Klehomerie (hereinafter referred to as the "Company") is committed to protecting your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Greek Law 4624/2019. This notice outlines how we collect, use, and safeguard your information.
1. Data Controller
The entity responsible for processing your personal data is:
- Company Name: Klehomerie (Arnaud Zerdab)
- VAT Number (AFM): 174294556
- Headquarters: ΕΡΥΘΡΟΥ ΣΤΑΥΡΟΥ 20, 17778 ΤΑΥΡΟΣ
- Contact Email: gdpr@klehomerie.com
2. Types of Data We Collect
We collect and process the following categories of personal data necessary for our services:
- Identity Data: Full name, father's name, ID/Passport number, AFM (Tax ID).
- Contact Data: Email address, phone number, residential address.
- Property Data: Ownership details, property location, technical specifications, keys, and access codes.
- Financial Data: Bank account details (IBAN) for expense reimbursements and fee payments (we do not store credit card numbers).
3. Purpose of Processing
Your data is processed for the following specific purposes:
- Marketing purposes: To send you newsletters, technical insights, and promotional updates regarding Klehomerie's asset management services, subject to your explicit consent.
- Performance of Contract: To execute the Technical Asset Management Service Agreement, coordinate repairs and CapEx projects, and represent you before utility companies (DEDDIE, EYDAP) within the scope of your engagement.
- Legal Compliance: To comply with tax obligations (AADE declarations) and other regulatory requirements.
- Communication: To provide updates on your property status, send inspection reports, and respond to your inquiries.
- Educational Content & Case Studies: To analyze technical property data for the creation of industry insights and case studies, ensuring all personal identifiers and specific property locations are strictly anonymized prior to any publication.
4. Legal Basis
Processing is based on your consent (for marketing communications and case study use), contractual necessity (for service delivery), and legal obligations under GDPR Article 6 and, where special category data is involved, Article 9, as well as Greek Law 4624/2019 and applicable Greek tax legislation.
5. Data Recipients
We do not sell your data. We may share necessary data with:
- Public Authorities: Tax authorities (AADE) and utility providers (DEDDIE, EYDAP) when required by law or for contract execution.
- Third-Party Vendors: Trusted contractors (plumbers, electricians, engineers) strictly for maintenance and repair tasks at your property.
- Professional Advisors: Accountants and legal counsels bound by confidentiality.
6. International Data Transfers
Where Klehomerie uses cloud-based tools (such as Google Workspace) to store or process your data, any transfer of personal data outside the European Economic Area is carried out under appropriate safeguards, including the European Commission's Standard Contractual Clauses (SCCs), in accordance with GDPR Chapter V.
7. Data Retention
We retain your personal data for the duration of our contractual relationship. After termination, data is kept only for the period required by Greek tax and accounting legislation (typically five to ten years) or to resolve legal disputes, after which it is securely deleted.
8. Your Rights
Under GDPR, you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Correct inaccurate or incomplete data.
- Erasure ("Right to be Forgotten"): Request deletion of your data, subject to legal retention obligations.
- Restriction: Request to limit the processing of your data.
- Object: Object to processing based on our legitimate interests or carried out for direct marketing purposes.
- Portability: Receive your data in a structured, commonly used format.
To exercise these rights, please contact us at gdpr@klehomerie.com. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα, www.dpa.gr) if you believe your data protection rights have been violated.
9. Security
We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse. This includes secure digital storage and limited access to physical files.
10. Updates
We may update this notice to reflect legal or operational changes. The latest version will always be available on our website.