Orpheas AI
Legal

Privacy Policy

Last updated: 22 June 2026

This Privacy Policy explains how we collect, use and protect personal data when you use Orpheas AI and our website. We respect your privacy and process data in accordance with the General Data Protection Regulation (GDPR) and applicable law.

1. Data controller

The data controller is Παπατάσιος και ΣΙΑ ΕΕ, with registered office at 47 Solonos St., Kolonaki, Athens, 10672, Greece (VAT EL802838365 · GEMI 183697103000). For any matter regarding your data, contact us at apapatasios@earmedical.gr.

2. What data we collect

  • Account & business details: name, email, phone, business name, industry — what you provide at sign-up or in contact forms.
  • Usage data: information about how you use the service (actions, volume metrics), so it can operate and improve.
  • Technical data: IP address, device/browser type and basic logs, for security and availability.
  • Your end-customer data: when you use Orpheas to serve your own customers, we process their data on your behalf as a processor.

3. Purposes & legal basis

  • Providing and operating the service — performance of a contract.
  • Security, abuse prevention and improvement — legitimate interest.
  • Communications and updates you request (e.g. early access) — consent or legitimate interest.
  • Compliance with legal obligations (e.g. tax) — legal obligation.

4. Sharing & subprocessors

We do not sell personal data. We share data only with providers that help us operate the service (hosting, email delivery, infrastructure), bound by data processing agreements. Indicative providers: Papaki (application hosting, Greece), Neon (database, EU/Frankfurt).

5. International transfers

We aim to keep data within the EU/EEA. Where a transfer outside the EEA is needed, it is made with appropriate safeguards (e.g. Standard Contractual Clauses).

6. Retention

We keep data for as long as your account is active and for as long as required for legal, accounting or operational reasons. After that it is deleted or anonymised.

7. Your rights

You have the right to access, rectify, erase, restrict, port and object, as well as to withdraw consent. To exercise your rights, contact apapatasios@earmedical.gr. You also have the right to lodge a complaint with the Data Protection Authority.

8. Security

We apply appropriate technical and organisational measures (encryption in transit, access controls, per-business data isolation). No method is completely secure, but we continuously work to protect your data.

9. Cookies

We use limited, essential cookies. See our Cookie Policy.

10. Children

The service is intended for businesses and is not directed at minors.

11. Changes to this policy

We may update this policy. We will revise the "Last updated" date and, for material changes, notify you where required.

12. Contact

For privacy questions: apapatasios@earmedical.grΠαπατάσιος και ΣΙΑ ΕΕ, Greece.

Note: This text is a template and should be reviewed legally before publishing — it is not legal advice. The provider list is updated as new services are added (e.g. email, AI).
Orpheas — ask me anything about your business, I'm here to guide you.