Heraklion, Crete +30 2810 360 700
Iraklio Attikis +30 210 53 19 660
info@ergoprolipsis.gr
  • Ελληνικά
  • English
Updates
ErgoProlipsis joins the UN Global Compact and the Global Compact Network Hellas
ErgoProlipsis – Great Place to Work® Certification
ErgoProlipsis’ New Year's Pie event
Fire Prevention at the Workplace

1. Introduction

This Privacy Policy describes how ErgoProlipsis collects, uses, stores, and protects the personal data of visitors and users of its website, in accordance with Regulation (EU) 2016/679 (GDPR) and the applicable Greek legislation (Law 4624/2019).
ErgoProlipsis fully respects the right to privacy and is committed to the lawful, fair, and transparent processing of personal data.

2. Data Controller

The Data Controller is the company: ERGOPROLIPSIS LTD – Occupational Health & Safety Services
Registered Office: Heraklion Industrial Area (BIPΕ), Street K
Telephone: +30 2810 360 700
Contact email: info@ergoprolipsis.gr

3. Data Protection Officer (DPO)

The company has appointed a Data Protection Officer (DPO), in accordance with Articles 37–39 of the General Data Protection Regulation (GDPR). The DPO is the competent contact point for any matter concerning the processing of personal data and the exercise of data subjects’ rights.
DPO contact email: dpo@ergoprolipsis.gr

4. What Data We Collect

ErgoProlipsis collects only the strictly necessary data, depending on the purpose of processing:

  1. Through the contact form
    • Full name
    • Email address
    • Telephone number (if provided)
    • Message content
  2. Through CV submission
    • Identity and contact details
    • Educational and professional background
    • Information the applicant chooses to include
  3. Data for service quotation preparation

In the context of expressing interest or requesting services, the following may be collected:

    • Full name of the contact person
    • Company or organization details (name, activity, registered office, etc.)
    • Contact details (email, telephone)
    • Description of requested services or project

The above data is used exclusively for preparing, sending, and monitoring service offers and for related pre-contractual communication.

d. Technical website usage data

    • IP address
    • Device type & browser
    • Traffic statistics via cookies

5. Purposes of Processing

Personal data is used exclusively for:

  • Communication with interested users
  • Responding to requests and inquiries
  • Evaluating job applicants
  • Improving the operation and security of the website
  • Compliance with legal obligations

6. Legal Basis for Processing

The company processes personal data only when there is a lawful basis, specifically:

  • Article 6(1)(b) GDPR (pre-contractual or contractual measures), for communication, evaluation of requests, and preparation and sending of service offers.
  • Article 6(1)(a) GDPR (consent), where required, particularly for:
    • the use of non-essential cookies,
    • submission of data through the contact form or CV submission.
  • Article 6(1)(c) GDPR (legal obligation), when processing is required for compliance with applicable legislation.
  • Article 6(1)(f) GDPR (legitimate interest), exclusively for purposes of information systems security, technical operation and protection of the website, provided that the rights and freedoms of data subjects do not override such interests.

7. Cookies

The website uses cookies for:

  • Technical and secure operation
  • Statistical traffic analysis
  • Improvement of user experience

Users may configure or reject cookies through their browser settings.

8. Data Retention Period

Personal data is retained:
• For as long as required for the processing purpose
• CVs: up to 12 months (unless earlier deletion is requested)
• Statistical data: up to 24 months
After this period, data is securely deleted or anonymized.

9. Disclosure to Third Parties

Data is not sold, rented, or disclosed to third parties, unless:

  • required by law, or
  • absolutely necessary for technical support services (e.g., hosting), under confidentiality terms.

10. Security Measures

The company implements appropriate technical and organizational measures, such as:

  • Restricted access to data
  • Use of secure systems and passwords
  • Protection against unauthorized access or loss

11. Data Subject Rights

Data subjects have the right to:

  • Access
  • Rectification
  • Erasure
  • Restriction of processing
  • Data portability
  • Withdrawal of consent
  • Lodge a complaint with the Hellenic Data Protection Authority

Requests may be submitted to the Data Protection Officer (DPO) at: dpo@ergoprolipsis.gr

12. Policy Amendments

The company reserves the right to modify this Policy. The updated version will be posted on the company’s website.