EL
Let's talk Let's talk Let's talk
CONTACT

Available by appointment from Monday to Friday, 9:00 am to 9:00 pm

Privacy Policy

Learn more about how your data is collected and processed.

1. Introduction

The protection of your personal data is a priority for us. This Privacy Policy provides a clear and transparent explanation of the personal data collected through our website, the purposes for which it is used, the legal basis for its processing, and the rights available to you under the General Data Protection Regulation (EU Regulation 2016/679).

2. Data Controller Contact Details

Konstantina Gerou, professional address at 19, Dimarchou Ioanni Andreadaki Street, Livadia, 32131, Greece, contact number +302261080634, email address info@kgerou.com.

3. What personal data we collect for what purposes

When you submit an inquiry through the contact form on our website, we collect only the following information:

Full name
To identify and communicate with the individual concerned
Email address
For communication purposes, including appointment scheduling and the provision of information

These data are used exclusively to respond to your inquiry and to assess the possibility of future collaboration.

4. Legal Basis for Processing

The processing of your personal data is based on Article 6(1)(a) of the GDPR, as you have given your explicit consent for the use of your data for the purposes outlined above.

5. Data Retention Period

Your data is retained:

  • Where on sessions are initiated:your data will be retained only for as long as necessary to respond to your request and, in any event, for no longer than six (6) months from our most recent communication with you.
  • Where sessions are initiated: your data will be retained in accordance with applicable legal requirements and, in any case, for a minimum period of five (5) years following the end of the therapeutic relationship.

Once the above retention periods have elapsed, your data will be securely and permanently deleted.

6. Sharing Data with Third Parties

Your personal data is not shared with third parties for commercial or other purposes. It may be disclosed only in the following circumstances:

  • To technical service providers (such as website hosting providers), who act as Data Processors and are contractually obliged to comply with this Policy, and in all cases in accordance with applicable legislation.
  • To public authorities, where such disclosure is required by applicable law or upon a lawful request.

Your personal data is not transferred outside the European Economic Area (EEA).

7. Data Security

We apply appropriate technical and organisational safeguards to protect your data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

8. Your rights

In accordance with the General Data Protection Regulation, you have the following rights:

  • Right to information (Articles 13-14) and access (Article 15): You have the right to receive clear and transparent information at the time your data is collected regarding how it is processed, as well as the right to access your personal data.
  • Right to rectification (Article 16): You have the right to obtain the correction of any inaccurate data concerning you, as well as the completion of my incomplete data.
  • Right to erasure (“Right to be Forgotten”) (Article 17): You have the right to request the deletion of your personal data when you no longer with it to be processed or stored, provided that there is no overriding legal obligation or legitimate purpose for its retention.
  • Right to Restriction of Processing (Article 18): You have the right to obtain a restriction of the processing of your personal data from the Data Controller, subject to certain conditions.
  • Right to object to processing (Article 21): You are entitled to object to the processing of your personal data, subject to certain conditions.

To exercise any of your rights, you may contact us using the details set out in the Section 2 of this Policy. We will handle and respond to your request in accordance with the General Data Protection Regulation.

9. Right to Lodge a Complaint with a Supervisory Authority

If you consider that the processing of your personal data is in breach of the General Data Protection Regulation, you have the right to submit a complaint to the Hellenic Data Protection Authority (HDPA), as follows:

  • Via the website: www.dpa.gr , through the HDPA’s online portal, by completing the relevant electronic form according to the nature of the complaint.
  • If, for any reason, you are unable to access the Authority’s online portal, you may submit the relevant complaint form using one of the following methods:
    • By email at complaints@dpa.gr
    • By post to the Authority’s offices at Hellenic Data Protection Authority, 1-3 Kifisias Avenue, 115 23 Athens, Greece.
    • In person at the Authority’s offices (1 st floor). Public reception hours at the registry office are 09:00- 13:00.

10. Changes to the Data Protection Policy

This Policy may be updated to reflect changed in legislation, professional practice, or applicable data protection requirements. Any amendments will be published on this page, along with the date of the last revision.

Date: 8 April 2026