Skip to main content

PRIVACY POLICY

PRIVACY POLICY

BB GROUP SINGLE-MEMBER PC is a Private Capital Company (hereinafter the “Company “), headquartered in Piraeus, at 2 Kythiron Street, Postal Code 18541, Greece, with VAT number 801898550 of the ATTICA STATE COMMISSIONER’S OFFICE, with General Commercial Registry number 165405309000, email support@balantia.app . The Company operates the website www.balantia.app (hereinafter the ” Website”) and the application (mobile application) BALANTIA®, (hereinafter the “Application”) which is accessible, via compatible portable electronic devices (smartphones), with IOS or Android software, available for download and use, on the AppStore and PlayStore, for the purpose of controlling energy balance and body weight, as well as the intake of certain nutrients.

The Company respects privacy and ensures the protection of personal data. Personal data is protected, using high standards and procedures, securing it from risks of loss and unauthorized disclosure or access, within the framework of the applicable legal framework at any time.

This Privacy Policy describes the types of personal data of the Application users that are collected, the purposes for which the data is used and the extent of its processing. The policy applies to all personal data processing activities conducted by the Company, specifically in relation to the services provided on the Website and the Application.

  1. DATA PROCESSOR & DATA PROTECTION OFFICER

The entity responsible for the collection, processing and use of personal data of the users, in accordance with the General Data Protection Regulation (GDPR), is:

BB GROUP SINGLE-MEMBER PC, based in Piraeus, at 2 Kythiron Street, Postal Code 18541, Greece, with VAT number 801898550 of the ATTICA STATE COMMISSIONER’S OFFICE, with General Commercial Registry number 165405309000.

In addition, users of the Application ( hereinafter the “User” ) may contact the Data Protection Officer for questions regarding their data, the Data Protection Policy, or to exercise the rights granted to them by applicable law.

  1. ENCRYPTION

The Company uses all necessary technical and organizational measures, based on the General Regulation on the Protection of Personal Data 2016/679, which entered into force on May 25, 2018 (hereinafter “GDPR”), in order to ensure that the User’s personal data is secure, throughout their processing. The Company constantly makes every effort to keep them secure, fully respects the level of information security and complies with the proposed technical measures, such as encryption, pseudonymization, anonymization and data minimization, throughout their processing. The Company applies the secure communication protocol SSL (Security Sockets Layer) with strong 256-bit encryption, which ensures the confidentiality and inviolability of transactions and personal information. The Company is in continuous harmonization and compliance with the terms of the GDPR, for the protection of individuals against the processing of personal data and every effort is constantly made to comply with it.

  1. PURPOSE OF PROCESSING PERSONAL DATA

In accordance with the above legal framework, the Company collects and processes personal data of Users, within the framework of the Application, for the purposes below and only to the extent strictly necessary for the effective service of these purposes. These data are at all times relevant, appropriate and no more than what is required in view of the purposes below, they are accurate and, if necessary, subject to updating. The Company may process personal data, provided that the processing is necessary for at least one of the following legal bases, namely:

  • for the execution of the contract between the parties involved,
  • in order to comply with its legal obligation,
  • for the purposes of its legitimate interests,
  • when the User has given their consent,
  • to safeguard the vital interests of the User,
  • for the performance of a duty carried out in the public interest,
  • for the establishment, exercise or defense of legal claims or when courts are acting in their judicial capacity,

The Company primarily maintains and processes the simple and sensitive personal data provided by the User or by a third party with the User’s legally provided authorization, for the purpose of executing the service contract.

