safeguarding individuals and property, as well as ensuring safe evacuation of the premises in case of an emergency, in accordance with Article 6(1)(f) of the GDPR.
Scope
This policy applies to all individuals visiting PEARL S.M.S.A., including clients, contractors, suppliers, auditors, and other guests.
Registration Procedure
- All visitors must report to the reception upon entering the company premises.
- Visitors must present a valid form of identification (e.g., driver’s license, corporate ID, passport).
- The following information is recorded:
- Full Name
- Company/Organization
- Phone Number
- Arrival and Departure Time
Visitor Responsibilities
The employee being visited is responsible for:
- Always accompanying the visitor, unless otherwise authorized.
- Ensuring the visitor follows all safety and confidentiality guidelines.
- Notifying reception when the visitor leaves.
Confidentiality
Visitor information is confidential and used solely for security and emergency purposes. Access to the visitor log is restricted to authorized personnel only.
Data Retention and Recipients
Visitor log entries will be retained for a period of 3 months and then securely deleted, in accordance with PEARL S.M.S.A.’s data retention and personal data protection policies.
Access to the footage is permitted only to authorized personnel of the Company, who have been designated by management for this specific purpose.
Data Protection and Visitor Rights
PEARL S.M.S.A. processes visitor information in accordance with applicable data protection laws (e.g., GDPR). Visitors have the following rights regarding their personal data:
-
Right of Access: Visitors can request access to their recorded personal data.
-
Right to Rectification: Visitors may request the correction of inaccurate or incomplete data.
-
Right to Restriction of Processing: Visitors may request restrictions on how their data is used.
-
Right to Erasure: Visitors may request deletion of their data unless required by law or for legitimate business needs.
-
Right to Object: Visitors may object to the processing of their data, where applicable.
-
Right to Lodge a Complaint: Visitors may file a complaint with the Data Protection Authority if they believe their rights have been violated.
Data rights requests can be submitted by contacting our Data Protection Coordinator at: gdpr@pearl-rail.com
Right to Lodge a Complaint
If you believe data protection laws are being violated, you have the right to file a complaint with the Hellenic Data Protection Authority (HDPA):
- Address: 1-3 Kifisias Ave., 11523 Athens, Greece
- Website: https://www.dpa.gr
- Phone: +30 210 6475600
- Email: complaints@dpa.gr
Safety and Emergency Procedures
In the event of an emergency, the visitor log will be used to ensure all visitors are accounted for during evacuation or lockdown procedures.
Non-Compliance
Failure to comply with this policy may result in denial of access to the facilities and may be reported to the visitor’s organization or to authorities if necessary.
