Privacy Policy

Last updated: March 2026

What Data We Collect

We may collect and process the following categories of personal data:

• Contact data: name, email address, phone number, company name
• Communication data: messages you send us via contact form or email
• Technical data: IP address, browser type, pages visited, time spent on site (via cookies)
• Usage data: information about how you use our website

Legal Basis for Processing

We may process your personal data on the following legal bases under Article 6 of the GDPR:

• Consent (Art. 6(1)(a)): when you submit the contact form or accept cookies
• Contractual necessity (Art. 6(1)(b)): when processing is necessary to respond to your enquiry or fulfil a service agreement
• Legal obligation (Art. 6(1)(c)): where we are required to retain data by law
• Legitimate interests (Art. 6(1)(f)): for website security and analytics to improve our services

How We Use Your Data

Your personal data is used for the following purposes:

• Responding to enquiries submitted via email
• Providing and improving our consulting services
• Sending service-related communications
• Analysing website usage to improve user experience
• Complying with legal and regulatory obligations

Cookies

Our website uses cookies in accordance with Greek Law 3471/2006 and the EU ePrivacy Directive. Cookies are small text files stored on your device. We use:

• Essential cookies: necessary for the website to function. These cannot be disabled.
• Analytics cookies: help us understand how visitors interact with the site. Only activated with your consent.

You can manage or withdraw your cookie consent at any time via your browser settings or the cookie banner displayed on your first visit.

Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. We may share data with trusted third-party service providers who assist us in operating our website and delivering our services, subject to strict data processing agreements. These providers are obliged to process data only on our instructions and in compliance with the GDPR.

We may also disclose data where required by Greek law or competent authorities (e.g. AADE, HDPA).

Data Retention

We retain personal data only for as long as necessary for the purposes described above or as required by law. Contact form submissions are retained for up to 3 years. Tax and accounting records are retained for the periods required under Greek tax law (Law 4308/2014).

Your Rights

Under the GDPR and Greek Law 4624/2019, you have the following rights regarding your personal data:

• Right of access (Art. 15)
• Right to rectification (Art. 16)
• Right to erasure (Art. 17)
• Right to restriction (Art. 18)
• Right to data portability (Art. 20)
• Right to object (Art. 21)
• Right to withdraw consent

Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration, in line with Article 32 of the GDPR and Greek Law 5160/2024 (NIS2).

Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be published on this page with a revised date. We encourage you to review this policy periodically.