Privacy Policy

Take a moment to read this Privacy Policy (hereinafter “Policy”) to understand how the Data Controller, i.e., the Legal Team of Data’n’ Deeds (hereinafter “Legal Team” or “we”), collects, stores, uses, and processes your personal data when you visit or use the website.

1. What is personal data?
“Personal data” refers to information about identifiable natural persons, such as name, postal address, email address, phone number, etc., which can identify or make identifiable a person (hereinafter “Personal Data” or “Data”).

2. What is personal data processing?
Any action or set of actions performed with or without automated means on personal data, including collection, registration, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, restriction, erasure, or destruction.

3. Which Data do we collect?
Our website  is primarily informational and limits personal data collection to the minimum. We only collect the necessary data you provide via the Contact Form (name, email, and any additional information you choose to submit).

4. Cookies
Cookies are small text files stored in your browser when visiting our website. We use only essential cookies required for proper site functionality. They do not identify you personally. Without them, the site cannot function correctly.

5. Purpose and legal basis for processing your Data
We process your Data to communicate with you and handle your inquiries. This processing is based on:
• Our legitimate interest to respond to requests, or
• The necessity to take steps before entering into a contractual relationship.
If your inquiry relates to exercising your rights, processing is based on legal obligations.

6. Recipients of your Data
Only necessary personnel, members of the Legal Team, and external partners acting as data processors for site management and maintenance have access to your Data. We do not share your Data with third parties.

7. Ensuring Data security by processors
Data processors we use are bound to:
• Maintain confidentiality
• Not share Data without permission
• Implement appropriate security measures
• Comply with GDPR and applicable data protection law

8. Do we send Data outside the EU?
No. Processing is limited to the EU.

9. Retention period
Data collected via the Contact Form is kept only as long as needed to respond to your inquiry, unless a new purpose arises.

10. Data security
We apply appropriate organizational and technical measures to protect your Data from unauthorized access or misuse.

11. Your rights
You have the right to access, correct, delete, restrict, oppose, request portability, or withdraw consent for your Data processing.

12. How to exercise your rights
Send your request to dpo@datandeeds.com. We respond free of charge, within one month, extendable by two months in complex cases. Complaints can be submitted to the Hellenic Data Protection Authority (http://www.dpa.gr).

13. Automated decision-making
We do not make decisions based on automated processing or profiling of your Data.

14. Applicable law
Greek law applies, in accordance with GDPR (2016/679/EU) and national and EU legislation. Courts of Athens have jurisdiction for disputes.

15. Policy updates
The Policy may be updated when necessary. Updates will be published on our website before taking effect, and you will be notified by appropriate means.