  1. COLLECTION, PROCESSING & USE OF PERSONAL DATA

4.1. Personal data

According to the General Data Protection Regulation 2016/679, which entered into force on 25 May 2018 and the Implementing Law 4624/2019 on the protection of personal data, “Personal data” is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, place of residence, an online identifier (IP address, e- mail) or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

4.2 Data Collection When Using the Website BALANTIA®

When Users visit the Website, the server automatically creates log files, based on the legitimate interests of the Company, in accordance with Article 6(1)(f) of the GDPR. These log files, which are necessary for the functionality of the Application and do not exceed the User’s interest in the protection of his personal data, contain information that cannot be directly attributed to a specific person. This information includes details such as the browser type and version, the operating system, the referring URL (the previous website visited), the IP address of the computer that requested the data, the date and time of access to the server, as well as the file requested by the User (file name and URL: Uniform Resources Locator – Unique Resource Locator). The purpose of collecting this data is exclusively for statistical analysis and security reasons (e.g., investigation of abuse or fraud). In cases where it is necessary to retain the data for a longer period, for evidentiary purposes, they remain exempt from deletion, until the final resolution of the respective event.

4.2.1. Website hosting service

The IT infrastructure and related services of the Website are provided by companies that provide web hosting services.

The company has entered into and will continue to enter into website hosting service agreements with cloud service providers, offering a platform for online business processes. Through the hosting tools, only the personal data collected by the Website will be stored on the servers of the partner company. This data may include metadata and contact data, contact details such as names and addresses, contract and payment details, as well as content data (e.g. completed forms). This data is only processed to the extent necessary for the execution of the website hosting agreement. The company is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). When we cooperate with third-party companies to provide services, we ensure that these companies adhere to the same strict data protection standards. Your personal data will only be used for the purposes described in this Privacy Policy and will not be transferred to third parties without your consent, unless required by Law.

4.2.2. Use of cookies

To improve its usability and overall effectiveness, the Website or third parties working on behalf of the Company may store cookies on the User’s hard drive, provided that the User has given his consent, in accordance with Article 6(1)(a) of the GDPR .

A cookie is a small text file that is used, among other things, to record information about the use of a Website. These cookies cannot execute programs or transmit viruses to the User’s computer or device. They do not contain personal data and cannot be associated with specific individuals. Furthermore, this data is not combined with other data sources.

It is possible to use the websites managed by the Company without the use of cookies. Users can disable or limit the storage of cookies for specific websites, in the corresponding settings of their browser, or configure their browser to be notified when a cookie is sent. Users also have the ability to delete cookies from their computer’s hard drive or device, at any time.

Certain support tools (e.g. communication widgets) are activated only upon User action and do not place cookies or similar technologies prior to this action.

4.2.3. Data via user support tools

When using the Website, personal data may be collected when the User communicates with the Company through support or feedback tools activated at the User’s initiative (e.g. communication widgets). This data may include IP address, approximate geographical location, email address, as well as technical device and browsing metadata.

4.3 Personal data when using the BALANTIA® Application

 

4.3.1. Required information for creating a personalized User account

In order to use the Application, Users must provide information, such as their email address and password. This information is necessary for the identification of the User and for communication between the Company and the User. The User’s data, including the email address, remains private and cannot be viewed by other Users, unless the Application supports it and the User has given their consent. The storage of this data is based on the consent of each individual User, in accordance with Article 6(1)(a) of the GDPR.

4.3.2. BALANTIA® Application with the “Continue with Apple ” feature

Users have the option to create an account on the App through their Apple account. They can register or log in to the BALANTIA® App using their Apple account by clicking the “Continue with Apple ” button on the App during registration. When they log in with their Apple ID (Apple ID), Users can choose to hide or share their personal email address with the Application. The “Hide Email Address” option allows Users to use Apple ‘s email relay service to create a generic alias address, through which messages from the Application are redirected to their personal email address. “Continue with Apple” uses a two-factor authentication (Two-Factor Authentication – 2 FA), eliminating the need for an additional password.

4.2.3 BALANTIA® Application with the “Continue with Google” feature

Users have the option to create an account on the Application, through their Google account. They can register or log in to the Application using their Google account, by clicking on the “Continue with Google” button on the Application during registration. During this process, the Application collects and stores the User’s personal data from the User’s Google account, including the User’s email address, optionally the User’s first and last name and the User’s profile picture. Users can customize the transfer of data to the Application through the privacy settings of their Google account .

