Back to Home

Privacy Policy

Last updated: April 2025

1. Data Controller

The data controller responsible for your personal data is Bizflow (operated by CodeSaber), reachable at privacy@bizflow.gr. All data processing is carried out in compliance with the EU General Data Protection Regulation (GDPR) and applicable Greek law.

2. Data We Collect

We collect the following categories of personal data:

  • Contact data: name and phone number when you submit a contact/callback request.
  • Account data: email address and password (hashed) when you register for an account.
  • Usage data: pages visited, features used, session duration, and device/browser information collected automatically when you use the platform.
  • Business data: customer records, appointments, invoices, and other content you enter into the platform as part of normal use.

3. How We Use Your Data

We use your personal data to:

  • Provide, operate, and improve the Bizflow platform (contractual basis).
  • Contact you in response to a callback request or inquiry (legitimate interest / consent).
  • Send service-related notifications and updates (contractual basis).
  • Analyse platform usage to improve performance and user experience (legitimate interest).
  • Comply with legal obligations applicable to us under Greek and EU law.

We do not sell your personal data to third parties.

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. If you close your account, we will delete or anonymise your personal data within 90 days, except where retention is required by law (e.g., tax and accounting records, which we keep for 5 years under Greek tax law). Callback request data is retained for 12 months.

5. Your Rights Under GDPR

As a data subject under GDPR, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Ask us to correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten"): Request deletion of your personal data where there is no compelling reason to continue processing.
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Ask us to restrict processing of your data in certain circumstances.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email us at privacy@bizflow.gr. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr.

6. Cookies

We use strictly necessary cookies to maintain your session and preferences. We may use analytical cookies to understand how users interact with the site. You can control cookies through your browser settings. Disabling strictly necessary cookies may affect platform functionality.

7. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted passwords, access controls, and regular security reviews. However, no system is completely secure; please use a strong, unique password for your account.

8. Third-Party Services

We may use third-party infrastructure providers (e.g., cloud hosting, email delivery) that process data on our behalf under data processing agreements. These processors are contractually bound to process data only on our instructions and to maintain appropriate security.

9. Governing Law

This Privacy Policy is governed by Greek law and EU Regulation 2016/679 (GDPR). Any disputes shall be subject to the jurisdiction of the competent courts of Greece.

10. Contact

For any privacy-related questions or requests, please contact our Data Protection contact at: privacy@bizflow.gr.