Your journey starts here—unlock the possibilities with us.
1. INTRODUCTION
At GREECEVEST (hereinafter “GREECEVEST”, “we”, “us” or “our”) we respect the protection of your privacy and the personal data that you disclose to us or that we otherwise collect through the website greecevest.gr (hereinafter the “Website”). For this purpose, and in the context of the transparency required by applicable legislation, we have posted this Personal Data Protection Statement (hereinafter the “Statement”), in which you will find all necessary information regarding the personal data we collect, how we collect and process it, the purposes of processing, the measures we take to protect it, as well as your rights in relation to your personal data.
This Statement forms a single text together with the Terms of Use and Provision of Services of the Website and together they govern your use of the Website. For professional users, the terms set out in the respective Terms and Conditions for Professional Promotion also apply.
For the purposes of this Statement, “personal data” means any information by which a natural person can be identified directly or indirectly, including, indicatively, name, residential address, email address, telephone number, as well as any other information related to that person which falls within the meaning of “personal data”, according to the General Data Protection Regulation (EU) 2016/679 (“GDPR”), Law 4624/2019, as applicable, and any other applicable law or regulation.
2. DATA CONTROLLER
The controller of your personal data, according to the relevant definition of the GDPR, is: IOANNIS KOULOURIS.
You may contact the controller at any time for matters relating to the processing of your personal data by sending an email to: koulouris.business@gmail.com
3. MINORS
The Website is not intended for use by minors. Therefore, we do not knowingly collect personal data of minors under 15 years of age without the consent of their parent or guardian. If, however, you are a parent or guardian of a child under 15 years old and you are concerned that your child may have provided us with personal data, please contact us.
4. DATA SUBJECTS
The personal information we collect and process concerns the following categories of data subjects:
- Users who browse the Website
- Users of the Website who register in order to access the services provided
- Professional users who are presented on the Website
(hereinafter collectively the “data subjects” or “Users”).
5. CATEGORIES OF PERSONAL DATA
The personal data that we process or may process, depending on the relevant data subjects, include:
- Full name
- Residential address
- Mobile phone number
- User account data, Website usage history and preferences
- Browsing data on the Website
- Identifying elements and device information of the User
Specifically for professionals who are displayed on the Website (sole proprietorships or representatives of legal entities), in addition to the above, we will collect and process the following personal data, as applicable, within the context of due diligence in order to approve your appearance on the Website:
- Business name
- Business address
- Tax identification number (AFM)
- Role/capacity in the company (in the case of representatives of legal entities)
- Documents certifying the ability to provide the relevant services (e.g. professional license, business registration certificate, CV, certifications, etc.)
- Photographs
- Trade names and logo
- Business website and social media profiles
- Payment and invoicing details
No processing of special categories of personal data is carried out on the Website or in the context of our services.
6. HOW WE COLLECT YOUR DATA
As a rule, you provide your personal data yourself in order to register on the Website and use our services or to display your services as professionals. For example, if you wish to register and create your personal account on the Website, certain basic identification and contact details will be requested.
In addition, we collect information concerning you as it results from your use of the Website.
Beyond the above cases, we collect certain personal data automatically through your device or browsing program by using “cookies” and other similar technologies, such as your IP address, login data, browser type and version, operating system, browsing data, geographical location, etc. For more information about cookies used on our Website, see here.
7. PURPOSES AND LEGAL BASES OF PROCESSING
We will use your personal information for the following indicative purposes and on the corresponding legal bases (as analysed below):
PURPOSELEGAL BASIS
We may disclose your personal information to any of our employees, executives or representatives, as well as to any subsidiary or affiliated company, as required for the purposes described in this Statement.
We do not sell, disclose to third parties, or otherwise exploit the personal data you provide for our own benefit. However, we may disclose certain personal data to third parties for specific legitimate purposes, such as:
- Hosting and Website management providers
- Email service providers
- Web and app analytics providers
- Marketing and e-commerce service providers
- Advertising service providers
- Electronic payment processing providers
- Technical, financial and legal advisors
- Tax, police, prosecutorial and other public authorities
In such cases, where the third-party recipients act either as processors on our behalf, or as joint controllers, or as independent controllers, we ensure—where possible and within our responsibilities—that they maintain confidentiality, take appropriate security measures, do not further disclose the data, and comply with the legal framework on data protection. We assume no responsibility for any unlawful processing or use of your data by the above, which falls outside our legal responsibility.
