Privacy Policy & Data Security

Personal Data Protection Policy

The protection of your personal data is important to us. This Personal Data Protection Policy or otherwise Privacy Policy (from now on the "Policy") concerns the purposes of the collection, storage and in general processing of your personal data by Crowe Greece Group when you visit or navigate this website, in accordance with the provisions of the General Data Protection Regulation (GDPR 2016/679) as applicable from 25th May 2018, the Greek legislation in force on the protection of personal data (L. 4624/2019, as in force), as well as of the protection of personal data and private life in the electronic communications sector (L. 3471/2006, as in force) and the decisions of the Hellenic Data Protection Authority (HDPA) and any specific national and European legislation for certain areas.

1. A few words about Crowe Greece Group’s website (article 117)

This website belongs to the companies "ASSOCIATED CERTIFIED PUBLIC ACCOUNTANTS s.a." and its subsidiary "SOL Consulting S.A." ("Crowe Greece Group"). The personal data you provide during your navigation on this website are kept by Crowe Greece Group in its capacity as a "Data Controller".

2. What are the Personal Data

The term "personal data" means any information related to an identified or identifiable natural person ("data subject"). The identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that physical person.

3. What is the Processing of Personal Data

The term "processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

4. When do we collect your personal data through our website

When you visit or navigate our website

For more detailed information about the data collected by this website in the context of the cookies, the purpose and the period these are kept as well as the setting/disabling cookies options, see the Cookies Policy.

When you submit a query/request through the contact form of our website

When you submit a query/request through the contact form of our website, we ask you for your full name, your telephone number, your email address, the company where you may work and your professional status.

We use this information to respond to your query/request and provide you with any relevant information.

Only our authorised personnel have access to your personal data. We keep your personal data for the necessary period of time required for the completion of the procedure, namely to fulfil your query/request, unless the nature of your query/request indicates the need for further communication by Crowe Greece Group’s Firm with you and in any case for your convenience.

In specific cases of queries/requests, Crowe Greece Group reserves the right to retain the history of correspondence between us for as long as deemed necessary for the exercise of its rights.

When you subscribe to Crowe Greece Group’s Newsletters

We use the e-mail address that you have provided us to send you Crowe Greece Group’s newsletters and news.

Once you subscribe to Crowe Greece Group’s Newsletters, you receive a Double Opt-in confirmation and acceptance message and then you will receive our e-Newsletters and news.

The purpose of collecting and processing your personal data is to send you our e-Newsletters and news.

The legal basis for this processing is your consent, in accordance with article 6 par. 1 (a) of the GDPR.

We retain your personal data for as long as you remain registered in the recipients’ list of Crowe Group’s e-Newsletters and we delete them in case of withdrawal of your consent.

We rely on your consent to process the personal data you give us so that you receive our e-Newsletters and news. If you do not wish to receive our e-Newsletters, you have the right to withdraw your consent. Following your above request, we proceed to the deletion of the personal data you have provided us during your registration for the above purpose.

Furthermore, with regard to your personal data, you have the rights to access, rectification if these are inaccurate or incomplete, the right to erasure if you withdraw your consent, the right to restriction of processing under certain conditions, as well as submission of complaint to the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: contact@dpa.gr].

For more information on your rights, reference is made to section 6 "Rights of the Data Subject".

Attendance of Conferences, Seminars, Events of Crowe Greece Group

In order to register and attend conferences or events or seminars of Crowe Greece Group, we ask you for your contact information, including the name of the entity you may represent [Full Name, Title, Contact Number (land line and/or Mobile), Email, Company]. In case you do not wish to provide your above personal data, it is not possible to participate in the conferences, seminars, events of Crowe Greece Group. In addition, as applicable, and if you consent, we may process image data (e.g. of your face) if a photo shoot or video recording of the conference or seminar or event takes place.

The purpose of collecting this data is the effective organisation of our conferences, seminars, events and your unhindered participation in them. In particular, we use your contact details to inform you in case there are any changes (e.g. regarding the date which takes place) or cancellation of our conferences, seminars, events as well as to communicate to you the updates related to the conference, the seminar or the event (e.g. agenda, feedback, etc.).

