GENERAL
Respecting your privacy, and within the framework of this Privacy Policy, we would like to inform you that we apply all lawful procedures and take all necessary security measures to protect your personal data during its collection and processing.

DATA CONTROLLER
The controller of your personal data is the Private Capital Company under the name ATLAS BUSINESS SOLUTIONS, with G.E.MI. number 179997706000, having its registered office at 40 Marinou Antypa Street, PC 57001, Thessaloniki, tel. 2310 310 910. The data controller determines the purposes of the processing of personal data and the means by which such processing is carried out.

DEFINITIONS
“Personal data” means any information relating to an identified or identifiable natural person (data subject). The
An identifiable natural person is one whose identity can be determined.
whose identity can be verified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.
“Processing” means any operation or set of operations which is performed with or
without the use of automated means, on personal data or
on sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, erasure, or destruction.
“Data controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and the means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or the law of a Member State, the data controller or the specific criteria for its designation may be provided for by Union law or the law of a Member State.

“Consent” of the data subject means any freely given, specific, explicit, and informed indication of the data subject’s wishes by which the data subject signifies agreement, by a statement or by a clear affirmative action, to the processing of personal data relating to them.

LEGISLATION
The above constitute certain basic concepts regarding the protection of personal data, which is governed by the provisions of the GDPR (2016/679), Law 4624/2019, Law 3471/2006 on the protection of personal data and privacy in the field of electronic communications, as well as the decisions of the Hellenic Data Protection Authority. Our company fully takes these into account and continuously makes every possible effort to comply with them.
If you are under the age of 16, you must have the consent of your parents or legal guardians before using the services of this Website. We do not collect or process your personal data otherwise.

INFORMATION COLLECTED AND PURPOSE OF COLLECTION
We collect the personal data you provide to us during your visit to our Website for the following purposes:

-Creation of a user account
-Purchase of our services
-Completion of the contact form for inquiries or clarifications
-Sending of informational material (newsletter)
-Evaluation and submission of reviews for our services

The data we request include:

-Full name
-Telephone number
-Home address (street, city, postal code)
-Email

-For the issuance of invoices/receipts, a Tax Identification Number (TIN) is also required.

The above collection and processing of personal data is based on:

-the performance of the contract,
-compliance with legal obligations,
-our legitimate interest in providing you with better service

We do not have access to the full details of your bank card, as we apply strong PCI (Payment Card Industry) security and encryption standards.

DATA RETENTION PERIOD
The personal data we receive from you for the purpose of purchasing our services are retained in accordance with the applicable legal requirements, while data relating to the contact form are retained for one year, and data collected for the creation of a user account are deleted two years after their last use, unless you request their deletion before the expiration of this period. However, for the purpose of complying with the law, we may retain your personal data for a longer period if required.

THIRD-PARTY DATA PROCESSORS
We use certain third-party entities for the processing of personal data. Specifically, we use Stripe, through which your payments are processed, Mailchimp, through which the newsletter is managed, and [ ], through which the connection between Stripe and the Independent Authority for Public Revenue (AADE) is carried out for the completion of payments. Please note that the aforementioned third-party entities are solely responsible for the manner and means by which they process data, and we encourage you to review their respective privacy policies via each provider’s website (link).

RIGHTS OF THE DATA SUBJECT
As data subjects, you have the following rights:
-to know who processes your personal data, what data are processed, and for what purpose (right to information / transparency),

-to request free access to the personal data you have provided to us and that we retain (right of access),
-to request the correction of inaccurate personal data and the completion of incomplete information (right to rectification),
-where the data are no longer necessary, where you have withdrawn your consent, or where they have been unlawfully processed, to request the erasure of your personal data (right to erasure / right to be forgotten),
-o request the restriction of the processing of your personal data when their accuracy is contested, the processing is unlawful, the data are no longer required by the data controller, or where you object to automated processing (right to restriction of processing),
-to request the transfer of your data to another data controller (right to data portability),
-to object to the processing of your personal data, provided that the public interest is not adversely affected (right to object).

The exercise of the above rights is carried out by submitting a relevant written request to the Company, to which we undertake to respond within a period of one (1) month from its receipt. This period may be extended by an additional two (2) months due to the complexity of the request and/or the large volume of requests.

RIGHT TO LODGE A COMPLAINT
If you believe that the processing of your personal data violates the Personal Data Protection Regulation, you have the right to lodge a complaint with the Hellenic Data Protection Authority, Kifisias 1–3, 11523, Athens, www.dpa.gr, telephone +30 210 647500. Detailed instructions on how to submit a complaint are provided on the website of the Hellenic Authority.
If you use our Website, this shall mean that you consent to the application of this Privacy Policy.