Privacy Policy & Rights

Last date of update: 02/2022

“TIRESIAS S.A.” (hereinafter “Tiresias” or the “Company”) follows a strict policy to protect the privacy of the users of our website “https://tsek.teiresias.gr” (“Website”). With the present policy we offer you information on how we use electronic cookies, each time you visit our Website. This cookie policy complements the privacy policy of our Website.

Our Company reserves the right to amend and update this Cookie Policy, whenever it deems it necessary. The date the update took place will be indicated at the beginning of the Policy. Any changes thereof shall come in force and effect from the date the update took place as it appears at the beginning of the Policy. It is recommended that you check this page from time to time to make sure you are aware of any changes

What are electronic cookies and similar technologies?

Cookies are small text files with information, which are stored by the server of a website on the terminal device (computer, mobile phone, etc.) of a visitor/user while navigating on it. The website retrieves this information at each visit in order to offer the related services. A typical example of such information is the user's preferences on a website, as they are stated by the choices, he makes on it (e.g. selection of specific "buttons", searches, etc.).

According to Article 4 par. 5 of L.3471/2006, the storage or access to stored information in the user’s terminal equipment is allowed only if the specific user has given his consent upon clear and extensive information. An exception to the obligation of obtaining user’s consent, in accordance with the above paragraph, is the case of storage and access to information whose sole purpose is to "transmit a communication through an electronic communications network or is necessary to provide an information society service, that has been explicitly requested by the user or the subscriber". In essence, the user’s consent is not required for cookies which are considered strictly necessary for the realization of the connection to the website or for the provision of the requested internet service.

Cookies can be installed by the provider of the website, visited by the user, (first party cookies) or by other providers (third party cookies), through the provider of the website visited by the user.

Depending on their expiration dates, cookies are either “session” or “persistent” cookies. In particular, session cookies are automatically erased whenever you close your browser, whereas persistent cookies remain stored until their expiration date, unless manually deleted prior to that date.

Does our Company use cookies?

The website ("https://tsek.teiresias.gr") uses cookies for the purpose of its smooth and secure operation and the optimization of the navigation experience.

In particular, we use certain strictly necessary cookies with the primary purpose to make our Website more secure, functional and user – friendly.

What types of cookies do we use?

In the table below we describe the types of cookies that we use and their purposes:

Which cookies do we use in specific and how long do we retain your data?

What kind of data do we collect by our use of cookies?

By using strictly necessary cookies, we collect and process the following categories of data:

• End user device data (mobile phone, tablet, laptop).
• User’s identification data (in case of account).
• Users’ IP address.
• Information on users’ browser

Information for the use of Cookies

By entering our Website, you will find a short notice in a pop-up window placed in a prominent position of our home-page, which informs you about the use of cookies by us and refers to this Cookie policy. In this notice you will find important information about the description and purposes of the cookie categories. For the use of strictly necessary cookies the user's consent is not required and they are always activated.

We also remind you that as data subjects you have the right to request and receive access, information, and request a copy of your personal data, which Tiresias collects and processes. We further inform you that, at any time, you may exercise your rights regarding the correction, deletion and portability of your personal data as well as restriction and opposition to its processing. Finally, you have the right to lodge a complaint with the Personal Data Protection Authority or another competent supervisory authority.

Contact Us

For any further information or request or for the exercise of your rights regarding this cookie policy you may contact us at the following address: dpo@tiresias.gr

Last date of update: 31/01/2022

Data Controller

The company under the corporate name "Banking Information Systems S.A." and the distinctive title "TIRESIAS S.A." ('the Company'), which is based in Maroussi, Attica, 2 Alamanas Street, TK 151 25, tel. 210 63.82.200, e-mail cust_support@tiresias.gr processes personal data of partners - suppliers - customers and visitors of its website.

This policy sets out the principles for the collection, storage and use of your personal data by the Company when you visit, register or use its website services at tsek.teiresias.gr. The website tsek.teiresias.gr is a website of the Company's TSEK (Tiresias Risk Checking System) service, which acts as a Controller and belongs to it.

When do we collect your personal data?

1. While browsing in the above website;
2. When registering as a user to our services (creation of a user account);
3. When purchasing a subscription package and while using TSEK service.

What categories of personal data do we collect?

A) When you visit and navigate our website, we use cookies to collect your data. To learn about the type of data we collect through them and the legality of this processing, please visit the Cookies Policy.

B) When you register as a user in TSEK service, a lead record (user account) is created in which you enter and then we store the following information about you:

1. Corporate Name and Distinctive Title
2. Business & form of business
3. VAT number, General Electronic Commercial Registry number & Tax Office.
4. full address of head office, invoice and mailing (Address, Number, City, P.C., company and accounting phone number and Fax number),
5. details of a legal representative of the company and the administrator (WebOfficer) of the TSEK service when it is different from the legal representative. (Name, Last Name, ID number, work phone and mobile phone number, email address, password and potentially job position).

