Privacy Policy & GDPR — BPC | Best Practice Consulting

Best Practice Consulting takes its users' privacy very seriously and undertakes to comply in full with the applicable law, including the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"). This notice explains how personal data collected through this website is processed.

Data controller & Data Protection Officer

The data controller is Best Practice Consulting S.A., 6 Anapafseos Street, Metamorfosi, Attica 144 51, Greece. You can reach our Data Protection Officer at dataprotectionreport@bpc.gr.

Personal data we collect

We process ordinary personal data arising from your interactions with the website — including registrations, service requests, contact-form submissions and cookies. Where relevant, and only with your consent or to fulfil a legal or contractual obligation, we may also process special categories of data (Article 9 GDPR), such as health-related information.

Purposes and legal basis

Providing and optimising our services and website (Article 6.1.a — consent)
Complying with legal obligations (Article 6.1.c)
Institutional communications and marketing, where you have opted in
Establishing, exercising or defending legal claims (Article 6.1.f — legitimate interest)

Data retention

Personal data is stored only to the extent required to achieve the purposes described above, and is kept no longer than strictly necessary — in line with the principle of storage limitation (Article 5.1.c GDPR).

Security

We protect personal data using advanced security technologies and procedures, and our servers are held in protected, access-controlled environments. You can ask us to update your personal information at any time.

Who we share data with

Data may be shared with authorised internal staff (technical, administrative, IT and product management), trusted third-party service providers (such as IT and cloud services), public institutions and authorities, and professional consultants. Any international transfers are made using GDPR-compliant mechanisms, including Standard Contractual Clauses.

Your rights under GDPR

You may request confirmation of whether we hold data about you, and access to, correction or deletion of that data; you may restrict or object to processing, withdraw consent at any time, and lodge a complaint with the competent Data Protection Authority. To exercise these rights, contact the controller or our DPO.

Cookies

This website uses technical cookies required for basic functionality (first-party, session or persistent), profiling cookies used for preference-based advertising (third-party), and Google Analytics cookies (third-party, persistent) for statistical analysis of visits, with opt-out available through Google. You can manage or disable cookies through your browser settings.

Contact

For any privacy-related question, email dataprotectionreport@bpc.gr or use our contact page.