Background

PRIVACY POLICY

PRIVACY POLICY

INTRODUCTION

This Privacy Policy outlines how SPACEROK G.P., a general partnership registered in Greece, with VAT Number 801512773 and EUID ELGEMI.158273127000 ("we", "us", or "our"), processes personal data collected via our website, https://spacerok.net (the "Website"). We are committed to processing personal data responsibly, securely, and in full compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Greek data protection laws.

1. Data Controller

    The data controller responsible for processing your personal data is:
  • SPACEROK G.P.
  • VAT Number: 801512773
  • EUID: ELGEMI.158273127000
  • Email: info@spacerok.net
  • Phone: (+30) 281 131 7096

2. Personal Data We Collect

    When you interact with our Website, particularly via contact forms, we may collect and process the following categories of personal data:
  • Full Name
  • Email Address
  • Phone Number
  • Company Name (if applicable)
  • Message or Inquiry Content

We do not collect sensitive personal data (as defined in Article 9 GDPR) through our Website.

3. Legal Basis for Processing

    We process your personal data lawfully and on the following legal bases, pursuant to Article 6(1) GDPR:
  • Consent (Art. 6(1)(a)): When you voluntarily submit your information via a contact form or subscribe to marketing communications.
  • Contract performance (Art. 6(1)(b)): When your inquiry relates to a current or prospective service agreement.
  • Legal obligation (Art. 6(1)(c)): When processing is necessary for compliance with tax, accounting, or regulatory obligations.
  • Legitimate interest (Art. 6(1)(f)): For purposes such as maintaining business correspondence, improving our services, and ensuring Website security, provided your rights do not override our interests.

4. Purpose of Processing

    We collect and process your personal data exclusively for the following purposes:
  • To respond to contact or inquiry submissions
  • To communicate relevant information regarding our services
  • To manage and fulfill service orders or contractual arrangements
  • To send marketing communications, only with your prior consent
  • To maintain business records and comply with applicable laws

5. Data Retention

    We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless you exercise your right to deletion. Specifically:
  • Contact form inquiries and email correspondence are retained to maintain a record of communications, unless you request deletion.
  • Mailing list subscriptions are retained until you unsubscribe or withdraw your consent.
  • Contractual and financial records are retained for the legally required period (currently up to 10 years under Greek accounting/tax law).

We may continue to store data beyond these periods where necessary for the establishment, exercise, or defense of legal claims.

6. Security of Processing

    We implement appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, destruction, or alteration. These include:
  • Encryption of data in transit and at rest
  • Access controls restricting data access to authorized personnel
  • Secure server environments with firewalls and intrusion detection

We regularly review and update our security measures to align with the principles of data protection by design and by default (Article 25 GDPR).

7. Data Sharing and Transfers

    We do not sell, rent, or disclose your personal data to unrelated third parties. However, we may share your data with:
  • Trusted service providers (e.g., hosting providers, email communication tools, analytics services, and IT security providers) who process data only under our instructions and under GDPR-compliant data processing agreements.
  • Legal authorities where required by applicable law or legal process.

International Data Transfers

    Some of our providers may process data outside the European Economic Area (EEA):
  • Cloudflare (content delivery and security services)
  • Google Analytics (website usage analytics)

    Where transfers occur, they are safeguarded through:
  • The European Commission's Standard Contractual Clauses (SCCs), or
  • Adequacy decisions (where applicable).

You may contact us to request further information or copies of these safeguards.

8. Cookies and Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance user experience, analyze website traffic, and manage user consent in compliance with the GDPR and applicable data protection laws.

What We Use

    We use:
  • AdOpt Cookies to manage and record user consent regarding cookies and tracking technologies in accordance with GDPR. This tool allows you to choose which categories of cookies you accept (e.g., necessary, analytics, marketing) and stores your preferences accordingly.
  • Google Analytics, a web analytics service provided by Google LLC, which uses cookies to collect aggregated, anonymous data such as the number of visitors, pages visited, and user interactions.

We have configured Google Analytics to anonymize IP addresses and limit data retention, enhancing your privacy while still allowing us to understand and improve website performance.

Consent Management via AdOpt

    Upon your first visit to our Website, you are presented with a cookie consent banner powered by AdOpt, where you can:
  • Accept or reject non-essential cookies
  • Review details about each cookie category
  • Change or withdraw your consent at any time

Your preferences are stored and respected during future visits, unless you clear your cookies or manually adjust them.

Opting Out of Analytics

    If you prefer not to be tracked by Google Analytics:
  • You may opt out via the cookie preferences panel powered by AdOpt
  • Or install the Google Analytics Opt-out Browser Add-on, available here

For detailed information on the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

9. Your Rights Under the GDPR

    As a data subject, you have the following rights under the GDPR:
  • Right of Access – to request confirmation of processing and access a copy of your personal data (Art. 15)
  • Right to Rectification – to request correction of inaccurate or incomplete data (Art. 16)
  • Right to Erasure – to request deletion of your data where legally permitted (Art. 17)
  • Right to Restrict Processing – to limit processing under specific conditions (Art. 18)
  • Right to Data Portability – to receive your data in a structured, machine-readable format (Art. 20)
  • Right to Object – to object to processing based on legitimate interests or for direct marketing (Art. 21)
  • Right to Withdraw Consent – at any time, without affecting prior lawful processing (Art. 7)

    To exercise any of these rights, please contact our Data Protection Officer (DPO) at:
  • Email: dpo@spacerok.net
  • Subject line: GDPR Rights Request

We may need to verify your identity before fulfilling your request.

10. Supervisory Authority

    If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with the competent supervisory authority:
  • Hellenic Data Protection Authority (HDPA)
  • Website: https://www.dpa.gr
  • Phone: +30 210 6475600
  • Email: contact@dpa.gr

11. Updates to This Policy

We reserve the right to modify this Privacy Policy at any time to reflect changes in legal, technical, or business developments. The updated version will always be available at https://spacerok.net/privacy-policy with the "Effective Date" revised accordingly.

Contact