The legal basis for this processing is your consent in accordance with article 6 par. 1 (a) of the GDPR, while in case a participation fee is paid, the legal basis for the processing that is necessary under the tax legislation is article 6 par. 1 (c) of the GDPR, i.e. our compliance with the relevant legal obligation.

We retain your personal data for as long as is necessary under the national law for the non-limitation of any related claims.

In order to hold a conference or seminar or to organise a physical or online event, we rely on your consent to process your personal data. However, you have the right to withdraw your consent at any time. This withdrawal does not affect the processing that has been done up to that point in time.

Furthermore, with regard to your personal data, you have the rights to access, rectification if these are inaccurate or incomplete, the right to erasure if you withdraw your consent, the right to restriction of processing under certain conditions, as well as submission of complaint to the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: contact@dpa.gr].

For more information on your rights, reference is made to section 6 "Rights of the Data Subject".

When you send us your CV

Your acceptance of this Privacy Policy is required, before you send us your CV.

Sending your CV to this website constitutes an electronic message to the Crowe Greece Group Firm which you wish to contact and which will process your personal data in view of the conclusion of a contract, in order to enable the Crowe Greece Group Firm to find the appropriate personnel based on the available positions held by the Crowe Greece Group Firm at the time you send us your CV. Your CV is kept by the Human Resources (HR) Department until the vacancy in the Crowe Greece Group Firm is filled. If you have stated that you wish to keep your CV for a longer period, then it will remain in the archives of the Human Resources Department (HR) for one (1) year. No one else than the Crowe Greece Group Firm has access to your CV nor is it forwarded to a third party for any further use.

The legal basis for this processing is your consent, in accordance with article 6 par. 1 (a) of the GDPR.

Furthermore, with regard to your personal data, you have the rights to access, rectification if these are inaccurate or incomplete, the right to erasure if you withdraw your consent, the right to restriction of processing under certain conditions, as well as submission of complaint to the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: contact@dpa.gr].

For more information on your rights, reference is made to section 6 "Rights of the Data Subject".

5. Connecting and interacting with social networks

Through our website, you have the possibility to connect and interact with Crowe Greece Group’s social networks on your own initiative. In this case, Crowe Greece Group is not responsible for the processing of your personal data carried out by these networks. In order to exercise the rights provided by law, you should contact the social networks themselves. We do not collect any of your personal data, other than what you personally disclose through the account of the Crowe Greece Group in the social media. The purpose of the processing is to achieve communication between us. The legal basis for the processing is your consent. You give your consent by liking or following our social media pages and you can withdraw it just as easily, in exactly the same way (unlike, unfollow).

6. Rights of the Data Subject

Right of access by the data subject (article 15 of the GDPR)

You have the right to ask us, at any time, for copies of your personal data. There are some exceptions, which means that you may not always receive all the information we process. More specifically:

The physical person (data subject), namely you, has the right to receive:

confirmation regarding the processing of your personal data, and

a copy of your personal data concerning you (ref. articles 12, 15 of the GDPR).

You can exercise this right, first of all, free of charge, either in writing or orally if you wish.

You may be required to pay a reasonable fee only if your request based on the exercise of your above right is manifestly unjustified or excessive (especially when repeated) or the number of copies we are required to provide to you is large.

Right to rectification (article 16 of the GDPR)

You have the right to request the rectification of your personal data, when it is inaccurate, or request the completion of your personal data when it is incomplete (relevant articles 12, 15, 19 of the GDPR). You can exercise this right in writing.

Right to deletion ("right to be forgotten") (article 17 of the GDPR)

You have the right to ask us to erase the personal data concerning you, if one of the reasons referred to in article 17 of the GDPR applies.

Right to restriction of processing (article 18 of the GDPR)

1.

In accordance with article 18 of the GDPR, you have the right to obtain from the Data Controller (Crowe Greece Group) restriction of processing of your personal data, when one of the following applies:

the accuracy of your personal data is contested by you as a data subject, for a period of time enabling the Data Controller (Crowe Greece Group) to verify the accuracy of your personal data,

the processing is unlawful and you as a data subject object to the deletion of your personal data and request, instead, the restriction of their use,

the Data Controller (Crowe Greece Group) no longer needs your personal data for the purposes of the processing, but these are required by you as a data subject for the establishment, exercise or defence of legal claims;

you as a data subject, object to the processing in accordance with article 21 par. 1 of the GDPR, pending the verification whether the legitimate grounds of the Data Controller override your grounds as a data subject.

