1. Why do we process data?
We process data to fulfil our contractual obligations, provide requested services, comply with legal requirements, and pursue legitimate business interests, ensuring the delivery of optimal client experiences.
2. Categories of data processed
We process personal data, including but not limited to, contact information, identification details, transactional data, and preferences, relevant to our services.
3. Legal basis for data processing
a. Consent: Where applicable, we seek explicit consent for specific processing activities.
b. Legitimate Interests: We process data based on legitimate interests, ensuring a balanced approach that respects individuals' rights and freedoms.
c. Other Legal Bases: Data processing may occur to comply with legal obligations or for the performance of contractual obligations.
4. Data subject rights and how to exercise them
Data subjects have rights to access, rectify, erase, restrict processing, and object to processing. To exercise these rights, please contact our Data Protection Officer at the provided contact details.
5. International data transfers
In certain cases, personal data may be transferred internationally. We ensure such transfers comply with GDPR requirements, utilising mechanisms such as Standard Contractual Clauses or obtaining explicit consent.
6. With whom do we share personal information?
We may share personal information with various external stakeholders to facilitate and enhance our architectural and design services. These may include:
a. Banks: For processing financial transactions and related services.
b. Contractors: To ensure the smooth execution of construction projects and related activities.
c. Furniture Practices: Collaboration with furniture providers to meet design specifications and client preferences.
d. External Architectural Practices: When engaged in collaborative projects to achieve comprehensive design solutions.
e. Other External Stakeholders: Depending on project requirements, we may share information with consultants, local authorities, or other entities directly involved in the architectural and design process.
We emphasise that such sharing is limited to what is necessary for the execution of projects and is conducted in compliance with applicable data protection laws.
7. Our contact details
For any inquiries regarding data protection or privacy concerns, please contact us at info@thema-architects.com,
8. Data Protection Officer
Contact our Data Protection Officer at info@thema-architects.com for matters related to data protection and privacy.
9. Legal representative
Harry Theodoulidis serves as our legal representative for GDPR matters.
Data Subject Rights under GDPR
1. Right to be Informed
Data subjects have the right to be informed about the collection and processing of their personal data. This includes details about the purposes of processing, the legal basis, data retention periods, and the rights available to them.
2. Right of Access
Data subjects have the right to obtain confirmation of whether their personal data is being processed and, if so, access to that data along with information about the processing activities.
3. Right to Rectification
Data subjects can request the correction of inaccurate or incomplete personal data. This ensures that the information held about them is accurate and up-to-date.
4. Right to Erasure (‘Right to be Forgotten’)
Data subjects have the right to request the deletion of their personal data under certain circumstances, such as when the data is no longer necessary for the purpose it was collected or if the data subject withdraws their consent.
5. Right to Restrict Processing
Data subjects can request the restriction of processing under specific conditions, for example, when the accuracy of the personal data is contested, or when processing is unlawful, and the data subject opposes erasure.
6. Right to Data Portability
Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format. They may also request the direct transfer of this data to another data controller where technically feasible.
7. Right to Object
Data subjects can object to the processing of their personal data based on legitimate interests or for direct marketing purposes. The data controller must cease processing unless there are compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject.
8. Rights in relation to automated decision-making and profiling
Data subjects have the right not to be subject to decisions based solely on automated processing, including profiling, if these decisions produce legal effects or significantly affect them. Exceptions apply if the decision is necessary for entering into or performing a contract, authorised by law, or based on explicit consent.
