Local
We recommend that you use one of the following browsers: Edge, Firefox, Chrome, Safari, for optimum experience.
e-contract
INFORMATION ON PERSONAL DATA PROCESSING

PRIVACY POLICY & CCTV PRIVACY POLICY

HERON PRIVACY POLICY & CCTV PRIVACY POLICY

PRIVACY POLICY

Introduction

We would like to assure you that for the société anonyme under the trade name “HERON SOCIETE ANONYME ENERGY SERVICES” and the distinctive title “HERON ENERGY S.A.” (hereinafter referred to as the “Company”), member of GEK TERNA Group, the protection of personal data of the natural persons, who are in any way whatsoever, involved with the Company, is of paramount importance.

We, therefore, take the necessary measures to protect the personal data of persons that we process, as well as to ensure that personal data is always processed in accordance with the obligations laid down by the legal framework, both by the Company itself and by third parties who process personal data on behalf of the Company.

Data Controller – Data Protection Officer (DPO)

The Company under the trade name “HERON SOCIETE ANONYME ENERGY SERVICES”, and the distinctive title “HERON ENERGY S.A.”, having its registered seat in the Municipality of Athens, 85, Messogeion Avenue, with operating offices in Athens, at 124, Kifissias Avenue, Postal Code 115 26, email: info@heron.gr, website: https://www.heron.gr, informs that, in the context of its business activities, it processes the personal data of the data subjects, natural persons concerned (such as its customers, suppliers and shareholders), in accordance with current Hellenic Laws and the Regulation (EU) 2016/679 for the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as the “Regulation”), as in force.

For any matter concerning the processing of personal data, you can contact directly the Data Protection Officer (DPO) of the Company, namely the Law Firm “ANDERSEN LEGAL, PISTIOLIS – TRIANTAFYLLOS & ASSOCIATES LAW FIRM” at the email address: herondpo@gr.andersenlegal.com,.

What personal data do we process

We process the personal data that you disclose to us [such as, your name and surname, home address, email address, phone number and FAX number if available, identity card number (ID-Card no.) and issuing authority, tax registration number and competent Tax Office, gender and date of birth, etc., as well as your supply account number/natural gas meter, photographs of the Clearance Bill for the supply of electricity/natural gas that your current supplier provides you with etc.], only when we have a legitimate reason to do so.

What are the legitimate reasons for processing your personal data

Legitimate grounds for the processing of your personal data are the following:

  1. The performance of the existing contract between you and the Company, as well as the preparatory actions required within the scope of the contract that is to be drafted between you and the Company,  such as, a contract for the supply of electricity or natural gas to our customers, satisfying our customer’s requests / complaints in the context of proper provision of our services, executing project contracts with our collaborating contractors or providing our services through our partners throughout Greece, in order to fulfill our contractual obligations in the above context.
  2. The safeguarding and protection of both your legitimate interest and ours. Therefore, we use closed-circuit television (CCTV) and security cameras in order to protect the safety of natural persons, materials and other facilities of the Company. Additionally, we record details of our visitors and collaborators entering the facilities of the Company in order for them to be served or in order to execute the relevant works that we have been assigned, etc. and to be able to provide access cards for the facilities of the Company.
  3. Compliance with an obligation imposed by law, such as the disclosure of acts and information of a société anonyme (including details of natural persons, such as shareholders, members of the Board of Directors or Company executives), pursuant to Law 4548/2018, as amended from time to time in force, the disclosure of transactions of obliged persons to the Stock Exchange, the management of claims for damages caused by accidents while carrying out a project, the management of litigation cases, etc.
  4. The consent you provide us with under the specific conditions set by the legal framework in force.
  5. The manifest disclosure by the subject of the data and the processing which is necessary to protect the data subject's or other natural person's vital interests (in case the data subject is physically or legally incapable to give his/her consent) are the legitimate reasons for which we process any information related to health data.

How and why do we use your personal data

  • To properly comply with our contractual obligations and to maintain the quality of our provided services.
  • We collect and use the information required for the smooth cooperation between us, whether it includes a supply contract, a contract for the provision of services to our customers, a contract for the execution of works by our contractors / subcontractors, etc., or the processing of personal data in the context of actions required at a pre-contractual stage.