C) When providing TSEK service, we collect data related to our business transactions with you (purchases, invoice details, payment information, debts) as well as data from our communications with you in the context of this service (service, packet change requests, problem solving requests)

D) Also, in the context of our trading relationships, we send you informational material about our news and services (newsletters), promotions, questionnaires, by entering your email address in the "Newsletter & Email Campaign" list, unless you initially disagreed with this service. If you are a new user/customer, we will first ask for your express consent before sending you newsletters.

What is the purpose of processing your personal data?

We collect your Data mentioned above particularly for:

A) drafting and executing the contract for the provision of TSEK services (the provision of a TSEK service, contacting you and providing you with information regarding the availability of the service, the payment and management of your debts to the company, the renewal, extension or any cancellation of the purchase);

B) our compliance with the obligations imposed by the applicable legislation, e.g. the issuance of tax documents;

C) the protection of the company's legitimate interests (safeguarding legal claims);

D) customer satisfaction surveys, newsletters and promotion of the company's products and services.

Legal Grounds for Processing Data

The processing of your personal data is based on the following legal grounds:

(1) your contract for the provision of TSEK services, with you as Contracting Party (refers to categories of data under point A);

(2) our company's legal obligations (tax legislation) (refers to data categories under point B),

(3) the legitimate interests pursued by our company (refers to data categories under point C),

(4) the provisions of e-privacy legislation (No.11(3) of Law 3471/2006) (refers to the conduct of customer satisfaction surveys under point D),

(5) your prior consent (refers to other categories of data under item D), unless you are already our customer and you had not initially expressed your disagreement. In any case, you can choose to opt out of our newsletters and promotional material by clicking the unsubscribe option found in the relevant communications you are receiving or in your TSEK profile.

The processing of your data collected through cookies sis necessary for the provision of a TSEK service. For more information visit the Cookie Policy.

Who do we share your personal data with? Where is it stored?

Data Recipients are only the strictly necessary staff of the Company, which is bound by confidentiality, and the companies associated with us, who process your Data as Processors on our behalf and in line with their professional obligations, such as advertising companies, public relations companies, automated e-mail distribution companies, research companies, etc. We may share or disclose your Data upon your expressed request or when it is required by law.

We do not transfer your Data outside Greece. Your Personal Data is stored and processed only within Greece.

Processing principles and security measures

Our Company, indicatively and not restrictively:

• processes only your personal data that is necessary to fulfil the aforementioned purposes and only for those purposes;
• implements appropriate technical and organisational measures for the security of personal data (ensuring confidentiality, integrity and availability) by design and by default;
• implements procedures and systems for the confidentiality of the processing of personal data, as well as for their protection against accidental or unlawful destruction, accidental loss, alteration, prohibited dissemination or access and any other form of unfair processing (e.g. use of tools for access controls and data loss prevention);
• informs data subjects (citizens and employees) in accordance with the Regulation (EU) 2016/679 (GDPR);
• respects the principle of personal data minimisation;
• ensures the exercise and satisfaction of the rights of the data subjects,
• has drafted documents, policies and procedures demonstrating its compliance with the principle of accountability (privacy policy, policy cookies, recording of the type, categories and flows of personal data, compilation of processing records, impact assessment, etc.), as referred to in the GDPR,
• has appointed a Data Protection Officer and set up a group for the protection of personal data,
• educates and raises awareness among its employees regarding the protection of personal data;
• amends its cooperation agreements with processors on its behalf, in accordance with Article 28 of the GDPR, ensuring that processors are fully GDPR compliant as well.

How long do we keep your personal data?

We delete the data you have entered to the user account in order to draft and execute the contract between us, in accordance with the following:

• for our approved customers: 20 years from the end of the contract;
• regarding the commitment history: 5 years from the end of the subscription;
• with respect to the commitment file you send us: 5 years from the end of the subscription.

With regards to the newsletters and the relevant material (promotions, customer satisfaction surveys), we delete your email from the newsletter & email campaign list as soon as you declare your disagreement, by clicking the relevant link that appears in each electronic communication of promotional services sent to you or in your TSEK profile.

Data collected through Cookies is deleted in accordance with the Cookies Policy.

How long will you receive informational material?

We will send you newsletters in line with the conditions stated above, as long as you are registered with Company's TSEK service and as long as we have your expressed consent (through the unsubscribe option or through your profile).

Is your Data secure?

We are committed to protecting your personal data. We have put in place appropriate organizational and technical measures to ensure your data is protected against any form of accidental or improper processing.

We use ssl-secure socket layer to ensure the secure exchange of data between our website and your browser.

