Publication date: January 2026
Notification for the Processing of Personal Data
The present website with the electronic address www.goretailoncloud.gr (hereinafter the “Website”) is owned by and operated under the management of the company under the trade name “ENTERSOFTONE SOCIETE ANONYME” with the distinctive title “ENTERSOFTONE S.A.” having its registered office at 8, Achilleos str. and Lambrou Katsoni str, P.C. 17674, Kallithea, Attica, Greece (hereinafter called as hereinafter the “Company”, “we”, “us”). Our website Privacy Policy explains how we collect, use, disclose and otherwise process personal data when you visit and use our website, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Greek and EU data protection legislation. This Privacy Policy does not apply to the processing of data carried out in the context of the SaaS Service, which is governed exclusively by the respective SaaS Agreement and the relevant Data Processing Agreement (DPA).
The Data Controller for the processing of your personal data is:
ENTERSOFTONE S.A.
8 Achilleos str. & Lambrou Katsoni str.
17674 Kallithea, Attica, Greece
Our Data Protection Officer (DPO) is Dimitrios Kampourmalis. You may contact our Data Protection Officer at: dpo@entersoftone.gr
Your personal data is being provided in terms of your visit to our website and the completion of the provided contact form, namely:
| Source of data collection | Categories of Personal Data | Purpose | Legal basis of processing (Articles of the GDPR) |
| Website visit |
IP address
Device and browser information Log files and technical identifiers Cookie and similar technology data |
Ensuring website security and stability
Preventing fraud and misuse Technical operation and performance optimisation |
Article 6, par. 1 (f) – the processing is necessary for the purposes of the legitimate interests pursued by the Company and in particular for security reasons and to ensure the proper functioning of the website
Article 6 par. 1(a) – processing takes place only following the data subject’s prior consent (for optional cookies) |
| Contact form / Communication via our website |
Name and surname
Email address Telephone number Subject and content of your message Keystrokes are recorded only at the interaction level. Field content is masked by default (e.g. password fields, email addresses, free-text inputs). |
Responding to enquiries and requests
Pre-contractual communication Corporate and business communication |
Article 6(1)(b) GDPR – steps prior to entering into a contract
Article 6(1)(f) GDPR – legitimate interest in business communication |
| Use of Chat Assistant
The Website provides a chat assistant to facilitate communication with visitors. |
When using the chat, personal data may be submitted, such as message content and any contact details the data subject chooses to share. |
Responding to enquiries and requests
Pre-contractual communication Corporate and business communication |
Processing is carried out for the handling of requests, the provision of information and for pre-contractual and business communication purposes, pursuant to Article 6(1)(b) and (f) GDPR. |
| Chat Function |
The Website provides a chat assistant to facilitate communication with visitors.
When using the chat, personal data may be submitted, such as the content of messages and any contact details that the data subject chooses to disclose |
Management and response to requests
Pre-contractual communication Corporate and business communication |
Article 6(1)(b) and (f) GDPR |
| Free Trial of Solutions |
Personal details (first name, last name)
Contact details (telephone number, email address) Business information (company name, business activity, number of employees) |
Taking steps prior to the conclusion of a contract at the request of the data subject | Article 6(1)(b) GDPR |
| Newsletter Subscription (where provided) |
Personal details (first name, last name)
Contact details (email address) Cookies data |
Corporate and business communication | Article 6(1)(a) GDPR – consent |
| Social Media (where provided) |
Login credentials
Cookies data |
Corporate and business communication | Article 6(1)(f) GDPR – legitimate interest of the Company |
Recipients of Personal Data
Your personal data may be accessed by:
- Authorized personnel of the Company
- External service providers acting as data processors (e.g. IT hosting, website maintenance, analytics providers), subject to Article 28 GDPR agreements
We do not sell or trade your personal data.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:
- Website technical data: up to 12 months, unless required longer for security incidents
- Contact form data: up to 24 months from the last communication, unless further retention is required for legal or contractual reasons
- Cookie data: as specified in the Cookie Policy
After the expiry of the applicable retention period, data is securely deleted or anonymised.
International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), including to providers located in the United States (e.g. analytics services), such transfers are carried out only:
- After your explicit consent, where required, and
- Using appropriate safeguards in accordance with Articles 44–49 GDPR, such as:
- Standard Contractual Clauses (SCCs)
- Supplementary technical and organisational measures
Further information on safeguards may be requested from our DPO.
Cookies
The Website uses cookies and similar technologies.
- Strictly necessary cookies are placed automatically and are required for the proper functioning of the Website.
- Optional cookies (e.g. analytics, performance, functionality) are used only after your explicit consent, provided via our cookie banner.
You may manage or withdraw your consent at any time through the cookie banner settings tool available on the Website.
For detailed information, please consult our Cookie Policy, which forms an integral part of this Privacy Notice.
Similar Technologies
A. Technical & Online Identifiers
- IP address (in truncated / masked form)
- Cookie ID / Clarity user identifier
- Device type, operating system, browser
- Screen resolution
- Session ID
- Timestamp
B. Usage / Behavioural Data
- Navigation within the application (page views, clicks)
- Scroll activity
- Mouse movements
- Session duration
- Interaction paths (heatmaps, session recordings)
C. Communication Metadata
- Referrer URL
- Language settings
- Time zone (at a technical level)
D. Data Potentially Captured via Forms
- Keystrokes recorded only at the interaction level
- Field content is masked by default (e.g. password fields, email addresses, free-text inputs)
Security Measures
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including protection against unauthorized access, loss, alteration or unlawful processing.
Data Subject Rights
You have all relevant rights under the GDPR, and in particular the right to information, access, rectification, erasure (“to be forgotten”), restriction of processing, data portability, objection and withdrawal of consent. Please submit your requests responsibly. For any issue related to the processing of your personal data, you can contact our DPO by email: dpo@entersoftone.gr
Right to Lodge a Complaint
For further information and advice on your rights or to submit a complaint, you may contact the Hellenic Data Protection Authority:
Kifissias 1-3, P.C. 115 23, Athens, Greece
Telephone: +30-210 6475600
E-mail: contact@dpa.gr.