Privacy Policy.

Desquared S.A. is a leading digital product partner that offers services such as product strategy, product design, mobile and web development product management, customer experience management and performance marketing.
It was founded in Athens, Greece in 2012 and has more than 100 employees. Some of its partners include Cosmote, National Bank of Greece, Alpha Bank, Kritikos, Heron and Public.
The company's contact information is as follows:
Desquared, a leading software development company is dedicated to ensuring its clients’ users’ and its own users' privacy and personal data are protected in compliance with the General Data Protection Regulation (GDPR). This commitment is outlined in the present Privacy Policy, which covers a comprehensive range of topics and provides clear examples and analogies to help users understand the company's data protection practices.

The Privacy Policy starts by defining the roles of Data Controllers and Data Processors.

The policy also discusses the principles of Privacy by Design and Default, guiding Desquared in building privacy into its products and services from the ground up and choosing contractors who provide privacy and information security safeguards as personal data subprocessors. This approach is similar to constructing a house with built-in security features or designing a car with safety features incorporated from the beginning. This commitment is seen in both the software development for B2C applications and the online ordering platform that Desquared offers.

Automated decision-making and profiling are other aspects addressed in the Privacy Policy. Desquared provides algorithm solutions to its clients so as for them to analyze their user preferences and recommend relevant content or suggested actions based on their interest. This can be compared to a self-checkout system in a supermarket or creating a personalized playlist based on a user's listening habits. The solution itself is utilized by the client who will provide explanations according to their Privacy Policies and their Privacy Notices about the safeguards used for the legal process of the personal data gathered on their initiative or in their name.

Desquared’s website is not reliant as per its business on the market structures that have been Cookie- (or tag- or pixel- ) driven. Desquared's Cookie Chapter in the Privacy Policy outlines how the company uses cookies and similar technologies to improve user experience, provide personalized content, and analyze website traffic.

The Privacy Policy also covers external links, emphasizing that Desquared is not responsible for the privacy practices of third-party websites, including those of its clients. This applies to both the software solutions and the online ordering and delivery as well as supporting services platform. Following an external link can be compared to stepping into a neighboring store in a shopping mall or taking a guided tour, where the rules and policies of each attraction are separate.

Changes to the Privacy Policy may occur from time to time, reflecting updates in Desquared's practices, services, or legal requirements. This can be compared to updating a map to include new roads and landmarks or releasing a software update that introduces improvements and new features.

Desquared's Privacy Policy provides contact information for users to ask questions, provide feedback, or exercise their data subject rights under the GDPR.Lastly, the policy addresses complaints and dispute resolution, demonstrating Desquared's commitment to resolving any issues that may arise concerning its data processing activities and compliance with the GDPR. This process can be compared to mediation or a customer service department handling issues and finding satisfactory solutions for customers who have experienced problems with products or services.

Desquared's Privacy Policy ensures compliance with the GDPR and protects the personal data of its users across its software development and online ordering platform.
Introductory Remarks
In the context of Desquared's commitment to data protection and compliance with the GDPR, the company has developed three distinct policies to address different aspects of user privacy and security: (A) Privacy Policy, (B) Security Policy, and (C) Individual Rights Policy. Each of these policies serves a specific purpose in addressing the needs and concerns of Data Subjects.

(A) Privacy Policy:
The Privacy Policy outlines how Desquared as a Data Controller collects, processes, and protects personal data of its users in compliance with the GDPR. It details the company's data protection practices, roles as a Data Processor and, in exceptional cases, as a Data Controller, as well as its commitment to Privacy by Design and Default. The Privacy Policy also includes, among other subjects, information on automated decision-making, profiling, possible cookie usage, external links, policy updates, contact information, and dispute resolution processes. The primary purpose of the Privacy Policy is to inform users about how their personal data is being managed and protected by Desquared.

(B) Security Policy:
The Security Policy focuses on the technical and organizational measures Desquared has implemented to safeguard personal data and ensure the confidentiality, integrity, and availability of the data they process. This policy addresses topics such as access controls, encryption, network security, incident response, and employee training. It demonstrates the company's commitment to maintaining a robust security infrastructure to protect personal data from unauthorized access, disclosure, alteration, or destruction. The Security Policy aims to assure users that their personal data as collected by Desquared as a Data Controller is secure and well-protected.

