CALL
ME
BACK
HOME | GDPR
EUROCORP INVESTMENT SERVICES S.A.

GDPR

Privacy Policy

Purpose & Scope

Eurocorp Investment Services S.A., hereinafter referred to as the “Company”, makes every effort to comply with applicable legislation on the protection of personal data within its field of activity. This Policy sets out the basic principles under which the Company processes personal data of clients, seafarers, employees, suppliers, partners, and other individuals. It applies to the Company as well as to any directly or indirectly controlled entities. All employees, whether on permanent or fixed-term contracts, as well as all subcontractors working on behalf of the Company, are bound by this Policy.

Key Definitions

The key definitions used in this document, as set out in Article 4 of the General Data Protection Regulation (GDPR), are as follows:

  • Personal Data: Any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
  • Special Categories of Personal Data: Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of unique identification, health data, or data concerning a natural person’s sex life or sexual orientation.
  • Data Controller: The natural or legal person, public authority, agency, or other body which determines the purposes and means of processing personal data.
  • Data Processor: The natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

Core Principles of Data Processing

The Company, acting as Data Controller, strictly adheres to the principles of data protection under Article 5 of the GDPR.

Lawfulness, Fairness & Transparency

Personal data are processed lawfully, fairly, and transparently.

Purpose Limitation

Data are collected for specified, explicit, and legitimate purposes and are not further processed in a manner incompatible with those purposes.

Data Minimisation

Only adequate, relevant, and necessary personal data are collected and processed.

Accuracy

Personal data are kept accurate and up to date, and inaccurate data are corrected or erased without delay.

Storage Limitation

Data are retained only for as long as necessary for the purposes for which they are processed.

Integrity & Confidentiality

Appropriate technical and organisational measures are implemented to ensure security and protection against unauthorised or unlawful processing, accidental loss, destruction, or damage.

Accountability

The Company is responsible for, and must be able to demonstrate compliance with, data protection obligations.

Privacy Notice, Consent & Data Subject Rights

Privacy Notice

Before or at the time of data collection, the Company provides clear information regarding the types of data collected, purposes of processing, retention periods, data sharing, international transfers, and security measures.

Consent

Where consent is required, it must be freely given, specific, informed, and unambiguous. Data subjects may withdraw consent at any time. For children under 16, parental consent is required.

Data Collection

The Company ensures that only the minimum necessary data are collected, in accordance with applicable financial regulations.

Third Parties

Where third-party service providers are engaged, they are contractually required to ensure appropriate data protection and to process data only according to the Company’s instructions.

Rights of Data Subjects

Data subjects have the right to:

  • Access their personal data
  • Rectify inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability in a structured format
  • Request direct transfer of data where technically feasible

Requests are handled within one month, unless manifestly unfounded.

Security Breach Response

In the event of a data breach, the Company will investigate, take corrective measures, and where required, notify the Hellenic Data Protection Authority within three working days if there is a risk to individuals’ rights and freedoms.

Contact

For any questions or clarifications regarding the processing of personal data, please contact: DPOfficer@eurocorp.gr.

REQUEST AN UPDATE

Unlock the full
potential of your wealth.

Contact us and discover how we can help you make the most of your financial potential.




    Interested into:

    Your message*



    This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.