Kyriakides Georgopoulos Law Firm is a law firm incorporated in Greece as a partnership pursuant to Greek legislation, registered under the Athens Bar Association number 080009 and with head offices at 28 Dimitriou Soutsou Str., GR-11521 Athens, Greece (hereinafter referred to as “KG Law Firm”, or “we” or “us” or “our”).
Purpose of this Policy
We are committed to protecting and safeguarding the information you provide to us as well as the information we collect while operating our business. This Policy is intended to assist you in making informed decisions when accessing our website and using our Services and/or to understand how your personal information may be processed by us as a result of providing legal services or when you apply to work at KG Law Firm. Hence, please read this Policy carefully along with the Terms of Use of our website and our Cookies Policy to understand how we collect, use and store your personal data.
KG Law Firm reserves the right to amend and update this Policy from time to time; please check this page regularly to be updated about potential amendments.
Description of our data processing practices
We process personal data according to this Privacy Policy and in accordance with the applicable legislation, including the General Data Protection Regulation (EU) 2016/679 (hereinafter the “GDPR”) and the relevant data protection laws and regulations applicable in Greece.
In order for us to provide the services you request, we need to process your personal data. This Policy describes how we process personal data we collect when you engage with us in order to receive our services and more precisely in connection with:
- engaging our legal and/or other services;
- as a result of your involvement with one of our clients;
- abiding by our statutory duty on anti-money laundering and knowing our clients policy and in general complying with our legal obligations;
- managing subscriptions, marketing and other marketing material requests;
- accepting our invitations to and participation in our events;
- evaluating and recruiting personnel;
- cookies used on our website;
What personal data we collect?
We collect and process information provided to us by or on behalf of our clients and their respective executives, agents, consultants and staff for the purpose of rendering legal services. This collection and processing of personal data is justified by the scope of our function and is based on our legal and contractual obligations as a law firm providing professional legal services, always in accordance with our commitment to inviolable trust towards our clients.
KG Law Firm is primarily engaged by corporate entities and as such those legal entities are not data subjects. However, even within that context, personal data may be provided to us (e.g. personal information relating to any of our corporate clients’ or prospective clients’ officers or personnel, opponent or vendor or purchaser or personal information relating to their legal or other advisors or personnel, as the case may be). The personal data collected is not limited only to the kind of information that can be found on a business card, such as names, titles/position, company name, work addresses, e-mail addresses and phone numbers, but may include other identifiable information. In case an entity provides us with data of their personnel, it warrants that it has informed them of the processing of their personal data by our law firm pursuant to applicable legislation, where necessary.
We further collect background information and personal data necessary not only to fulfil our statutory obligations in relation to conflict checks, anti-money laundering, know our clients procedures but also to prepare for legal proceedings or defend a claim or render the required legal services to our clients. To such effect, and subject to the nature of the legal services, we may collect and process personal data of third parties that are relevant to the legal services and to the case we are handling (court officers, witnesses, and other individuals involved), in accordance with ethical standards and rules applicable to our profession, such as the Lawyer’s Code of Conduct.
In specific:
| Data Subjects | Categories of personal data | |
| Clients [potential, current, and former clients] | Identification data | full name, ID, authorization, proxy etc. |
| Contact information | email address, telephone number, address, etc. | |
| Financial information | financial data necessary for payment processing and invoice management or relevant legal claims. | |
| Case specific information | preliminary information in order to check for potential conflict of interest, provision of offers, etc., information relating client’s file (personal data provided with reference to a case or any matter), data produced in the course of our services (e.g. certifications and other documents), data collected from third parties or public sources, etc. | |
| Third parties | Identification data | Any information regarding a case of a client and/or a negotiation process that is absolutely necessary for the provision of our legal services. |
| Contact information | ||
| Case specific information | ||
| Job applicants for lawyer, trainee and vacation scheme and administrative staff positions, scholarship applicants | Identification data | full name, job title |
| Contact information | email address, telephone number, address, etc. | |
| Application Information | Curriculum vitae, education, employment history, age and gender, any other provided personal data and/or data produced by us during the application/interview/evaluation process | |
| Website users | Information about users’ website browsing session and activities collected using cookies and similar technologies. Please refer to our Cookie Policy for more information. | |
- What is the legal basis and our legitimate interests for the processing of personal data?
