1. What are cookies?

Cookies are small data files that a website you visit, such as ours, can install and store on your computer or mobile device (tablet, smartphone, laptop). Thanks to cookies, the website remembers your activity during navigation.

The use of cookies as trackers is supported by various navigation programs, the so-called browsers, such as Google Chrome, Internet Explorer, Mozilla Firefox, Safari, Opera. If you wish, however, you can disable them so that they are not accepted or even you can delete them afterwards.

  1. Function of cookies

Depending on their type, cookies perform functions such as measuring page traffic, recording the number of visitors, language, login time, geographic origin, device identifiers (e.g. operating system, screen resolution), keywords you used, login attempts etc. Some cookies are personal data and some are not. Some cookies are technically necessary, while others serve commercial and advertising purposes.

  1. Types of cookies

There are different types of cookies, functional, technical, user identification, advertising, etc. Referral website cookies are installed by the website/page you are visiting and are only readable by that website/page. If the website uses external third-party services, then their own cookies are also installed on your device, the so-called third-party cookies (Google Analytics, Facebook, etc.). Permanent cookies are those that are stored on your computer and are not automatically deleted when you close your browser. Session cookies are those that are deleted as soon as you close your browser. Each time you visit our website, you will be asked to accept or reject cookies. If you choose to accept them, our website will remember your preferences (such as username, language) for a certain period of time. This way you won’t have to re-enter them when you browse our website during the same visit.

  1. Legal status of using and storing cookies

The installation and use of “cookies” is specifically regulated by the law (article 4, par. 5, L.3471/2006 that incorporated the European Directive 2002/58/EC ePrivacy), which is expected to be replaced by a Regulation (ePrivacy Regulation), so there may be changes to this policy. Any website is allowed to install such a “cookie” only if you, the user, give your explicit consent by opting in (according to GDPR 2016/679 and the instructions of the Data Protection Authority), after clear and detailed information about this installation has been given, as well as the purpose of use, the consequences of refusal for the user experience, the purpose of the processing, the exercise of the right to access and any recipients of the data. This consent may be given through appropriate settings in the web browser or through another application. For this purpose, we provide you with the detailed information below.

  1. How do we use cookies?

We use the following types of cookies: Functionality improvement, analysis data collection, user authentication

  1. Obtaining Guest Consent

Mandatory acceptance of cookies is not a condition for entering our website. You can navigate freely by checking and accepting or not the cookies, either ours or third-party cookies, the policy of use of which is determined exclusively by them, without our involvement and legal responsibility.

Next to the accept button of each cookie there is a link, which leads to the present cookie policy of our website, in which each user can read all the necessary information that will facilitate them to make a decision to give consent to cookies or not. Deactivating trackers is as easy as accepting them, with the same number of clicks and the same font.

  1. Checking and deleting cookies

You can control and/or delete cookies according to your preferences. You can delete all cookies already installed on your computer and set most browsers to prevent the installation of cookies. However, in this case, you may need to adjust some options yourself each time you visit a website, and some services may also not be available (e.g. saved logins, website preferences). This policy will be regularly reviewed to adapt to the directives of the Supervisory Authorities and the latest legislative and jurisprudential developments.



The “Agency for Quality Assurance in Health S.A.” hereinafter the “Data Controller” attributes great importance to the lawful processing, security and protection of your personal data. Please read carefully this privacy and personal data protection policy in the context of the operation of the website

  1. What is your personal data

Your personal data includes any information on the electronic platform that can lead, either directly or in combination with others, to your unique identification or detection as a natural person. This category includes, as the case may be, information such as name, username, email, password and any other information that constitute your unique identification, in accordance with the provisions of the General Data Protection Regulation (GDPR 2016/679), Law 4624/2019, of applicable Greek legislation, as well as the decisions of the Data Protection Authority.

  1. What personal data we collect about you

We process in accordance with the law and protect your personal data when you contact us and/or ask questions, when you enter the forum of our website or give answers in the relevant forum and/or collaboration platform.

