Skip to main content

Privacy Policy

Effective Date: 06/07/2024

1. Introduction

At Vera Alexandropoulou Law Firm ("we," "us," or "our"), we value and prioritize your privacy. This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of your personal information when you engage our legal services or interact with us in other ways. Our commitment is to handle your personal data with the utmost care and in compliance with national applicable data protection legislation and the Regulation (EU) 2016/679 (General Data Protection Regulation/GDPR).

2. Information We Collect

We may collect and process the following categories of information:

  • Personal Identifiers: Including, but not limited to, your name, address, email address, phone number, date of birth, Tax Identification Number, ID details, Social Security number, and other government-issued identification numbers.
  • Professional Information: Such as your occupation, employer details, and professional credentials.
  • Legal Case Information: Including case histories, documentation, communications, and other information pertinent to your legal matters.
  • Financial Information: Such as credit card numbers, bank account details, billing addresses, and payment history.
  • Communications Data: Including records of your correspondence with us, whether by email, telephone, or other means.

3. Methods of Information Collection

We gather information through various means:

  • Direct Collection: When you provide information directly to us during consultations, through forms, via email, over the phone, or in person.
  • Third-Party Sources: Such as public records, opposing parties, governmental agencies, and other entities relevant to your case.
  • Internal Processes: Through our case management systems and other operational processes.

4. Purposes of Data Processing

We process your personal information for the following purposes:

  • Provision of Legal Services: To deliver effective legal representation and manage our professional relationship with you.
  • Case Management: To maintain comprehensive and accurate records of your legal matters.
  • Billing and Financial Management: To process payments, manage accounts, and fulfill our financial obligations.
  • Client Communications: To keep you informed about your case, provide legal updates, and communicate relevant information about our services.
  • Regulatory Compliance: To comply with legal obligations, respond to regulatory requests, and uphold our professional responsibilities.
  • Operational Efficiency: To enhance and streamline our business operations, ensuring high-quality service delivery.

5. Legal Basis for Processing

Our legal basis for processing your personal data includes:

  • Contractual Necessity: Processing necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract.
  • Legal Obligation: Processing required to comply with our legal and regulatory obligations.
  • Legitimate Interests: Processing necessary for our legitimate interests, such as improving our services and ensuring the security of our operations, provided these interests are not overridden by your rights and interests.
  • Consent: Processing based on your explicit consent, which you can withdraw at any time; such withdrawal however not affecting the legality of the processing until that point.

6. Data Sharing and Disclosure

To ensure the proper management of Vera Alexandropoulou Law Firm, we collaborate with various suppliers. Depending on their role in handling personal data (whether as Joint Controllers or Processors), we have established Data Processing Engagements or Agreements and implemented all necessary security measures to protect your Personal Data during its transfer. Examples of Vera Alexandropoulou Law Firm’s suppliers (and recipients of certain categories of your personal data) include:

  • Internal Personnel such as employees, contractors, and agents who need access to your information to provide our services
  • External accountants
  • IT specialists and technical support
  • Translators
  • Bailiffs
  • In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the involved third parties under appropriate confidentiality agreements.
  • Courier companies
  • Third-party vendors and Cloud service providers (your data may be transferred to them when we save a document that may include your Personal Data), under strict confidentiality agreements. 
  • Platforms for announcing job openings and collecting CVs from candidates
  • Other law firms and/or lawyers we collaborate with to provide our services, as per our mandate
  • Public Authorities and Administrative Bodies: Tax Offices, Judicial authorities, the Police, and prosecutorial authorities in cases of criminal acts or legal claims.

International Transfers of Personal Data

In the course of providing our legal services, including our specialized shipping law services, Vera Alexandropoulou Law Firm may transfer your personal data to countries outside of your country of residence. This may be necessary for various reasons, including but not limited to collaborating with international partners, service providers, or fulfilling legal and regulatory requirements in different jurisdictions.

Countries and Recipients

Your Personal Data may be transferred to and processed in third countries. Apart from the above, some examples of recipients of your data in international transfers include:

  • External Accountants: Based in different jurisdictions to ensure compliance with international financial regulations and maritime law requirements.
  • Cloud Service Providers: Hosting data on servers located globally to ensure data redundancy and security.
  • Other Law Firms and Lawyers: Collaborating internationally to provide comprehensive legal services in (shipping) law as mandated.
  • Public Authorities and Administrative Bodies: Complying with international legal requests and regulatory requirements, including maritime authorities.
  • Shipping Companies and Agents: Engaging with international shipping entities as part of our legal services.
  • Insurance Providers: Working with international maritime insurance companies to handle claims and coverage issues.

Safeguards and Measures

To ensure the protection of your Personal Data during international transfers, we have implemented appropriate safeguards, which may include:

  • Standard Contractual Clauses (SCCs): We enter into agreements using SCCs approved by relevant data protection authorities.
  • Adequacy Decisions: Transferring data to countries that the relevant data protection authority has deemed to have adequate data protection laws.
  • Data Processing Agreements (DPAs): Ensuring all third-party service providers adhere to our high data protection standards.
  • Technical and Organizational Measures: Utilizing encryption, pseudonymization, and secure data transfer protocols.

7. Data Security

We employ robust security measures to protect your personal data, including:

  • Physical Security: Secure facilities and restricted access controls.
  • Technical Security: Encryption, anonymization, secure servers, and regular security audits.
  • Organizational Security: Comprehensive data protection policies, certified personnel, and regular staff training on data privacy and security.

8. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes for which it was collected, comply with legal and regulatory requirements, or resolve disputes. Upon the expiration of the retention period, we will securely delete your personal information.


9. Your Data Protection Rights

You have the following rights:

  • Access: The right to request access to your personal data.
  • Rectification: The right to request correction of inaccurate or incomplete data.
  • Erasure: The right to request the deletion of your personal data, subject to legal exceptions.
  • Restriction: The right to request the restriction of processing of your personal data, subject to legal exceptions.
  • Data Portability: The right to request the transfer of your personal data to another organization.
  • Objection: The right to object to the processing of your personal data, indicatively for direct marketing purposes.
  • Consent Withdrawal: The right to withdraw your consent where processing is based on consent; such withdrawal however not affecting the legality of the processing until that point.
  • Lodge a complaint with the Greek Data Protection Authority at the following contact details:

Address: Kifissias 1-3, 115 23 Athens, Greece
Telephone: +30-210 6475600
Fax: +30-210 6475628

To exercise these rights, please contact us using the details provided below. We may need to verify your identity before processing your request.

10. Third-Party Links

Our communications or documentation may contain links to third-party resources. We are not responsible for the privacy practices, security protocols or content of these third-party resources. We suggest that you review the privacy policies of any third-party services you interact with.

11. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by providing an updated policy. Your continued engagement with our services after such updates signifies your acceptance of the revised policy.

12. Contact Us

For any questions or concerns regarding this Privacy Policy or our data protection practices, please contact us at:

Vera Alexandropoulou Law Firm

Mavromichali 3 street, PC 18545


Tel. +302104121980