4.3.4. Using the BALANTIA® Application via registration with magic link

Users have the ability to create an account on the Application via a link (magic link) sent to them during the authentication process. After the User enters the Username, a URL is sent to the User’s email address via text. The User clicks on the link to verify, without entering a password.

4.3.5. Data provided by the User

When creating a personalized User account, the User may optionally provide, in addition to the necessary information (email address and password), the first name, last name and place of residence, which are then recorded by the Application. In addition, the Application records data provided by the User, through a personalized or anonymous User account, which can be entered when using the Application. These include a User profile, which includes, among others, the following data related to body and health:

  • Age/date of birth
  • Genus
  • Height
  • Diet (e.g. vegetarian)
  • Nutrition Goal (e.g. weight loss)
  • Recorded activities
  • Calorie consumption and activity calories
  • Steps
  • Starting weight, weight progress and weight goal (number)
  • Blood pressure
  • Biochemical testing (e.g. blood sugar levels)
  • Water consumption
  • Favorite foods, meals, recipes
  • Daily routine details (e.g., meals consumed)
  • Application User Status (e.g., active subscription: yes/no)

The data is collected based on the User’s consent in accordance with Article 6(1)(a) of the GDPR. The provision of the data is necessary to be able to use the functions of the application. In particular, it is necessary to provide the initial weight, weight goal, gender, date of birth and height so that the Application can calculate the User’s personalized calorie intake target as well as macronutrients. Other data, such as water consumption, allow the User to monitor the amount of water they drink. This data is used exclusively for the stated purposes and is not accessible to third parties.

Some of the data entered by the User in the Application (such as weight, body composition indicators, blood pressure, biochemical values, physical activity and nutrition data) constitute “special categories of personal data” within the meaning of Article 9 of the General Data Protection Regulation (GDPR). The processing of the above data is carried out exclusively on the basis of the User’s explicit consent, in accordance with Article 9(2)(a) of the GDPR, exclusively for the purposes of providing the Application’s services (personalization of nutritional goals, progress monitoring, provision of health functions). The provision of such data is optional, except for those absolutely necessary for the basic functionality of the Application.

4.3.6. Data automatically recorded by the Application

When the application is installed, the following information is recorded once:

  • Installation date
  • Registration date
  • Operating system of the device used (Android/iOS)
  • Country
  • Language

This data is recorded for the purpose of improving and personalizing our services and this is based on our current interest in accordance with Article 6(1)(f) of the GDPR.

4.3.7. Data recording during use of the Application

When using the Application, the following is recorded:

  • Current IP address
  • Version of the application being used
  • Current time zone

This data is recorded to improve and personalize the services offered, based on the Company’s legitimate interest in accordance with Article 6(1)(f) of the GDPR.

4.3.8 User Permissions for the Application

When a User utilizes BALANTIA ® application, they may be asked to grant permission to allow the application to access specific functions or data on their device. Common permissions that may be requested by the application include, but are not limited to:

  • Location access permission (Location Permission):
    • Precise location (GPS): Used to provide services that require geolocation, such as mapping, navigation, and location-based services.
    • Approximate location: Provides the User’s general area, typically via Wi-Fi and cellular networks.
  • Camera access permission (Camera Permission):
    • Allows the app to take photos and record videos.
  • Microphone access permission (Microphone Permission):
    • Allows the app to record audio.
  • Permission to access stored information (Storage Permission):
    • Internal storage: Allows the app to access data stored on the device.
    • External storage (SD card): Allows reading and writing data to the SD card.
  • Internet access permission (Internet Permission):
    • Allows the app to access the internet via Wi-Fi or mobile data.
  • Calendar access permission (Calendar Permission):
    • Allows the application to read and modify events in the User’s calendar.
  • Sensor access permission (Sensor Permission):
    • Allows access to various sensors on the device, such as the accelerometer, gyroscope, etc.
  • Notification access permission (Notification Permission):
    • Allows the application to send notifications to the User.
  • Permission access in Bluetooth (Bluetooth Permission):
    • Allows the application to connect and communicate via Bluetooth with other devices.
  • Permission to access motion and physical activity data (Motion/Physical Activity Permission):
    • Allows the application to record physical activity data, such as steps and activity levels, solely for the purposes of tracking physical activity and supporting the User’s health and nutrition goals.