Specific examples where the processing of our customers' personal information (as detailed above) is required, include the following:

  • Provision of authorization of the customer to the Company for the cessation of the Meter Representation & disconnection of power supply
  • Certification of meter readings and general tariff parameters for Bill amendment
  • Tariff dispute on behalf of our customer
  • Customer request for the amendment of tariff category
  • Customer request for VAT exemption
  • Request to amend the existing supply contract
  • Request to withdraw a direct debit for the settlement of Bills via credit card
  • Contract termination by our customer
  • Activation of direct debit for the settlement of Bills via credit card
  • Withdrawing statement of our customer
  • Submission of requests / complaints by our customer or a third party
  • Provision of authorization of the customer to the Company for the cessation of the customer’s Meter Representation by another supplier by 100% and the termination of the contract
  • Submission of customer request for a new supply contract
  • Submission of customer expression of interest in an exhibition of our Company
  • For the purpose of contacting you and optimizing our support

We may need to contact you by email or telephone for administrative purposes, such as informing you about the status of our cooperation, managing your further requests or complaints, etc.

In addition, we may contact you for your participation in customer satisfaction surveys, which help us understand your level of satisfaction in regard to the services offered, in order for us to improve and evaluate the quality of our products, services and Company in general.

  • To comply with our legal obligations:

In case we publish, for example, information on our account on the website of the General Electronic Commercial Registry (G.E.MI.), resolutions of the General Assembly or / and the Board of Directors of the Company (including details of natural persons), we use  statutory authorization to designate and notify third party natural persons as representatives of the Company in order to conduct actions within the scope of the Company’s business activities.

  • To protect our legitimate interests, individuals and premises:

Within the above scope we use closed-circuit television (CCTV) and security cameras to ensure the safety of individuals, materials and premises of the Company.

  • For newsletters subscription purposes and in order to send information about our new offers:

We ask for your consent in advance (or if you have not opted out of receiving updates through our supply requests) and then your email address or/and your telephone number , so that you may receive newsletters from our Company about our latest news and offers.

With your consent and subsequent subscription, you will be able to stay informed about our new services and offers that we send via emails and text messages or Instant messaging through related services (for example SMS, Viber, Push Notifications etc.).

  • For your service via the Click2Call form:

In case you are interested in a new connection or for your service issues and after filling in your full name and your phone number, we will process the data in order to contact you.

  • To create a myHERON Member Account/User Account:

In case you wish to create a myHERON Member Account/User Account, you will need to provide us with a) your personal data, namely your email address, your personal identification number and your electricity or/and gas supply number and b) set your own personal passwords.

  • For the provision of information in regards to the benefits you will gain by concluding a contract for the supply of electricity or natural gas with our Company:

In order to inform you about the amount you would pay if you were a customer of our Company, you are kindly requested to send us photographs of the Clearance Bill that your current supplier provides you with  the supply of electricity or/and natural gas and your phone number, so that we may contact you through Viber.

  • For a customized communication (profiling):

In order to provide you with the best possible experience, all personal data collected under our contractual relationship may be used to send personalized news / updates provided you have given your consent under specific conditions set by the legal framework in force.

Who do we disclose your personal data to

The Company discloses your personal data to the following recipient categories:

  • Company employees

To our Company employees, who are responsible for the evaluation and realization of your requests, the provision of information at a pre-contractual stage, and in case you express your interest in the conclusion of a customer relationship with the Company, the proper execution of your contract with the Company, as well as the fulfillment of obligations provided by the contract or by law.

Your personal data are treated with the strictest confidentiality, since our employees processing your personal data possess an adequate and significant level of knowledge on personal data protection and are either bound by a confidentiality clause or obliged to comply with the confidentiality clause.

  • State authorities, law enforcement Bodies

Personal data is disclosed whenever necessary for verification (e.g. by the Regulatory Authority for Energy, Waste and Water, Hellenic Consumer’s Ombudsman, Hellenic Data Protection Authority, etc.) and in accordance with statutory procedures.

  • Collaborators of our Company (partners, subcontractors, banks, insurance companies, auditing company etc.)

The Company works with collaborators to whom assigns personal data processing on its behalf e.g. cooperation agreements with call centers which are assigned with the promotion of products and services of our Company, subcontracting agreements, banking transactions, audit of a transfer of shares by a statutory auditor, product promotion or market research companies, financial institutions (i.e. for the completion of the transactions for money return to customers with terminated meters), companies such as TIRESIAS S.A., in order to verify your credit standing, debtor notification companies, auditors, accountants, notaries, lawyers and law firms, bailiffs or other financial or professional consultants, real-time platforms for creating and signing tenders and contracts (e.g. Dealhub)].

  • Law firms, debtor notification companies and debt management companies

As long as there are overdue debts, the Company maintains partners to whom it entrusts the processing of personal data on its behalf in the context of the management of overdue debts. These authorized partners may also contact you for the purpose of informing you of the relevant information [(Law 3758/2009 & Code of Supply to Customers (Government Gazette B' 832/9.4.2013)]. In the above cases, the Company remains the controller of the processing of your personal data and sets out the details of the processing, signing a specific contract with the third parties assigned with processing activities, in order to ensure that the processing is carried out in accordance with the applicable legal framework and that any individual may freely and without hindrance exercise the rights conferred on him/her by the legal framework. It should be noted that the Company transmits to the above-mentioned partners only the personal data that are strictly necessary for the performance of the work or the provision of the service that the latter have undertaken on its behalf.

