Personal data on Pancreta Factor's website

Notice Regarding Your Personal Data on the Website

Personal Data Protection

Pancreta Factors Single Member S.A. (hereinafter referred the "Company") and the trade name Pancreta Factors S.A., headquartered at 3 Mitropoleos street in Athens, in its capacity as the Data Controller, collects and further processes your personal data only when absolutely necessary, for clear and lawful purposes, based on the EU Regulation 2016/679, Law 4624/2019, and Law 3471/2006 as applicable.

This notice aims to inform users of this website about the processing of their personal data.


For the purposes of understanding this notice, the following terms have the following meanings:

  • "Personal Data": any information relating to an identified or identifiable individual
  • "Data subject": the individual whose identity can be verified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of the individual.
  • "Special Categories of Personal Data": personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a person, data concerning health or data concerning a person's sex life or sexual orientation.
  • "Processing": any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, or modification, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, deletion or destruction.
  • "Anonymization": the processing of personal data in such a way that the data can no longer be attributed to a specific data subject.
  • "Pseudonymization": the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable individual.
  • "Data Controller": the individual or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union or Member State legislation, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law. For the purposes of this policy, the Company acts as the Data Controller.
  • "Data Processor": an individual or legal person, public authority, agency, or other body which processes personal data on behalf of the data controller.
  • "Data Subject": the individual whose personal data is being processed, e.g., trainees, partners.
  • "Consent" of the data subject: means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, agrees to the processing of personal data relating to him or her.
  • "Personal Data Breach": a breach of security leading to the accidental or unlawful destruction, loss, modification, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
  • "Applicable Legislation": the respective national and EU legislation on the protection of personal data, including but not limited to the General Data Protection Regulation (EU) 2016/679 (hereinafter "GDPR"), Law 4624/2019, Law 3671/2006, the case law of the Court of Justice of the European Union (hereinafter "CJEU"), as well as the Decisions, Directives, and Opinions of the European Data Protection Board (hereinafter "EDPB") and the Hellenic Data Protection Authority (hereinafter "HDPA").

Personal data collected and processed by Pancreta Factors

When browsing and using the website, the following data is collected and processed:


Full Name

Direct user communication with our Company

Article 6 par. 1 item 6 in GDPR - Providing an easy and direct channel of communication with users

Until the expiry of the limitation period

Data Processor

Email/Landline or Mobile phone


The above data is necessary for the conduct of communication between us. No automated decision-making processes, including profiling, are carried out.

Automatically Collected Data

When using our website, we automatically collect and process certain information, some of which may constitute personal data. This includes details such as language settings, IP address, location, device settings, device operating system, activity details, usage time, redirect URL, status report, user information (browser version details), operating system, browsing outcome (guest or registered customer), browsing history, the type of data viewed.

We may also collect data through cookies. For information regarding the use of cookies, please refer to the Cookie Policy.

Rights of Data Subjects

The Company ensures the prompt response to data subjects' requests for the exercise of their rights in accordance with the Applicable Legislation.

Specifically, each data subject has, under the conditions of law, the following rights:

  • Access
  • Rectification
  • Deletion
  • Restriction of processing
  • Portability
  • Objection

In the event of exercising any of the above rights, the Company will respond promptly [in any case within thirty (30) days from the submission of the request], informing you in writing of the progress in satisfying it.

To exercise the above rights, please contact us via email at

For any complaints regarding this notice or matters related to personal data protection, in case we do not address your request, you can contact the Hellenic Data Protection Authority at

Disclaimer for Third Party Websites

On this website, there are social media widgets through the use of which, once the user logs into the social network, a specific digital footprint is created. Both the Company and the social network act as joint controllers for the processing.

For the Company, the purpose of processing this data is to improve the functionality of the website and the services provided, as well as to analyze its traffic. The legal basis for processing personal data is the achievement of the lawful interest of the customer, specifically the interoperability with applications used by the customer.

The Company neither controls nor is responsible for any subsequent processing carried out on these data by the joint controllers.

For more information about the data processing policy and configuration options for these networks, you can visit the following websites:

Updates to the Notice for Personal Data on the Website

The present notice for personal data on the Website may be amended/revised in the future, within the framework of the Company's regulatory compliance, as well as the optimization and upgrade of the website's services. Therefore, we recommend checking the updated version on the website each time for your adequate information.