For the User to grant permission to the application, the following steps are usually followed:

  • Permission Request: When the application needs access to specific features or data on the device, a pop-up window appears asking the User to grant permission. This window describes the permissions requested and the reason why they are needed.
  • User Consent: The User can choose to accept or reject the request. If accepted, the application gains access to the requested functions or data.
  • Permission Management: Users can manage the permissions they have granted through their device settings. They can revoke permissions or change settings at any time.

For example, if the app needs access to the User’s location, a message will appear explaining why the app needs this permission and how the location data will be used.

Granting these permissions depends on the app’s functionality and needs. It is important for Users to carefully read the permissions an app requests before approving them, to understand what kind of data and features of their device will be accessible by the app.

4.3.9. Consent to use data for research and scientific purposes

By registering and using the Application, you provide your explicit consent to the use of your data for research and scientific purposes. This use may include:

Data analysis: Using your data to analyze and draw conclusions that will help improve our services.

Publications: Use of anonymous data for the publication of scientific articles and studies.

Development of new technologies: Using your data for the development of innovative technologies and solutions.

Your data will be processed with strict security measures to protect your privacy, will be anonymous and will not include personally identifiable information. You can withdraw your consent at any time, through the privacy settings of your account. The withdrawal of consent does not affect the lawfulness of the processing that was based on consent before its withdrawal.

4.3.10. Contractual relationship and payment process

When the contractual relationship between the User and the Application is to be established or modified, the Application stores the User’s personal data, based on Article 6(1)(b) of the GDPR, insofar as this is necessary for the performance of the contract. The User can acquire the BALANTIA® application, by subscription, optionally choosing to start with the free trial period (hereinafter “Free Trial”), if provided. If the User decides to purchase the Application after the end of the Free Trial, he will be transferred directly to the App Store (Apple) or Play Store (Google) (hereinafter referred to as the “App Platform”). When the User is redirected to the appropriate App Platform, the platform sends the subscription start and end date and, if applicable, the subscription termination date, as well as the reason for termination (e.g., after possible cancellation). Payment processing data is collected directly by the App Platforms, which also determine their privacy policies.

During this process the Application also records the following:

  • Subscription start and end date.
  • Subscription termination date.
  • Reason for subscription termination.
  1. DATA EXCHANGE WITH THIRD PARTIES

The Application prioritizes the protection of Users’ personal data, treating them as confidential and in accordance with the legal provisions on data protection, as well as this Privacy Policy. The Application collects and stores only data provided by third-party providers with the User’s consent, in accordance with Article 6(1)(a) of the GDPR and transfers the corresponding data to them. The Application may transfer data to third countries through certified service providers, exclusively in accordance with the provisions of Articles 44-49 of the GDPR using Standard Contractual Clauses (SCCs). If the European Commission does not attribute to a third country the same level of data protection as the EU, then the Application ensures the maintenance of the European level of data protection, through standard contractual clauses (SCC – EU Standard Contractual Clauses) and binding corporate rules in accordance with Article 46(1) and (2)(c) of the GDPR. However, there may be cases where Authorities in a third country may gain access to users’ data for control and monitoring purposes, and legal remedies to ensure the rights of data subjects may be ineffective and unenforceable.\

5.1 Use of third-party services on the Application & Website

The Company uses third-party service providers, who act as processors pursuant to Article 28 of the GDPR or, where applicable, as independent controllers (e.g. service-provider payment platforms). These providers may process personal data solely for the purposes described in this Policy.

In particular:

RevenueCat – used to manage subscriptions and purchases within the App.

