Data Controller: The limited partnership under the title «I.KOUKOURAS AND CO L.P», based in Thrasivoulou 46, Chalandri 15234 (hereinafter referred to as «TwelveSec»).

Contact email for exercising rights arising from the issues raised by this policy: hr [@]

This data protection policy is limited to personal data collected by TwelveSec as Controller by the website “” and TwelveSec’s social media accounts on Facebook and Twitter as reflected in the hyperlinks within the website. Additionally, we may collect personal data for specific events organized by our company, where individuals will be informed and requested to provide their consent prior to participating in such events. 

1. Rights of the data subject
1.1. Right of access to the personal data that concern you provided that they are processed by TwelveSec.
1.2. Right to rectification of inaccurate data as well as to have incomplete personal data completed.
1.3. Right to erasure of your personal data without prejudice to TwelveSec’s obligations and legal rights.
1.4. Right to restriction of processing your personal data.
1.5. Right to withdraw your consent.
2. How to exercise your rights
2.1. Any request regarding your personal data and the exercise of your rights shall be addressed by email to TwelveSec.
3. Complaint
3.1. You have the right to appeal to the Hellenic Data Protection Authority (
4. Personal data collected
4.1. Full name
4.2. Phone number
4.3. Email (in case this is identifiable personal data)
4.5. Personal data voluntarily supplied by you through our contact form and social media whose categories cannot be previously known.
5. Purpose of the processing
5.1. To inform interested persons of the activities of TwelveSec, the promotion of the business activities of TwelveSec and the recruitment of candidates for employment.
6. Lawfulness
6.1. The protection of TwelveSec’s legitimate interest and consent.
7. Data storage period
7.1. Up to two (2) years from the transmitting of the data to TwelveSec unless the protection of the legitimate interests of TwelveSec apply.
8. Recipients
8.1. Employees of TwelveSec and external partners (indicatively to: Legal Advisor, Accountant, Technical Support Staff of TwelveSec).
9.Data transfer outside the European Union
9.1. No data transfer outside the E.U.
10. Cookies
10.1. In order to ensure the proper functioning of the website, we sometimes place small pieces of data on your computer, the so-called «cookies». Most major websites do the same.
10.2. What are cookies?
10.2.1. Cookies are small text files that a website saves on your computer or mobile device when you visit it. In that way, the website remembers your actions and your preferences (such as password, language, font size, and other display preferences) for a period of time, so you do not have to enter these preferences each time you visit the website or browse its pages.
10.3. The purpose of using cookies:
10.3.1. Providing better experience when visiting the website and making improvements.
10.3.2. Personalizing your experience.
10.3.3. Tracking visitors by country and town.
10.3.4. Time spent on our website, country – town.
10.3.5. Operating system/ device type.
10.4. Which cookies service we use:
10.4.1. Google Analytics
10.5. Enabling the cookies is not necessary for the website to run, but through the use of them, you will have the opportunity for a better browsing.
10.6. You can delete or block the access to these cookies, but if you do so, some website features may not operate well.
10.7. The information related to the cookies is not used to identify you personally and we have the total control of the data.
10.8. Cookies are not used for purposes other than those described in this policy.
10.9 You can withdraw your consent by clicking here.
10.10. How to control cookies
10.10.1. You can control and/or delete cookies according to your desire.
10.10.2. Details can be found here:
10.10.3. You can delete all cookies already on your computer, as well as set up most browsers in a way that prevents the installation of cookies.


TwelveSec is committed to protecting and respecting your privacy. This Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by TwelveSec in connection with our recruitment procedure. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the General Data Protection Regulation (“GDPR”) the Data Controller is TwelveSec.

We use Workable, an online application provided by Workable Software Limited, to assist with our recruitment procedure. We use Workable to process personal information as a data processor on our behalf. Workable is only entitled to process your personal data in accordance with our instructions.

