menu
close
Privacy

Privacy Policy

1. Introduction

This Policy is established by Elumine Group P.C. (hereinafter referred to as the “Company”), a limited liability company registered in Greece. The Company is committed to protecting the personal data collected in the course of users visiting our website and obtaining our services. This Privacy Policy outlines our commitment to safeguard personal data, specifically detailing its collection, use, transmission, and retention in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) and applicable Greek data protection laws, including Law 4624/2019. We hereby acknowledge that the Company acts as a Data Controller under GDPR for the personal data we process in relation to your use of our website and services.

2. Collection and use of Personal Data

A standard form is available on the Company’s website to facilitate communication with visitors or clients. This form may be used for queries or requests and is automatically directed to the relevant department or agent. To enable the processing of these queries and requests, we may collect and store your full name, email address, residence address, contact details, and any other information you voluntarily provide. Such data are used strictly to address your queries or requests and shall not be disclosed to parties other than those mentioned in this Policy or as required/permitted by law. In addition, telephone numbers of the Company are made available for direct communication as necessary.

Users have the option to register for the Company’s newsletter by providing their name and email address. The legal basis for sending the newsletter is your explicit consent. If you no longer wish to receive our newsletter, you may withdraw your consent and unsubscribe at any time. Your email address will then be securely deleted from our systems.

When the website is used for recruitment purposes, candidates must consult the dedicated “Privacy Notice for Recruitment.” Under the GDPR, personal data processing must be founded on a specific legal basis. In the cases described above, we rely on your consent when you voluntarily submit a form or sign up for our newsletter, or we rely on legitimate interests, contractual necessity, or legal obligations, where applicable.

3. Transfer of Personal Data

The Company may disclose personal data only to the extent necessary to manage lawful operations, comply with legal obligations, or fulfill contractual requirements. Such transfers are subject to appropriate safeguards (e.g., Standard Contractual Clauses for international transfers, binding corporate rules, or data-processing agreements with subcontractors or suppliers). Where necessary under GDPR, we will seek your explicit consent before transferring personal data to third countries or external parties. In cases where personal data are transferred outside the European Economic Area (EEA), we ensure that such recipients offer an adequate level of data protection or implement appropriate safeguards in compliance with Chapter V of the GDPR.

4. Retention of Personal Data

The Company does not retain personal data beyond the period necessary to fulfill the specific purposes for which the data were collected, or as required under applicable laws and regulations. We also ensure that data are securely deleted once they are no longer needed. Retention periods may vary depending on the nature of the data, legal obligations (e.g., accounting or tax requirements), and whether ongoing legitimate interests (such as potential legal claims) require extended storage. More information on specific retention periods can be found at the “Communication” option on our website Menu, or by contacting us as outlined below.

5. Rights of Subjects

Under Regulation (EU) 2016/679 (GDPR), individuals have specific rights regarding their personal data. This section describes those rights and how data subjects may exercise them.

If you have any questions or wish to exercise any of the rights listed here, please refer to the “Communication” option on our website or use the Application for the Exercise of Rights by the Subjects.

           5.1. Right of Access

You have the right to obtain confirmation as to whether your personal data are being processed, as well as access to the personal data held by the Company. You may submit an access request using the Application for the Exercise of Rights by the Subjects.

           5.2. Right to Rectification and Erasure

You may request the update, correction, or complete erasure of your personal data. Upon verification of identity and if one of the following conditions applies, the Company will erase your personal data:

  • The data are no longer necessary for the purposes they were collected or processed.
  • The lawful basis for processing is consent, and you withdraw consent.
  • You object to the processing based on legitimate interests with no overriding interest remaining.
  • The data have been unlawfully processed.

Where the Company cannot immediately erase personal data due to a legal obligation or other lawful basis, we will restrict processing and ensure the data are not further processed for any other purpose.

           5.3. Right to Restrict Processing

You have the right to request that the Company restrict the processing of your personal data in certain circumstances (e.g., contesting the accuracy of data, lawfulness of processing, etc.). Submit your restriction request via the Application for the Exercise of Rights by the Subjects.

           5.4. Right to Object

You may object, on grounds relating to your particular situation, at any time to the processing of your personal data where such processing is based on the Company’s legitimate interests. Submit your objection using the Application for the Exercise of Rights by the Subjects.

           5.5. Right to Data Portability

You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to request the transfer of those data to another controller where technically feasible. Such requests can be made via the Application for the Exercise of Rights by the Subjects and will be processed within one (1) month, subject to lawful exceptions. If additional time is required to process your request (due to complexity or number of requests), we may extend the response period by up to two further months. We will inform you of any such extension within one (1) month of receiving your request.

6. Security Measures

We implement appropriate technical and organizational measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, in accordance with GDPR Article 32. These measures are regularly reviewed and updated to ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services.

7. Cookies and Similar Technologies

Our website may use cookies or similar technologies to enhance user experience, analyze website usage, or provide targeted advertisements. Where cookies are not strictly necessary for the website’s basic functionality, we will request your consent in accordance with the ePrivacy Directive (as implemented under Greek law) and GDPR. For more details, please see our Cookie Policy (if available on our website).

8. Amendments

Any changes to this Privacy Policy shall be published on the Company’s website. In the event of significant modifications, the Company may elect to notify affected users by email with relevant details. Where required by law, your explicit consent will be sought prior to implementing any material changes.

9. Contact and Complaints

If you have any concerns or complaints about how we handle your data or this Policy, please contact us at:

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Greek Data Protection Authority (DPA). The DPA’s contact details are:

Effective Date: 01/01/2025
Elumine Group P.C.