e-services
e-services

Privacy Policy Website

1. About the website2. What do personal data mean? 3. What does the Processing of Personal data mean?4. What personal data about you do we process?5. Do we process minors’ Data?6. What are the Data Processing Purposes?7. What is the legal basis of Data Processing performed by the Company?8. Who are the recipients of your Data?9. Do we transfer your Data outside the European Union?10. When do we delete your Data?11. Are your Data safe?12. What are your data subject rights?13. How can you exercise your data subject rights?14. When do we respond to your Requests?15. Right to lodge a complaint16. Do we use automated decision making/ including profiling when we process your Data?17. How will you be notified of any changes to this Policy?
14 April 2022
The protection of your personal data is important to us. This Privacy Policy (hereinafter referred to as the "Policy") relates to the collection, storage, and use of your personal data while visiting, subscribing, or using the website www.piraeus-sec.gr , provided that you are a natural person. Should you have any questions, please contact us.

The data controller is the investment services Société Anonyme under the name “PIRAEUS S.A. SECURITIES” (hereinafter referred to as the “Company”) that is based in Athens, Stadiou Str. 10, P.C. 105 64, with VAT /Tax Identification No.: 094285013, of the Internal Revenue Service (“DOY”) of Taxation of Commercial Companies (“FAE”) of Athens and General Commercial Registry No.: 1320701000 and email address: info@piraeus-sec.gr.

If you wish to communicate with us on any topic related to the processing of your personal data and exercise your data subject rights, you can address your concerns to the Data Protection Officer (DPO) of the Company via the telephone number: 210 3354100 or the address Stadiou Str. 10, P.C. 105 64, Athens or the email address: dpo@piraeus-sec.gr.

1. About the website

The website www.piraeus-sec.gr constitutes PIRAEUS S.A. SECURITIES’ website (hereinafter: the “Website”).

The personal data that you provide during your browsing of the Website or while expressing your interest in Online Trading Services are subject to processing and will be kept in a file under the responsibility of the Company.

2. What do personal data mean?

The term “personal data”, as used in this Policy, relates to natural persons’ details/ information whether being individuals or professionals, such as family name (surname), first (given) name, father’s name, information related to National Identity Card or Passport, postal address, email address, telephone number, bank card details, etc. that can be used in order to identify a visitor of the Website, hereinafter referred to as “Personal Data” or simply “Data”.

3. What does the Processing of Personal data mean?

Processing means any collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of natural persons’ Personal Data.

4. What personal data about you do we process?

  • While visiting, navigating, browsing over our Website:
    We collect the personal data that you voluntarily provide us during the browsing of our Website (e.g. by submitting the contact form of our Website).
    Personal data indicatively are: given name, surname, father’s name, customer relationship with the Company, telephone number (fixed-mobile), status (individual – business), and data in general and information related to user’s / visitor’s communication message addressed to the Company.
    Moreover, your data may be collected by cookies, which you have allowed to be used with your consent ("Optional cookies"), the terms and conditions of their usage can be found in the Cookies Policy here
  • While submitting the online application/form about the expression of interest in Online Trading Services (“Investor Application”  or “Express interest for Online Trading Services Application”):
    We may collect various information such as first name (given name), last name (surname), father’s name, nationality, National Identity Card no., VAT/ Tax Identification Number, Tax Registry Office (‘DOY’), customer relationship with PIRAEUS SECURITIES S.A., status (individual – business), data concerning the professional status (profession), home address, postal code, city, telephone number (fixed-mobile), email address, customer code, investor’s interests when he/she submits the Investor Application form, general interests while submitting the Online Trading Services Application, information whether you are a new customer and if you have an intangible securities system account.

5. Do we process minors’ Data?

We understand the importance of the protection of minors’ personal data and thus we do not process personal data relating to minors under 18 years old since the services of our Website are not addressed to those natural persons. If we find that we have collected data of a minor under the age of 18, without the existence of any legal basis for it, we will proceed to the immediate deletion of such data. Τhe provisions of chapters 6 and 7 of this Privacy Policy also apply to minors.

6. What are the Data Processing Purposes?


We collect and process your Data exclusively for the purposes of the provision of services by our Company, as well as for the proper operation of the Website www.piraeus-sec.gr  and especially for:

  • the satisfaction of your request relating to the products and services of the Company,
  • the Website traffic monitoring,
  • the communication between us when you submit the contact form,
  • the compliance with the obligations imposed by the current legal framework and
  • ensuring the Website’s information security.

7. What is the legal basis of Data Processing performed by the Company?


The processing of the personal data of users/ visitors of the Website is performed either in the context of the services provided by the Company or is based on the user’s consent. Specifically:

  • For the satisfaction of the expression of your request relating to the products and services of the Company (above purpose “a”), the processing of your data is necessary in order to receive our services.
  • For the communication between us when you submit the contact form (above purpose “c”) and ensuring the Website’s information security (above purpose “e”), the legal basis for the processing is the legitimate interests pursued by the Company. More specifically, processing operations “c” above seeks to maintain the effective communication channels with our customers and business partners and thus improves the level of our customers’ and business partners’ satisfaction, and processing “e” above seeks to safeguard the data and intellectual property assets of the Company and of our Website’s visitors.
  • For the use of non-technically necessary trackers ("Cookies") [e.g. for the traffic monitoring traffic (purpose "b" above )] the lawfulness of their processing is based on your consent. For more information in relation to the Cookies Policy, please read here.

