At E. N. MANOS company, we are committed to protecting and respecting your privacy. The Company is fully compliant with the General Data Protection Regulation. Please read this policy as it contains important information about our practices regarding the personal information we collect from or about you in our company and on this website or through our applications, as well as through written or verbal communications with us, during your physical visit to our premises, through other physical interactions or from other sources, and how we collect, use and disclose your personal information.
By using our services and/or agreeing to this Policy, you understand and acknowledge that we will collect and use personal information as described in this Policy and only for purposes consistent with our legitimate purposes for processing.
Personal data we collect - Sensitive data - People under 15 years old.
"Personal data" means information relating to an identified or identifiable natural person. As a Company we collect personal data accordance in the law at every point of contact with the data subjects - policyholders and in the conduct of every aspect of our business, such as but not limited to: full name, gender, date of birth, identity/passport details, address, email, phone numbers, bank accounts and settlement data necessary for the management of insurance claims, such as insurance or accompanying documents, financial data, supporting documents and evidence of loss such as photographs (fire, theft, loss, interruption of work, etc.) building permits, information and data about the owner of the inspected structures, photos, social media profiles, any sensitive PD of the insured, which we need in the context of providing our services.
More specifically, we collect information about your data for the management of our incoming and outgoing correspondence; for recording the details of the customers of the insurance companies with which we cooperate; for recording the personal data related to our employees - staff (personal data required for their recruitment, for staff payroll, for sick leave and leave in general, for the termination of their contract in any way); to record the personal data of suppliers for their payment; to record personal data of customers and for insurance offers addressed to them.
Unless explicitly requested for insurance purposes, we ask you not to send us and not to disclose in any way any sensitive personal data (e.g. data relating to racial or ethnic origin, political opinions, religion, ideological or other beliefs, health, biometric or genetic characteristics, criminal background, trade union membership or administrative or criminal proceedings and sanctions).
All our Services are not directed to or intended to be offered to persons under the age of fifteen, unless attended by parents or persons exercising parental authority over such children, and we ask that they do not provide Personal Data through our Services.
How we collect personal data
We generally collect this information directly from you, from the insurance companies we work with, but in some cases we may collect information about you from other sources.
We collect data from:
Visits to our premises: We collect personal data when you visit our premises for some scheduled meetings with people from the business for the proper scheduling of visits and thus the proper and smooth operation of the business and in this area.
Ways of contacting us: We collect personal data when you contact us by email, fax or contact our customer service – secretary.
Visits to the insured's premises: We collect personal data when visiting the insured person's premises to confirm the loss. The methods of collection may be either by a form or by discussion.
Data collection by the insurance company: A large amount of subject data is obtained from the insured's insurance company when the project is assigned to our company.
In all the above cases, you do not need to provide us with your personal data. However, in some cases, for security reasons or for the purposes set out in the Act, if you do not wish to give us your personal data, it may mean that you cannot be compensated.
Purposes of processing and retention of your data
We process your personal data solely for the provision of our services in accordance with applicable laws. The purposes of processing your data lie in various purposes related to the activities we perform, such as:
a) the management of our incoming and outgoing correspondence,
b) the collection and processing of personal data of insured individuals in our insurance companies - our clients, for the assessment and/or settlement of claims and the inspection of risks, prior to the conclusion of insurance,
c) the recording of personal data related to our employees for tax and insurance purposes and as required by law (e.g. notification of their employment in ERGANI, granting of legal leave, etc.),
d) in recording the personal details of suppliers for payment purposes.
We retain your personal data only for as long as necessary for the reasons explained in this privacy policy. In some cases, we keep transaction records (which may include your information) for longer periods of time if necessary to meet legal, regulatory, tax or accounting needs. We will also retain information if we reasonably believe that there is a case for litigation with our customers and/or employees and to pursue and support our legal claims when and as long as necessary, including under the fairness provision of the GDPR.
The criteria used to determine the retention periods of your personal data are:
- The duration of time, so that we have a continuous relationship with customers, but also to know their habits, to optimize our services.
- The case where there is a legal obligation on our part.
