Personal Data Protection Policy

Introduction – Data Controller

The website located at www.trustservers.gr, hereinafter referred to as the “Website”, belongs to the company TRUSTSERVERS P.C., based at Komninon Street 5-7, 114 72, Athens, hereinafter referred to as the “Business”.

For any information regarding this policy or generally about the protection of your personal data, you can contact us at (+30) 211 800 3370 (from 10:00 AM to 6:00 PM) or via email at privacy@trustservers.gr. Through the Website, the Business collects certain information about its users, which may lead to their direct or indirect identification. According to the applicable legal framework, some of this information constitutes personal data. You, as visitors, are referred to as “data subjects”, and we, as the Business, are the “data controllers” of your data.

The purpose of our policy is to clearly and concisely explain to you the following in the simplest way possible:

• The data we process
• The purposes for which we process it and the legal basis for processing
• Who are the recipients of your data
• How long we store your data
• Your rights regarding your data and how you can implement them

Changes to the Data Policy and Notifications

This Personal Data Protection Policy may be modified at any time without prior notice. Guided by the principle of transparency, we are committed to inform you of any significant changes to our GDPR policy. However, in any case, you should periodically review our policy, as the use of our services implies your acceptance of it.

The Key Principles for Processing Your Data

We are committed to processing your data in a fair and transparent manner, always in accordance with the applicable legal framework, particularly the General Data Protection Regulation (GDPR).

What this actually means in practice:

• We collect and process your data only for specified, explicit, and legitimate purposes.
• We collect and process only the data that are necessary for the purposes we set.
• We make every effort to ensure that your data is accurate, providing you, where applicable, with the opportunity to correct and/or delete it.
• We retain your data only for the period required for the purposes we have set.
• We make every effort to safeguard your data from unauthorized or unlawful processing and from accidental loss, destruction, or damage.
• As part of our data protection efforts, the Company implements a range of appropriate technical and organizational measures, adopts internal security policies, adequately trains its staff, who are committed to confidentiality and privacy, and utilizes a range of technologies that ensure the security of your data (e.g., SSL certificates, encryption, and certified data centers). In line with the rules of information security and data protection, these technical and organizational security measures are regularly monitored and, if deemed necessary, updated and adapted to new best practices.

The data we collect, the purposes for its collection and the legal grounds for doing so.

By default, the Company collects and processes your data only when you provide it directly and voluntarily.
However, this rule does not fully apply in two cases: for data collected through cookies (see details) HERE and for certain data automatically collected during your visit.

Α. INFORMATION COLLECTED AUTOMATICALLY

Due to the nature and operation of the internet, as soon as you visit our website, our server (proxy) records your IP address, which is considered personal data, even if we cannot identify you directly based on this data alone, along with the date and time of your visit.
Collecting and retaining your IP address in special log files is done (on a legal basis and purpose)  for two reasons:

On one hand, we have a legitimate interest in processing this data to ensure the security of networks, information, and services from accidental events or unlawful or malicious actions that threaten the availability, authenticity, integrity, and confidentiality of stored or transmitted data (e.g., monitoring for denial-of-service attacks).
On the other hand, given that we cannot guarantee that all users always have good intentions, we have a legal obligation to retain this data in case it is requested exclusively for investigations by competent authorities.

Β. INFORMATION YOU PROVIDE US

Beyond the above cases, we collect and process personal data in the following instances:

1. Contacting the Website via Email or Contact Form

• Data We Process
  Email address
  Phone number (optional)
  Important Note: In your message to the Website, you should only include the necessary details related to the issue you are concerned about and avoid mentioning personal data of yourself or third parties.
• Purpose
  We process this data as a part of serving you, in order to be able to communicate with you and respond to your message. If we are not already providing you with a service, simply sending an email or submitting a form does not make you our “customer,” and we do not add you to our database.
• Legal Basis
  We process the data you provide based on your consent (Article 6, Paragraph 1A of the GDPR), which you have the right to withdraw at any time and request to delete your data.

2. Pre-ordering Web Hosting Services

• Data We Process
  Full name
  Email address
  Phone number
  Important Note: In the “Comments” field, you should only include the necessary details related to the issue you are concerned about and avoid mentioning personal data of yourself or third parties.
• Purpose
  We process this data, upon your request, in order to assess your needs and review the technical and organizational details regarding our infrastructure so that we can provide you with the services you requested.
• Legal Basis
  We process the data you provide in order to take appropriate steps before entering into a contract with you (Article 6, Paragraph 1B of the GDPR).

