Skip to main content

The protection of personal data and privacy is a fundamental human right.

The General Data Protection Regulation (EU 2016/679) lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.

Data Protection Officer (DPO)

As of May 1, 2025, the Legal Entity appointed as Data Protection Officer (DPO) on behalf of the General Children’s Hospital of Athens “Agia Sophia” is:

“COMPUTER STUDIO INFORMATION SYSTEMS - COMPUTER TRADE AND SERVICES SOCIÉTÉ ANONYME” (COMPUTER STUDIO S.A.)

Address: 223 Vouliagmenis Ave., Dafni, Attica, Postal Code 172 37

Telephone: 210 9761865

Email: dpo@computerstudio.gr

Contact Persons: Ms. Archontoula Kapsi and Mr. Panagiotis Bitzios

Duties of the Data Protection Officer

  • Informs and advises the interested parties regarding their obligations in relation to data protection
  • Monitors compliance with the Regulation in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising, and training of the interested parties
  • Provides advice, where requested, regarding the data protection impact assessment and monitors its implementation
  • Acts as the contact point for the supervisory authority on relevant matters
What are Personal Data?

Any information relating to the identification or potential identification of a natural person, including data recorded/used by computers, mobile devices, networks, or other technologies, especially when combined with other data.

Examples: Full name, Address, Telephone, Payment Details, IP Address, Cookies, Email, Username, Password, Location Data, Website Session ID, RFID Tag, etc.

Special Categories of Personal Data

These are special categories of data concerning:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic or biometric data
  • Health data
  • Data concerning a natural person’s sex life or sexual orientation

Rights of Data Subjects

Pursuant to Articles 15–22 of the GDPR, you have the right:

  • To be informed
  • Of access
  • To rectification
  • To erasure / to be forgotten
  • To restriction of, or objection to, processing
  • To data portability
  • To object to automated decision-making, including profiling

Principles Relating to Processing

  • Lawful and Fair Processing
  • Transparency
  • Purpose limitation
  • Data minimization
  • Accuracy, integrity, and confidentiality of data
  • Limited data retention
  • Accountability

Security of Processing

Appropriate technical and organizational measures are applied on a case-by-case basis in order to ensure a level of security appropriate to the risks to the rights and freedoms of natural persons.

In the event of a personal data breach, the controller shall notify the supervisory authority of the breach without undue delay and, where feasible, within 72 hours of becoming aware of it. 

Hellenic Data Protection Authority

The Hellenic Data Protection Authority (HDPA) is a constitutionally established independent Authority founded under Law 2472/1997, which transposed European Directive 95/46/EC into Greek law. This Directive was replaced by EU Regulation 2016/679, which lays down rules for the protection of personal data in all countries of the European Union.

www.dpa.gr 

Fines

Non-compliance with the regulation may result in administrative fines of up to 4% of the global turnover or 20 million Euros, by the APDCP.

Contact Information

For any question, clarification, or inquiry regarding Personal Data Protection, or if you wish to exercise any of the rights related to your personal data, as described in Articles 15–22 of the General Data Protection Regulation (GDPR), you may contact:

Email DPO Νοσοκομείου
Hospital DPO Email

Computer Studio S.A. 

dpo@computerstudio.gr
210 9761865

Contact Persons 

Ms. Archontoula Kapsi
Mr. Panagiotis Bitzios

Useful References

General Data Protection Regulation (GDPR) Authority for the Protection of Personal Data