Privacy Policy

Last updated: 13/12/2025

GENERAL

Use of the webpages and services provided to the visitor/user by asandyou.com (hereinafter “the Website”) requires your unconditional acceptance of this Privacy Policy. If you do not agree, please do not use the Website.

This Policy may be amended in accordance with applicable law and developments in our services. We recommend that you review this page periodically for any changes.

PERSONAL DATA PROTECTION

We collect and process personal data only when it is strictly necessary.
We will never sell or rent personal data.
If you are under 16 years old, you must have the consent of your parents/guardians before using the Website’s services.

CONTROLLER – CONTACT

The controller of the data is the company “AS & U” (hereinafter “the Company”). For privacy matters and the exercise of your rights you may contact us at hello@asandyou.com .

APPLICABLE LEGISLATION

The Website is designed to comply with the applicable personal data protection framework, including indicatively:

Regulation (EU) 2016/679 (GDPR).
Law 4624/2019 (national provisions implementing the GDPR in Greece).
ePrivacy Directive 2002/58/EC (as amended).

WHAT DATA WE COLLECT AND WHY

Technical data & security

During your visit, technical data may be collected (e.g. IP address, browser type, operating system, device information, timestamps) via log files for security, troubleshooting and the proper operation of the Website.

Contact forms / requests

When you contact us (e.g. via form, email, or a request to download material such as a brochure/PDF) we collect the details you provide (name, email, phone, message/comment and any information relevant to your request) solely to respond and service your request.

Some requests may be submitted via third-party form providers (e.g. Web3Forms). In this case, data are transmitted via a secure connection (HTTPS/TLS) to the provider, who processes them as a processor exclusively on our behalf and in accordance with our instructions.

Google reCAPTCHA (spam protection)

To protect forms from abuse/spam we may use Google reCAPTCHA. Its use is subject to Google’s terms and policies and may include the collection of technical data and cookies by Google.

Embedded content (e.g. maps)

The Website may embed third-party content (e.g. Google Maps). These providers may collect data or place cookies in accordance with their own privacy policies.

Traffic analytics

We may use traffic analytics tools to understand how the Website is used and to improve the user experience. If Google Analytics or a similar service is used, cookies/similar technologies and technical data processing may take place.

Google Analytics information: https://support.google.com/analytics/answer/6004245
Google Analytics opt-out add-on: https://tools.google.com/dlpage/gaoptout?hl=en

LEGAL BASIS FOR PROCESSING

We process personal data, as applicable, based on:

your consent (e.g. optional features/cookies where required),
performance of a contract or pre-contractual steps at your request,
our legitimate interests (e.g. security, operation and improvement of the Website),
compliance with a legal obligation.

TRANSFERS & PROCESSORS

We use selected providers (e.g. hosting, contact forms, spam protection, embedded maps) that may process data on our behalf. Where required, the relevant data processing agreements are put in place.

Some providers may transfer data outside the EEA. In such cases, we seek to ensure appropriate safeguards (e.g. Standard Contractual Clauses).

RETENTION PERIOD

We retain data only for as long as necessary for the purposes for which they were collected and/or as required by law. Indicatively, contact requests are retained for a reasonable period to complete support and for documentation purposes.

SECURITY

Traffic between the Website and your browser is encrypted via HTTPS/TLS. In addition, we take appropriate technical and organizational measures to protect data.

DATA SUBJECT RIGHTS

You have the right of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent (where applicable). To exercise your rights you may contact hello@asandyou.com .

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA).

DATA BREACHES

In the event of a personal data breach, we will take the actions required under the GDPR, including (where required) notifying the competent supervisory authority within 72 hours and informing data subjects when there is a high risk to their rights and freedoms.

ABOUT COOKIES

What are cookies?

The term “cookie” refers to a small text data file that the Website transfers to your browser. Cookies perform various functions (e.g. remembering preferences) and are used by most websites to improve the user experience.

Types of cookies

Session cookies: temporary cookies that are deleted when you close your browser.
Persistent cookies: remain on your device for a longer period of time, depending on their settings.
First-party cookies: set by the website you visit.
Third-party cookies: set by third-party providers (e.g. maps, form protection, social networks).

How to manage them

You can manage or delete cookies through your browser settings. If you would like more information, you can visit aboutcookies.org .

Disabling certain third-party cookies (e.g. reCAPTCHA, embedded maps, videos, social networks) may affect the functionality of related elements on the Website.