Σαντορίνη  ·  Από το 2008

Στρατηγική καθοδήγηση.
Όχι απλή τήρηση βιβλίων.

Εξειδικευμένες λογιστικές και συμβουλευτικές υπηρεσίες με έμφαση στη συνέπεια, τη διαύγεια και την προσωπική σχέση.

Διατηρούμε έναν περιορισμένο αριθμό συνεργασιών, ώστε να είμαστε ουσιαστικά δίπλα σας.

Κλείστε μια εμπιστευτική συνάντηση Δείτε τις υπηρεσίες
χωρίς χρέωση
17+
χρόνια εμπειρίας
★★★★★
Google Reviews
Αʹ Τάξης
Λογιστής ΟΕΕ
Back to homepage
Manolas Nikolaos & Associates  ·  manolasnicolas.gr

Privacy Policy & Data Protection

Last updated: May 2026

Manolas Nikolaos & Associates E.E. (hereinafter "we", "the firm"), based in Pyrgos Kallistis, Santorini, Greece, acts as Data Controller within the meaning of the General Data Protection Regulation (GDPR – EU Regulation 2016/679) and Greek Law 4624/2019. As a licensed accounting and tax advisory firm, we are also an obligated entity under Law 4557/2018 on the prevention of money laundering and terrorist financing (AML), which imposes specific data processing obligations described in detail below.

1 Data Controller

  • Name: Manolas Nikolaos & Associates E.E.
  • Address: Pyrgos Kallistis, Santorini, PC 84700, Greece
  • Co. Reg. No. (ΓΕΜΗ): 148609238000
  • VAT No.: EL801080124
  • Email: office@manolasnicolas.com
  • Phone: +30 22860 31523

2 Data We Collect & Legal Basis

We process personal data only where a lawful basis under Article 6 GDPR exists:

2.1 Contact forms & appointment booking

  • Data: Name, email, phone number, subject, preferred appointment date/time.
  • Legal basis: Consent (Art. 6§1a GDPR) — provided via the mandatory checkbox on the form.
  • Purpose: Responding to your enquiry; confirming your appointment.
  • Retention: Up to 12 months from last contact, unless an ongoing engagement begins.

2.2 Client engagement data

  • Data: Identity documents, tax identification number (AFM), financial statements, supporting documentation, correspondence.
  • Legal basis: Performance of contract (Art. 6§1b GDPR) and compliance with legal obligations (Art. 6§1c GDPR) — including Greek tax legislation and Law 4557/2018.
  • Purpose: Provision of accounting, tax and advisory services; fulfilment of regulatory obligations.
  • Retention: Minimum 5 years after termination of the engagement, as required by tax legislation and Law 4557/2018 Art. 23.

2.3 Anti-Money Laundering (AML) — Law 4557/2018

  • Data: Identity verification documents, beneficial ownership information, purpose and nature of the business relationship, source of funds (where applicable).
  • Legal basis: Legal obligation (Art. 6§1c GDPR) — Law 4557/2018 as amended by Laws 4734/2020 and 4816/2021, implementing EU Directives 2015/849 and 2018/843.
  • Purpose: Client due diligence (CDD); ongoing monitoring; compliance with statutory reporting obligations to the Financial Intelligence Unit (ΜΧΟΤ).
  • Retention: 5 years from the end of the business relationship (Law 4557/2018 Art. 23), extendable by a further 5 years by competent authority order.
  • Important limitation: Where the firm is required to file a Suspicious Activity Report (SAR) with the Financial Intelligence Unit, we are legally prohibited from informing you of this (tipping-off prohibition, Law 4557/2018 Art. 40§4). In such cases, your right to access and erasure may be temporarily restricted.

2.4 Job applications (CV)

  • Data: Name, contact details, CV and any information included therein.
  • Legal basis: Consent (Art. 6§1a GDPR).
  • Purpose: Evaluating candidates for positions at our firm.
  • Retention: 6 months from receipt, unless you request earlier deletion.

2.5 Technical data & cookies

  • Data: IP address, browser type, pages visited, session duration (via Google Analytics).
  • Legal basis: Consent (Art. 6§1a GDPR) — analytics cookies are loaded only after you click "Accept" on the cookie banner.
  • Purpose: Website traffic analysis; performance improvement.
  • Retention: Per Google Analytics default settings (26 months). If you decline, no analytics data is collected.

3 Third-Party Processors

We use the following third-party service providers who may process personal data on our behalf. All are bound by appropriate data processing agreements:

  • Formspree (USA): Form submission delivery. Data transferred under Standard Contractual Clauses (SCCs).
  • Calendly (USA): Online appointment scheduling. Data transferred under SCCs. Calendly Privacy Policy.
  • Google Analytics / Google LLC (USA): Website analytics — activated only upon your consent. Data transferred under SCCs. Google Privacy Policy.
  • Encrypted cloud storage provider: Documents and client files are stored in encrypted cloud storage with access controls limited to authorised firm staff.

We do not sell, rent or share your personal data with third parties for marketing purposes.

4 Cookies

We use cookies only for website analytics (Google Analytics). These are not activated until you provide explicit consent via the cookie banner displayed on your first visit.

  • To accept: Click "Accept" on the cookie banner. Analytics will be enabled for your session and future visits.
  • To decline or withdraw consent: Click "Decline" on the cookie banner, or clear your browser's local storage / cookies at any time. No analytics data will be collected.

No advertising, tracking or profiling cookies are used.

5 Confidentiality & Security

  • All data is stored in systems with controlled access and encryption at rest.
  • Client documents are held in encrypted cloud storage, accessible only to authorised firm personnel.
  • Access is limited to staff and essential service providers who are bound by confidentiality obligations.
  • We implement appropriate technical and organisational measures to protect data against unauthorised access, loss or destruction.

6 Your Rights

Under GDPR (EU Regulation 2016/679) you have the following rights, exercisable by contacting us at office@manolasnicolas.com:

AccessObtain a copy of the personal data we hold about you.
RectificationCorrect inaccurate or incomplete information.
Erasure"Right to be forgotten" — request deletion of your data where no legal obligation requires its retention.
RestrictionRequest that we limit the processing of your data in certain circumstances.
PortabilityReceive your data in a structured, machine-readable format (where processing is based on consent or contract).
ObjectionObject to processing based on legitimate interests.

Note on AML limitations: Rights of access, erasure and portability may be temporarily restricted where their exercise would prejudice the firm's obligations under Law 4557/2018, including active suspicious activity investigations.

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr).

7 Data Retention Summary

  • Contact & appointment data: Up to 12 months from last contact.
  • Client engagement files: Minimum 5 years from end of engagement (tax legislation + Law 4557/2018).
  • AML/CDD records: 5 years from end of business relationship, extendable to 10 years.
  • CVs / job applications: 6 months from receipt (earlier deletion on request).
  • Analytics data (Google Analytics): 26 months (only if consent given).

8 Contact

To exercise your rights or for any questions regarding data processing:

Manolas Nikolaos & Associates E.E.  ·  Pyrgos Kallistis, Santorini, Greece

office@manolasnicolas.com
+30 22860 31523

This Policy has been prepared in accordance with GDPR (EU 2016/679), Greek Law 4624/2019 and Law 4557/2018. It is recommended that it be reviewed periodically by a qualified legal adviser specialised in data protection law. For further information, visit the Hellenic Data Protection Authority (dpa.gr).

2286031523 Δωρεάν συμβουλή
WhatsApp