The TSEK service is designed to provide high levels of security. The security measures applied to the operation of the TSEK service are summarised below:

1. Use of Network Security Infrastructures

The TSEK system is protected with the latest network security infrastructures aimed at detecting and preventing malicious attacks, as well as allowing a full control of incoming and outgoing data.

2. Data Transfer Encryption

For data transfers from the systems of Tiresias SA to the user, appropriate protocols are in place so that the data and in general the entire communication remains encrypted until they are received by the user. Thus, the service is offered via a secure connection (indication https://tsek.teiresias.gr in browser).

3. Data Archive Maintenance

Tiresias S.A. solely manages its data archive, in fully independent databases by the TSEK service. Communication between these two systems takes place exclusively within the internal network of Teiresias SA with special protocols, without the interference of any external communications service provider or any third-party provider.

4. Controlled Access

Access to the service is granted only after checking and validating the required legal documents of Tiresias SA. Users have access only by using Username & Password. Tiresias S.A. will never ask you for your password. Only you know the password you have given and the answers to the security questions and only you can change your password.

5. Security Policies

Tiresias S.A. follows strict safety procedures and policies, which are part of the ISO 9001:2015 quality assurance standard, according to which the company has been certified while its compliance is constantly monitored regularly both by internal and external inspections.

6. Safe Payments

Payments are automated and transparent, whether by credit card or by transfer using the DIAS Credit Transfer (DCT) service. Tiresias S.A. does not keep a record at all and in no way of the credit card details, which are used to purchase packages.

All the aforementioned measures are reviewed and amended when necessary.

What are your rights? How to you exercise them?

You have the following rights:

a) Be informed when we collect and process your personal data, data sources, the purposes of processing it, its retention period and request a copy of any personal data we hold that concerns you (right of access).

b) Request the correction and/or completion of your personal data in order to be complete and accurate (right of rectification). You should provide any necessary document from which to obtain or need to be corrected or supplemented.

c) Request the restriction or suppression of your personal data (right to restrict processing).

d) Refuse and/or object to the processing of your personal data that we keep (right to object).

e) Request the transfer of your personal data that we keep to any other controller of your choice in a safe and secure way, without affecting its usability (right to data portability).

f) Request the deletion of your personal data from the files we keep for example when your data is no longer necessary or unlawfully processed or no longer meets one of the abovementioned lawful grounds (right to be forgotten).

With regards to the exercise of your above rights, please note that:

• The Company has in any case the right to refuse the satisfaction of your request to limit the processing or erasure of your personal data or your objection to the processing, if the processing or retention of the data is necessary for the foundation, exercise or support of its legal rights or the fulfilment of its obligations.
• The exercise of the right to portability does not imply the deletion of your data from our records, which is subject to the terms of the immediately preceding paragraph and the conditions of the Rules of Procedure.
• The results from the exercise of these rights have effect for the future and does not concern data processing already carried out.

g) Lodge a complaint with the Hellenic Data Protection Authority (http://www.dpa.gr) if you consider that your rights are being violated in any way (right to complain to the Authority).

For the exercise of the above rights you can address in writing to the address of the Company (Alamana 2 Maroussi 151 25), or electronically to the e-mail address (cust_support@teiresias.gr) or on the Company's website www.tiresias.gr or through the website tsek.teiresias.gr entitled "Exercise of the right of access / of rectification / to be forgotten / to data portability / of restriction / to object" in any case you can also contact the Data Protection Officer of the Company at the address dpo@tiresias.gr.

When do we reply to your Requests?

We respond to your requests free of charge without any delay, and in any case within one (1) month of receiving your request. However, if your Request is complex or there is a large number of your Requests, we will inform you within the month if we need to receive an extension of another two (2) months within which we will reply to you.

If your requests are manifestly unfounded or excessive, in particular because of their repetitive nature, the company may impose a reasonable fee, taking into account the administrative costs of providing the information or carrying out the requested action or refusing to follow up on the request.

Who can you contact for the progress of your Requests?

For more information you can call during business days and hours on the +302103676700 (Customer Service Phone Line).

Do we use automated decision-making, including profiling, when processing your Data?

We do not make decisions or profiling based on automated processing of your Data.

On our website https://tsek.teiresias.gr/ we only use “cookies” and always in accordance with the terms set out in the Cookies Policy.

What is the applicable law when processing your Data?

We process your Data in accordance with the General Data Protection Regulation 2016/679/EU, and in general, with the applicable national and European legislative and regulatory framework for the protection of personal data (Law 4624/2019, Law 3471/2006).

Data Protection Officer (DPO)

The Company has appointed a Data Protection Officer in accordance with No. 37 of the General Data Protection Regulation (tel. +30210 36.76.700, dpo@tiresias.gr, Alamanas 2 151 25 Maroussi).