The Company under the name “Ioannis K. Konstantinidis LTD” and the distinctive title “CHEMIKON”, located in Aspropyrgos, Faka, Attica, P.C.: 19 300, VAT number: 099004915, Tax Office: Elefsina, General Commercial Registry No: 122699207000 (hereinafter the “Company”), e-mail:  as Data Controller, hereby provides you with the following information on the processing of your personal data and your rights as a data subject, in accordance with the General Data Protection Regulation 2016/679/EU (hereinafter “GDPR”), the respective national legislation, as well as the Decisions, Directives and Opinions of the competent supervisory authority.

This information is addressed to customers and other traders of the Company and any of its branches (hereinafter the “Company”) whether they are natural persons (which includes sole proprietorships, sole traders) or legal entities (for example legal representatives, managers, contact persons, position in the legal entity).

It is also addressed to the natural persons associated with them, (indicatively to the staff, associates, representatives, agents, managers, executives, counterparties, recruits, assistants to them, contact persons, etc.), whom the aforementioned when giving their details, should inform of the disclosure of their details to it and have them referred to this information, which, as applicable, is posted on .

The Company collects and processes the following data (indicatively and not restrictively), depending on the type of cooperation or contract.

Personal Data.

-Basic identification data (name, surname, father’s name, ID or passport No), contact details (email address and/or postal address, landline or mobile phone number)

-Tax information: TAX ID, TAX OFFICE

-Distinctive title/type of company, address of head office,

-Title, position in the company, details of legal representatives

-Financial offer

-Financial transactions.

-Image recording in the context of closed circuit television (CCTV) operation.

Origin of Data.

The Company processes personal data:

-which the customer/trader declares or will declare to the Company in the future during the development of the contractual relationship, transacting, in any way, such as for example through relevant communications, telephone, electronic (e-mail), through the exchange of documents and those arising from our contractual relationship (conclusion, development and termination of this relationship).

-collected from third publicly accessible sources (such as for example are commercial registers, internet), where there are public records regarding your professional activity and where such data are necessary for the purposes of processing.

– relating to your image when you enter a Company premises.

Purposes of processing/Legal basis for processing.

We process your personal data:

-at the pre-contractual stage for the verification and identification of your data, for the receipt of an offer you have sent and its evaluation and in the case of a contract for the management/execution of the contract, such as for example the establishment, maintenance, termination, communication within the framework of the contract, the fulfilment of our mutual obligations (for example payments, monitoring of financial transactions, provision of services and supply of products). In this case, the legal basis for processing is that the processing is necessary for the performance of a contract to which the Customer/trader is a party or to take measures at his/her request prior to the conclusion of the contract.

-for the Company’s compliance with the applicable national or EU legislation (indicatively in the field of tax law, commercial law, such as for example the issuance of invoices, the maintenance of tax records, the disclosure of your data to competent bodies (indicatively competent tax offices), the audit by chartered accountants/auditors. In this case, the legal basis for processing is the compliance with a legal obligation of the Company.

-for the establishment, exercise, or support of legal claims before competent judicial bodies or other out-of-court dispute resolution bodies. In this case, the legal basis for processing is the legitimate interest of the Company.

-to protect the security of persons and property of the Company (CCTV- closed circuit television). In this case the legal basis for processing is the legitimate interest of the Company.

Recipients/Persons who become aware of your Data.

Access to personal data, depending on the purpose of processing, is available indicatively and not restrictively to the following categories:

(a) The Management of the Company.

(b) Competent staff and natural persons or legal entities providing services to the Company, such as for example tax and legal advisors, bailiffs, notaries, auditing companies, chartered accountants, companies providing facility security services, IT companies, hosting and website management companies, e-mails, e-mail distribution companies, credit institutions, file and data destruction companies, postal services providers.