10. INTERNATIONAL TRANSFERS
As a rule, we do not disclose your personal data to third parties based in countries that do not have legislation equivalent to that of the European Economic Area (EEA). If such a transfer is necessary, we will take all possible measures required by the law and decisions of the European Commission to ensure adequate protection.
Specifically for processing your payments, we use Stripe, provided by Stripe, Inc., based in the United States (510 Townsend Street, San Francisco, CA 94103, USA).
When making a payment through Stripe, certain personal data (such as payment details, IP address, technical information and other related data) may be transferred and processed outside the EEA, including the U.S.
Stripe is certified under the EU-U.S. Data Privacy Framework (DPF), recognised as ensuring adequate protection. More information: https://stripe.com/privacy
11. RETENTION PERIOD
We will store and retain your personal data for as long as required to fulfil the purpose for which it was collected and processed. For example, if you delete your GREECEVEST account, we will generally delete your personal data within a reasonable timeframe.
Some data may be retained longer if required for legal claims or by applicable law (e.g., tax law).
12. DATA SECURITY
We implement appropriate technical and organisational measures to ensure the necessary level of security against risks such as accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access, and any other unlawful processing.
For your secure navigation and transactions on the Website, GREECEVEST adopts modern, high-quality security standards, such as SSL encryption. Your personal data is stored on secure, encrypted media accessible only to authorised personnel or third-party processors bound by strict obligations.
Regarding payment security and protection of your card details, all payments via the Website are conducted using 128-bit SSL encryption and reliable payment providers.
You acknowledge that transmission of information over the internet is inherently insecure; therefore, we cannot guarantee absolute security of data transmitted online. We recommend taking all necessary precautions (secure browser settings, antivirus software, strong passwords, etc.).
13. THIRD-PARTY WEBSITES
The Website may contain hyperlinks to other websites, applications, or social media profiles. This Statement does not apply to your access or browsing of such third-party sites. Please refer to their respective privacy policies.
We bear no responsibility for unlawful use of your personal data connected to access or browsing of third-party websites. You access such websites entirely at your own responsibility.
14. COMMERCIAL/ADVERTISING COMMUNICATION
We provide you with the option, if you wish, to receive advertising or informational messages (newsletters) at your email address regarding our services and offers. If you have already used a service through the Website, we may send you such communication without prior consent, as permitted by law. Otherwise, your explicit consent will be requested.
You may unsubscribe at any time by clicking the “unsubscribe” link at the bottom of each newsletter or by contacting us at koulouris.business@gmail.com
with the subject line “NEWSLETTER UNSUBSCRIBE”.
15. YOUR RIGHTS
Depending on the purpose and legal basis, you may have some or all of the following rights regarding your personal data:
Right of access
Right to rectification
Right to receive a copy of your data in electronic format or transmit it to a third party
Right to object to processing
Right to erasure
Right to restriction of processing
Right to withdraw consent at any time
To exercise any rights or request further information, contact: koulouris.business@gmail.com
.
Requests are generally fulfilled within one (1) month unless special difficulty arises.
If you believe we are not processing your data lawfully, you may file a complaint with the Greek Supervisory Authority:
Hellenic Data Protection Authority
Kifisias 1–3, 115 23 Athens
Tel: 210 6475600
https://www.dpa.gr/
16. PARTIAL INVALIDITY
If any provision of this Statement is deemed unlawful, invalid, or unenforceable, that provision will be enforced to the maximum permissible extent, and the invalid part will be deemed not to form part of this Statement. This does not affect the validity of the remaining provisions.
17. APPLICABLE LAW AND DISPUTE RESOLUTION
This Statement is governed by Greek law, as formed in accordance with the GDPR and the applicable national and EU data protection framework. Any disputes arising shall be resolved by the competent Courts of Corfu.
18. AMENDMENTS
We reserve the right to revise this Statement at any time. Please visit this page periodically to stay informed. The date of the last revision is shown at the top of this page.