WEBSITE PRIVACY POLICY

See how we keep your personal data safe

This Policy applies to all your web browsing activity on the Praxia Bank website (the “Bank” or “we”).  The Bank, as Data Controller of your personal data in accordance with the General Data Protection Regulation EU 2016/679 (‘’GDPR’’), hereby informs you of all details related to the collection and processing of your personal data each time you visit and/or use our website www.praxiabank.com.

Which data do we collect?

During your web browsing session on our site, we collect the following data categories:

(a) Device data: We collect the data specific to the device used such as your IP address, Device ID, URL of the webpage from which you were directed to our website, the operating system used by your device, the browser you use as well as geolocation data in case the GPS functionality of your device is activated.

(b) Identification and Communication Data: To send us a message, question, comment and/or complaint through the Contact Us form available on our site, we will ask you to submit your name, surname, mobile number and email to contact you in response to your query. To subscribe to our Newsletter in order to be notified of our new products and services we will ask you to submit your email only. We will store your email subject to your explicit consent and confirmation that it belongs to you. If you fill in the Contact Us form on behalf of a corporate entity, we will ask you to submit the name, surname, and email address of the legal representative of the business to contact them directly.   Contact Us forms contain unrestricted text entry fields. We advise you not to enter any personal data that you would not wish the Bank to have access to.

(c) Cookies and other online identifiers: We collect data identified by cookies and other identifiers (including but not limited to online identifiers, pixels, web beacons) following your explicit consent. Regarding cookies and related technologies that we use on our site, you may find out more here wherein you can adjust your settings.

Why do we process your personal data?

(a) To protect and ensure our legitimate interests: We process your device-specific personal data to ensure the proper functioning of our website and the services offered therein and to resolve instantly potential technical issues that may arise during your browsing session. In the meantime, we try to ensure the security of our ΙΤ systems and of our website.   In case you send us a question or request through the Contact Us form, we need to know certain data for you in order to reply to your message. Our purpose is to serve you best.

(b) Once we have your consent: if you agree to the instalment of non-necessary cookies, we process your data identified through the cookies and other online identifiers to upgrade our services, to offer you customized solutions that match your profile and to assess the impact of online advertising as well as to monitor your interactions between our website and social media accounts.   If you subscribe to our Newsletter and confirm that the email you submitted belongs to you, we store your email to inform you of our new products and services.   In the above instances, you consent to the processing of your personal data by submitting an electronic statement that is clearly distinct from other issues, in an easily accessible and legible format. Your consent is provided freely, and you retain the right to withdraw your consent at any time by contacting us through all available communication channels. Consent withdrawal applies only to the future and in no way affects the lawfulness of data processing which occurred prior to the withdrawal.

(c) To comply with our legal obligations: if you are a customer of the Bank and you fill in the Contact Us form to submit your request and/or complaint in order to resolve the issue you are experiencing, we are obliged to respond to you once we have confirmed you are an existing customer of the Bank. If the information you have provided is insufficient to identify you, we may contact you to ask for supplementary information.

The personal data collected from you for the reasons above shall not be used for any automated decision-making, including profiling, that would result in legal effects that may concern or affect you significantly in a similar way.  Your personal data will not be subjected to data processing by the Bank for reasons other than those referred to herein as part of this Policy.

How do we collect data about you?

We collect your personal data directly from you through your web browsing on our site, your use of our online banking services, your submission of a request or complaint through the communication forms made available at our site, your online chat/comment or visit to our social media accounts or through your online search for new products and/or services. If we resort to third parties for data collection purposes, we will inform you accordingly. 

Whom do we transfer your data to?

It is possible that the Bank may transfer your data to third party providers in order to offer you an all-inclusive range of site functionalities; in particular,

  • To providers or third parties in partnership with the Bank to support its day-to-day operations and to ensure the appropriate and qualitative provision of our services, such as to IT firms with a responsibility for supporting and maintaining our online platforms and security services in our banking systems;
  • To advertising firms responsible for the promotion of our products and services and the conduct of market research and data analysis services;
  • To database, website and cloud services management providers;
  • To providers managing your application for employment;
  • To regulatory authorities, when and to the extent required.  