In general, we process personal data i) for the fulfilment of our legal obligations (i.e., to comply with applicable laws , ii) for the fulfilment of our contractual obligations and iii) pursuant to our legitimate interests. We also process special categories of personal data only if required i) for the exercise or defense of legal claims, ii) based on consent, iii) processing is necessary for the establishment, exercise or defence of legal claims, iv) for employment and social security law related purposes and iv) for reasons connected with a statutory provision for reasons of public interest.
In specific:
| Personal Data | Processing purposes | Legal bases for the processing |
| Clients [potential, current, and former clients] Identification data, Contact information, Financial information, Case specific information | Client identification, Conflicts checks, Fulfilment of tax obligations, Account maintenance and billing, Compliance with applicable laws | Fulfilment of our legal obligations Compliance with necessary due diligence requirements for identity verification. Fulfilling our legal and regulatory obligations in relation to the provision of our services as provided by applicable laws. Compliance with applicable tax laws. |
| Assessment of a case, Provision of an offer/price quote, Communication regarding the provision of legal services. Provision of legal services, Charging of services fees and invoicing our services. Retaining a data archive of the client | Fulfilment of our contractual obligations We collect and process any data necessary within the context of a client’s request or mandate for the provision of legal services, in order to properly manage and execute these services, in the client’s best interest. | |
| Legitimate interests | ||
| Consent We communicate with you through our newsletter in order to inform you about our news and activities and/or inform you about our legal services, under your lawfully obtained consent. | ||
| Third parties Identification data Contact information Case specific information | Processing third-party data is necessary for the provision of our legal services. We may process third party data and transfer it to public authorities or administrative parties in order to fulfil our contractual obligations towards our clients, in the course of provision of our legal services. | Processing necessary for the establishment, exercise or defence of legal claims Legitimate Interest We process your data based on our legitimate interest to provide our legal services to our clients, pursuant to applicable laws and the Lawyers’ Code and Code of Conduct. In this respect, our legitimate interest is fairly balanced against third-party privacy rights, pursuant to our obligation to defend our clients’ legal rights while not affecting third party fundamental rights and freedoms. Consent Where applicable, and where our legitimate interest is not the basis for the processing, we shall require your consent prior to any processing activity. Consent can also apply as a legal basis, when you voluntarily provide us with your data for a specific case we are handling. |
| Job applicants/Scholarship applicants Identification data Contact information Application Information Data collected or created in the interview process | Identification of applicants and engaging in contact regarding the recruitment/selection process Evaluation of the applicants’ suitability for the relevant position/award Contacting for future job or other opportunities | Fulfilment of our contractual obligations We collect and process any data necessary within the context of a job/scholarship application, in order to schedule an interview and evaluate the applicants’ suitability for the relevant position/award prior to entering into a contract. Consent We retain applicants’ information upon obtaining their consent in order to consider them for future job or other opportunities. Legitimate interest: We store successful scholarship applicant’s data to use them in the event of potential disputes. |
| Website Users [When adjusting cookie preferences and navigating our website] | We use non-essential cookies to obtain information on the use of our website and facilitate your experience, based on your consent. For more information on the use of Cookies, please refer to our Cookie Policy. | |
How and when do we share the personal data we collect?
We may share personal information with a variety of third parties as necessary. We sub-contract third parties, after careful selection, following appropriate due diligence conduct, and conducting appropriate contractual documentation to ensure that these third parties process personal information lawfully, offering the required level of protection, according to our legal and regulatory obligations.
We share personal information with the following categories of data recipients:
- Professional advisers such as lawyers, accountants and insurers.
- Government and regulatory/supervising authorities and agencies, courts and tribunals.
- Tax authorities and Corporate Registries.
- Banking Institutions.