For simple user registration we collect the following data:

  1. Username of your choice
  2. Password of your choice
  3. Full name
  4. Email address

For physician registration we collect:

  1. Your medical registration number
  2. Your status as a physician, freelancer, employed in a hospital or a clinic.
  3. The organization in which you are employed
  4. Your country and region of residence
  5. Username of your choice
  6. Password of your choice
  7. Your full name
  8. Your email address
  1. Legal processing

The company does not use your data for any purpose other than your registration on the website.

  1. What are the collection and processing principles

This Privacy Policy aims to inform you about the terms of collection, processing and transmission of your personal data that we may collect as Data Controllers or Processors. The Company and its trained staff apply the ten Processing Principles of GDPR 2016/679 (legality, objectivity, transparency, purpose limitation, data minimization, accuracy, storage time limitation, integrity, confidentiality and accountability). The Company protects and ensures your eight Rights regarding the use of your Personal Data (update, access, correction, deletion, restriction of processing, portability, opposition and non-automated decision-making based on profiles, as specified in the Greek legislation). The above-mentioned shall  also apply without any discrimination to all the processing we carry out and to all the services we provide either independently or through our subsidiaries.

  1. What are the ways of collecting your personal data

The Data Controller collects the absolutely necessary data during your voluntary registration on our website in order to be able to use the forum as a simple user, and/or the collaboration platform, to which only users, who are physicians, have access.

  1. Minimizing, storing and deleting your data

The Data Controller will always ask you for the minimum personal data required by law to connect to our website. The Data Controller keeps your personal data only for as long as you are a registered user on the website. You can ask us and find out what data we collect about you and correct or delete it, unless its retention is required by law for tax, evidentiary or judicial purposes and for the prosecution of illegal acts.

  1. Transfer of your data to third parties

The Data Controller does not transfer your data to any third party, unless required by law. Such third parties may be official government and supervisory bodies (e.g. judicial and prosecuting authorities, Cybercrime Police Division, Data Protection Authority, Hellenic Telecommunications & Post Commission (EETT), Hellenic Authority for Communication Security and Privacy (ADAE), supervisory authorities), when we are called upon to comply with the law and to prevent illegal actions against us and our clients (e.g. telecommunication fraud, verbal abuse, insult to personality, etc.). The third parties may also be cloud service providers. The data controller selects trusted providers setting contractual restrictions on the third parties who may receive your personal data to ensure their lawful use.

  1. Security of your personal data

In any case, we take appropriate technical and organizational measures to ensure the confidentiality, integrity and availability of your data. We aim to ensure that your personal information is transferred, stored and processed in accordance with appropriate international security standards and procedures.

  1. Contact us for questions or comments

If you have any questions or comments about this security and privacy policy, or if you believe that we have not followed the principles set out in it, please email us at MHEALTH@ODIPY.GOV.GR or contact us at the following postal address: 5, Angelou Pyrri Str., P.C. 11527, Athens.

  1. Your rights regarding the processing of personal data.

When processing the above-mentioned personal data, all the required technical and organizational measures are observed to ensure their protection, as well as the principles that govern their processing. Regarding the processing of personal data, the legislation provides the user with the following rights:

― the user reserves the right to access their data∙

― the user reserves the right to request correction or completion of their data, if inaccurate or incomplete;

― the user reserves the right to request the deletion of their data, unless otherwise stipulated by current legislation. In particular, the deletion of your account as a user or of your data in general can be requested either via the CONTACT form or by email: MHEALTH@ODIPY.GOV.GR

― the user reserves the right to request a restriction and/or object to the processing of their data.

― the user reserves the right to portability of their data. The above rights of the service subscriber are exercised by submitting a request to the email address MHEALTH@ODIPY.GOV.GR.

― the subscriber of the service reserves the right to submit a complaint to the Personal Data Protection Authority, if they believe that their Data are being processed in a way contrary to the current legislation.

  1. Applicability of Security and Privacy Policy

This Policy was published by the Company on 15/11/2023 and is subject to periodic improvement and revision.