- The case in which it is recommended to retain for the exercise and support of our legal claims, when and if it is necessary (e.g. in case of legal actions).
Disclosure/transfer of your personal data
We share the personal data of the subjects collected by us and transmitted/shared with us with third parties only in specific cases:
a) To our employees or our external partners who are adequately informed about the privacy obligations regarding customers' personal data and have access only to those personal data that are deemed strictly necessary for the performance of their contractual duties, with the necessary confidentiality obligations to protect customers' personal data.
b) To Legislative/Prosecuting/Police Authorities, for reasons of compliance with the law or in the context of exercising our legal claims.
c) To third parties, subject to your consent, i.e. disclosure of your personal data to third parties, subject to your clear and explicit consent.
The third parties provide sufficient guarantees to implement appropriate technical and organizational measures so that the processing complies with the requirements of the GDPR and the implementing Law 4624/2019 and ensures the protection of your data and your rights as data subjects.
The services provided by third parties, such as Authorities or other third parties, with your consent, are not related to our services and therefore the implementation and compliance with the provisions concerning the protection of your data is the responsibility of these third parties.
We may disclose your personal information if required or permitted by law.
Further, our website may contain links to third party websites operated by third parties outside of our business. These linked sites are not under our control and therefore we are not responsible for the operation, content, privacy practices or security of any such linked site. If you provide any of your personal data to a third party, you will be treated in accordance with that third party's Privacy Policy and therefore we encourage you to be aware of and read the Privacy Policy of any Site that collects personal data.
Transferring your data outside the EEA or to a Third Country
The personal data you provide to us may be transferred / sent to companies and/or transit operators based in the EEA (European Economic Area) or in a third country. In such a case, we will take all necessary measures to ensure the security and protection of your personal information, in accordance with the legislation on the protection of personal data, in the event of disclosure to recipients outside the EEA or a third country, especially if the latter does not provide an adequate level and safeguard of protection of your personal data under the safeguards of Articles 44 et seq. of the GDPR.
E. N. MANOS Ltd Company as the Data Controlle
The Company under the name E. N. Manos, as the controller of the personal data, located in Thessaloniki, 5str Mitropolitou Iosif 5 with Tax ID: 095112382 , for the purpose of carrying out its functions, it collects and processes the personal data of its partners, suppliers, employees and customers, as a Data Controller, but also as a Co-Processor with the insurance company that provides it with P. D. of insured subjects to be processed.
Your rights as a data subject
As a data subject, you also have the following rights, as derived from the GDPR:
a) the right to information, where you have the right to receive clear, transparent, and comprehensible information about how your personal data is used and what your rights are. As a data subject, you can contact the company to obtain any clarification on how you are informed about any of its processes.
b) the right of access to know what data we process, for what purpose and to whom we process it.
c) the right to rectification, to correct any omissions or inaccuracies in your data.
d) the right to erasure (right to be forgotten), to have your personal data deleted from our records, but where the processing is no longer necessary, or the retention of your data is not required to comply with our legal obligations or to defend our legitimate interests before the courts or other authorities.
e) the right to restrict the processing of your data in case the accuracy of your data is contested.
f) the right to portability, to receive your data in a structured and a commonly used format, i.e. in an electronic format in a format that can be transferred so that you can transfer them directly to another Controller.
g) the right to object, if you do not want your data to be used for the purposes of direct marketing of our services, including objecting to the profiling of your own data.
To exercise your rights, please send a request to the Data Protection Officer / Compliance Officer of the company at This email address is being protected from spambots. You need JavaScript enabled to view it..
The Company will make every effort to respond to any such request within thirty days of receipt. However, in the event that due to the complexity of your request or the volume of information involved, it is not possible to meet your request within thirty days, our Company undertakes to inform you within the above thirty day period in writing of the reasons for the delay and to make every effort to meet your request as soon as possible and in any event within two (2) additional months.
The company further reserves the right not to grant your request if it is deemed unfounded or excessive, informing you of the reasons for not granting it.
In any case, you have the right to lodge a complaint in the Data Protection Authority (www.dpa.gr).
