Privacy Policy

For any processing of personal data carried out by EETT, including the personal data of visitors to this website, the Data Controller is:

Hellenic Telecommunications and Post Commission (EETT)
60 Kifissias Avenue 151 25 Maroussi – Greece
Tel: 210 615 1000
email: info@eett.gr

EETT is committed to protecting and respecting your privacy and complies with the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 or GDPR) and the Law 4624/2019.

This Privacy Policy explains the types of personal data that EETT maintains, the ways it collects, uses, manages and protects them, as well as your rights as data subjects. Among other things, it includes a specific reference to the processing of your personal data carried out during your visit to this EETT website (section 3.). Regarding the privacy policies of EETT’s online applications, look for them in each online application.

If you have any questions or comments about our processing of your personal data, please contact us using the contact details provided in section 8.

1. The purposes of personal data collection and processing by EETT

EETT collects and processes personal data solely for the exercise of its official mission in order to:

Carry out its duties in the public interest or in the exercise of official authority vested in EETT. In this case, the legal basis for the processing of personal data is Article 6(1)(e) of the GDPR.
Comply with its legal obligations. In this case, the legal basis for the processing of personal data is Article 6(1)(c) of the GDPR.
Perform a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. In this case, the legal basis for the processing of personal data is Article 6(1)(b) of the GDPR.
Process data for one or more specific purposes only if it has obtained the explicit consent of the data subject, i.e. on the legal basis for processing under Article 6(1)(a) of the GDPR. These are mainly cases where we will ask you to consent in order for us to contact you and send you the informative publications of EETT, such as the Journal «Επικοινωνίες εν Τάχει» (“Communications at High Speed”), EETT’s Newsletter or other information about our actions. In these cases of data processing, you can withdraw your consent at any time.

In the performance of its duties, EETT needs, in some cases, to process data of special categories, known as ‘sensitive’ data, such as data concerning health, racial origin, trade union activity, religious or philosophical beliefs, sexual life, etc. These are usually either its employee data or information that you include in your requests and complaints because you deem them necessary elements of your documentation. The legal basis for the processing of this information is, depending on the specific case:

Article 9(2)(b) of the GDPR, which relates to EETT’s obligations under labour law and to safeguarding the fundamental rights and interests of data subjects;
Article 9(2)(h) of the GDPR on the assessment of the working capacity of employees;
Article 9(2)(g) of the GDPR, which relates to the public interest of EETT and the safeguarding of the fundamental rights and interests of the data subjects.

In most cases, personal data are voluntarily provided to EETT by the data subjects themselves. Exceptions are cases when data are transmitted to EETT by other public authorities, natural or legal persons, in order for EETT to take actions falling within its competences.

2. The personal data processed by EETT

In general, EETT collects the necessary data to exercise its competencies or satisfy requests of the data subjects for information and communication.

Personal data of users requesting access to EETT’s online applications are used exclusively for authentication purposes and are not subject to any other processing.

EETT does not provide services directly to children. EETT’s web site and online applications are not designed for or addressed to minors. Therefore, EETT does not knowingly collect or store personal data concerning children.

3. Personal data for visiting and browsing at www.eett.gr

Browsing the website of EETT, www.eett.gr, is conducted anonymously and does not require the identification of the user or the recording of his/her activity in log files. The provision of certain services, such as complaints submission, requires the registration of personal information by the user, managed in accordance with the applicable EETT data protection statements and policies. In case of a complaint form submission, the system automatically records, in addition to the data entered by the user, the IP address together with the date and time of the submission, keeping it for a limited period of time.

The management and updating of the content of the website require the identification of authorised users (employees of EETT or the partner company) through the credentials assigned to them. When logging in, information about their activity is recorded, such as the IP address and actions on the pages or publications they edit.

With the consent of the user, Matomo Analytics is used to measure and analyse website traffic. Matomo stores anonymous information about visitors and page browsing, recognising unique visitors through a randomly created number assigned to them.

To protect against unwanted bot visits, Google reCAPTCHA version 3 is used. This helps to ensure access to the website and protect it from automatic malicious actions.

The personal data held by the EETT website may be communicated to the data processors with whom EETT cooperates for its operation. In particular, the website is hosted by the Government Cloud Computing Service (G-Cloud) which is managed by the General Secretariat for Information Systems and Digital Governance of the Ministry of Digital Governance. The data are stored on servers within the European Union (EU) and are not transmitted outside the EU, while only authorised personnel have access to them to provide the necessary technical support services. The management of the website is supported by 33clouds IKE. The authorised personnel of the company have access to the data of the website to the extent necessary to support its management. The above data processors handle personal data only on the basis of the recorded orders of EETT. They are bound by an obligation of confidentiality and do not transmit data to third parties.