2.

When processing has been restricted in accordance with article 18 par. 1 of the GDPR, such personal data concerning you, with the exception of storage, shall be processed only with your consent as a data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a member state.

3.

As a data subject you have previously obtained the restriction of the processing of your personal data in accordance with article 18 par. 1 of the GDPR, you shall be informed by Crowe Greece Group as Data Controller before the restriction of processing is lifted.

Notification obligation regarding rectification or deletion of personal data or restriction of processing (article 19 GDPR)

The Data Controller (Crowe Greece Group) communicates any rectification or deletion of personal data or restriction of the processing of such data carried out in accordance with article 16, article 17 par. 1 and article 18 of the GDPR to any recipient to whom the personal data have been disclosed, unless this proves impossible or involves a disproportionate effort. Crowe Greece Group as a Data Controller shall inform you as a data subject of such recipients if this is requested by you as a data subject.

Right to data portability (article 20 GDPR)

You have the right to receive the personal data concerning you, which you have provided to the Crowe Greece Group as Data Controller, in a structured, commonly used and machine-readable format, as well as the right to transmit such data to another data controller without objection from the Data Controller (Crowe Greece Group) to whom your personal data were provided, when:

the processing is based on consent in accordance with article 6 par. 1 (a) of the GDPR or article 9 par. 2 (a) of the GDPR or on a contract in accordance with article 6 par. 1 (b) of the GDPR, and

the processing is carried out by automated means.

Right to object (article 21 GDPR)

You are entitled as a data subject to object, at any time and on grounds relating to your particular situation, to the processing of your personal data based on article 6 par. 1 (e) or (f) of the GDPR.

Right to withdraw consent (article 7 of the GDPR - Conditions for consent)

You have the right as a data subject to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of the processing of your personal data based on your consent before its withdrawal.

7. Exercise of rights

In order to exercise your rights as a data subject, you may submit a relevant request to us either to the postal address of the Crowe Greece Group’s Firm, or at the email address (dpo@solcrowe.gr) entitled "Exercise of the right to access / rectification / erasure / restriction / objection", or in the electronic contact form (www.solcrowe.gr/contact/) with a description of your request and we will make sure to examine it and respond to you as soon as possible.

8. When do we respond to your requests

We respond to your requests free of charge, without any delay, and in any case, within one (1) month from the time we receive your request. However, if your request is complex or there is a large number of your requests, we will inform you within the month and if we need to receive an extension of another (2) two months within which we will respond to you.
If your requests are manifestly unfounded or excessive, in particular because of their repetitive nature, the Crowe Greece Group’s Firm may impose a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action, or refuse to act on the request.

9. Announcement of a personal data breach to the data subject

The Crowe Greece Group Firm will notify you immediately of any breach of your personal data if it may pose a high risk to your rights and freedoms.

10. Right of appeal to the Hellenic Data Protection Authority (HDPA)

You have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) [postal address: 1-3, Kifissias Avenue, P.C. 115 23, Athens, Greece, Tel. +30 210 6475600, e-mail: contact@dpa.gr] if you consider that the processing of your personal data violates the current national and European regulatory framework for the protection of personal data.

11. Update of the Privacy Policy

This Personal Data Protection Policy or otherwise Privacy Policy will be updated by Crowe Greece Group whenever is necessary. If there are significant changes to the Policy or the way we use your personal data, we will inform you either by posting a notice on a prominent location of this website before the changes are made or in any other appropriate way. We encourage you to read regularly this Policy to know how your personal data is protected.
In the event that we wish/need to process your personal data for a different purpose than the one for which these was originally collected, we will contact you to provide you with all necessary information and, if necessary, to ask for your consent.

Cookies Policy

What are cookies?

Cookies are small text files that a website stores on your computer or mobile device when you visit that website. This way, the website remembers your activity and preferences for a period of time, so you do not have to enter those preferences every time you visit the site or browse its pages. Cookies do not collect information individually, but when read by a server through a web browser they can give information to provide a more user-friendly service.