- Third parties which carry out outsourcing services such as, by way of indication, translation services, confidential waste disposal, IT systems or software providers, IT Support service providers, document and information storage providers, postal or courier providers who assist us in delivering documents related to a matter or postal marketing campaigns.
- Third parties engaged in the course of the services we provide to clients, such as opposing party and their lawyers, court bailiffs, witnesses, notaries, interpreters, experts, technical advisors, arbitrators, mediators, accountants and tax advisors.
- Associated law firms around the world, or law firms belonging in the same legal network as us.
- Web analysis service providers who assist us with client insight analytics, such as Google Analytics.
International Data Transfers
We solely process personal data within the EU/EEA. In case it is necessary to transfer any personal data outside the EEA, we will implement all the appropriate safeguards, including the conclusion of Standard Contractual Clauses, in order to ensure safety of such transfers and compliance with the principles under the GDPR.
Cookies
We may also obtain information about your use of our website through the use of cookies. Please visit our Cookies Policy to find out more about the cookies we use and how to manage and delete cookies.
Confidentiality & Security
We are committed to keeping secure any personal information provided to us. To this effect, we have implemented appropriate information security policies, rules and technical and organizational measures to protect the integrity, confidentiality, transparency, availability and accessibility of the personal information we have in our possession against unauthorized access, misuse, disclosure, unauthorized modification, unlawful destruction or accidental loss.
However, no information system is 100% secure, therefore we cannot guarantee the total security of your information. In addition, we cannot guarantee or be held liable for the security of the information transmitted to us through other networks (internet, wireless networks etc.).
All our professional advisers, employees and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of such personal information.
We shall retain your personal information for as long as necessary to fulfil the purpose for which we collect it and in particular to comply with legal, accounting or reporting regulations. The appropriate retention period will vary and will depend primarily on the purpose for which we collect and process your personal information, its nature, the potential risk of harm from unauthorized use or disclosure of same and finally the applicable legal requirements including the statute of limitations periods according to its personal data category.
In respect to job applicants’ information provided to us, we shall retain it for the duration of the recruitment process and an additional period of six (6) months in order to manage the process appropriately. We may also process such information for a longer period, in order to inform applicants about future opportunities, upon their consent.
In respect to scholarship applicants’ information, we shall retain it for the duration of the selection process and until the beginning of the successful applicant’s postgraduate studies, ie. approximately for an additional period of 6 months. We may also process application information for a longer period, in order to inform applicants about future opportunities, upon their consent. Data provided or produced from us in relation to the successful applicant/beneficiary will be further stored for up to 20 years starting from the submission of the awarded postgraduate degree and final academic report to our law firm, to be used in the event of potential disputes.
Your rights
You have the following rights in relation to the personal information we hold about you. You may exercise any of your rights by contacting us at the e-mail address kgprivacy@kglawfirm.gr
- Right of access and rectification
The right to be informed about your personal data collected and how it is being processed and the right to request the correction of inaccurate or incomplete personal data.
- Right to erasure and to withdraw your consent
The right to request that your personal data be erased and, in cases where the processing is based on your consent, the right to withdraw your consent at any time.
- Right to restriction of processing
The right to limit processing of your personal data.
- Right to object
The right to object to certain processing of your personal data such as processing for direct marketing purposes or when we otherwise rely on our own or someone else’s legitimate interest to process your personal information.
- Right to opt-out
The right to opt out of future marketing activities at any time, by clicking the “unsubscribe” button on any of our send outs or by e-mailing kgprivacy@kglawfirm.gr
- Right to data portability
The right to request that any transfer of personal data is made in a structured, commonly used and machine-readable format.
- Right to lodge a complaint with the supervisory authority
You also have the right to lodge a complaint with the Hellenic Data Protection Authority, Kifisias 1-3, P.C. 115 23, Athens, on its website: www.dpa.gr.
Contact details
If you wish to exercise any of your rights above or you have any questions or concerns in relation to this policy, please use our contact details which may be found under kgprivacy@kglawfirm.gr
Last Updated 28/2/2025