Data Protection Policy
Last updated: March 2026
1. Purpose
This policy describes the measures taken by Snapium (GEMI No.: 145744403000) to protect the personal data of clients, partners and website visitors.
2. Scope
This policy applies to all personal data collected and processed by Snapium, including:
- Client and partner data
- Website visitor data
- Employee and collaborator data
3. Data Categories
3.1 Identification Data
- Full name, company name
- Tax ID, GEMI number
- Address, phone, email
3.2 Transaction Data
- Order history
- Billing details
- Payments and financial records
3.3 Technical Data
- IP address
- Cookies and browsing data
- Device type and browser
4. Protection Measures
4.1 Technical Measures
- SSL/TLS encryption for all communications
- Encrypted data storage
- Regular backups
- Firewall and intrusion detection systems
- Regular security updates
4.2 Organizational Measures
- Least privilege access principle
- Staff security training
- Password policies
- Security incident response plan
5. Data Subject Rights
Every data subject has the right to:
- Access their data
- Rectify inaccurate data
- Delete data
- Restrict processing
- Data portability
- Object to processing
6. Request Procedure
To exercise your rights:
- Send an email to legal@snapium.gr
- Describe your request and attach identification
- You will receive a response within 30 days
- In case of complexity, the deadline may be extended by 60 days
7. Data Breach
In case of a breach:
- Notification to HDPA within 72 hours
- Notification to affected subjects without undue delay
- Documentation of the incident and measures taken