Privacy Policy
This policy explains what personal data Orya One may collect through this website, why we use it, how long we keep it, and what rights you have in relation to that data.
We process only the data reasonably needed to run the website, respond to enquiries, protect our systems, and manage legitimate business communications. We do not sell personal data.
Important notice
If you submit information through this website, you should provide only data that is relevant to your request. Please avoid sending sensitive personal data unless we expressly ask for it through a secure channel.
We may collect information you submit directly through forms or email, including your name, business email address, company name, and message content.
We may also collect technical data needed to secure and operate the website, such as IP address, browser and device information, server logs, and request timestamps.
- Contact and enquiry details
- Business identification details you choose to provide
- Technical and security event logs
We use personal data to respond to enquiries, assess potential projects, communicate about services, protect the website and infrastructure, prevent abuse, and comply with legal obligations.
If a discussion progresses into a commercial engagement, the relevant data may also be used for pre-contract steps and contract administration.
Where GDPR applies, we generally rely on one or more of the following legal bases: consent where required, steps requested before entering into a contract, legitimate interests in operating and securing the website, and compliance with legal obligations.
- Consent for any optional tracking or future non-essential cookies
- Pre-contract measures for responding to service requests
- Legitimate interests for site security, administration, and business communications
- Legal obligations where retention or disclosure is required by law
We may share data with service providers acting on our behalf where needed to host the website, deliver email, secure infrastructure, and support core website operations.
Those providers may process data only under appropriate instructions and safeguards, and only to the extent necessary for their role.
We retain enquiry data only for as long as reasonably necessary for communication, project evaluation, legal defence, recordkeeping, or compliance.
Technical logs may be retained for shorter or longer periods depending on security and operational needs.
Depending on the applicable law, you may have rights to access, correct, erase, restrict, object to, or port certain personal data, and to withdraw consent where processing depends on consent.
You may also have the right to lodge a complaint with a competent supervisory authority, including the Hellenic Data Protection Authority where relevant.
Some hosting or infrastructure providers may process data outside your country. Where required, we rely on appropriate safeguards for such transfers.
We use reasonable technical and organisational measures to protect data, but no website or transmission method can be guaranteed to be completely secure.