3. Completion of Order for Web Hosting Services

• Data We Process
  Full name of the responsible person Full name of the technical responsible person Owner’s email address Technical person’s email address Headquarters phone number Mobile phone number for emergencies Address Tax Identification Number (TIN)
• Purpose
  We process this data, upon your request, in order to provide you with web hosting services, maintain communication with the business manager and the technical responsible person for technical matters, and to issue legal invoices for the provision of our services. Finally, this data is necessary to safeguard our rights and financial claims, as well as to establish, exercise, or support legal claims.
• Legal Basis
  We process the information you provide in order to fulfill our contractual obligations (Article 6, Paragraph 1B of the GDPR). We are also required by relevant legislation to issue invoices for our transactions (legal obligation – Article 6, Paragraph 1C of the GDPR).

The accuracy and authenticity of the information submitted in all cases are the responsibility of those who submit it. Please refer to the section of the policy concerning your rights for information regarding the possibility of correcting your data.

Data Processing Based on Legitimate Interest

As mentioned above, we have a legitimate interest in processing certain data, particularly your IP address, in order to ensure the security of networks, information, and services from accidental events or unlawful or malicious actions that threaten the availability, authenticity, integrity, and confidentiality of stored or transmitted data (e.g., monitoring for “denial of service” attacks). This processing is permissible as it does not pose a significant risk to your rights and freedoms, and it is explicitly allowed to be based on our legitimate interest, as outlined in Article 49 of the GDPR.

Data Access and Recipients

Access to the data is provided exclusively to the Company’s personnel, who, in addition to their high level of professionalism and experience, are contractually bound by a confidentiality obligation. We do not disclose or transfer your data to any person or legal organization.

Where are data retained and for what period of time

All the above information is stored either in an email system (contact forms, email) or in an internal closed customer management system (upon completion of the order), which is exclusively accessible by authorized personnel of the Website.
Your data is stored in the Company’s system, which is hosted in a data center located on a server in Germany, solely for the period necessary for the specific purpose of processing.
For example, if a contract has been concluded for the provision of web hosting services, we are obligated to retain the relevant documents for a period of at least five (5) years.

Your rights regarding your personal data

Based on the GDPR, you are entitled to a range of rights concerning the processing of your data by the Website. Specifically, you have the right to:

1. Request information from the Website regarding whether we process your data and, if so, which data have been processed (Right of Access).
2. Request the correction of your data (Right to Rectification).
3. Request the deletion of your data, under certain conditions (Right to Erasure).
4. Request the restriction of the processing of your data, under certain conditions (Right to Restriction of Processing).
5. Object to the processing of your data by us, under certain conditions (Right to Object).
6. Request the transfer of the data you have provided to us in a structured, commonly used, and machine-readable format, if it is technically feasible (Right to Data Portability).
7. In the event of a data breach that could put your rights and freedoms at significant risk, and unless one of the exceptions under the GDPR applies, the Company is committed to notifying you of the breach without undue delay.

The Company is committed to adhering to the legal framework governing data processing, ensuring the protection of your rights, and facilitating their exercise in compliance with applicable laws. Therefore, we may request additional information necessary to verify your identity before processing your rights.

In principle, the Company will respond to your request promptly, and no later than one month. However, if necessary, taking into account the complexity of the request or the number of requests, this deadline may be extended by an additional two months. In any case, the Company will inform you about the status of your request and the reasons for any delay, within one month of submitting your request.

If your requests are manifestly unfounded or excessive, particularly due to their repetitive nature, the Company may charge a reasonable fee to cover the administrative costs of providing the requested information or taking the requested action, or may refuse to process the request.

If you believe the Company is not in compliance with personal data protection laws, you have the right to file a complaint with the competent supervisory authority (in Greece, the Hellenic Data Protection Authority).

For any questions or concerns regarding the protection of your data by the Website, please contact us at privacy@trustservers.gr.

Hyperlinks to Third-Party Websites

Through appropriate hyperlinks within the Website, visitors are provided with access to third-party websites. The inclusion of these links is solely for the convenience of visitors during their internet browsing. It does not, in any way, signify endorsement or approval of the content of the linked websites.

Accessing any third-party website through the provided links is done at your own risk, and we encourage you to carefully read the privacy policy of each website you visit.