Terms of Use

1. Legal Basis. We collect and process your personal data based on the consent you freely and voluntarily provide through the Website and/or by signing the Personal Information Form. The Company, as the Data Controller of your personal data, undertakes to ensure the confidentiality of your personal data and to guarantee your unobstructed exercise of the rights provided to you under applicable national and EU legislation concerning the collection, use, and disclosure of your personal data by us.

2. Legal Framework. The collection and processing of your personal data is subject to the terms of this Policy, the provisions of the European Union General Data Protection Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), as well as applicable national, European, and international laws protecting individuals from the processing of personal data.

3. Personal Data We Collect. The personal data collected and processed by the Company with your explicit consent, necessary for you to receive our services and/or use the Website, include: First Name, Last Name, Parent's Name, Home Address, Contact Phone Number, Emergency Phone Number, and Email. For users receiving our services, we may collect additional information necessary for invoicing purposes, such as Tax Identification Number (TIN). You may also voluntarily provide additional information to optimize our services for you, such as Date of Birth/Age, or social media account information.

4. Use of Personal Data. Your personal data is collected and used exclusively for purposes related to informing you about our activities and providing our services, such as identification and registration in the Academy’s student list, assessment of your physical exercise capabilities, provision of personalized exercises, updates about our activities, communication with an emergency contact you designate, website content improvement and usage analysis, internal management and analysis including fraud prevention, use of administration, invoicing, accounting, billing, and control information systems.

5. We apply the GDPR 2016/679 processing principles when collecting and processing personal data (lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability).

6. Data Retention. Your temporary data is stored by us for as long as necessary to provide our services and for the legally required retention periods for specific purposes (e.g., accounting records).

7. The collection and processing of your personal data by the Company is not intended for commercial exploitation. We commit not to sell, rent, publish, or share your personal data with any third party, except where necessary as described below.

8. Data Disclosure/Transfer. The Company discloses/transfers personal data to third parties collaborating with or providing services to the Company solely for the purposes described in section 4. Such third parties include instructors, technical support providers (software & hardware), website hosting (host server & email server), accounting service providers, and event organizers. These third parties access your data only under our instructions and contractual terms. We ensure that only the necessary data is shared for the specific purpose and that processing is lawful.

9. Cookie Policy. In accordance with the European Directive E-Privacy 2009/136/EC, our Website accepts the use of cookies, which are web tools for collecting and analyzing information from social media platforms or cooperating third-party websites to measure traffic, improve functionality, and adapt content to user preferences. By using our Website, you consent (opt-in) to the processing of personal data collected by social networks or search engines (e.g., Google Analytics, Facebook social plug-ins) which may be transferred inside or outside the European Economic Area (EEA) without Company control. You can opt-out via third-party settings or browser settings, but this may limit some Website functionalities.

10. Newsletter. You can choose to receive Academy news, programs, activities, and events via newsletters sent to your email or postal address. Subscription occurs via the Website or signing the personal information form. You can unsubscribe at any time via the ‘unsubscribe’ link in the newsletter or by sending an email to info@omshanti.gr.

11. User Rights. You retain rights regarding your personal data, including access, rectification, deletion, restriction, objection, and data portability as per Articles 13-21 of GDPR 2016/679:

• Right to Information: Know who processes your data, which data, for what purpose, and for how long.
• Right of Access: Receive confirmation of whether your data is processed, what data, purposes, storage duration, and possible recipients.
• Right to Rectification: Request correction of inaccurate or outdated data and completion of incomplete information.
• Right to Erasure (‘Right to be Forgotten’): Request deletion under conditions such as data no longer needed, consent withdrawal, or unlawful processing.
• Right to Restrict Processing: Request limitation when data accuracy is disputed, processing is unlawful, or data is no longer needed.
• Right to Object: Object at any time for reasons related to your specific situation to processing based on public interest, official authority, or legitimate interests, unless overridden by data protection rights.
• Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format and transfer it to another controller where technically feasible.

For questions or concerns about this Policy, or if you believe we have mishandled your personal data, please email info@omshanti.gr. You may also submit written requests for correction, temporary non-use, blocking, non-disclosure, or deletion. We will respond within one month. You also have the right to contact the Hellenic Data Protection Authority: Kifisias 1-3, 115 23, Athens, www.dpa.gr.

12. Amendments. This privacy policy may be updated periodically. Changes will be posted on www.omshanti.gr.

13. Governing Law. Any disputes regarding the interpretation or application of this Privacy Policy shall be governed by Greek law, with the exclusive jurisdiction of the courts of Athens.