Which types of cookies are used on www.solcrowe.gr?

The website www.solcrowe.gr uses persistent cookies and session cookies.

Session cookies

Session cookies used by the Firm's website are deleted once you close your browser or/and once your session ends.

Persistent cookies

Persistent cookies remain on your computer or device until you erase them, or for a certain amount of time depending on the cookies expiration date.

Which cookies are used on our website and what information is collected?

The website www.solcrowe.gr uses cookies for various purposes depending on their function:

Strictly necessary / Essential Cookies.

The strictly necessary cookies are essential for the proper operation of the website; they allow you to browse and use its features, such as accessing secure areas of the website. These cookies cannot track your personal data. Without these cookies, we cannot offer an effective operation of our website.

Functionality Cookies.

Functionality cookies help the website remember your choices, such as your language and region. They do not allow us to track your activity on other websites.

Performance Cookies.

Performance cookies collect information about how you use the website, such as which pages you visit more often and whether you receive error messages. The information they collect is aggregated. We only use them to improve the performance of our website.

How to control cookies?

Cookies are stored on your computer or device, after you are informed about the privacy settings and you give your consent for each of these categories, with the exception of Essential Cookies and Functionality Cookies for which explicit consent is not required. Unless you accept cookies or certain cookies categories, some of our website features may not be fully available, but in any case, you will not be denied access to our website.
It is at your discretion to withdraw, whenever you wish, your consent, or to reject the use of cookies on your computer or device, to check and/or delete cookies. You can find more information at http://www.aboutcookies.org and http://www.cookiescentral.com/faq/

What are your rights?

You have the right to ask for information on the processing of your data, have access to it, and rectify and/or supplement it at any time. You also have the right to request erasure of your data, request restriction of its processing or withdraw your consent on the use of some or all the cookies and, by extension, on the processing of your data.
To exercise your rights in the Company, you can either submit your Request via the electronic contact form www.solcrowe.gr/contact/ or send your Request to the e-mail address dpo@solcrowe.gr.

Changes to the Cookie Policy.

This Cookie Policy may be modified at any time. For this reason, we consider it appropriate that you consult this Policy regularly. This became effective on 24.5.2018. In case of a modification, the date on which it took place shall be stated. The Cookie Policy to be considered effective shall be the most recently revised one.

Information Security Policy

The Management of Crowe Greece aims and is committed to:

Meeting the needs of its customers in every transaction with the firm.

Securing and protecting the information concerning all stakeholders of the enterprise.

Continuously improving the quality of the services it provides to its customers in order to meet their needs to the maximum possible extent.

Providing all necessary resources for the implementation and continuous improvement of the Information Security System.

Proper functioning of the firm following faithfully and without deviation everything stated in the current legislation and related to its activity as well as to information security.

Proper functioning of the firm following faithfully and without deviation everything stated in the current legislation and related to its activity as well as to information security.

The information security policy as well as the information security objectives are defined and are fully compatible with the framework and strategic direction of the Firm. The objectives have been set and maintained as part of internal control procedures, monitoring and review of systems with the ultimate goal of increasing customer satisfaction. Increasing sales at all business levels while maintaining or increasing staff interact and collaborate with high customer satisfaction, zero complaints and non-conformities of the system.

In the above context, Crowe Greece aims to:

Developing and establishing simple and flexible operating procedures.

Standardising working methods.

Ensuring the stability of the safety of the services offered.

Developing mechanisms for early prevention, problem detection and information security.

Improving and modernizing the Firm’s organisational structures.

Increasing customer satisfaction.

It is the Firm’s conviction that the implementation of the Information Security System in accordance with ISO 27001:2013 will make a great contribution to the realisation of its objectives.

We strongly believe that the quality and security of information is achieved by the perfect organisation of the firm as well as by the analysis, recording, establishment and implementation of clear operating procedures and specific policies, which are strictly followed by everyone, until the desired final result is produced.

It is clearly stated that in the firm:

Safety is the guiding principle of all its activities.

Information security is fully consistent with the firm’s operating philosophy.

The final judges of the quality of services are the customers.

Shopping Basket