(c) Public authorities or agencies, judicial, prosecutorial and investigative authorities, when the transmission or disclosure of data is required by law, by a judicial decision under national or foreign law or by a decision of another authority, accredited mediators and mediation service centers, arbitration courts and alternative dispute resolution bodies.

(d) Natural persons or legal entities having and proving a legitimate interest and in accordance with the legal procedures.

(e) Suppliers and partners of the Company.

Where required, the Company enters into relevant contracts with natural persons or legal entities to whom your data is transferred and who act as processors, i.e. when they process personal data on its behalf.

We transfer as much data as is necessary for the purposes of the processing in question. In each transfer, we take every measure to ensure that the data transferred is always the minimum necessary.

Where the transfer is made to a country outside the European Union (EU) or the European Economic Area (EEA), the transfer is subject to appropriate safeguards and in accordance with applicable data protection legislation in order to maintain the required level of protection of your data.

Subject Rights.

As a data subject, subject to applicable law, you may exercise, where applicable, the following rights:

right of access (to know which data we process, for what purpose, the categories of your data and the recipients and/or categories of recipients),

right of rectification (to have any omissions or inaccuracies in your data corrected)

right to erasure (right to be forgotten) (to be deleted from our records, but where processing is no longer necessary)

right to restriction of processing (in the event that the accuracy of the data is contested, etc.)

right of data portability (to receive your data in a structured and commonly used format, for those data held in an electronic file).

right to object (on grounds relating to your particular situation in the event that your personal data are processed for the purposes of the Company’s legitimate interests).

The possible exercise of these rights is carried out at no cost to you, in the following ways:

-by submitting a written request to

-in person or by sending a letter to the company “Ioannis K. Konstantinidis LTD” -“CHEMIKON”, Aspropyrgos, Attica, Faka, P.C. 19 300, to the attention of the person responsible for the personal data.

In case you have authorized a third person to submit a request for the exercise of a right, this person must carry the appropriate legal documents (such as for example a proxy or an authorization certified by a Public Authority).

Any request submitted should be accompanied by appropriate proof of identification.

The Company may request additional information necessary to confirm your identity.

If your requests are manifestly unfounded or excessive, in particular because of their repetitive nature, then we may either:

(a) impose a reasonable fee, taking into account the administrative costs of providing the information; or

(b) refuse to act on the request.

If you exercise any of these rights, we will take all possible steps to comply with your request within one month of receiving it, after informing you either that it has been complied with or of the objective reasons why it cannot be complied with. The above deadline may be extended by a further two months, if necessary, taking into account the complexity of the request and the number of requests, after informing you.

The above rights are limited for the reasons provided for by the legislation in force.

The Company’s refusal or unjustified delay in satisfying your requests in the exercise of your rights entitles you to appeal to the Data Protection Authority as the competent supervisory authority for the application of GDPR and before the competent judicial authorities.

Contact the Personal Data Protection Authority.

If you consider that your rights concerning the protection of your personal data are infringed, you have the right to lodge a complaint with the Personal Data Protection Authority, at the postal address Personal Data Protection Authority, Offices: Kifissia 1-3, P.C. 115 23, Athens, Greece, telephone number 210 6475628, e-mail: , fax: +30-210 6475628, .

Security of Processing.

The Data Controller recognizes the importance of the security of Personal Data. For the purpose of processing, we take all modern and appropriate technical and organizational measures, the compliance of which we check regularly to ensure maximum security.

Retention of Personal Data.

The Company will retain and process the aforementioned personal data for as long as necessary to serve the aforementioned processing purposes, to comply with its legal obligations (such as, for example, tax law, commercial law), to resolve judicial or extrajudicial disputes, including mediation, in accordance with the applicable legal framework.

After a retention period has expired, the Company shall arrange for the secure destruction of your data.


The Company reserves the right to amend and update this Notice, based on its current policy on the protection of personal data and in the context of the current legal and regulatory framework, which will always be available on the Company’s website .

Version 2.0: JANUARY 2023