Privacy Policy


(According to the General Data Protection Regulation (EU) 2016/679)

Data Controller of your personal data:

The anonymous company with the name: "Intrum Hellas R.E.O Solutions A.E." (hereinafter, "Intrum REO" or the "Company") with registered office at 109-111 Mesogeion, P.O. 11526, Athens.

The Policy concerns the services provided by Intrum REO, also,  through the Company's website as well as through the use of the application (hereinafter the "digital platform") which enables you to register and benefit from our services.


We urge you to read the Update below to obtain all necessary information.


Who is this Policy for?

This Policy is addressed to natural persons, visitors of the Company's website, tenants and prospective tenants, prospective buyers of the properties under the management of Intrum REO as well as its partners. It is emphasized that in case the interested party (tenant or buyer) is a legal entity, this is addressed to the representative or representatives of the legal entity and/or the real beneficiary(ies), as long as their personal data is subject to processing by the Company.


What  personal data may we process?

    A. The personal data we collect includes:

  • identification information (e.g. first and last name, middle name, date of birth, etc.),
  • your contact information (e.g. addresses, phone numbers, username - email, etc.),
  • data on financial and property status (e.g. bank statement, other data of a tax nature, etc.),
  • data from the operation of the contract(s) with Intrum REO and the use of the services provided,
  • any information relating to the property under management that contains your personal data (e.g. DEKO accounts, etc.).

It is noted that with the exception of the identification data and contact data that are absolutely necessary for your transactional relationship with Intrum REO, the type and amount of other data collected depends on the contractual relationship and/or service provided, as the case may be.

   B. Information you fill in on our website to use the services of the Platform

When you register on the digital platform, we may collect personal data, the transmission of which is carried out on the basis of the TCP/IP protocol, which is implemented in the context of the use of the Internet.

The aforementioned data are not collected to be associated with identifiable data subjects but - by their nature - may be associated with data held by third parties, which could potentially lead to your identification.

This category of data includes the "IP addresses" or domain names of the computers that you use to browse the Company's website/use information through the electronic platform, includes the URI (Uniform Resource Identifier) ​​addresses used to identify of a resource, the time of the request, the method used to log the request to the server, the size of the file provided as a response, the numeric code indicating the server's response status (successful, error, etc.) and other parameters about the IT operating system and environment.

More specifically, as a user you have the ability to register on the digital platform, manage notifications according to the preferences you will declare, retrieve any comments/material you have saved yourself and modify the information you specified during your individual registration (your "profile").

In order to complete the registration process on the Company's website, you are invited to enter your name, email address, contact phone number and any text you may fill in the free field marked "comments". However, we recommend that you avoid recording your personal data that fall into special categories of data, as described in the section below, in the free field.

In addition, we process data from existing information to show you commercial content that may be relevant and interesting to you, provided you have given us your prior consent by opt-in when registering as a user on the digital platform

During the management of the properties, Intrum REO may also collect additional personal data directly from you, as long as they are deemed necessary for the purposes of processing of your submitted request.

Processing of special categories of personal data

At Intrum REO we do not process personal data related to your racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic or biometric data for the purpose of identifying you, nor health data or data concerning your sex life or sexual orientation unless: a) this data has been disclosed to Intrum REO by you or a third natural or legal person in the context of documenting and safeguarding your legitimate interests, or b) the data was made public by you, or c) the processing is necessary for the establishment, exercise or support of both your own and Intrum REO's legal claims (e.g. lack of legal capacity), or d) the processing is necessary for substantive reasons of public interest (investigation of a criminal act under the Law on the Prevention and Suppression of Money Laundering from criminal activities and the financing of terrorism, which has been disclosed to us by virtue of a judicial act, prosecutorial order or other general legal process, by which we have received an order for specific actions).


Where we collect your data from

  1. Your personal data under A. above, is collected, mainly, by Piraeus Bank (hereinafter, the "Bank") or Property Management Companies that acquire, through an auction process, the ownership of the properties that secure claims from loans/credits that have been transferred, through securitization, from the Bank to Special Purpose Companies or from publicly accessible sources.

Intrum REO may, during the management of the properties, also collect additional personal data directly from you, as long as they are deemed necessary for the purposes of the processing while maintaining the transactional relationship between us.

  1. Your personal data above under B. are collected directly from you by registering your details as a user, whenever you use our online platform to browse or submit a contact request.

