GDPR - GENERAL DATA PROTECTION REGULATION

Privacy Policy

The company «Hellenic Company of Investments and Export Trade S.A.» with distinctive title «Enterprise Greece» (henceforth: the Organization Enterprise Greece or Enterprise Greece) is the competent national body, under the supervision of the Ministry of Finance and Development, for the attraction of investment in Greece and the promotion of Greek exports. Its objective is, inter alia, the attraction, welcome, promotion, support and retaining of investment in Greece, the assistance in constant improvement of the respective legal framework, the support of international investment cooperation, the promotion of the country as investment destination, through the development of institutional cooperation with international bodies, the provision of information, advisory assistance and any other support service to the Greek businesses. At the same time, it provides general and specialized information services (consultancy services), as well as guidance of the businesses in matters of market, legal framework of export and investment, whereas it cooperates with entrepreneurial and exporting bodies, chambers of commerce and local public administration for the attraction of investors.

Enterprise Greece takes your privacy seriously into account. We are committed to maintain the highest level of protection when processing your personal data; In compliance with the applicable national and European legislation on personal data protection and for purposes of transparency, please find hereunder some useful information on our company’s data protection policy:

1) Who we are

Enterprise Greece is the Controller of your personal data. You can communicate with us via telephone, fax, email, as well as via post.

  • The communication information of our central office in Athens is the following:
    ENTERPRISE GREECE
    109 Vasilissis Sophias Avenue, 115 21 Athens, Greece
    Tel: +30 210 335 5700
    Fax: +30 210 324 2079
    email: info@eg.gov.gr
  • The communication information of our office in Thessaloniki is the following:
    ENTERPRISE GREECE
    136 Tsimiski Street, 546 21 Thessaloniki, Greece
    Tel: +30 231 051 0047
    email: info@eg.gov.gr

 

2) Information we may hold and why

Enterprise Greece processes personal data that concern natural entities, natural entities enterpreneurs, or natural entities acting on behalf of a legal entity (e.g. legal representative of a company, head of communications, etc).
The information we collect and process may, as the case may be, include:

  • name and surname,
  • occupation,
  • capacity,
  • nationality,
  • home address,
  • professional address,
  • email,
  • phone,
  • fax,
  • identity card or passport number,
  • tax identification number,
  • ΙΒΑΝ.

The infοrmation that we process may concern:

1) any person that contacts Enterprise Greece and voluntarily submits its personal information in order to:

  • Receive information on issues that are within its scope of services,
  • Request the evaluation of an investment plan,
  • Participate in business meetings,
  • Participate in educational seminars addressed to exporters,
  • Participate in expos for the promotion of products and relevant events,
  • Receive services that are available online on the Enterprise Greece website
  • Receive newsletters regarding activities, actions and initiatives of Enterprise Greece.

2) Investors, possible investors and investor consultants.

3) Suppliers and external collaborators.

4) Any third party, with which Enterprise Greece comes into contact during the exercise of its activities, such as diplomats, entrepreneurs and reporters.

5) Users of the website. Apart from the information submitted voluntarily by the above persons in the website of Enterprise Greece, certain types of information is collected for the website users, such as information regarding the devices (including the type of navigation program and the IP address) and information regarding the server of the recording document of the accessibility of the website of Enterprise Greece.

3) How we collect your personal data?

In most cases, the personal data is provided by you directly, either in writing, including by electronic means, or orally, for the objectives mentioned analytically below under [6], such as for example, when you:

  • Fill in and submit the electronic form of communication which is available on the website of Enterprise Greece.
  • Send an email to Enterprise Greece.
  • Send by post to Enterprise Greece any request or dossier in written form.
  • Communicate by phone with Enterprise Greece.
  • Fill in your personal data in the lists of participation in the events of Enterprise Greece.
  • Provide to Enterprise Greece your business card.
  • Enter into a contract with Enterprise Greece.
  • Provide to Enterprise Greece your personal data with a view of receiving newsletters concerning the activities, actions and initiatives of Enterprise Greece.
  • Browse the Enterprise Greece website.