See the terms of use of the EETT website
Detailed information about the cookies that the EETT website stores on your computer or mobile device when you visit it, can be found in the Settings & Cookies Policy.

4.Data protection and transmission

EETT is committed to protecting your personal data from breach, misuse, alteration, loss or destruction. It keeps the data secure and treats them with sensitivity in accordance with the General Data Protection Regulation. To that end, EETT adopts reasonable policies, implements appropriate technical and organizational measures, and keeps trying to improve them continuously.

According to their processing purposes, the data are stored in databases hosted on secure EETT servers or G-Cloud. These databases are protected by multi-level authentication and access is restricted to personnel who strictly require access to perform their tasks.

Database access rights are defined according to the users’ specialized roles and ensure that users have access on a strictly need-to-know basis.

EETT does not disclose personal data to individuals, organizations or other third parties unless this is required for EETT to perform its duties, respond to requests from judicial, prosecutorial and public authorities in accordance with a legal obligation for the exercise of their official mission or comply with provisions of legislation or court decisions.

In some cases, EETT has to cooperate and assist counterpart authorities in the European Union within the framework of its competences. In such cases, it may exchange personal data in the performance of a task carried out in the public interest or in the exercise of official authority vested in it or in compliance with a legal obligation.

Upon request, ΕΕΤΤ transmits data of sole proprietorships from its Registries (such as the Registry of Electronic Communications Network and Service Providers, the List of Registrars) that are already published on its website. EETT does not disclose additional information about natural persons stored in its Registries, unless there is a public prosecutor’s order. Likewise, in the case of requests from third countries, EETT transmits data that are publicly available on its website.

The data submitted in the complaints are retained and processed by EETT in order to assess the complaint, forward it to the operator in the cases required, exercise legal competencies, notify the competent authorities and communicate with the complainant. During the assessment, the complaint may be communicated to the person/entity concerned. If the complainant does not wish his/her personal data to be disclosed to the person/entity concerned, when submitting the complaint he/she should state, document and explain the reasons. EETT will then decide on this. Third party access to the case documentation is subject to Greek legislation regarding access to public documents.

EETT may use trusted third parties to process personal data on its behalf. A list of those processors is available upon request. All such trusted third parties are bound by a legal act (regulation), written contract or confidentiality and non-disclosure agreement before they gain access to the data. They carry out personal data processing in accordance with the terms of this Privacy Policy.

EETT does not sell or exchange personal data with other organizations. It does not use personal data for commercial purposes. It does not perform automated decision-making or profiling.

5. Time of data retention

EETT retains collected personal data for a period of time in accordance with the law in force and as long as necessary to fulfill the processing purposes. The retention time period per document category is defined in EETT Decision No. 1070/29/10-4-2023 (Government Gazette 3528/B/2023 – available in Greek).

6. Rights of data subjects

EETT ensures, as far as possible, that the stored data are up to date and accurate, and limited to what is necessary for the purposes for which they are processed.

As a data subject, you may exercise your rights in accordance with the law on personal data. Indicatively, you may request access and obtain a copy of your personal information or exercise the rights of rectification, erasure, portability of data, as well as, restriction or objection of processing. Your requests are processed and satisfied, in accordance with the provisions of the GDPR. If you submit your personal data with your consent in order to receive specific services or communication, such as EETT’s publications, you have the right to request the erasure of your personal information from the relevant recipients list at any time you wish. In the event of an erasure request, EETT deletes the data in the context of Article 17 of the General Data Protection Regulation.

If you believe that your privacy is affected in any way, then contact the Hellenic Data Protection Authority.

7. Changes to this Policy

EETT intends to inform you of any changes to the way it processes your personal data. It will periodically review and modify this Privacy Policy to reflect changes in its policies and practices. If it modifies this Policy, EETT will update the date of “LAST UPDATE” below.

8. Contact details

Important note:

EETT has no responsibility for the processing or protection of personal data by the companies of the markets EETT regulates, supervises and controls or by other organizations. In all such cases, please contact the Hellenic Data Protection Authority.

If you have any questions, comments or complaints regarding the use of your personal data by EETT or you would like to exercise your rights as a data subject, please contact us using the following contact details:

General Data Protection Regulation (GDPR) group:

Email: GDPR@eett.gr
Tel: 210 6151000

The Data Protection Officer (DPO) of EETT is Ms Marina Stavroula Stamatogianni, replaced by Ms Ioanna Kontopoulou. Contact Email: DPO@eett.gr

9. Relevant EETT data policies for further information

LAST UPDATE: 11/2025