In addition, the Company may also transfer data to other affiliated companies of the GEK TERNA Group, as well as collaborating companies (e.g. to joint venture members or company associations) with the purpose to provide a report on the Company’s status provided that consent has been given by the natural person, as mentioned above and that the abovementioned provision on written assignment of processing applies.

Duration of Data Storage

The duration of data storage is defined according to the following specific criteria, as appropriate:

  • In case the processing is required by provisions of the legal framework in force, your personal data will be stored for as long as the relevant provisions require.
  • In case the processing is performed on a contractual basis, your personal data will be stored for as long as necessary for the execution of the contract and for the basis, exercise, and / or support of legal claims under the contract.
  • In case the processing is based on your consent, you have the right to freely withdraw it, without prejudice to the lawfulness of the processing based on your consent prior to its withdrawal.

What are your rights in relation to your personal data

Any natural person whose data is processed by the Company is entitled to the following rights:

  • Right of Access

You have the right to be fully aware of and to verify the lawfulness of the processing. Therefore, you have the right to access the data and receive additional information on the data processing thereof.

  • Right to Rectification

You have the right to examine, rectify, update or modify your personal data by contacting the Data Protection Officer (DPO) at the above contact details.

  • Right to Erasure / “Right to be forgotten”

You have the right to request the deletion of your personal data when their processing is legally based on your consent or in order to protect our legitimate interests. In any other case (such as but not limited to in the context of a contract in effect, a statutory obligation for personal data processing imposed by law, public interest, etc.), such right is subject to specific restrictions or does not exist on a case-by-case basis.

  • Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data in the following cases: (a) the accuracy of the personal data is contested and until such accuracy is verified; (b) when you oppose the deletion of your personal data and request (instead of deletion) the restriction of their use; (c) when personal data are no longer needed for the purposes of processing, they are, however, required for the establishment, exercise or defense of legal claims; and (d) when you object the processing pending the verification whether our legitimate grounds override those of yours.

  • Right to Object

You have the right to object to the processing of your personal data at any time where, as described above, such processing is necessary for the purposes of legitimate interests we seek as data controllers.

  • Right to Data Portability

You have the right to receive your personal data, free of charge, in a format that allows you to access, use, and edit them, using commonly used editing methods. You also have the right to ask us, if technically feasible, to transmit the data directly to another controller. This right concerns the data you have provided to us and their processing is carried out in a commonly used format based on your consent or in order to perform a contract.

  • Right to Withdraw your Consent

Where processing is based on your consent, you have the right to withdraw it. The withdrawal of your consent shall not affect the lawfulness of the processing based on consent before its withdrawal.

In order to exercise any of the above rights, you can contact directly the Data Protection Officer (DPO) of the Company, namely the Law Firm “ANDERSEN LEGAL, PISTIOLIS – TRIANTAFYLLOS & ASSOCIATES LAW FIRM”, postal address: 103 Vassilissis Sofias, Athens, email address: herondpo@gr.andersenlegal.com,

  • Right to lodge a complaint with the Data Protection Authority

You have the right to file a complaint with the Hellenic Data Protection Authority (www.dpa.gr) digitally, through its portal: https://eservices.dpa.gr/ .

Personal Data Safety

The Company implements appropriate technical and organizational measures aimed at the secured processing of personal data and the prevention of accidental loss or destruction or/and unauthorized access to, use, amendment or disclosure thereof. In any case, the way in which the internet operates and the fact that it is free to anyone cannot guarantee that unauthorized third parties will never be able to violate the applicable technical and organizational measures by gaining access and possibly using personal data for unauthorized and/or unfair purposes.

Date of Last Modification: 26/06/2024

ALL THE RESULTS
/
QUESTION 01
Πόσο χρήσιμες σου φάνηκαν οι πληροφορίες σχετικά τα θέματα που σε ενδιέφεραν; EN
QUESTION 02
Βρήκες όλες τις πληροφορίες που χρειαζόσουν; EN
QUESTION 03
Πόσο εύκολα βρήκες τις πληροφορίες που σε ενδιέφεραν; EN
QUESTION 04
Θα έλεγες ότι οι εντυπώσεις σου από το σύνολο της ιστοσελίδας ΗΡΩΝ είναι ικανοποιητικές; EN
QUESTION 05
Υπάρχει κάτι επιπλέον, που θα ήθελες να υπάρχει μέσα στην ιστοσελίδα αλλά δεν το βρήκες; EN