Data Protection Policy
1. Scope
This policy governs how εγθασάς collects, stores, processes, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) (EU/2016/679) and other applicable data protection laws.
2. Data We Process
We process data you voluntarily provide (names, emails, messages) and technical data like IP addresses, device types, and interaction logs.
- Personal identifiers (e.g., name, contact info)
- Technical data (e.g., IP, browser, cookies)
- User behavior analytics
- Payment details (if applicable)
3. Legal Bases for Processing
Processing is based on one or more of the following:
- Consent (for non-essential processing)
- Contractual necessity
- Legal obligations
- Legitimate interests
4. Security Measures
We employ industry-standard security measures including:
🔐 AES-256 encryption
🛡 Role-based access control
🔍 Regular security audits
🧯 DDoS protection and monitoring
5. Your Rights
You have the right to:
- Access your personal data
- Rectify inaccurate data
- Request deletion
- Withdraw consent at any time
- Complain to a supervisory authority
6. Data Subject Rights
Contact us to exercise your rights under Article 15 of GDPR. We'll acknowledge all requests within 14 days.
For complaints under GDPR, notify us in writing with your DPO reference number.
7. Data Transfers
Data processing occurs in EU-compliant infrastructure. Any international transfers are protected by Standard Contractual Clauses (SCCs) under Article 46 GDPR.
8. Changes to This Policy
We may update this policy to comply with new regulations. Significant changes will be communicated via email or prominent site notifications.
Policy last updated: 02 October 2025