It may process data such as subscription status, purchase history, and anonymous user identifiers.

Sentry – used to monitor errors and technical malfunctions of the Application.

May collect technical device data, crash logs and performance data, without the purpose of identifying Users.

Gleap – used to collect feedback and support users through the Website and/or the Application.

The service is activated following User action (e.g. opening/using the widget) and may process data such as communication messages, email address, IP address, approximate location and technical device/browser metadata.

Apple and Google – operate as independent providers of application platforms (App Store / Play Store) and process payment and subscription data in accordance with their own privacy policies.

The aforementioned providers are contractually bound to comply with appropriate technical and organizational security measures and, where required, the transfer of data outside the EU is carried out in accordance with the provisions of articles 44 et seq. of the GDPR (SCCs).

  1. CUSTOMER CONTACT & SUPPORT

The Application has a contact form, where Users manually enter their details (name, email address, device operating system version – iOS or Android -, description of the problem). Support/communication may also be provided through third-party tools (e.g. Gleap), as mentioned in section 5.1.

Based on this information, the Application Support Team can access user data stored in the User’s application.

The personal data provided by the User in connection with this contact request are solely and exclusively necessary, to answer the User’s question or to communicate with them and are used for the relevant technical management. This data is not shared with third parties.

If the User agrees to the storage of their data, they have the right to revoke the consent given in the future. In such cases, their personal data will be deleted immediately. The User’s personal data will also be deleted without the User’s revocation of consent if the Application has processed their request or if the User revokes the consent to storage given before the request has been processed. This also applies if storage is not permitted for other legal reasons.

  1. NEWSLETTER & CORRESPONDENCE

The Application sends emails to its Users regularly, with updates on current diet trends, recipes and other interesting offers and tips, regarding diet and weight management. Users, by downloading the Application and/or by registering on the Website and/or in the BALANTIA® application and/or by using it, accept, in accordance with the Terms of Use, that they may receive the above informational messages. Access to the application is completed by sending a unique access link (magic link) to the email address provided by the User. This process is recorded, based on the legitimate interest of the Application, in accordance with Article 6(1)(f) of the GDPR.

By registering on the Website or the Application, Users consent to the processing of their provided data for the purpose of sending and receiving emails (Article 6(1)(a) GDPR). Furthermore, Users agree that the Application may collect and process data regarding their email behavior, such as emails read/opened and link clicks, in order to tailor the content of future emails to their preferences.

For example, if a User repeatedly clicks on links related to Topic A but not Topic B, they will only receive or receive more links related to Topic A in future emails .

Users may withdraw their consent to receive these emails at any time by sending an email to support@balantia.app  without having to provide any reason. The withdrawal of this consent will take effect immediately.

In addition, the receipt can be interrupted by using a link at the end of each newsletter (unsubscribe). The Application may store the provided email address and the data stored, in conjunction with the registration record, for up to three years, based on its legitimate interest, in order to be able to prove that consent was previously given. The processing of this data is limited to the purpose of possible protection against claims. An individual request for deletion is possible at any time, provided that the previous existence of consent is confirmed at the same time.

We understand the importance of additional measures to protect children’s privacy. Individuals under the age of 18 are not permitted to create an account unless their parents have provided consent, in accordance with applicable law. If we become aware that personal data has been collected about a child under the minimum age without their parents’ consent, we will promptly delete that data. Parents who believe that their child has submitted personal data and wish to delete it should contact us using the contact details provided above.

