top of page

Privacy Policy

RISKCLIMA and E-ON INTEGRATION S.A. (E-ON) take the protection of Personal Data very seriously and apply all the necessary organizational and technical measures required to ensure its compliance with the General Data Protection Regulation (GDPR).

Our main focus is the development of innovative applications for businesses with internet and cloud technologies, which we also provide in the web as Software as a Service.

For our business's, lawful purposes, we collect and process personal data concerning our employees, job applicants, suppliers and partners, customers and users of our websites. For these data, we determine the purpose and manner of their processing and act as "Data Controller".

We also process personal data on behalf of our customers who make use of our web applications and services provided as Software as a Service. This processing is carried out in accordance with the contracts we sign with these customers who determine the purpose and manner of data processing. For these data, RiskClima and E-ON act as "Processor".

RiskClima and E-ON are committed to fulfilling their obligations for the protection, security and validity of the data either as "Data Controller" or as "Processor".

What Personal Data we collect


As part of RiskClima and E-ON operations, personal data is collected and processed. This data may be provided in any physical or electronic manner and make an individual identifiable. Such data may be names, addresses, usernames and passwords, digital fingerprints, photographs, social security numbers, financial data, etc.

We collect this information in a transparent manner and only with the full cooperation and knowledge of the Data Subjects.


The personal data collected and processed may include:

  • Data identifying the Data Subject such as name, surname, photograph, date of birth, gender.

  • Information on education and professional experience.

  • Information on the organisational position in a company

  • Data necessary for the fulfilment of obligations before tax authorities and social security funds (VAT number, social security number)

  • Online identification data including email accounts, usernames and passwords to our accounts and online services, time/duration information on accounts, security logs, antivirus logs, access rights, IP address, application activity, browsing history.

  • Data on the use of the company's websites and any problems encountered by users.

  • Data on commercial transactions with the company's customers including contact details.


With regard to the provision of services where RiskClima and E-ON process personal data on behalf of their customers and act as a processor, it is possible that they may gain access to personal data of the customers' databases, following relevant recorded requests from customers and their company executives and in the context of application support or in order to solve problems.  In such cases, all appropriate organisational and technically feasible measures are taken to protect such personal data.

Legal bases for the collection and process of personal Data

The legal bases according to which personal data is collected and processed by RiskClima and E-ON are:


  • Consent: the data subject has given his or her consent, by a statement or clear affirmative action that is documented. The data subject may at any time withdraw his or her consent.

  • Contract: The company needs to process personal data to fulfil contractual obligations.

  • Legal Obligations: The company needs to process personal data to ensure that it complies with its legal obligations.

  • Legitimate interest: the company has a legitimate interest to process personal data. For example, the processing is necessary to ensure the uninterrupted operation of its computer systems or to manage relations with its customers.

  • Protection of Vital Interests: processing may be necessary to protect someone's life or other vital interests.

  • Labour and Social Security and Protection Obligations: The processing of special categories of data of employees/associates is necessary for the performance of their obligations or the exercise of their specific rights or the company's rights in the field of labour law and social security and social protection law, under the provisions of the law

  • Satisfaction of Legal Claims: processing is based on the company's right to seek satisfaction of legal claims.


For what Purposes we process personal Data


We process personal data:


  • To carry out the recruitment and departure procedures of officials/associates.​

  • To fulfil our legal and contractual obligations in relation to our employees, partners, suppliers and customers.​

  • For specific defined and legal purposes related to the organization and execution of our company's activities and operations.​

  • For the ability to provide responses to formal requests from authorities.

  • For our company to respond and defend its legal claims.

  • To manage relationships with clients, existing or prospective.

  • For the safety of employees and the security of critical company facilities.

  • To conduct training and orientation programs.

  • For the management and security of our company's electronic infrastructure and its uninterrupted operation.

  • For any other lawful purpose requiring data processing.

Who has access to personal data.


Access to the data is granted to our authorised executives, depending on their organisational position. Access is granted according to the position and duties of the authorised executives and is limited to the data necessary for the purposes of the specific processing they undertake and for the performance of their roles.

In addition, we may transmit as much data as is necessary for the purposes of the respective processing to the following categories of recipients:

  • Third parties that provide services to our company, such as IT companies, telecommunication companies, seminar and training companies, credit institutions, tax and legal advisors, facility security companies and other service providers.

  • To national or international regulatory, tax or other authorities or public bodies or courts, when required by law or regulation or at their request.

  • To customers and/or partners when required to communicate, manage relationships and carry out requested transactions.

  • To third parties who carry out audits on our company within the framework of its regulatory obligations, customer relations or obligations arising from applicable legislation.


Protection of Personal Data

RiskClima and E-On INTEGRATION take data security seriously. The company has internal policies and controls in place to ensure that data is not lost, destroyed, used or disclosed.

Also that these will not be accessed within the company by anyone other than authorized personnel in the performance of their duties or third parties except as stated in the previous paragraph on "Who has access to personal data".

How long we keep the Personal Data


Personal data are not kept for longer than necessary for the purposes for which they were collected or for the purposes for which they were subsequently processed.

When personal data is no longer needed, these are securely deleted or destroyed.


Rights of the Data Subjects


The rights of the data subjects for whom personal data are held are:


  • Right to be informed: the right to be informed about the collection and use of personal data.

  • Right of Access: the right to receive confirmation from our company as to whether or not their personal data is being processed and, if so, the right to access the personal data in a concise, comprehensible, transparent and easily accessible form.

  • Right to rectification: the right to request the correction of inaccurate or incomplete information within a reasonable time.​

  • Right to Deletion: To request the deletion of data concerning them under the conditions specified by law.​

  • Right to restriction of processing : To ask our company to restrict processing activities only to specific purposes, under the conditions set by law.​

  • Right to object: to object, at any time and on grounds relating to their particular situation, to the processing of personal data concerning them. We will no longer process personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of individuals or for the establishment, exercise or maintenance of legal claims.

  • Right to portability: The right to receive personal data concerning them, which they have provided to us, in a structured, commonly used and machine-readable format, as well as the right to request the transfer of such data to another controller without objection from us.

  • Right to obtain human intervention: the right not to be subject to a decision taken solely on the basis of automated processing, including profiling, which produces legal effects concerning them or significantly affects them.


Who you can contact about Personal Data


If you have any questions about our Privacy Policy or how we manage and process Personal Data, you can send us an email to: or or send a letter to the "Data Protection Officer", e-On Integration S.A., 3 Gounari str., 153 43 Agia Paraskevi or contact us at +30 210 601 8700.

The request will be answered within thirty (30) days from receipt. In the event that an extension of the above deadline is required for the investigation and/or processing of the request, a notification will be provided, explaining the reasons why an extension of the deadline is necessary.

In any case, if you feel that the protection of your personal data has been violated in any way, you have the right to lodge a complaint with the Hellenic Data Protection Authority (


This update and all documents related to it are periodically reviewed and revised, where necessary, by the Data Protection Officer in accordance with the Data Protection Policy.

bottom of page