{"id":2743,"date":"2022-09-01T16:53:50","date_gmt":"2022-09-01T14:53:50","guid":{"rendered":"https:\/\/www.chamoslaw.gr\/?page_id=2743"},"modified":"2026-05-25T13:03:33","modified_gmt":"2026-05-25T10:03:33","slug":"terms-privacy-policy","status":"publish","type":"page","link":"https:\/\/alf.kmdot.com\/en\/terms-privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"\n<p><strong>PRIVACY AND PERSONAL DATA PROTECTION POLICY<\/strong><\/p>\n\n\n\n<p><strong>Introductory Provisions and Identity of the Data Controller<\/strong><\/p>\n\n\n\n<p>This Policy informs every natural person who visits our website or engages with our law firm regarding the manner, scope, purposes, and legal bases of the processing of their personal data. The Data Controller is the law firm under the name \u201cKESSES \u2013 NIKOLOPOULOS \u2013 STAMATIADIS &amp; PARTNERS \/ ATHENS LEGAL FIRM\u201d (DSA Reg. No. 80391), with its registered office in Athens, 43 Mavrommateion Street, Postal Code 10434, and email address info@athenslegalfirm.com. For any matter relating to the processing of personal data, data subjects may contact the above email address.<\/p>\n\n\n\n<p><strong>Categories of Collected Data<\/strong><\/p>\n\n\n\n<p>In the context of operating our website and providing legal services in general, our firm collects and processes personal data limited to what is necessary for the fulfilment of the intended purposes. In particular, we collect identification and contact data, such as full name, email address, telephone number, and postal address, which data subjects provide voluntarily through the website\u2019s contact forms or upon initiation of our professional relationship. Additionally, we process financial and tax-related data required for invoicing our services, as well as information directly related to the handling of legal matters assigned to us. In this latter category, depending on the nature of the mandate, special categories of data (sensitive personal data) may also be included, the processing of which is subject to enhanced technical and organisational safeguards. Furthermore, during browsing of our website, technical data are collected, such as IP address, browser type, and log data, which are processed in accordance with the provisions of the Cookies Policy. The provision of certain data is necessary for communication with our firm, the assessment of a potential engagement, the conclusion and performance of the mandate relationship, or compliance with legal obligations. Failure to provide such data may render it impossible to respond to a request or to provide the relevant services.<\/p>\n\n\n\n<p><strong>Purposes and Legal Bases of Processing<\/strong><\/p>\n\n\n\n<p>Each processing activity carried out by our law firm is based on a clear and predefined legal basis, in full compliance with Articles 6 and 9 of Regulation (EU) 2016\/679. The primary legal basis for most processing operations is the performance of a contract for the provision of legal services or the taking of steps at the request of the data subject prior to entering into such a contract. Processing is also often necessary for compliance with legal obligations, such as those arising from national tax legislation or the regulatory framework for the prevention of money laundering and terrorist financing. In certain cases, processing is based on the legitimate interests pursued by our firm, such as ensuring the security of information systems, establishing legal claims, or defending our rights before judicial authorities, provided that such interests do not override the fundamental rights and freedoms of the data subjects. Where processing, such as the sending of legal newsletters, is not covered by the above legal bases, it is carried out solely on the basis of the explicit, specific, and informed consent of the data subject. With regard to the processing of special categories of data in the context of judicial or extrajudicial proceedings, such processing is based on the establishment, exercise, or defence of legal claims.<\/p>\n\n\n\n<p><strong>Recipients of Data and Cross-Border Transfers<\/strong><\/p>\n\n\n\n<p>Our law firm is bound by the obligation of professional secrecy, ensuring that clients\u2019 information is not disclosed to unauthorised third parties. For the proper functioning of our services and the fulfilment of our contractual obligations, necessary data may be transferred to selected partners acting as processors on our behalf. These include IT service providers, network support technicians, accounting service providers, and external collaborating lawyers, notaries, and bailiffs. Further disclosure of data occurs exclusively to competent judicial, prosecutorial, or administrative authorities, where required by law or court decision. In the exceptional case of transfer of personal data to third countries outside the European Economic Area, our firm ensures compliance with Chapter V of Regulation (EU) 2016\/679 by implementing standard contractual clauses or other approved safeguards, so that the level of protection of natural persons is not undermined.<\/p>\n\n\n\n<p><strong>Data Retention Period<\/strong><\/p>\n\n\n\n<p>Personal data are retained only for the period necessary to fulfil the legitimate purposes for which they were initially collected, in accordance with the principles of data minimisation and storage limitation. Data relating to the handling of legal matters are retained for the duration of the mandate relationship and, thereafter, for the period required until the full limitation of any civil, criminal, or disciplinary claims related to the services provided, in accordance with applicable legislation and the Code of Lawyers. Tax-related data are retained for the period required by national tax and accounting legislation. Data processed on the basis of consent, such as newsletter subscription data, are retained until the data subject withdraws consent, at which point they are promptly and securely deleted.<\/p>\n\n\n\n<p><strong>Information Security and Organisational Measures<\/strong><\/p>\n\n\n\n<p>Our law firm implements a comprehensive system of technical and organisational measures to prevent accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access to personal data. These measures include advanced encryption of digital files, use of secure servers with intrusion detection systems, access control policies for partners and staff, and continuous training on cybersecurity threats. Additionally, detailed incident response protocols are in place to ensure immediate reporting and management of any data breach, as well as timely notification to the competent supervisory authority and affected data subjects where required by law.<\/p>\n\n\n\n<p><strong>Rights of Data Subjects<\/strong><\/p>\n\n\n\n<p>Under Regulation (EU) 2016\/679, individuals enjoy a broad set of rights, the exercise of which our firm guarantees. In particular, data subjects have the right of access to determine whether and which of their data are being processed, the right to rectification of inaccurate or incomplete data, and the right to erasure (\u201cright to be forgotten\u201d) where data are no longer necessary or consent is withdrawn. Data subjects retain their data protection rights even where their professional identity is closely linked to the name and activity of a legal entity. Furthermore, they have the right to restriction of processing under certain conditions, the right to data portability in a structured and commonly used format, and the right to object to processing. With regard to automated decision-making, including profiling, our firm expressly states that it does not engage in such practices. For the exercise of any of the above rights, as well as for withdrawal of consent, data subjects may contact the Data Controller at info@athenslegalfirm.com. Withdrawal of consent operates prospectively and does not affect the lawfulness of processing carried out prior to such withdrawal. Our firm responds within the time limits set by applicable law. Data subjects also retain the right to lodge a complaint with the competent national Data Protection Authority.<\/p>\n\n\n\n<p><strong>Amendments and Communication<\/strong><\/p>\n\n\n\n<p>Our law firm reviews and updates this Privacy Policy periodically to reflect our internal practices, technological developments, and changes in applicable legislation. For any questions, clarifications, or requests regarding personal data protection, interested parties may contact us at info@athenslegalfirm.com.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>PRIVACY AND PERSONAL DATA PROTECTION POLICY Introductory Provisions and Identity of the Data Controller This Policy informs every natural person who visits our website or engages with our law firm regarding the manner, scope, purposes, and legal bases of the processing of their personal data. The Data Controller is the law firm under the name [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-2743","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/pages\/2743","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/comments?post=2743"}],"version-history":[{"count":6,"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/pages\/2743\/revisions"}],"predecessor-version":[{"id":3458,"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/pages\/2743\/revisions\/3458"}],"wp:attachment":[{"href":"https:\/\/alf.kmdot.com\/en\/wp-json\/wp\/v2\/media?parent=2743"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}