  1. USE OF TOOLS FOR WEBSITE ANALYSIS, PROMOTION & TARGETING

Based on the User’s consent, in accordance with Article 6(1)(a) of the GDPR, the Application uses various tools and plug-ins for web analysis, remarketing and retargeting. In this process, cookies are used that forward the IP address and/or record and analyze various types of data. These include, for example, the number of visitors to the Website, the duration of visits, the average page load time and the origin of visitors. These cookies are used in order to create more targeted offers for the Users of the Website and the Application. In particular:

8.1. Google Tag Manager/Google Analytics/Google Optimize/Google Analytics by Firebase

Our Website uses the Google Tag Manager (“Google Tag Manager”), a tool that allows the integration of tracking tools, statistics and other technologies into the Website. Google Tag Manager does not create user profiles, does not store cookies, and does not perform independent analysis. It is used exclusively to manage and execute the tools integrated through it. To perform these functions, Google Tag Manager records certain aggregated data, which is used to diagnose the performance of the built-in tracking tools and statistics. This data does not include IP addresses or identifiers that could lead to the identification of specific individuals.

Google Analytics tools, Google Optimize and Google Analytics for Firebase are used on both the Website and the App. Google Analytics for Firebase is Google ‘s version Analytics integrated into Firebase, Google ‘s app development platform. The aforementioned tools are used to analyze the use of the Website and the Application, in order to improve performance and user experience. Google Optimize works in conjunction with Google Analytics and allows the adaptation and optimization of specific elements of the Website, so that they better respond to Users’ behavior, improving their browsing experience.

The provider of the above web analytics services is Google Ireland Ltd.​ (“Google”), headquartered at Google Building Gordon House, Barrow Street, Dublin 4, Ireland.

8.2. Social media plug-ins (social plug-ins)

With the User’s consent, in accordance with Article 6(1)(a) of the General Data Protection Regulation (GDPR), the Application uses various social media plug-ins, as well as web analytics, remarketing and retargeting tools. The purpose of using these tools is to optimize the Website and provide more targeted and relevant offers to Users.

8.2.1. Facebook Platform

On our Website and Application the Facebook social network plug-in is used (facebook.com), which is managed by Meta Platforms Inc., headquartered at: 1601 Willow Road, Menlo Park, CA, 94025, USA (“Facebook”).

The plug-in is identified by the Facebook logo or by the indication “Facebook Social Plug -in”. You can see the list and appearance of Facebook social plug-ins at the following link: https://developers.facebook.com/docs/plugins

When a User interacts with the social media plug-in, a direct connection is established with the Facebook servers. The plug-in content is transmitted directly from Facebook to the User’s device and integrated into the page it is viewing, allowing interaction without leaving the Website. This integration gives Users the ability to view and interact with Facebook content directly from the Website , improving the user experience and enhancing interaction with the content of the Application.

The data processed by the plug-in may be used to create user profiles. The Application has no control over the scope of data collected by Facebook via the plug-in and informs Users accordingly. By integrating the plug-in, Facebook receives information about the User’s visit to the specific page of the Website . If the User is logged in to their Facebook account , the visit can be linked to their profile. If the User interacts with the plug-in (e.g. by pressing the “Share” button), the relevant information will be transmitted directly from their device to Facebook and stored there. Even if the User is not a member of Facebook, there is a possibility that Facebook will collect and store their IP address. To prevent data collection by Facebook via the Online Offer, the User must:

  • Log out of their Facebook account before visiting our Website.
  • Delete cookies from their device.

More information about data processing by Facebook can be found at the following links:

The above settings apply regardless of the device the User uses, whether it is a desktop computer or a mobile device.

8.2.2. X Platform

Features and content of the X platform (formerly Twitter), provided by X Corp. (formerly Twitter Inc.), headquartered at 865 FM 1209, Building 2, Bastrop, TX 78602, USA, may be integrated into the BALANTIA® Website and Application. These features may include, among others, interactive buttons through which the User can share links from the Website or interact with content related to the Application. If the User is a member of the X platform, the company may associate the actions of sharing content or the use of interactive features with their personal profile.

X‘s data protection policy is available at the following link: https://x.com/el/privacy

8.2.3. Instagram Platform

Features and content of the Instagram platform may be integrated into the Website and the Application. The service provider is Meta Platforms, Inc., headquartered at 1601 Willow Road, Menlo Park, CA 94025, USA. This integration may include content, such as photos, videos or texts, as well as interactive buttons, through which the User can declare that they like the content, follow content creators, or interact with our posts. If the User is already a member of the Instagram platform, the service may link the interaction with the above content and features to their personal profile.