(C) Individual Rights Policy:
The Individual Rights Policy outlines the rights of Data Subjects under the GDPR and describes the procedures through which they can exercise these rights. These rights include the right to access, rectify, erase, restrict processing, object to processing, data portability, and the right to lodge a complaint with a supervisory authority. The policy also details how Desquared will handle requests from Data Subjects exercising their rights, such as timeframes for response and any applicable fees. The main purpose of the Individual Rights Policy is to empower Data Subjects with the knowledge and tools they need to take control of their personal data and exercise their rights under the GDPR.

The Privacy Policy, Security Policy, and Individual Rights Policy each serve distinct purposes in addressing different aspects of data protection and user privacy. While the Privacy Policy provides a comprehensive overview of Desquared's data processing practices, the Security Policy focuses on the measures in place to safeguard personal data, and the Individual Rights Policy empowers users with the knowledge and tools to exercise their rights under the GDPR.The Individual Rights Policy addresses the rights of data subjects as outlined in the General Data Protection Regulation (GDPR), providing comprehensive guidelines on how Desquared ensures the protection and fulfillment of these rights.

The Security Policy, on the other hand, focuses on the technical and organizational measures employed by Desquared to protect personal data against unauthorized access, disclosure, alteration, or destruction. It outlines the company's approach to risk management, incident response, and ongoing security monitoring. The Security Policy also provides guidance on staff training, vendor management, and the importance of regular audits and reviews to ensure continuous improvement of Desquared's security posture.Both the Individual Rights Policy and the Security Policy intersect with the Privacy Policy in various areas. For instance, the Privacy Policy describes Desquared's commitment to data protection and the legal bases for processing personal data, while the Individual Rights Policy elaborates on the rights and mechanisms available to data subjects in relation to that processing. Similarly, the Privacy Policy touches upon the security measures Desquared has in place to protect personal data, which are then detailed extensively in the Security Policy.

By implementing these distinct but interconnected policies, Desquared demonstrates its dedication to ensuring compliance with the GDPR and other relevant data protection regulations. The company's commitment to upholding the highest standards of data privacy and security is evident in its proactive approach to policy development, risk management, and continuous improvement.
Introduction and Scope
This Privacy Policy ("Policy") is designed to inform you about Desquared's commitment to the protection and privacy of your personal data in accordance with the General Data Protection Regulation (GDPR). The Policy applies to all personal data collected, processed, and stored by Desquared through the use of our website, services, and any related activities where Desquared acts as the data controller. By using our website and services, you acknowledge and agree to the terms set forth in this Policy.
For the purposes of this Policy, the following terms have the meanings set forth below:
  • Personal Data: Any information relating to an identified or identifiable natural person, known as a "Data Subject." An identifiable person is someone who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, or online identifier.
  • Processing: Any operation or set of operations performed on personal data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction.
  • Data Controller: The natural or legal person, public authority, agency, or other body that determines the purposes and means of processing personal data.
  • Data Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the data controller.
  • Data Subject: The individual whose personal data is being processed.
  • Consent: Freely given, specific, informed, and unambiguous indication of the Data Subject's agreement to the processing of their personal data.
Data Collection and Use
Legal Basis for Processing
Data Retention and Storage
Rights of Data Subjects
Third-Party Service Providers
International Data Transfers
Children's Privacy
Data Processing for Specific Purposes
Data Sharing and Disclosure
Security Measures
Data Breach Notification
Data Retention
Data Subject Rights and Requests
Exercise of Data Subject Rights
Data Protection Impact Assessments (DPIAs)
Data Protection Officer (DPO)
Cooperation with Supervisory Authorities
Privacy by Design and Default
Automated Decision-Making and Profiling
Cookie Policy
External Links
Changes to this Privacy Policy
Complaints and Dispute Resolution
Contact Information
As mandated by Article 13 of the GDPR, Desquared furnishes users with contact information, enabling them to pose queries, offer feedback, or exercise their rights as Data Subjects under the GDPR. To this end, users may reach out to Desquared's Data Protection Officer with requests for data erasure, as outlined in Article 17 of the GDPR at the following e-mail:
Athens, 22/5/2023
Version 1.0. of the Privacy Policy

For Desquared,
The CEO ie. Managing Director
Hey there! We’d like to utilize cookies to enhance your experience and analyze site usage to help us build better products together. Please tap ‘Accept’ or customize your preferences. View our Privacy Policy for more information.