Security measures
We process your data at all stages in a completely confidential manner. We use reasonable physical, electronic, and administrative safeguards to protect your Personal Data to prevent loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of your Personal Data and the risks involved in processing such information. We maintain a mandatory obligation of confidentiality in relation to such data, in accordance with the provisions of the GDPR and, to this end, we use measures of a technical and organizational nature necessary to ensure the security of the data and to prevent alteration, loss or unauthorized access, depending on the state of technology, the nature of the data stored and the risks to which they are exposed.
Cookie policy
"Cookie": is a small txt text file that is placed in the browser or on an Internet user's device and is used to remember and receive information about the specific place you have visited. You may be given a cookie when you visit our Website.
There are non-functional cookies aimed at improving the products and services presented on the Website, such as: linking to social media, configuring audio and video players by adapting information to the user's personal preferences, web analytics cookies on the number of visitors to the Website and the number of pages viewed without direct identification of the user, advertising cookies collecting information for purposes and themes of the Website, by examining the websites he sees and the links he selects to other websites, as well as the emails from the Website he opens and the links he selects from them, selecting ads only on the basis of data that does not allow direct identification of the user.
Cookies may be installed with your consent, such as cookies without your consent, such as cookies that are necessary to identify and/or preserve content entered by the subscriber or user during a login (session cookies) on a website throughout the duration of the specific login. (e.g. such "cookies" are generally necessary when a user fills in an online form). The same category includes "persistent cookies" which are installed for the same purpose and last for a period of a few hours. Cookies" that "remember" the subscriber's or user's choices regarding the presentation of the website (e.g. "cookies" concerning the choice of language or the presentation of search results on a website) are also retained.
You can delete all cookies already on your computer, as well as configure most browsers to prevent the installation of cookies. However, in this case, you may have to adjust certain preferences or choices yourself each time you visit a website, and it is also possible that by not accepting some cookies, some services may not function and the functional value of this website may be reduced in general.
Privacy Policy Update
We may need to change or modify this Privacy Policy to comply with the evolving legislative environment or the needs of our Company. You are responsible for checking this Privacy Policy when you visit the Site to be aware of any changes and updates to this Policy. All amended terms shall automatically become effective 30 days after their initial posting on the website.
Contact details / Compliance Officer:
The details of the Data Protection Officer (DPO)/Compliance Officer for our compliance with GDPR are:
Compliance Officer: Fotis Gkagkatsis
Address: 5 str Mitropolitou Iosif
Phone: +30 2310229162
Information Security Policy
E.N. MANOS Ltd recognizes that information is a valuable asset and that its protection is essential to the continued success of our business. We are committed to maintaining the confidentiality, integrity and availability of all information assets, whether they belong to the company, customers or other stakeholders.
This policy outlines the principles and guidelines that govern the management of information security in our organization. It is based on the requirements of ISO 27001:2022 and applies to all employees, suppliers and other personnel who access, use or handle our information.
The Management of E.N. Manos Ltd is committed to providing all the necessary resources for the security of the information and the operation of the management system.
Our Information security goals are:
- To ensure the confidentiality, integrity, and availability of all information assets.
- To comply with all relevant legal and regulatory requirements.
- To minimise the risk of security incidents and breaches.
- To establish a framework for the continuous improvement of our information security management system.
We have established an information security management system based on the ISO 27001 standard. The management system includes policies, procedures, guidelines and controls designed to ensure that our information assets are protected.
The management system shall be reviewed and updated regularly to ensure its continued effectiveness and to address changes that may affect the security of information.
All employees, suppliers and other personnel who access, use or handle our information have a responsibility to protect it.
All employees, vendors and other personnel are responsible for complying with the policies, procedures and guidelines of the Management System and for reporting any security incidents or breaches.
We have implemented a number of information security controls to protect our information. These controls include access controls, physical security, incident management and business continuity controls for our operations.
We are committed to complying with all relevant legal and regulatory requirements related to information security. We will regularly review our compliance status and take appropriate action to address any non-compliance.
Information security is a key priority for E.N. Manos Ltd. This policy provides the framework for managing information security.
Thessaloniki 26/03/2023
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
