Βρες Διατροφολόγο
← Back to home

Privacy Policy

Last updated: 5/6/2026

Privacy Policy

Website: vresdiatrofologo.gr

The protection of your personal data is important to us. This Privacy Policy explains what data we collect when you use the vresdiatrofologo.gr Platform, why we collect it, how we use it and what your rights are.

This Policy complies with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Greek Law 4624/2019.

1. Data Controller

The Controller of your data is:

  • Company name: Athlisis Health Development IKE

  • Trade name: Athlisis

  • Registered office: Lachana 6, Nea Filadelfia 14342

  • VAT no.: 801416447 / Tax office: Neas Ionias

  • Contact email: info@athlisis.com

  • Phone: 21 0440 4555

(hereinafter the "Company", "we")

2. Who this applies to

This Policy concerns:

  • Visitors who browse the website and search for a dietitian.

  • Users who fill in a contact form or make an online appointment booking.

  • Dietitians (Professionals) who register on the Platform.

3. What data we collect

3.1 From visitors (browsing without registration)

  • IP address, device type, operating system, browser.

  • Browsing history on the Platform (pages, duration, searches).

  • Approximate geographic area (via IP), so we can suggest dietitians near you.

  • Cookies and similar technologies, in accordance with the Cookie Policy.

3.2 From users contacting a dietitian

When you fill in a contact form or make an online booking, we ask for:

  • Email

  • Phone

  • Reason for contact (e.g. weight loss, sports nutrition, dietary counselling)

  • Preferred appointment date/time (where applicable)

  • Message to the dietitian

Important note about the reason for contact:

The "reason for contact" may in some cases reveal information related to your health (e.g. if you state that you are looking for a dietitian for diabetes or to manage a condition). Please do not include sensitive medical data in the form. You can state the general reason (e.g. "weight loss", "sports nutrition") and discuss the details directly with the dietitian.

If you choose to disclose information related to your health, its processing is based on your explicit consent (Article 9(2)(a) GDPR), which you provide through the corresponding checkbox on the form.

3.3 From registered dietitians

  • Professional information: name, specialty, degrees, license to practice.

  • Contact information: email, phone, office address.

  • Profile photo, biography, services, price list.

  • VAT number and billing details (for subscriptions).

  • Payment details (handled directly by the payment provider, see par. 5).

3.4 From reviews

When you submit a review for a dietitian, we collect a name or pseudonym, email (for confirmation and to prevent fake reviews), rating and review text.

4. Legal basis and purpose of processing

Activity Legal basis Purpose
Operation of the website, dietitian search Legitimate interest (Article 6(1)(f) GDPR) Service provision
Contact form / online booking Performance of contract or pre-contractual measures (Article 6(1)(b)) Connection with the dietitian
Health-related data in reason for contact (if disclosed) Explicit consent (Article 9(2)(a)) Appointment preparation
Dietitian registration and subscriptions Performance of contract (Article 6(1)(b)) Provision of subscription services
Analytics cookies Consent (Article 6(1)(a)) Statistics, service improvement
Newsletter / informational emails Consent (Article 6(1)(a)) Marketing
Tax documents, accounting Legal obligation (Article 6(1)(c)) Compliance with the law
Handling complaints, legal claims Legitimate interest (Article 6(1)(f)) Defence against claims

5. Who your data is shared with

5.1 With the dietitians

When you contact or book through the Platform, your information is transmitted to the chosen dietitian. The dietitian acts as an independent Data Controller and is bound by their own Privacy Policy, which they are required to maintain.

5.2 With processors (service providers)

We work with third-party providers who help us operate the Platform. All have signed relevant Data Processing Agreements and are bound by confidentiality:

  • Hosting provider: [provider name, EU country, e.g. Hetzner Online GmbH, Germany]

  • Google Analytics: Browsing statistics (Google Ireland Limited).

  • Email marketing provider: [Mailchimp / MailerLite / other] for sending informational emails.

  • Payment provider: [Stripe / Viva Wallet / other] for processing dietitian subscriptions.

  • Email communication provider (transactional emails).

  • Accounting firm for tax obligations.

5.3 With public authorities

When there is a legal obligation (e.g. request from a judicial or audit authority, AADE/Greek tax authority).

5.4 We do not sell your data

We do not sell, rent or exchange your personal data with third parties for advertising purposes.

6. International transfers

Your main data is hosted on servers within the European Union.

Some providers we use may also process data outside the EU (e.g. Google Analytics, certain email marketing providers). In such cases, the transfer is based on:

  • An adequacy decision by the European Commission (e.g. EU-US Data Privacy Framework for the US), or

  • Standard Contractual Clauses, in accordance with Article 46 GDPR.

You can request a copy of the safeguards at [privacy@vresdiatrofologo.gr].

7. Data retention period

We retain your data only for as long as necessary:

Category Retention period
Contact form / booking data Up to 24 months from the last contact
Dietitian accounts For as long as the partnership lasts + 5 years after termination
Tax documents 10 years (legal obligation)
Reviews As long as the dietitian's profile is active
Browsing data / cookies According to the Cookie Policy
Newsletter Until consent is withdrawn
Security logs Up to 12 months

After the retention period expires, the data is securely deleted or anonymised.

8. Your rights

Under the GDPR, you have the following rights:

  • Right of access: to request a copy of your data.

  • Right to rectification: to correct inaccurate or incomplete data.

  • Right to erasure ("right to be forgotten"): to request deletion of your data when there is no lawful reason to retain it.

  • Right to restriction of processing: in specific cases.

  • Right to data portability: to receive your data in a structured format.

  • Right to object: in particular when processing is based on legitimate interest.

  • Right to withdraw consent: at any time, without affecting the lawfulness of prior processing.

  • Right not to be subject to automated decision-making: we do not make decisions affecting you based solely on automated processing.

How to exercise your rights

Send an email to [privacy@vresdiatrofologo.gr] or a letter to our registered office. We will respond within one month (extendable by up to two months for complex requests). Exercising your rights is free of charge, unless requests are manifestly unfounded or excessive.

For security reasons, we may ask you to verify your identity.

9. Right to lodge a complaint with the Authority

You have the right to lodge a complaint with the Greek Data Protection Authority (DPA / HDPA):

10. Data security

We take appropriate technical and organisational measures to protect your data, including:

  • Encryption in transit (HTTPS/TLS).

  • Encryption of sensitive data at rest in the database.

  • Role-based access control.

  • Regular backups.

  • Activity logs.

  • Staff training.

Despite the measures we take, no electronic transmission or storage is 100% secure. In case of a data breach that may concern you, we will inform you in accordance with GDPR provisions.

11. Children

The Platform is not intended for minors under 16 years of age. We do not knowingly collect data from children. If you discover that a child has submitted information, please contact us for immediate deletion.

12. Automated decision-making — Profiling

We do not use your data for automated decision-making or profiling that legally or significantly affects you.

13. Changes to the Policy

This Policy may be updated. Significant changes will be announced on the Platform and/or by email to registered users. We recommend that you periodically review the Policy for updates. The last updated date is shown at the top of the document.

14. Contact

For any questions regarding this Policy or the processing of your data:

  • Email: info@athlisis.com

  • Phone: 2104404555

  • Address: Lachana 6, Nea Filadelfia 14342

By using the Platform you declare that you have read and understood this Privacy Policy.