Privacy Policy
Last updated: May 4, 2026
This Privacy Policy explains how we collect, use, and protect personal data when you visit hydralab.gr (the "Site"). We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR), the Greek Law 4624/2019, and the ePrivacy Directive.
1. Who we are (Data Controller)
The data controller responsible for your personal data is:
- Name: Sotirios Zamanis, operating under the trade name Hydralab
- Form: Sole proprietorship
- Location: Athens, Greece
- Contact email: info@hydralab.gr
- Website: https://hydralab.gr
For any questions about this Privacy Policy or to exercise your rights, please contact us at info@hydralab.gr.
2. What data we collect
We collect personal data only when you actively provide it to us. Specifically:
2.1 Contact form data
When you submit our contact form at /contact, we collect:
- Name — to address you in our reply
- Email address — to respond to your inquiry
- Message content — the details of your project or question
We do not require you to create an account, and we do not collect any other personal data through forms.
2.2 Technical data (automatically collected)
When you visit our Site, our hosting provider (Vercel) automatically processes basic technical data necessary to deliver the website to you:
- IP address (used transiently for routing and security; not stored by us)
- Browser type and version
- Operating system
- Date and time of access
- Referring page
This data is processed by Vercel as part of standard web infrastructure operations and is not used by us for tracking or profiling.
2.3 Usage analytics (anonymous)
We use Vercel Analytics to understand which pages are visited and how the Site performs. Vercel Analytics is cookieless and uses anonymized, hashed identifiers stored in your browser's session storage. It does not collect personal data, IP addresses in identifiable form, or cross-site tracking information. The data is aggregated and used solely for improving the Site.
2.4 Language preference
If you change the website language between Greek and English, we save your choice in your browser's local storage under the key hydralab.locale. This is strictly functional and does not identify you.
3. Why we use your data (Legal basis)
We process personal data on the following legal bases under Article 6 GDPR:
| Purpose | Data | Legal basis |
|---|---|---|
| Responding to your contact inquiry | Name, email, message | Article 6(1)(b) — performance of pre-contractual measures at your request, or Article 6(1)(f) — legitimate interest in replying to inquiries |
| Delivering the Site reliably and securely | Technical data | Article 6(1)(f) — legitimate interest in operating the website |
| Anonymous performance analytics | Vercel Analytics data | Article 6(1)(f) — legitimate interest in improving the Site (no personal data is processed) |
| Remembering language preference | Local storage entry | Article 6(1)(f) — legitimate interest in providing a usable Site |
4. Who we share your data with (Recipients)
We do not sell, rent, or trade your personal data. We share data only with the following service providers ("data processors") who help us operate the Site:
| Recipient | Purpose | Location |
|---|---|---|
| Vercel Inc. | Website hosting and CDN | USA (with EU data centers; processes EU traffic in Frankfurt, Germany) |
| Resend | Transactional email delivery (sending contact form messages to us) | USA |
| Cloudflare, Inc. | DNS and email routing | Global |
All processors operate under Data Processing Agreements (DPAs) compliant with Article 28 GDPR. Transfers to the USA rely on the EU-US Data Privacy Framework and/or Standard Contractual Clauses as appropriate safeguards under Article 46 GDPR.
We do not share your data with advertisers, analytics networks, or third parties for marketing purposes.
5. International data transfers
Some of our processors (Vercel, Resend, Cloudflare) are based in the USA. When your data is transferred outside the European Economic Area (EEA), it is protected by:
- The EU-US Data Privacy Framework certification of the processor (where applicable), or
- Standard Contractual Clauses approved by the European Commission, and
- Additional technical and organizational safeguards (encryption in transit and at rest).
6. How long we keep your data
- Contact form messages: retained in our email inbox for as long as necessary to address your inquiry, and typically deleted within 24 months unless an ongoing business relationship requires longer retention.
- Technical/server logs: retained by our hosting provider for short periods (typically 30 days) for security and debugging purposes.
- Vercel Analytics data: anonymous, retained according to Vercel's policies (typically up to 12 months).
- Language preference (local storage): stored in your browser until you clear it.
7. Your rights under GDPR
You have the following rights regarding your personal data:
- Right of access (Art. 15) — to obtain a copy of the data we hold about you
- Right to rectification (Art. 16) — to correct inaccurate data
- Right to erasure (Art. 17) — to request deletion of your data ("right to be forgotten")
- Right to restriction (Art. 18) — to limit how we process your data
- Right to data portability (Art. 20) — to receive your data in a structured, machine-readable format
- Right to object (Art. 21) — to object to processing based on legitimate interests
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, email info@hydralab.gr. We will respond within one month.
You also have the right to lodge a complaint with the Hellenic Data Protection Authority (Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα):
- Website: https://www.dpa.gr
- Address: Kifisias Avenue 1-3, 115 23, Athens
- Phone: +30 210 6475600
8. Cookies and similar technologies
We do not use any non-essential cookies. We do not use advertising, marketing, or cross-site tracking cookies. For full details on what is stored in your browser, see our Cookie Notice.
9. Security
We take reasonable technical and organizational measures to protect your data, including:
- HTTPS encryption (TLS) for all traffic
- Server-side validation and origin checks on form submissions
- Honeypot anti-spam mechanisms
- Limited access to data on a need-to-know basis
No method of transmission over the internet is 100% secure, but we work to apply industry-standard protections.
10. Children's privacy
The Site is not directed at children under 16. We do not knowingly collect personal data from minors. If you believe a child has provided us with personal data, please contact us and we will delete it.
11. Changes to this Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest revision. Material changes will be communicated through a clear notice on the Site.
12. Contact
For any privacy-related questions, requests, or concerns, please contact:
Sotirios Zamanis (Hydralab) Email: info@hydralab.gr