MENU
Search

CLOSE

Home > Privacy Policy

Privacy Policy

EETT is committed to protecting and respecting your privacy and complies with the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016).

This Privacy Policy explains the types of personal data that EETT maintains, the ways it collects, uses, manages and protects them, as well as your rights as data subjects. If you have any questions or comments about our processing of your personal data, please contact us using the contact details provided in section 7 below.

1. The purposes of personal data collection and processing by EETT

EETT collects and processes personal data solely for the exercise of its official mission in order to:

  • comply with its legal obligations,
  • carry out its duties in the public interest or in the exercise of official authority vested in EETT and
  • communicate appropriately with the data subjects and send them its informative publications, such as the “Communications at High Speed” Magazine, its Newsletter, etc., or other information about its actions.

Personal data are voluntarily provided to EETT by the data subjects themselves, with the exception of data transmitted by other public authorities to EETT in accordance with a legal obligation for the exercise of its official mission.

2. The personal data processed by EETT

In general, EETT collects the necessary data to exercise its competencies or satisfy requests of the data subjects for information and communication. Such data may be: name, title, organization, position in the organization, contact details, prior communication with EETT, etc. Personal data of users requesting access to EETT’s online applications are used exclusively for authentication purposes and are not subject to any other processing. EETT’s web site and online applications are not designed for and addressed to children. Therefore, EETT does not knowingly collect or store personal data concerning children.

3. Personal data for visiting and browsing at www.eett.gr

Browsing the website of EETT, www.eett.gr, is conducted anonymously and does not require the identification of the user or the recording of his activity in log files. The provision of certain services, such as complaints submission, requires the registration of personal information by the user, managed in accordance with the applicable EETT data protection statements and policies. In case of a complaint form submission, the system automatically records, in addition to the data entered by the user, the IP address together with the date and time of the submission, keeping it for a 24-hour period.

The management and updating of the content of the website require the identification of authorised users (employees of EETT or the partner company) through the credentials assigned to them. When logging in, information about their activity is recorded, such as the IP address and actions on the pages or publications they edit.

With the consent of the user, Matomo Analytics is used to measure and analyse website traffic. Matomo stores anonymous information about visitors and page browsing, recognising unique visitors through a randomly created number assigned to them.

To protect against unwanted bot visits, Google reCAPTCHA version 3 is used. This helps to ensure access to the website and protect it from automatic malicious actions.

The personal data held by the EETT website may be communicated to the data controllers with whom EETT cooperates for its operation. In particular, the website is hosted by the Government Cloud Computing Service (G-Cloud) which is managed by the General Secretariat for Information Systems and Digital Governance of the Ministry of Digital Governance. The data is stored on servers within Greece and is not transmitted abroad, while only authorised personnel have access to them to provide the necessary technical support services. The management of the website is supported by 33clouds IKE. The authorised personnel of the company have access to the data of the website to the extent necessary to support its management. The above data controllers handle personal data only on the basis of the recorded orders of EETT, are bound by an obligation of confidentiality and do not transmit them to third parties.

4. Data protection

EETT is committed to protecting your personal data from breach, misuse, alteration, loss or destruction. It keeps the data secure and treats them with sensitivity in accordance with the General Data Protection Regulation. To that end, EETT adopts reasonable policies, implements appropriate technical and organizational measures, and keeps trying to improve them continuously.

According to their processing purposes, the data are stored in databases hosted on secure EETT servers or G-Cloud. These databases are protected by multi-level authentication and access is restricted to personnel who strictly require access to perform their tasks.

Database access rights are defined according to the users’ specialized roles and ensure that users have access on a strictly need-to-know basis.

EETT does not disclose personal data to individuals, organizations or other third parties unless this is required for EETT to perform its duties, respond to requests from other public authorities in accordance with a legal obligation for the exercise of their official mission or comply with provisions of legislation or court decisions.

Upon request, ΕΕΤΤ transmits data from its Registries (such as the Registry of Electronic Communications Network and Service Providers, the List of Registrars etc.) that are already published on its website. EETT does not disclose information about natural persons stored in its Registries, unless there is a public prosecutor’s order. Likewise, in the case of requests from third countries, EETT transmits data that are publicly available on its website.

The data submitted in the complaints are retained and processed by EETT in order to assess the complaint, forward it to the operator in the cases required, exercise legal competencies, notify the competent authorities and communicate with the complainant. During the assessment, the complaint may be communicated to the person/entity concerned. If the complainant does not wish his/her personal data to be disclosed to the person/entity concerned, when submitting the complaint he/she should state, document and explain the reasons. EETT will then decide on this. Third party access to the case documentation is subject to Greek legislation regarding access to public documents.

EETT may use trusted third parties to process personal data on its behalf. A list of those processors is available upon request. All such trusted third parties are bound by a legal act (regulation), contract or confidentiality and non-disclosure agreement before they gain access to the data. They carry out personal data processing in accordance with the terms of this Privacy Policy. EETT does not sell or exchange personal data with other organizations. It does not use personal data for commercial purposes. It does not perform automated decision-making or profiling.

EETT retains collected personal data for a period of time in accordance with the law in force and as long as necessary to fulfill the processing purposes. The retention time period per document category is defined in EETT Decision No. 1070/29/10-4-2023 (Government Gazette 3528/B/2023 – available in Greek).

5. Rights of data subjects

EETT ensures, as far as possible, that the stored data are up to date and accurate, and limited to what is necessary for the purposes for which they are processed. As a data subject, you may exercise your rights in accordance with the law on personal data. Indicatively, you may request a copy of your personal information that you have previously provided us with and exercise the right to request correction of inaccuracies of that information, to object to or request the restriction of processing, and to request access to, or the erasure of your personal information. If you submit your personal data with your consent in order to receive specific services or communication, such as EETT’s publications, you have the right to request the erasure of your personal information from the relevant recipients list at any time you wish. In the event of an erasure request, EETT deletes the data in the context of Article 17 of the General Data Protection Regulation. If you believe that your privacy is affected in any way, then contact the Hellenic Data Protection Authority.

6. Changes to this Policy

EETT intends to inform you of any changes to the way it processes your personal data. It will periodically review and modify this Privacy Policy to reflect changes in its policies and practices. If it modifies this Policy, EETT will update the “Date of Last Update” below.

7. Contact details

EETT has no responsibility for the processing or protection of personal data by the companies of the markets EETT regulates, supervises and controls or by other organizations. In all such cases, please contact the Hellenic Data Protection Authority.

If you have any questions, comments or complaints regarding the use of your personal data by EETT or you would like to exercise your rights as a data subject, please contact us using the following contact details:

General Data Protection Regulation (GDPR) group:


Data Protection Officer (DPO) of EETT: DPO@eett.gr

LAST UPDATE: 01/2024

  • Post type