We have no intention of transferring your personal data outside the European Economic Area (EEA), unless the execution of services requested by you entails the transfer of your data to a third country. We carefully assess our third-party providers to make sure that your personal data in its entirety gets stored within the EEA.  However, in the event we need to transfer your data outside the EEA, we will do so only if the same level of data protection is assured and/or the appropriate security layers are provided. These instances may include:

  • Data transfer with countries approved by the European Commission in terms of the appropriate level of security;
  • Use of appropriate guarantees such as Binding Corporate Rules or Standard Contractual Clauses.   
How do we keep your data secure?

We use appropriate security technology measures in line with international best practices and the applicable legal framework in force. Such security measures include, amongst others, encryption, consistent infrastructure checks, security systems implementation, periodical evaluation of our third-party providers as well as the advice provided by our Data Protection Officer with respect to the way we collect, use and transfer your data to ensure that your data protection rights are not violated.   We make our best effort to keep you aware for the security measures you should take. Since web browsing is never entirely secure, it is your responsibility to make sure that the devices used are adequately secure and protected from malicious software.

How long we keep your data?

The data collected from our website gets stored for as long as it is deemed necessary for the completion of each processing purpose and in any case no more than 5 years. Following this period, it is likely that some data may be retained anonymized solely for statistical purposes.

For existing customers who have submitted a complaint by filling in the required form, data will be retained for a minimum 5-year period effective as of the date of receipt of the complaint. If data processing is subject to your consent, your data is retained until your consent withdrawal.

In case the length of the data retention period differs to the provisions of the applicable legal or regulatory framework, the retention period will be modified accordingly. It is likely that we may need to retain your personal data for a longer period if there is a pending legal dispute requiring evidence to support the Bank’s legitimate interest.  

Which are your rights?

The GDPR has introduced and/or strengthened your rights on your personal data. In this context, you have the following rights regarding the personal data you share with us:

  • Right of access to your personal data: You can ask us for information about the personal data we hold about you and process, about the purpose of such processing, the relevant categories of personal data, with whom we share it, the envisaged retention period, the right to lodge a complaint with the supervisory authority, where the relevant data is not collected by you any available information on their source and the logic involved in any automated processing, if any.
  • Right to rectification: You can at any time correct, complete and update your personal details. It is essential for us to always have up-to-date data about you, so please let us know if any change occurs.
  • Right to restriction of processing: You may ask us to restrict or refrain from using certain personal data that are no longer necessary for the performance of our services. However, there may be legal restrictions that prevent us from doing so. We will inform you accordingly in any case.
  • Right to Erasure: You may ask us to delete your personal data, however we may have a legal obligation to keep them.
  • Right to objection: You can object to the use of your personal data in case the processing is held for marketing purposes and in any other case where processing is based on the Bank's legitimate interests, unless the Bank demonstrates that there are overriding legitimate grounds for processing.
  • Right to data portability: Where possible we can share a digital copy of your data obtained electronically with you or another data controller upon your request.  
How can you exercise your rights?

If you wish to exercise any of your rights or if you are dissatisfied with the terms of processing of your personal data by the Bank, you may contact us via email at dpo@praxiabank.com or send a letter to Praxia Bank, 14 Agamemnonos Str. & Eth. Antistaseos, 15231, Chalandri, Athens, Greece.

We will use our best endeavors to respond to your request within thirty (30) days from its receipt. We may also extend the period of our response to you for another sixty (60) days only upon valid justification for which we will inform you. If you feel that your request was not sufficiently satisfied you can lodge a complaint before the Hellenic Data Protection authority at www.dpa.gr .

Data Controller Information:
Praxia Bank, 14 Agamemnonos Str. & Eth. Antistaseos, 15231, Chalandri, Athens, Greece.  

Data Protection Officer email: dpo@praxiabank.com   

General

It is likely that our website may contain hyperlinks to third parties (such as social media accounts, regulatory authorities etc) to which this Privacy Policy may not apply. In that case, we suggest that you consult directly with those third party websites regarding the processing of your personal data by them.

We will review this Policy as needed and in our sole discretion. The most recent version will always be available at our website and will be in effect from the moment it is publicly accessible.