Purposes of Processing

The processing of personal data consists of the collection, registration, organization, structure, storage, alteration, information retrieval, use, transmission, limitation or deletion of the personal data that have been transferred to Intrum REO or will come to its knowledge in the context of our business relationships or in the context of information we receive from third parties when exercising legal rights of the company, or directly from you, when you fill in your details on our page.

The personal data processed by Intrum REO must be complete , accurate and updated with your own risk immediately, in case of change or whenever deemed necessary for the maintenance of our business relations or the fulfillment of Intrum REO's legal obligations, while complying with the applicable regulatory provisions.

The processing of your personal data concerns:

  • The execution of a contract in which you have entered into (e.g. in case of employees) or in the context of your transactional relations with Intrum REO and under the condition of your identification.
  • The compliance of Intrum REO with the respective legislative and regulatory framework, which may include, indicatively:
  • prevention of money laundering from illegal activities and other criminal acts,
  • evaluation and optimization of security procedures and information systems,
  • management of operational and financial risks of Intrum REO
  • Carrying out of Company promotions, provided we have received your express consent – ​​this consent may be revoked or you can submit a request to stop sending you updates about certain services
  • The assignment of access rights, following your registration to the digital platform
  • The defense of the Company’s legitimate interests, such as indicatively:
  • for proper and more efficient operation and management of the Company's website
  • to investigate and resolve technical issues related to the provision of the services (e.g. code errors)
  • for the protection and security of information systems in order to prevent and suppress any illegal act and to investigate a possible violation of the terms of use of the website or this Policy
  • to carry out analysis that allow us to evaluate and improve our products and services

At Intrum REO, we have taken all the necessary actions, in compliance with the current legislative framework, applying the appropriate technical and organizational measures for the legal maintenance, processing and safekeeping of personal data files in order to ensure and protect your personal data from loss or leakage, alteration, transfer or in any other way of improper processing.

Automated decision making and profiling

At Intrum REO we do not make decisions based solely on automated personal data processing procedures that produce legal results or significantly affect data subjects.

Lawfulness of processing

At Intrum REO we process personal data if the processing:

  • is necessary for your identification, or the verification of your details when communicating with representatives of the Company.
  • is necessary for the execution of the contract you have entered into and the resulting service, support and monitoring of your business relations with the Company.
  • is necessary for Intrum REO to comply with its legal obligations or to pursue the legitimate interests arising from your business relations with Intrum REO or from other rights of the company arising from the law.
  • is necessary for the fulfillment of tasks that Intrum REO performs in the public interest within the framework of the applicable legislative and regulatory framework.
  • is based on your prior expressed consent, in cases where none of the aforementioned legal processing bases are established.
  • is necessary for your accessing and browsing on the digital platform as well as for your service, in the context of providing the requested communication and information about the Company's services.
  • is necessary for promoting the company's services, provided you have given your prior consent

In particular, with regard to the personal data that have been transferred to Intrum REO by the Bank or other Property Management Companies, as explained above, the lawfulness of transferring your personal data is based on the service of the contractual relationship and the lawful management of real estate portfolio by Intrum REO, as it is carried out to fulfill the purposes of the individual agreements it has entered into.


Data retention period

At Intrum REO we keep your personal data for as long as is provided, per case, by the current legislation.

Personal data of buyers is kept for a period of 5 years from the date of signing a contract for purchasing of a property managed by the Company, unless there is an order from the Prosecutor's Office or another Authority that stipulates otherwise.

Personal data of prospective buyers, in cases where their expression of interest in buying real estate does not result in the drawing up of definitive contracts, are kept, respectively, for a period of 5 years from the submission of their proposal, with the indication that their data will be used strictly in the event of a dispute with the company. In the latter case, the period of 5 years for the retention of personal data is extended until the finality of the judicial decisions, which will decide on the disputed cases.

Personal data of tenants are kept for a period of 5 years from the end of the lease contract, unless otherwise stipulated by the Prosecutor's Office or another Authority.

As long as you register on the Company's digital platform to receive updates on properties available for rent/purchase, your personal data will be kept for as long as you remain an active user. The deletion of these will be done upon your request by which you will revoke your prior consent for the processing of your personal data that provided in the context of activating an account on the Company's digital platform.

Who are the recipients of your personal data?

Intrum REO staff have access to your personal data within the scope of their responsibilities and, possibly, other Intrum Group companies in the context of supporting Intrum REO for the proper execution of its contractual, legal and regulatory obligations, as well as the respective statutory auditors of the company.

