Privacy Policy — kretsi.gr
Aglaea Kretsi & Associates Law Firm
Last Updated: 14/11/2025

1. Introduction
This Privacy Policy explains how Aglaea Kretsi & Associates Law Firm (“we”, “our”, “the Firm”) collects, uses, stores, and protects personal data when you visit the website kretsi.gr or contact us.
We are committed to safeguarding your personal information in accordance with the General Data Protection Regulation (GDPR) (EU 2016/679) and applicable Greek law.
By using our website, you acknowledge that you have read and understood this Privacy Policy.

2. Who We Are
Data Controller:
ΑΓΛΑΙΑ ΚΡΕΤΣΗ ΚΑΙ ΣΥΝΕΡΓΑΤΕΣ ΔΙΚΗΓΟΡΙΚΗ ΕΤΑΙΡΙΑ
Address: Ilias Iliou 9 & Nikomachou, 11631, Athens, Greece
Email: business@kretsi.gr
We determine the purposes and means of processing personal data collected through our website and our communication channels.

3. Personal Data We Collect
We collect only the data necessary to operate our website and respond to your inquiries.
This may include:
3.1 Data you provide voluntarily

• Name and contact details (if you contact us by email or through any form)

• Information relevant to your legal inquiry

• Any documents or details you choose to share

3.2 Data collected automatically

• IP address and basic technical information required for website functionality

• Strictly necessary cookies (no tracking, analytics, or marketing cookies)

We do not collect or process special categories of personal data through the website unless you voluntarily submit them during communication with us.

4. How We Use Your Personal Data
We process personal data only for legitimate purposes, including:

• Responding to your inquiries

• Evaluating your request for legal services

• Communicating with you

• Operating and securing our website

• Complying with legal and regulatory obligations

We do not use your data for marketing, profiling, automated decision-making, or advertising.

5. Legal Bases for Processing
We process personal data based on one or more of the following legal grounds:

• Article 6(1)(b) GDPR — performance or initiation of a contract

• Article 6(1)(c) GDPR — compliance with legal obligations

• Article 6(1)(f) GDPR — legitimate interests, such as website security

• Article 6(1)(a) GDPR — your consent (when applicable)
   

6. Cookies
Our website uses only strictly necessary cookies required for its basic operation. We do not use analytics, advertising, or third-party cookies.
For more details, please refer to our dedicated Cookies Policy.

7. Sharing of Personal Data
We do not sell, rent, or distribute your personal data.
We may share information only when necessary:

• With trusted service providers (e.g., hosting providers)

• With courts, authorities, or regulators when required by law

• With collaborators or professionals strictly for the purposes of your legal matter (and only with confidentiality safeguards)

All third parties are required to comply with GDPR and confidentiality obligations.

8. Data Retention
We retain personal data:

• Only for as long as necessary to fulfill the purposes described above

• In accordance with legal and professional obligations applicable to law firms

• As required by Greek Bar Association rules

After retention periods expire, data is securely deleted or anonymized.

9. Data Security
We implement appropriate technical and organizational measures to ensure your data is protected against:

• Unauthorized access

• Alteration

• Loss

• Disclosure

However, no system is completely secure. We take all reasonable steps to protect your data.

10. Your Rights Under GDPR
You have the right to:

• Access your personal data

• Rectify inaccurate or incomplete data

• Request erasure of your data

• Restrict processing

• Object to processing

• Data portability

• Withdraw consent at any time (where applicable)

• Lodge a complaint with the Hellenic Data Protection Authority (HDPA)

HDPA Website: www.dpa.gr
To exercise any of these rights, contact us at: business@kretsi.gr

11. International Transfers
We do not transfer your personal data outside the European Economic Area (EEA).
If such a transfer becomes necessary, we will ensure full compliance with GDPR, using adequate safeguards
.
12. Links to External Websites
Our website may contain links to third-party websites.
We are not responsible for their privacy practices. We encourage you to review each site's privacy policy.

13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law or our practices.
Any changes will be posted on this page with the updated “Last Updated” date.

14. Contact Us
For questions or concerns about this Privacy Policy or your personal data, please contact us:
ΑΓΛΑΙΑ ΚΡΕΤΣΗ ΚΑΙ ΣΥΝΕΡΓΑΤΕΣ ΔΙΚΗΓΟΡΙΚΗ ΕΤΑΙΡΙΑ
(Aglaea Kretsi & Associates Law Firm)
Ilias Iliou 9 & Nikomachou, 11631, Athens, Greece
Email: business@kretsi.gr