8. Who are the recipients of your Data?

Recipients of your personal data are, generally, the necessary, in any case, personnel of the Company, who have received the appropriate information for the secure processing of your personal data.

Furthermore, recipients of your data may, in exceptional cases, be:

  • Supervisory, auditing, independent, judicial, public and/or other authorities and bodies as well as dispute resolution bodies within the framework of their legal duties, responsibilities, and powers when the data transfer to them is required or provided for by the law.
  • Lawyers, law firms, bailiffs, experts, consultants in the case of legal action and exercise of their duties in the context of safeguarding our rights and interests.

9. Do we transfer your Data outside the European Union?

We do not send your Personal Data to third countries or international organizations outside Greece. Your Personal Data is subject to storage and processing only in Greece.

10. When do we delete your Data?

We delete the Data that are being processed through the Website and specifically via the contact form or the application relating to the expression of interest in the Company’s products and services within a time period of one (1) year since the receipt of the relevant communication.

In relation to the Data collected via Cookies, we delete them according to the Cookies Policy.

11. Are your Data safe?

We are committed to safeguarding your Personal Data. We have taken appropriate organizational and technical measures to secure and protect your Data from any form of accidental or improper processing. These measures shall be reviewed and amended when necessary.

12. What are your data subject rights?

  • You have the right to access your personal data.
    This means that you have the right to be informed by us whether we process your Data. If we process your Data, you can ask to be informed about the purpose of processing, the type of Data we store, the recipients of your data, how long we store them, if automated decisions are made, but also about the rest of your data subject rights, such as the right to rectification, deletion of data, restriction of processing and to lodge a complaint with the Hellenic Data Protection Authority.

  • You have the right to rectify inaccurate personal data.
    If you find an error in your Data you can submit an application to us to correct them (e.g. rectify your name or change your phone number).

  • You have the right to erasure/right to be forgotten.
    You can ask us to delete your Data if they are no longer necessary for the above-mentioned processing purposes or you wish to revoke your consent in case it is used as the legal basis of the processing.

  • You have the right to Data portability.
    You can ask us to receive the Data that you have provided us in a structured, commonly used, and machine-readable format and request from us to transmit those data to another controller when the processing is based on your consent or is necessary for the execution of a contract between us.

  • You have the right to restrict the processing.
    You can ask us to restrict the processing of your Data for as long as the investigation of your objection requests relating to the processing lasts or if part of the processing is no longer required to meet the data processing purposes of your Data.

  • You have the right to object to the processing of your Data.
    You may object to the processing of your Data when such processing is being performed in the pursuit of our legitimate interests, and we will stop the processing of your Data if there are no other compelling and legitimate reasons prevailing over your right.

  • You have the right to withdraw your consent.
    In cases that the processing of your Data, for any specific reason, is based on your prior consent, you have the right to withdraw your consent so as the processing of your data will not continue in the future.

13. How can you exercise your data subject rights?

In order to exercise your rights, you can send us a Request either via registered letter to the business address of the Company (Stadiou 10 Str., 10564, Athens) or via email dpo@piraeus-sec.gr and please use the Title/Subject: “Exercise of data access right/right to rectification/ erasure/ data portability/ restriction of the processing/ objection” describing your request and we will try to respond as soon as possible.

14. When do we respond to your Requests?

Our responses to your Requests will take place within (1) one month of their receipt and do not incur any cost for you. The above time period may be prolonged for a period of two (2) additional months, due to the complexity or the number of the requests. In such case, you will be duly informed during the current month about the time extension and the reasons for it.

If your Requests are unfounded, invalid, or excessive due to their recurring nature, the Company may impose a reasonable fine, taking into account the administrative costs for providing the information or executing the requested action, or may refuse to follow up on the Request.

15. Right to lodge a complaint

In case you consider that: a) your request has not been sufficiently and lawfully satisfied or b) your right to the protection of your personal data has been violated by our processing, you have the right to lodge a complaint with the supervisory authority, i.e. the Hellenic Data Protection Authority (address: Kifissias 1-3, Postal Code: 115 23, Athens, https://www.dpa.gr/, telephone number: 210 6475600, email address: contact@dpa.gr).

16. Do we use automated decision making/ including profiling when we process your Data?

We do not make decisions, nor do we use profiling, based on automated processing of your Data.

Cookies are being used on our Website www.piraeus-sec.gr upon informing you and after providing your consent.

17. How will you be notified of any changes to this Policy?

We will update this Policy whenever necessary. If significant changes to the Policy or changes in the way we use your Personal Data occur, we will notify you either by publishing a notice in a prominent spot before such changes are put into place or by any other appropriate means. We encourage you to read this Policy on a regular basis in order to know how your Data are protected.