Furthermore, Enterprise Greece may collect personal data from third parties, such as external collaborators, Ministries, Embassies, within the context of its scope of services. This information is collected with a view of attracting new investors in Greece, organising expos for the promotion and testing of consumer and industrial products of Greece, as well as the hosting of press conferences. In these cases, Enterprise Greece makes every possible effort to secure the legality of collection of the personal data it receives.

4) Legal Basis for data processing

Enterprise Greece processes the aforementioned personal data:

1) In compliance with legal requirements, and/or

2) for the performance of a task carried out in the public interest or in the exercise of official authority vested in Enterprise Greece, and/or

3) for the purposes of the legitimate interests pursued by Enterprise Greece, and/or

4) for the performance of a contract to which Enterprise Greece is party, and/or

5) when the data subject has given consent to the processing of his/her personal data for one or more specific purposes, as for example for receiving newsletters, for the participation to business meetings, training seminars for exporters, promotion exhibitions and other related events.
In cases where data processing is based on data subject’s consent and is associated with a task carried out in the exercise of official authority vested in Enterprise Greece, further processing of personal data may be imposed for purposes of public interest and/or in compliance with legal requirement.

5) Purpose of data processing

Ο Enterprise Greece processes personal data for at least one of the following purposes:

  1. To attract investors.
  2. To support investors.
  3. To provide information to investors.
  4. To provide mediation services to investors.
  5. To evaluate investment plans.
  6. To organize business meetings and missions.
  7. To organize business meetings and trips for purposes related to its activities.
  8. To provide information and education to Greek exporters.
  9. To organize international exhibitions of agricultural products, food, beverages, test reports, consumer & industrial products, events, product promotion programs.
  10.  To select new suppliers and/or service providers of Enterprise Greece, execute the relevant contract (works/supply/services contract) and publish it to the online platform of “Diavgeia” Transparency Programme operated by the Ministry of Administrative Reconstruction.
  11. To organize press conference.
  12. To archive the minutes of the meetings held by the administrative bodies of Enterprise Greece.
  13. To inform about actions and initiatives operated by Enterprise Greece.

6) How long we retain your personal information

We retain your personal data for as long as we need it in order to fulfil our purposes set out in this Privacy Policy and/or in order to comply with applicable law.

7) How we use «cookies»

Cookies are small pieces of data that are stored by your browser on your computer’s hard drive, mobile phone or any other device used to access the internet. Enterprise Greece uses cookies to customize the website and improve your experience with the site. Cookies store anonymous information, such as whether you viewed the site from your mobile device, when or from which IP address. Cookies are stored on your computer/device only after you have been informed about privacy settings and you have given your consent to each category thereof. Third parties providing technical support services on the website of Enterprise Greece may have access to this information.

8) Sharing your personal data

Enterprise Greece may share your personal data in the course of its activities with the following categories of third parties located within European Union:

  • Ministries of Greece or of other Member States of European Union.
  • The competent Interministerial Committee for the valuation of investment plans.
  • Decentralized administrations.
  • Greek state entities and authorities.
  • The online platform of “Diavgeia” Transparency Programme operated by the Ministry of Administrative Reconstruction.
  • Embassies.
  • Companies that assist Enterprise Greece in the provision of its services, as for instance transport companies, printing and public relations companies.
  • Companies that undertake the organization of training seminars.
  • Other third parties (for example providers of IT services, legal and financial advisors, external auditors).
  • Third parties that provide auditing services.
    These third parties may access your personal data only if and when required to perform tasks assigned by Enterprise Greece that include the processing of your personal data.
    In addition to the parties listed above, Enterprise Greece may disclose your personal data when it is necessary to satisfy any applicable law, regulation, legal process or governmental request.

