Privacy Policy

This Privacy Notice explains how we process your personal information when you contact HR PSYCHOLOGY – TODAY EE or use any of our services through the Web Application (WA). The WA includes a consent mechanism that complies with the law, utilizing Google Consent v.2. The consent runs in the background and is not displayed as a cookie banner on the user interface. In short, by using the WA, and by reading and accepting the Terms & Conditions and the Privacy Policy (mandatory checkbox during Registration), the user provides their consent. If the user does not wish to consent, they must not accept the terms and therefore will not use the Soulfood Mobile App (hereinafter WA).

Contact Information for the Data Controller

For any processing of personal data through the WA of HR PSYCHOLOGY – TODAY EE, the Data Controller is HR PSYCHOLOGY – TODAY EE, 6 Keas Street, 16346 Ilioupoli, Phone: 2109952750, Email: [email protected].

Contact Information for Data Protection

For any Data Protection issues related to the WA of HR PSYCHOLOGY – TODAY EE, you may contact us directly at 2109952750. To exercise your rights or for any other data processing matters covered by this policy, you may contact us via email at [email protected] or by postal mail at 6 Keas Street, 16346 Ilioupoli. Please indicate 'For HR PSYCHOLOGY TODAY' on the envelope.

When and How We Collect Your Personal Data

We primarily receive personal data directly from you for the following reasons: - You requested services from HR PSYCHOLOGY – TODAY EE through the WA, such as personalized counseling sessions with psychological and nutritional counselors or browsing psychological, nutritional, and happiness-related material. - You registered for the HR PSYCHOLOGY – TODAY EE Newsletter. - You contacted us through the WA contact form.

Service Requests

We use information such as your name, email, and other details provided during your registration, should you choose to request personalized advice. Otherwise, we only retain your email address, whether corporate or personal. The purpose of collecting and processing this data is to communicate with you and provide services effectively. The legal basis is Article 6(1)(b) of the GDPR for service

performance and Article 6(1)(a) for explicit consent. For non-personalized advice, data is anonymized, and only the email address is collected for technical operation reasons without further processing. Data retention period: two (2) years. You have rights to access, rectify, delete, restrict processing under conditions, and lodge complaints.

Newsletter Registration

We use your email address to send you our Newsletter. Upon subscription, you will receive a confirmation email followed by regular newsletters and updates. Purpose: Sending the e-Newsletter and updates. Legal basis: Your consent according to Article 6(1)(a) GDPR. Retention: As long as you remain subscribed. You may withdraw your consent at any time, leading to deletion of your information and cessation of newsletter delivery. Rights: Access, rectify, delete, restrict processing, and lodge complaints.

Contact through the Contact Form

We collect data such as name, surname, email, phone number, and any other data you provide when using the WA's contact form. Retention: Two (2) years from the date of contact. We also store our reply. Purpose: Responding to your inquiry. Legal basis: Article 6(1)(b) GDPR. Rights: Same as for newsletter registration.

Disclosure and Transfer of Personal Data

As a rule, we do not disclose or transfer your data to third parties. Data may be shared with processors supporting our systems. Data is stored via the WA on cloud infrastructure managed by ATCOM and potentially on Microsoft's cloud services. ATCOM INTERNET & MULTIMEDIA S.A. manages the WA, and authorized personnel may access data entered through New Member Registration, Newsletter Registration, and the contact form.

The WA does not use cookies. Some technical crash reporting data sent to Firebase Crashlytics is anonymous and not linked to users. No user-specific data is stored locally, except the language preference. OAuth 2.0 authorization is used without storing user credentials, only an access token, which does not contain personal data.

Your Rights Regarding Personal Data

Under data protection law, you have rights concerning your personal data:

- Right to request information and copies of your personal data.

- Right to request correction of inaccurate or incomplete information.

- Right to request deletion of your personal data under certain conditions.