For more information about Instagram‘s data protection policy, you can visit the following link: https://instagram.com/about/legal/privacy/

8.2.4. Pinterest Platform

The Website and the Application use a Pinterest platform plug-in, which is provided by Pinterest Europe Ltd., headquartered at Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. This plug-in may include content, such as photos, videos or texts, as well as interactive buttons, through which the User can indicate that they like a particular content or choose to follow content creators or posts of the BALANTIA® application. If the User is a member of the Pinterest platform, the company can link their actions, as well as their interaction with the embedded content, with their personal profile. The information collected by the plug-in, regarding the User’s activity on the Website, is transferred to Pinterest servers in the United States and stored there. However, if anonymization IP has been activated, the User’s IP address is limited (truncated) within the Member States of the European Union or in other contracting states of the Agreement on the European Economic Area (EEA). Only in exceptional cases, is the full IP address transferred to a Pinterest server in the United States and anonymized there. Pinterest uses this information, on behalf of the Website operator, to evaluate the User’s activity on the Website, to compile reports on the use of the Website and to provide additional services related to the use of the Website and the Internet in general.

Pinterest platform’s data protection policy is available at the following link: https://policy.pinterest.com/privacy-policy

8.2.5. TikTok Platform

TikTok platform features and content, provided by TikTok Technology Limited, headquartered at 10 Earlsfort Terrace, Dublin, D 02 T 380, Ireland, may be integrated into the Website and the Application. This content may include, among other things, videos, as well as interactive buttons, through which the User can declare that they like some content or choose to follow content creators or the posts of the BALANTIA® application. If the User is a member of the TikTok platform, the company may associate their interaction with the above content and the available functions with their personal profile on the platform. The information collected by TikTok pixel, regarding the User’s activity on the Website, is transferred to TikTok servers, including servers located in third countries, such as the United States, and stored there. However, when the anonymization IP function is activated, TikTok limits the User’s IP address within the Member States of the European Union (EU) or other Member States to the Agreement on the European Economic Area (EEA) before transferring it. Only in exceptional cases is the full IP address transferred to a TikTok server in a third country and limited there. TikTok uses this information, on behalf of the website operator, to evaluate the User’s activity on the Website, to compile reports on the use of the Website and for provision services related to the use of the Website and the internet in general.

TikTok ‘s data protection policy can be found at the following link: https://www.tiktok.com/legal/privacy-policy

8.2.6. YouTube Platform

Features and content of the YouTube platform, provided by YouTube LLC, headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA, may be embedded in the Website and the Application. The embedded content may include, among other things, videos, as well as interactive buttons, through which the User can declare that they like a video (like) or choose to follow specific content creators or the posts of the BALANTIA® application. If the User is a member of the YouTube platform, the company may associate their interaction with the above content or the functions of the add-on with their personal profile. The information generated from the use of the Website is transferred to YouTube servers LLC in the United States and stored there. However, when the anonymization IP function is activated, the User’s IP address is limited (truncated) within the Member States of the European Union (EU) or other Member States to the Agreement on the European Economic Area (EEA) before being transferred to the United States. Only in exceptional cases is the full IP address transferred to a YouTube LLC server in the United States and is limited there. YouTube LLC uses this information, on behalf of the website administrator, to evaluate the User’s activity on the Website, to compile reports on the use of the Website and to provide services related to the use of the Website and the Internet in general.

YouTube LLC‘s data protection policy is available at the following link: https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/

  1. DELETING USER DATA

The Application retains the User’s personal data throughout its use. In case of deletion of the account, the email address, first name, last name, profile picture and links to third-party providers are permanently deleted. Some data may be retained only if required by law or to resolve legal issues, prevent fraud or enforce the Application’s Terms of Use.

