PRIVACY POLICY

Tileorganosi IKE
GEMI: 167539209000
Registered Office: Kalamata, Greece
VAT Number: 801981958
Tax Authority: KEFODE Attikis

For any matters related to personal data protection, you may contact us at:
Email: info@tileorganosi.gr

2. What Data We Collect

The Company collects personal data only when users voluntarily provide it.

2.1 Data submitted via contact forms

When completing a contact form, we may collect:

• Full name
• Email address
• Phone number
• Message content / comments

2.2 Technical browsing data

During your visit to the website, certain technical data may be collected automatically, such as:

• IP address
• Date and time of access
• Browser and operating system information
• Cookies (where applicable)

3. Purpose of Processing

Personal data collected through the website is used exclusively for:

• Communicating with users and responding to inquiries
• Providing information about our services
• Preparing potential cooperation or service offers
• Ensuring the proper operation and security of the website
• Statistical analysis of website traffic (only where required and with consent)

4. Legal Basis for Processing

Personal data is processed in accordance with the following legal bases:

• Legitimate interest (Article 6(1)(f) GDPR): for responding to communication requests and managing the operation and security of the website.
• Pre-contractual measures (Article 6(1)(b) GDPR): when communication relates to the preparation of a potential cooperation or service provision.
• Consent (Article 6(1)(a) GDPR): where required, particularly for non-essential cookies (e.g., analytics).

5. Data Recipients – Third-Party Providers

The Company does not sell, assign, or transfer personal data to third parties for commercial purposes.

Data may be shared with trusted partners/service providers who support the technical operation of the website and communication systems, such as:

• Website hosting providers
• Email service providers
• Technical support providers
• Internal communication and management tools

These partners act as Data Processors (Article 28 GDPR) and are bound by confidentiality and data protection obligations.

6. Transfers Outside the European Economic Area (EEA)

If any of the above service providers process data outside the European Economic Area (EU/EEA), such transfers will only take place with appropriate safeguards in accordance with Articles 44–49 GDPR, such as:

• Standard Contractual Clauses (SCCs), or
• Other lawful transfer mechanisms.

7. Data Retention Period

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected.

Indicatively:

• Contact form data is retained for up to 24 months from the last communication.
• Technical data/logs are retained for 6–12 months for security and technical purposes.

After these periods, the data is deleted or anonymized, unless retention is required by law or necessary for the establishment, exercise, or defense of legal claims.

8. Call Recording

The Company does not record telephone calls within the context of simple communication initiated through the website.

9. Cookies

The website may use cookies to ensure its proper operation.

9.1 Categories of cookies

• Strictly necessary cookies: Required for the technical operation and security of the website.
• Analytics cookies: Used to analyze website traffic, only where required and subject to user consent.

Users may configure or delete cookies through their browser settings or via the website’s cookie management mechanism (cookie banner), where applicable.

10. Data Security

The Company implements appropriate technical and organizational security measures to protect personal data from loss, unauthorized access, or unlawful processing, including:

• SSL/TLS encryption
• Access restriction to authorized personnel only
• Secure password and access management policies

11. Data Subject Rights

Under the GDPR, you have the following rights:

• Right of access
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to object
• Right to data portability (where applicable)
• Right to withdraw consent (where processing is based on consent)

To exercise your rights, please contact:
info@tileorganosi.gr

The Company will respond within 30 days, with the possibility of extension where permitted by GDPR.

12. Right to Lodge a Complaint

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the competent supervisory authority:

Hellenic Data Protection Authority (HDPA)
Website: www.dpa.gr

13. Minors

Our website and services are not intended for individuals under the age of 16, and we do not knowingly collect personal data from minors.

If you believe that we may have collected information from a minor under 16 years old, please contact us so that we can take appropriate action.

14. Changes to this Policy

The Company reserves the right to modify this Privacy Policy at any time.
The most current version will always be published on the website with an updated “Last Updated” date.