Privacy Policy

Wideview Entertainment ("We", "the Company") is the controller of personal data processed through the customer portal at wideview.support. This policy explains what we collect, why, and your rights under the GDPR (Reg. 2016/679) and Greek law (Law 4624/2019).

1. Data we collect

Account data: name, email, phone, company, billing address, VAT number.

Usage data: support tickets, messages, file attachments, proposals, invoices, contracts, portal activity logs.

Technical data: IP address, user-agent, login timestamps. Used for security and abuse prevention.

Payment data: card details are handled directly by Stripe (PCI-DSS Level 1). We never store card numbers on our servers.

2. Why we process your data

• Service delivery (legal basis: contract performance) — ticket handling, notifications, invoicing.
• Legal compliance — tax records, GDPR obligations.
• Security (legitimate interest) — abuse detection, fraud prevention via reCAPTCHA.
• Communication — responding to your requests. We do not send marketing without explicit consent.

3. Who we share data with

We never sell personal data. We use only the following data processors, all GDPR-compliant:

• Hetzner Online GmbH (Frankfurt, Germany) — portal and database hosting.
• Mailgun Technologies (EU region) — email delivery (ticket notifications, password reset).
• Stripe Payments Europe — card payment processing.
• Apple Push Notification Service / Google Firebase — push notifications for the mobile app (only if installed).
• Cloudflare — attack protection (WAF, DDoS).

We may also disclose data to authorities when required by law.

4. How long we keep data

Active account data: for the duration of our business relationship.

Financial documents (invoices, contracts): 10 years from issue (tax obligation).

Tickets and messages: 5 years after closure.

Security logs: 90 days.

After expiry, data is permanently deleted or anonymized.

5. Your rights

Under the GDPR, you have the right to:

• Access — know what data we hold about you.
• Rectification — request correction of inaccurate data.
• Erasure ("right to be forgotten") — subject to retention obligations in §4.
• Portability — receive a copy in a structured format.
• Object / restrict processing.
• Lodge a complaint with the Hellenic Data Protection Authority (dpa.gr).

To exercise any right, email [email protected]. We respond within 30 days.

6. Cookies

The customer portal uses only necessary cookies (authentication, language preference, CSRF protection). We do not use third-party advertising or tracking cookies on the portal.

7. Security

All connections use HTTPS (TLS 1.3). Passwords are stored hashed (bcrypt). Backups are encrypted. We have breach notification procedures in place to notify authorities within 72 hours (GDPR Art. 33).

8. International data transfers

All data is hosted within the EU (Hetzner, Frankfurt). Stripe payment processing may involve transfer to the US, covered by Standard Contractual Clauses (SCCs) approved by the European Commission. Apple Push Notification Service (APNs) and Google Firebase Cloud Messaging notifications are covered by the same SCC framework.

9. Children under 16

The portal is not directed at individuals under 16 years of age. We do not knowingly collect data from minors. If we discover such data has been collected inadvertently, we delete it immediately.

10. Special categories & automated decisions

We do not collect sensitive data (health, biometric, religious beliefs, sexual orientation, political opinions). We do not perform automated decision-making or profiling that produces legal effects on you (GDPR Art. 22).

11. Mobile application (Wideview Support iOS/Android)

The Wideview Support app on the App Store/Google Play is provided exclusively to active clients. It collects: email/password for authentication (encrypted in iOS Keychain / Android Keystore), device push token (notifications only), and optionally Face ID/Touch ID (processed on-device, never transmitted). It does not access contacts, photos, camera, or microphone. Deleting your account also removes app-related data within 30 days.

12. Changes to this policy

We may update this policy. For material changes, we will notify you by email or via a prominent portal notice at least 30 days before they take effect.

13. Company details & Contact

Legal name: TSOKAS KON. GEORGIOS (sole proprietorship)
Trading name: Wideview Entertainment
Registered office: Agion Apostolon 39-41, Igoumenitsa, Thesprotia, 46100, Greece
GEMI (Hellenic Business Registry): 145334028000
VAT ID: EL138390786
Email: [email protected] | [email protected]
Phone: +30 210 220 5089
Hours: Monday-Sunday 09:00-17:00 EET

For complaints: Hellenic Data Protection Authority (dpa.gr), Kifisias Ave. 1-3, 11523 Athens, tel +30 210 6475600.