Protecting your personal data is our priority. Read how we collect, use and protect your information in accordance with GDPR.
Basic principles of data protection
This Privacy Policy has been drafted in accordance with the General Data Protection Regulation (GDPR - 2016/679) and Law 4624/2019 which incorporates Directive 2016/680.
It forms an integral part of the terms of use of our services and governs the collection, processing and protection of your personal data.
We are committed to transparency, security and compliance with the highest data protection standards required by Greek and European legislation.
What data we collect and why
We collect exclusively the personal data that is necessary for the provision of our renovation services:
Identity data: Full name, home/work address
Contact details: Phone, email, mailing address
Financial data: Tax number, payment details (when required)
Technical data: Space photos, measurements, technical specifications
Collection is done with your explicit consent and for specific, clear and lawful purposes.
We do not process sensitive data (Article 9 GDPR) without explicit consent.
Why and how we use your data
The processing of your personal data is based on lawful bases according to Article 6 of the GDPR:
Contract performance: For the provision of renovation services we agreed upon
Legitimate interest: For service improvement and communication
Legal obligation: For compliance with tax and accounting obligations
Consent: For marketing and updates (with the possibility of withdrawal)
Processing purposes include:
- Cost estimation and quote provision
- Work coordination and communication
- Billing and financial management
- Warranty maintenance and after-sales support
How we protect your data
We implement appropriate technical and organizational security measures according to Article 32 of the GDPR:
Data encryption in transmission and storage
Restricted access based on 'need to know' principle
Regular backups and data recovery plans
Staff training on data protection matters
Confidentiality agreements with partners
Regular risk assessments and security audits
In case of a data breach, we will notify the Data Protection Authority within 72 hours as required by law.
How long we keep your data
We retain personal data for specific periods in accordance with Greek legislation:
Customer data: 5 years from the last transaction (Law 4174/2013)
Financial data: 5 years for tax purposes (Tax Code)
Project technical data: 10 years for warranties and liabilities
Marketing data: Until consent withdrawal
After the deadlines expire, data is securely deleted.
You can request deletion of your data at any time (right to be forgotten).
Complete list of your rights
According to the GDPR and Law 4624/2019, you have the following rights:
Right to information (Articles 13-14): Complete information about processing
Right of access (Article 15): Copy of the data we process
Right to rectification (Article 16): Correction of inaccurate data
Right to erasure/be forgotten (Article 17): Data deletion under conditions
Right to restriction (Article 18): Processing restriction
Right to portability (Article 20): Receive data in structured format
Right to object (Article 21): Objection to processing
Right to withdraw consent: At any time for consent-based processing
To exercise your rights, please contact us in writing.
This privacy policy may be updated periodically to comply with legislative developments. Any significant changes will be communicated in advance.