Information we collect from you

We collect and process some or all of the following types of information from you:

  • Information that you provide when you apply for a role.
  • Personal details such as name, email address, address, date of birth, qualifications, experience, information relating to your employment history, skills experience that you provide to us, or any other personal detail you decide to include in your CV and share with us as well as your video in case you conduct your interview remotely.
  • Correspondence records in case you contact us via email.
  • A record of your progress through any hiring process that we may conduct.
  • Details of your visits to Workable’s Website including, but not limited to, traffic data, location data, weblogs and other communication data, the site that referred you to Workable’s Website and the resources that you access.

Information we collect from other sources

Workable provides us with the facility to link the data you provide to us, with other publicly available information about you that you have published on the Internet – this may include sources such as LinkedIn and other social media profiles.

Lawful basis for processing

We rely on legitimate interest as the lawful basis on which we collect and use your personal data. Our legitimate interests are the recruitment of staff for our business.

Additionally, the processing of your personal data is required in order to decide whether to enter into a contract with you.

When you disclose your personal data, we rely on your consent, which is freely given by you during the application process.

Purposes of processing

We use information held about you in the following ways:

  • To consider your application in respect of a role for which you have applied.
  • To consider your application in respect of other roles.
  • To communicate with you in respect of the recruitment process, now or if any future needs arise.
  • To find appropriate candidates to fill our job openings.
  • To help our service providers (such as Workable and its processors and data providers) improve their services.

Automated decision making/profiling

We may use Workable’s technology to select appropriate candidates for us, based on criteria expressly identified by us, or typical in relation to the role for which you have applied. The process of finding suitable candidates is automatic, however, any decision as to who we will engage to fill the job opening will be made by our staff.

Disclosure of Your Information

As set out above, we pass your information exclusively to Workable (and its processors and data providers), who use it only in accordance with our instructions and as otherwise required by law.


We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Please note that the transmission of information via the internet is not always completely secure. So, you need to ensure that any personal data transmitted by you through online means may require additional security controls.

Where we store your personal data

In case your application is successful, then your CV is stored in our GDPR compliant fileserver, within the EU.

In case your application is unsuccessful, then your CV is stored in TwelveSec’s Workable.

The data being processed using Workable’s Services may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). By submitting your personal data, you agree to this transfer, storing or processing. Further details may be found in Workable’s Privacy Policy.

How long we keep your personal data

In case your application is successful, TwelveSec stores your data in its HR folders, and retains them in accordance with your contract details and the applicable Greek laws and legislation.

In case your application is unsuccessful, TwelveSec stores the personal data included in your CV and your job application for a period of six (6) years for recruitment purposes. Specifically, we retain your personal data for that period in case a similar role becomes vacant for which you will be a fitting candidate. Please ensure that your data is kept up to date.

After this period your data are securely erased, in accordance with our policies and procedures, and you will not be considered for any open position. However, you are welcomed to resubmit your application for any job opening. 

Workable will delete any data stored upon our request.

Please contact us at hr [@], in order to request an update, modification or deletion of your data, as well as to have access to your data and/or withdraw your consent.

Your rights

Under the General Data Protection Regulation, you have a number of important rights free of charge. In summary, those include rights to:

  • access to your personal data and to certain other supplementary information that this Privacy Notice is already designed to address;
  • require us to correct any mistakes in your information which we hold;
  • require the erasure of personal data concerning you in certain situations;
  • receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
  • object at any time to processing of personal data concerning you for direct marketing;
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
  • object in certain other situations to our continued processing of your personal data;
  • otherwise restrict our processing of your personal data in certain circumstances;
  • claim compensation for damages caused by our breach of any data protection laws.

How to exercise your rights

We hope that we can resolve any query or concern you raise about our use of your information.

If you have any concern or complaint on the way our HR department treats your data for recruitment purposes, you can contact dpo [@] Additionally, any questions, comments and requests regarding this Privacy Notice should be addressed to dpo [@]

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in Greece is the Hellenic Data Protection Authority (HDPA) who may be contacted at