Skip to main content

Privacy Policy

General information for our company

This privacy policy aims to inform you about the way we process your personal data, according to article 13 of 2016/679 GDPR. Respecting your personal data and your privacy, we inform you that the protection of your personal data constitutes a constant commitment for us. This privacy policy informs you about how we protect your personal data as a client, a potential client, a visitor or user of our website, and it informs you regarding your rights and the way you are protected by the Greek and European legislation. Data controller is the company “ΕΚΟΝΚΕΡ ΥΠΗΡΕΣΙΕΣ ΕΠΙΧΕΙΡΗΜΑΤΙΚΩΝ ΣΥΜΒΟΥΛΩΝ Ε.Ε” - “ECONCARE BUSINESS ADVISORY SERVICES LP” with the title “ECONCARE”. Georgia Kourlampa and George Gourzoulidis are managers and representatives, as it is described below.

Name of representatives: Georgia Kourlampa and George Gourzoulidis
Address:  Chatzigianni 5 Mexi St, Athens, PC 11528, Greece
Contact details: info[at]econcare.gr / +30 2169001701, 2121052769

On this website, the terms “our company, we, us” refer to ECONCARE

General Definitions

Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Sensitive personal data or special categories of personal data are data such as religious, ideological, political opinions or actions, information for health, gender, or biometric elements, the race and national origin, records or sanctions administrative or criminal nature.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data archive is every structured amount of personal data, which are accessible in a way that enables the recognition of the data’s subject.

Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Data controller is the legal or natural person who decides the purpose and means of personal data processing.

Data processor is the legal or natural person who processes personal data on behalf of the data controller.

Modification of privacy policy

This edition has been drafted in 15.9.2020 and is subject to future modifications, due to compliance procedure with GDPR. This edition substitutes all the previous publications or notifications by us.

This declaration replaces all the previous notifications which we potentially provided in the past, regarding our information practices. We reserve the right to change this policy and implement any change in collected information, as provided by law.

If there are essential changes in this policy or our practices regarding information will be modified in the future, we will notify you by publishing the changes on our website.

It is important for us, your -collected by us- personal data to be precise and valid. By this policy, we ask you to inform us if your personal data change during our professional cooperation.

Our company can modify this Privacy Policy in order to be able to harmonize with the over time applying practices of personal data protection. When we change this Privacy Policy, we will update the update date on the top of this Policy. We encourage you occasionally to read carefully this Policy, in order you to be informed about the way our firm protects your data.

Processing location

Our base is in Greece, and therefore all kinds of processing take place in Greece.

Processing purposes and legal bases

Our company processes personal data for scientific and professional purposes, as it is a  company providing statistical and consulting services for scientific (medical) research purposes. Our company also provides consulting and educational services regarding the health economy, policy and technology, as also the human resources development. Εconcare cooperates with public and private entities, as well with trade unions, for the above purposes. Consequently, our company deals with private and public medical projects. Our clients are public and private legal entities, and, sometimes, medical professionals.

With respect to professional purposes and professional clients, de facto we are obliged  to maintain the client’s personal data in the most secure way. With respect to the medical research purposes, we use additionally the method of anonymization, as to the patient's personal data. Therefore, in respect of medical data, we do not collect personal data, as we don’t have an additional corresponding record for personal data. On the contrary, the medical data correspond to simple numbers.   

We also collect personal data of our employees, according to law.

According το GDPR, we maintain the data only as long as it is necessary, and only for the period of time as provided by law.

We maintain these data for the purpose of performance of the contract (consulting services and medical projects, regarding health research), which applies between us and clients.

In our company we process your data for different purposes such as:

-In order to provide you consulting services, according to our contract.

-In order to process the requested by you services and keep you informed about the progress of your request or your project.

-In order to invoice you for the use of our services or to integrate the payment of your financial obligations.

-In order to answer your questions or concerns regarding the provision of our services.   

-In order to inform you about potential scientific progress of general interest in the framework of our constant cooperation.

-In order to evaluate CVs of prospective employees.

-In order to promote scientific research through promoting and educational events.

In the framework of these purposes we may collect data such as: name, identification data,  address, email address, telephone number, as also data included in the documents you provide us. These data are being collected in many ways such as via phone, via email, verbally during the meeting.

Processing legal bases

Our company collects and processes your personal data in the framework of performance of contract. You can visit the section “your rights” of this Policy for more information.

Contract performance

Our company processes personal data of its clients, in order for the contract of a medical project to be performed, and in the framework of which, the processing of personal ID and communication data of the client is necessary. These data, indicatively the name, identification data, phone number, email address, are being collected in order for the contract of the project to be completely performed, in the framework of which the timely coordination with the client is necessary.

