The controller responsible for processing your personal data in the context of handling your complaints is:
Hellenic Telecommunications and Post Commission (EETT)
60 Kifisias Ave., 151 25
Marousi Tel.: +30 210 615 1000
Email: info@eett.gr
EETT is committed to protecting and respecting your privacy and complies with the General Data Protection Regulation (Regulation (EU) 2016/679 – GDPR) and Law 4624/2019.
Through this complaint submission form, we request only the information necessary to examine your complaint (full name and contact details, details of the digital service provider concerned, subject and background of the complaint, and supporting evidence). Providing this information is essential, as we cannot process your case without it.
Complaints submitted via this online form automatically generate emails to EETT (info@eett.gr), which are then registered by authorized staff and assigned through the Electronic Document Management System (OPS-SHDE) to the competent unit for examination.
The personal data you provide are processed exclusively for examining your complaint, forwarding it to the competent digital service provider to obtain their views, exercising EETT’s statutory powers, informing competent authorities and communicating with you when necessary.
EETT stores your complaint, all attached documents, any related information you provide, and all communication exchanged with you, including EETT’s response (more information is available below).
The legal basis for the processing of personal data is paragraphs 1 c’ and e’ of article 6 of the GDPR, which allow EETT to process the personal data included in complaints to comply with its legal obligations arising from article 53 of Regulation (EU) 2022/2065 “Digital Services Act” (DSA) and article 11 par.5 of Law 5099/2024 “Taking measures for the implementation of Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on the single market for digital services and the amendment of Directive 2000/31/EC (“Digital Services Act”) and other provisions” (Official Gazette 48/A/5-4-2024) and fulfill its duties in terms of complaint management and consumer protection, which it performs in the public interest.
If your complaint includes special categories of data (e.g., health data), processing is based on substantial public interest under Article 9(2)(g) GDPR and Article 26 of Law 4624/2019 in order to ensure consumer protection and compliance with digital services legislation. You are advised to submit only strictly necessary documents and redact any irrelevant information.
EETT applies appropriate technical and organizational measures to protect your personal data. Data are stored in ERMIS Complaint Management System (EETT’s web platform for complaints’ management), hosted securely in the Government Cloud (G‑Cloud) within the EU as well as in electronic folders of the competent EETT unit, stored on EETT servers. Access is strictly limited to authorized EETT personnel who use this data to assess the complaint and carry-out their duties.
Your data may also be accessed by processors, those who maintain or support the operation of EETT’s relevant systems on its behalf. Specifically, the company COORDI CLOUD IKE which provides maintenance and support services for the operation and enrichment of the EETT website, the company HYPERSYSTEMS S.A. which provides maintenance and operation support services for the OPS-SHDE system and the General Secretariat of Information Systems and Digital Governance (GSISDG) of the Ministry of Digital Governance which manages G-Cloud. All processors are contractually bound to confidentiality and follow EETT’s documented instructions.
EETT will forward, if necessary, the complaint with your personal data to the provider of the digital service based in Greece to which the complaint concerns, in order to express its views. The purpose of this transfer is to investigate your complaint, which is lawful according to article 6 par. 1 e) of the GDPR, which allows EETT, which is the Digital Services Coordinator, to process personal data when this is necessary for the performance of its duties as the competent authority for the supervision of digital service providers whose country of establishment is Greece. The relevant duty of EETT derives from Regulation (EU) 2022/2065 “Digital Services Act”, in particular article 53 thereof and article 11 par. 5 of Law 5099/2024.
If the complaint falls under the competence of another competent Greek authority, then the EETT that receives the complaint forwards it to that authority. In this case, the transmission of your personal data by EETT is lawful, according to article 6 par. 1 c) of the GDPR, because it is necessary for EETT to comply with its legal obligations arising from article 53 of Regulation (EU) 2022/2065 “Digital Services Act”.
If, finally, the complaint falls within the competence of an authority of another member state of the European Union, then EETT forwards it to the said competent authority within the European Union in order to take over the case and possibly the said competent authority to forward it to third parties when this is required for the examination of the complaint (digital service provider, other competent authorities in the said Member State or EU). In this case, the transmission of your personal data by EETT is lawful, according to article 6 par. 1 c) of the GDPR, because it is necessary for EETT to comply with its legal obligations arising from article 53 of Regulation (EU) 2022/2065 “Digital Services Act”. Third-party access to case documents is governed by the legislation on access to public documents of the respective Member State and the legislation governing the operation of the relevant European body to which the complaint is forwarded. It should be noted that the transmission of the complaint by EETT to the competent authority within the European Union is done exclusively through the European communication platform AGORA which is the main tool throughout the Union for the supervision, investigation, enforcement and monitoring of services within the scope of DSA.
In addition to the above, EETT does not disclose your personal data to additional persons, organizations or other external entities other than those legally provided for in order to manage your complaint. Third party access to case documents is governed by Greek legislation on access to public documents.
EETT does not engage in automated decision-making or profiling.
EETT keeps the personal data for the period of time provided by the applicable legislation and for as long as there is a need to carry out actions that are necessary for the processing of the case. Thus, the information collected with this complaint submission form is kept in the website’s content management system for 3 days and then automatically deleted. Incoming emails to info@eett.gr, as well as related outgoing and reply emails are kept for 6 months. The incoming and outgoing documents related to the complaint are kept in the EETT file for a period of 10 years. Citizen and business complaint files are kept for 10 years and more at the discretion of EETT. The prescribed retention time per category of documents and the liquidation procedure are defined in EETT Decision 1070/29/10 4 2023 (Government Gazette B’ 3528), as applicable.
As the subject of your personal data, you can exercise the right of access to your data that EETT processes for the examination of the complaint and request a copy. You can also exercise the rights of rectification, erasure, opposition and restriction of processing under conditions (Articles 15, 16, 17, 18, 21 GDPR). If you consider that the protection of your personal data is affected in any way, you can appeal to the Hellenic Data Protection Authority (HDPA).
f you have any question or comment regarding the use or protection of your personal data by EETT or you would like to exercise any of your rights, please contact us using the following contact details:
Team responsible for privacy-related issues:
- E-mail: GDPR@eett.gr
- Tel.: 210 6151000
Data Protection Officer (DPO) of EETT: DPO@eett.gr