9) Transfer of personal data to third countries/international organizations

Enterprise Greece may transfer personal data to third parties located outside the European Economic Area ("EEA") for the fulfilment of the aforementioned purposes. Such transfer takes place under the condition that the third country in question offers an adequate level of data protection, and the recipients of personal data comply therewith.
Exceptionally in cases where no adequate level of data protection is ensured, Enterprise Greece may transfer personal data only when the suitable safeguards are provided, such as a legally binding and enforceable instrument between public authorities or bodies, or standard data protection clauses adopted by the Commission. In the absence thereof, Enterprise Greece may transfer personal data only in specific circumstances, when for instance the data subject has explicitly consented to the proposed transfer after having been informed and according to the provisions set forth by law.

10) Data subject rights

Pursuant to the current legal framework on the protection of personal data, you are entitled to exercise the following rights by filling out and sending to our Data Protection Officer a specific form that is sent to you upon request:

  • The right to access, correct or update your personal data at any time. This right can be exercised under the condition that there is no risk of disclosing confidential information protected by law or by nature as such.
  • The right to object the use of your personal data unless there is an overriding public interest that requires the processing activity.
  • The right to restrict the use of your personal data, under the condition that personal data is not processed for purposes of public interest, legal compliance or contractual performance.
  • In case where the processing of your personal data is based exclusively on your consent, you have the right to withdraw your consent at any time without any detriment, and without prejudice to the retention period that may be required for purposes of public interest or in compliance with applicable law.
  • Similarly, you are entitled to ask the erasure of your personal data, under the condition that such deletion is technically feasible and the personal data is not processed for purposes of public interest, legal compliance or contractual performance. In case where data deletion cannot be satisfied for technical reasons, you are entitled to the right to restrict the use of your personal data.
  • You have the right to data portability, according to which you can ask to receive your personal data so that you can transfer them to another organization, without prejudice to the applicable data retention period that is required by law and/or for purposes of public interest.
  • In case where you are dissatisfied with how Enterprise Greece processes your personal data, you are entitled to submit a complaint before the Hellenic Data Protection Authority (DPA). For more detailed information you can visit the website of DPA (dpa.gr / My rights / Submit of a complaint). In case where you wish to submit a complaint before Enterprise Greece for any issue regarding the processing of your personal data, you may ask for, fill out and send to our Data Protection Officer a specific form via email or via postal mail.

11) External links

Some hyperlinks on our website refer to contents that are useful for exporters and investors; such contents are related inter alia with European and state bodies, associations, chambers, international and national organizations. Those hyperlinks are provided solely for the convenience of stakeholders, and in no case can Enterprise Greece be held responsible neither for their content nor for the privacy practices applicable thereto. Should the website user wish to use any third party websites, he/she acknowledges his/her own responsibility in this regard.

12) Newsletters

Enterprise Greece sends invitations and updates (newsletters) regarding its activities, events and initiative to those that have consented thereto. In case where recipients wish to stop receiving newsletters, they have the right to unsubscribe from newsletter list at any time and without any detrimental effect.

13) Social media

This website contains social media icons leading to the respective accounts operated by Enterprise Greece (Facebook and LinkedIn). The information that you decide to publish through those applications is not subject to the present Privacy Policy, and Enterprise Greece cannot be held responsible for the information you provide to such websites and social media platforms.

14) Updates to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on Enterprise Greece’s website. Such modification will become effective immediately upon posting without prior notice. Hence, we encourage you to periodically review this privacy policy to stay informed about how Enterprise Greece processes personal data.

15) Contact

If you have any questions or concerns, please contact our Data Protection Officer on +30 210 33 55 701 and/or via email: dpo@eg.gov.gr and/or via postal mail at the addresses of Enterprise Greece in Athens and Thessaloniki.

16) Security of personal data

We place high priority on the security of your personal data. We apply appropriate technical, administrative, electronic and physical safeguards to protect against foreseeable loss, unauthorized access, destruction, misuse, unauthorized modification and improper disclosure. We store data on servers that are placed in secure installations and we apply specific procedures for the storage and safety of data. Network traffic is monitored and filtered by a firewall system, and data is scanned by a state-of-the-art antivirus software.

LOGIN