Compliance with legal obligation

Our company may process your personal data in order to comply with legal obligations, including, for instance, accounting and tax consulting requirements, which are being implemented according to the internal policies and procedures. Indicatively the collection of data, which are needed for an invoice issue, is necessary.

Consent

Our company may exceptionally process your personal data, according to your consent, if there is a need for periodic communication (without contract). We may also retain the personal data, included in CVs, according to consent of not hired applicants. 

Legitimate interests

Indicatively, in case of promoting events, our company may process some personal data, as processing is necessary for the purposes of the legitimate interests pursued by our company.

Regarding the collection of your personal data, our company collects personal data when:

-You request a service, via phone, email or in person.

-It provides services to you.

-You ask for information about a service, or you contact us for submitting questions or complaints.

Cookies

Our website operates just and only with the necessary cookies, which are needed technically for the use and visit of it. If our company uses in the future any other cookies, the user's consent will be required.  

Receivers

The client's personal data, as also the employee’s personal data are being disclosed to the competent tax and social security authorities, according to law.

International transfers to third countries

There are no transfers to third countries out of the European Union, as we don’ t have such purposes.

Data storage period of time

The personal data are being collected only for the period of time that is necessary. Our company implements a strict policy of data maintenance and revision, in order for them not to be maintained beyond the necessary period of time. Our company also stores the basic personal data, needed for accounting and tax consulting purposes, for the specific period of time, as provided by law, namely for 10 years at least.

Subject’s rights

As a subject of processing of personal data you maintain the following rights:

-The right to access to your personal data, and if they are being processed by us, as a data controller, also to the purposes of processing, the categories of data, the receivers or the categories of the receivers (article 15 GDPR).

-The right to rectify not precise data, as also to complete incomplete data (article 16 GDPR).

-The right to erase your personal data, without prejudice to the obligations and the legal rights of our company for their maintenance, according to the respective legislation (article 17 GDPR).

-The right to restriction of data processing, if their accuracy is being challenged, or the processing is unlawful, or the purpose of processing has been concluded, provided that there is not a legal reason for maintaining them (article 18 GDPR).

-The right to data portability to another data controller, provided that the processing is based on your consent and is being carried out by automated means. The satisfaction of this right takes place without prejudice to the legal rights and obligations or our company for maintaining the data and the fulfilment of a duty to public interest (article 20 GDPR).

-The right to object for reasons as to your special condition in case your personal data are being processed for the fulfillment of a duty, exercised for the public interest or for the purposes of legal interests pursued by our company or a third party (article 21 GDPR).

Definition

You will not have to pay any fee or tax in order to have access to your data (or to exercise any other rights of yours). Nevertheless, we maintain the right to charge a reasonable fee if your request is obviously unfounded, repeated or abusive. Otherwise, we maintain the right to deny to comply with your request in these cases.

Withdrawal of consent

If there is going to be exceptionally a category of processing, based potentially on consent, in this theoretical case, you can withdraw your consent any time, if the processing of personal data is based on your consent. Nevertheless, this is an action which will not affect the lawful processing taken place before your withdrawal. If you withdraw your consent, maybe we will not be able to provide specific services to you. In this case, we will inform you accordingly at the time of your withdrawal.

Obligation for data providing

As it is well understood, the performance of a medical research contract would be impossible, if you didn’t provide us your data. The provision of data by you, needed for collection as provided by accounting and tax legislation, constitutes a legal obligation, while in case of not providing the tax data, the tax legislation would be violated respectively, and this would have as a result the danger of state sanctions.

Obligation for data providing

As it is well understood, the performance of a medical research contract would be impossible, if you didn’t provide us your data. The provision of data by you, needed for collection as provided by accounting and tax legislation, constitutes a legal obligation, while in case of not providing the tax data, the tax legislation would be violated respectively, and this would have as a result the danger of state sanctions.

Targeted advertising

Our company does not deal with targeted advertising to specific people, neither is processing data for the purpose of profiling.

Submitting a complaint

Every request of yours, concerning your personal data and the exercise of your rights have to be submitted, written, and to be sent either to info[at]econcare.gr, or to be handed over to our office. A special form for the exercise of your right to access your data, is available in our office. A denial by our office or an unjustified delay as to the satisfaction of your requests, provides you the right to resort to the Data Protection Authority, as the competent supervising authority for the implementation of GDPR. In any case, you maintain the right to submit a complaint to the competent supervising authority, if you consider that the processing of your personal data is being conducted in breach of the applying legislation. You can find respective information on the website www.dpa.gr. In case of any kind of question or concern, you can firstly contact us, using our contact data, in order to enable us to manage the questions before involving the above mentioned authority.

ECONCARE

5, chatzigianni Mexi St, Athens 11528, Greece

Land Line: +30 2169001701, 2121052769
Email: info[at]econcare.gr