  1. USER ACCOUNT RESET

The User has the option to restore their account. In this case, a new account will be transparently created and the settings will be copied (email address, password, settings, goals, etc.).

  1. USER RIGHTS

As a Data Subject, the User of the BALANTIA® Website or Application has the following rights:

11.1. Right of access – Article 15 of the General Data Protection Regulation (GDPR – 2016/679)

The User has the right, at any time, to receive, free of charge, information and updates regarding which personal data have been collected and stored by the Application, the origin and recipients of the data, the purpose and legal basis for processing them, the intended duration of their storage, any recipients or categories of recipients and the time they are kept.

11.2. Right to rectification Article 16 of the General Data Protection Regulation (GDPR – 2016/679)

Furthermore, the User has the right to require the Company to rectify any inaccurate personal data concerning them without undue delay. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.

11.3. Right to withdraw consent Article 7 (3) of the General Data Protection Regulation (GDPR – 2016/679)

The User has the right to withdraw their consent to the processing of their data at any time with future effect, without the need to have or state a reason for withdrawal.

11.4. Right to erasure Article 17 of the General Data Protection Regulation (GDPR – 2016/679)

Under the conditions of Article 17 of the GDPR, the User may request the deletion of their personal data. Their right to deletion depends, among other things, on whether the data concerning them are still necessary for the fulfillment of the Company’s legal obligations.

11.5. Right to restriction of processing Article 18 of the General Data Protection Regulation (GDPR – 2016/679)

Under the conditions of article 18 of the GDPR, the User may request the restriction of the processing of their personal data concerning them.

11.6. Right to data portability Article 20 of the General Data Protection Regulation (GDPR – 2016/679)

The User has the right to receive the personal data they provide, in a structured, commonly used and machine-readable format or to request that these data be transmitted to another controller, provided that the processing is based on the consent of the subject and the processing is carried out by automated means.

11.7. Right to object Article 21 of the General Data Protection Regulation (GDPR – 2016/679)

The User may at any time exercise their right to object to the creation of user profiles and the processing of personal data concerning them, when the processing is carried out on the basis of Article 6 of the General Data Protection Regulation (GDPR – 2016/679). The personal data will no longer be processed, unless there are compelling and legitimate reasons that override the interests, rights and freedoms of the User-data subject. When a User’s personal data is used for direct marketing purposes, then they have the right to object, at any time, to this processing.

11.8. Right not to be subject to automated decision-making Article 22 of the General Data Protection Regulation (GDPR – 2016/679)

The User has the right not to be subject to a decision based solely on automated processing, including the creation of User profiles, which produces legal effects concerning them or similarly significantly affects them.

11.9. Right to lodge a complaint Article 77 of the General Data Protection Regulation (GDPR – 2016/679)

The User has the right to submit a complaint to the competent supervisory Authority for the Company, namely the Personal Data Protection Authority (Athens, 1-3 Kifissias Avenue, P.C. 115 23, tel : +30 210 6475600, e – mail : contact@dpa.gr www . dpa . gr ).

  1. ISSUANCE & UPDATE OF THE DATA PROTECTION POLICY

This Data Protection Policy is currently in effect as of March 2025. In the event that the Website or the Application is modified, or if legal requirements change, this Data Protection Policy may be revised. The current version of the Data Protection Policy can be viewed and printed at any time by visiting https://www. balantia . app /privacy.

Επισκόπηση απορρήτου

Αυτός ο ιστότοπος χρησιμοποιεί cookies ώστε να μπορούμε να σας παρέχουμε την καλύτερη δυνατή εμπειρία χρήστη. Οι πληροφορίες cookie αποθηκεύονται στο πρόγραμμα περιήγησής σας και εκτελούν λειτουργίες όπως η αναγνώριση σας όταν επιστρέφετε στον ιστότοπό μας και η βοήθεια της ομάδας μας να κατανοήσει ποιες ενότητες του ιστότοπου θεωρείτε πιο ενδιαφέρουσες και χρήσιμες.