The present Notice refers to the processing of business data of organizations under their capacity as future or current business partners (suppliers, contractors and customers) of the Company Athens International Airport S.A.

The Company performs review of commercial and financial information, trading activity and credit performance data. Credit review serves the Company’s legitimate interest in regards with the right of economic freedom that guarantees commercial loyalty, reliability and security of transactions. The fulfillment of this interest is achieved by accessing correct and up-to-date information about the credit and generally financial situation of active and potential new business partners. Minimizing the risks of contracts with unreliable business partners and generally creating bad debts forms the basis for protecting commercial credit and enhancing financial transactions.

The Company recognizes and respects the importance of business information integrity and confidentiality and is committed to apply organizational and technical security controls for the entire period such information is processed.

Information is retained for as long as it is required to recognize, exercise or defend any legitimate right thereof.

PRIVACY NOTICE FOR PERSONAL DATA PROCESSING

The present Notice refers to the processing of individuals’ personal data in their capacity as sole proprietorship representatives that are likely to cooperate with the Company.

1. Data Controller: The Company Athens International Airport S.A. (AIA), with corporate seat at Administration Building (B17), Spata Attica, postal code 190 19, holds all rights and obligations reserved for such capacity under the Law.
   AIA’s authorized representative:   Head, Credit Control & Collection Management
                                                         tel. +30210 3536457 / e-mail: KalyvasN@aia.gr
2. Contacting Data Protection Officer:
   a. Through AIA’s website:  https://www.aia.gr/privacy
   b. Through email at this mail address: privacy@aia.gr
   c. By correspondence at the following postal address:
       Manager, Data Protection & Compliance Dept.
       Athens International Airport S.A.
       Administration Building (B17)
      190 19 Spata, Attica
3. Legal basis and purpose of processing: The fulfillment of Data Controller’s legitimate interest in regards with the right of economic freedom that guarantees commercial loyalty, reliability and security of transactions. The fulfillment of this interest is achieved by accessing correct and up-to-date information about the credit and generally financial situation of active and potential new AIA business partners. Minimizing the risks of contracts with unreliable business partners and generally creating bad debts forms the basis for protecting commercial credit and enhancing financial transactions.
4. Types of data subjects and personal data: Processing involves sole proprietorship representatives and refers to the assessment of tax document (E3 form) that declares financial information resulting from business activities.
5. Security of processing: The Company applies organizational and technical controls to safeguard data confidentiality, integrity and availability. Data is not transferred / shared with any third party.
6. Retention Period: Data is stored electronically for as long as it is required to recognize, exercise or defend any legitimate right thereof.
7. Data subject rights to access and manage personal data: Request may be communicated to AIA’s Data Protection Officer.
8. Right to lodge a complaint with the competent Data Protection Authority (DPA): Data subjects have the right to lodge a complaint  before the competent Hellenic Data Protection Authority (DPA) at their website (www.dpa.gr)  if they consider that the processing of their personal data by the Company is carried out in a way that violates the Regulation 2016/679 and the Greek Law 4624/2019.