Section 01
Who We Are
SYMLOGIC ("SYMLOGIC", "we", "our", or "us") is a professional services firm specialising in the design, implementation, and management of complex IT and telecommunications projects. We act as the data controller for personal data collected through our website and business activities.
Data Controller
SYMLOGIC
Email: symlogic-consulting@outlook.com
Website: www.symlogic.gr
If you have any questions about how we handle your personal data, you can contact our Data Protection contact at the address above. We will respond to all requests within 30 days.
Section 02
Data We Collect
We collect personal data in the following ways and categories:
| Category | Examples | Source |
|---|---|---|
| Contact Data | Name, email address, phone number, job title | Directly from you |
| Business Data | Company name, industry, project requirements | Directly from you |
| Usage Data | IP address, browser type, pages visited, time on site | Automatically via cookies |
| Communication Data | Email correspondence, enquiry content, support tickets | Directly from you |
| Technical Data | Device type, operating system, referral source | Automatically via cookies |
We do not collect any special categories of personal data (such as health, biometric, or political data) through our website or standard business operations.
Section 03
How We Use Your Data
SYMLOGIC uses your personal data only for legitimate business purposes. Specifically, we use your data to:
- Respond to enquiries, consultation requests, and business communications submitted through our website or email
- Provide, manage, and deliver the professional services you have engaged us for
- Send service-related notifications, updates, and operational communications
- Analyse website usage to improve performance, content, and user experience
- Comply with legal obligations, regulatory requirements, and contractual duties
- Manage our internal operations including invoicing, record-keeping, and project management
- Protect the security and integrity of our systems and services
We will never sell, rent, or trade your personal data to third parties for their own marketing purposes.
Section 04
Legal Basis for Processing
Under GDPR, we must have a valid legal basis for processing your personal data. Depending on the activity, we rely on the following legal bases:
- Contractual necessity — processing required to fulfil a contract with you or to take steps at your request before entering into a contract
- Legitimate interests — processing necessary for our legitimate business interests (e.g. improving our services, website analytics, business development), provided these interests are not overridden by your rights
- Legal obligation — processing required to comply with a legal or regulatory obligation applicable to SYMLOGIC
- Consent — where you have given us clear, specific consent to process your data for a defined purpose (e.g. marketing communications). You may withdraw consent at any time
GDPR Compliance
All processing activities at SYMLOGIC are documented in our internal Record of Processing Activities (RoPA) in accordance with Article 30 of the GDPR. We conduct Data Protection Impact Assessments (DPIAs) for any processing likely to result in high risk to individuals.
Section 05
Data Sharing & Third Parties
SYMLOGIC does not sell your personal data. We may share your data with carefully selected third parties only where necessary and under strict data protection terms:
- Service providers — technology vendors, cloud infrastructure providers, and professional advisors who process data on our behalf under Data Processing Agreements (DPAs)
- Business partners — where you have engaged us on a project involving partner organisations, and sharing is necessary to deliver the service
- Legal authorities — regulatory bodies, law enforcement, or courts where we are required by law to disclose information
- Corporate transactions — in the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction, subject to equivalent privacy protections
All third-party processors are contractually required to handle your data securely and only for the purposes we specify. We maintain a register of all third-party data processors.
Section 06
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
| Data Type | Retention Period | Rationale |
|---|---|---|
| Enquiry & contact data | 2 years from last contact | Legitimate interest in business follow-up |
| Client project data | 7 years post-contract | Legal and contractual obligations |
| Financial records | 7 years | Tax and accounting legislation |
| Website analytics | 12 months | Standard analytics cycle |
| Marketing consent records | Until consent withdrawn + 1 year | Evidence of consent |
Upon expiry of the relevant retention period, personal data is securely deleted or anonymised in accordance with our Data Retention Policy.
Section 07
Your Rights Under GDPR
As a data subject under the GDPR, you have the following rights with respect to your personal data. You may exercise any of these rights at any time by contacting us at privacy@symlogic.com:
Response Timeframe
We will respond to all data subject requests within 30 days of receipt. In complex cases, we may extend this by a further two months and will notify you accordingly. We will not charge a fee for exercising your rights unless requests are manifestly unfounded or excessive.
Section 08
Cookies & Tracking
Our website uses cookies and similar tracking technologies to enhance your browsing experience and understand how visitors interact with our content. Cookies are small text files stored on your device.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Required for the website to function correctly | Session / Persistent |
| Analytics | Understand visitor behaviour and improve the site | Up to 26 months |
| Preference | Remember your settings and choices | Up to 12 months |
| Marketing | Track visits for remarketing (only with consent) | Up to 90 days |
You can manage or disable cookies through your browser settings at any time. Note that disabling certain cookies may affect website functionality. Where required by law, we will obtain your consent before placing non-essential cookies.
Section 09
Data Security
SYMLOGIC takes the security of your personal data seriously. We have implemented appropriate technical and organisational measures to protect your data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:
- Encryption of data in transit (TLS/SSL) and at rest
- Role-based access controls and the principle of least privilege
- Regular security assessments, vulnerability testing, and patch management
- Employee training on data protection and information security
- Incident response procedures including breach notification protocols
- Regular backups and disaster recovery testing
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, inform affected individuals without undue delay.
Section 10
International Data Transfers
SYMLOGIC primarily processes personal data within the European Economic Area (EEA). Where we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:
- Transfers to countries with an adequacy decision from the European Commission
- Use of Standard Contractual Clauses (SCCs) approved by the European Commission
- Binding Corporate Rules (BCRs) where applicable
- Other lawful transfer mechanisms as permitted under Chapter V of GDPR
You may request a copy of the specific safeguards applied to transfers of your data by contacting us at privacy@symlogic.com.
Section 11
Children's Privacy
SYMLOGIC's services are directed exclusively at businesses and professionals. Our website is not intended for, and we do not knowingly collect personal data from, individuals under the age of 16.
If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete that information. If you believe we have collected data from a minor, please contact us immediately at privacy@symlogic.com.
Section 12
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify registered users or active clients by email where the changes are significant
- Display a prominent notice on our website for a reasonable period following the update
We encourage you to review this policy periodically. Your continued use of our website or services following any changes constitutes your acceptance of the updated policy.
Version History
Current version: 1.0 — Published 23 February 2026. This is the initial version of the SYMLOGIC Privacy Policy.
Section 13
Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal data, please contact us using the details below. We are committed to resolving any issues promptly and transparently.
Data Protection Contact
SYMLOGIC
Email: symlogic-consulting@outlook.com
Subject line: Privacy Request – [Your Name]
You also have the right to lodge a complaint with your national data protection supervisory authority. In the EU, a full list of supervisory authorities is available on the European Data Protection Board website.