As part of our processing of your personal data, we may transfer data to the following recipients:

  • Collaborating lawyers, law firms and bailiffs, notaries, brokers, engineers, appraisers, auditors and accountants, insurance companies where the transfer of personal data is required for the initiation of a transactional relationship
  • Where required by the applicable regulatory, legislative and generally regulatory framework or court decision (e.g. transfer to judicial authorities, tax authorities, supervisory bodies, mediation bodies).
  • To third parties - our partners who provide IT and/or support services for electronic systems and networks, investigation of security-related incidents, protection against fraudulent or illegal activity, software hosting, cloud computing, customer service, processing requests, serving advertisements or marketing services, analytical services, undertaking internal research for development purposes.
  • In cases of cooperation with third parties - Processors, we have ensured that they meet the conditions and provide sufficient assurances for the implementation of appropriate technical and organizational measures, ensuring the protection of your data, whilst they have entered into a relevant contract with the Company, in which their obligations are recorded, when processing your personal data.

Finally, if in the context of cooperation with third parties, it is deemed appropriate to transfer your personal data outside the European Union/European Economic Area, the transfer takes place pursuant to a contract that includes Standard Clauses for the protection of personal data, as defined by the current regulatory/legislative framework.


Your rights as data subjects

As a subject of personal data processing, you have the following rights:

  • Right of access to your personal data if these are subject to processing by Intrum REO, as the Controller, as well as to the source of origin, the purposes of the processing, the categories of the data, any recipients and retention time (Article 15 GDPR).
  • Right to rectification, without undue delay, in case of inaccurate data as well as completion of incomplete data (Article 16 GDPR).
  • Right to deletion ("right to be forgotten") of your personal data, subject to the obligations and legal rights of Intrum REO to comply with them based on the applicable legislative and regulatory provisions, if the data is no longer necessary in relation to  the purposes for which they were collected or otherwise processed or as a result of withdrawing the consent on which the processing is based if there is no other legitimate basis for processing the corresponding personal data (Article 17 GDPR).
  • The right to restrict the processing of your personal data if, either the accuracy thereof is disputed, or the processing is illegal, or the purpose of the processing has been omitted and provided that there is no legitimate basis for their retention (Article 18 GDPR).
  • Right to portability of your personal data to another Controller, provided that the processing is based on your consent and carried out by automated means. The satisfaction of this right is subject to the legal rights of Intrum REO to respect the data and fulfill a duty in the public interest (Article 20 GDPR).
  • Right to object for reasons related to your particular situation in the event that your personal data is processed for the fulfillment of a task performed in the public interest, or for the purposes of the legitimate interests pursued by Intrum REO or a third party (Article 21 GDPR) .
  • Right to withdraw your consent at any time, if for specific processing purposes we have requested your consent, e.g. in the case of receiving information through information society services, registration on the digital platform. It is emphasized, however, that in these cases the lawfulness of the processing based on your consent is not affected until it is withdrawn.


How to exercise your rights and file a complaint

To exercise your above rights to the extent that the Company acts as a Data Controller, you can send your request to the "Personal Data Protection Office" at the company's headquarters (Mesogeion Ave. 109-111, Athens, P.O. 11526) or, by email at

Upon receipt of your request, we will make every effort to respond within thirty (30) calendar days. In the event that the complexity of the request requires further time to evaluate and respond to it, we have the option to extend the response time for an additional sixty (60) calendar days. In the corresponding case, Intrum REO will inform you in writing within thirty days (30) of the receipt of your request as well as of  the reasons for the extension.

A refusal or unjustified delay on our part in satisfying your requests when exercising your rights, gives you the right to lodge a complaint to the Hellenic Data Protection Authority, as the competent supervisory authority for the implementation of the GDPR.

In any case, you reserve the right to file a complaint with the competent supervisory authority, if you consider that the processing of your personal data is in violation of the applicable legislation. For more information you can visit the website of the Authority at

We note that we monitor the legislative and regulatory framework as it applies to the processing of personal data, as well as the Policy and Guidelines of the Intrum Group and we reserve the right to revise, as the case may be, this Policy.


Notice on CCTV Personal Data Processing

Notice on CCTV Personal Data Processing

Please read the Notice below to obtain the necessary information

Details of the Data Controller

The Data Controller of your personal data is the société anonyme under the name: “Intrum Hellas R.E.O. Solutions S.A.” (hereinafter, “Intrum REO” or the “Company”) with registered office at 109-111 Mesogeion Street, 11526, Athens.

Whom is this Notice for

This Notice is intended for natural persons visiting areas managed by the Company where there is an installed CCTV system. Please note, that the Company has put up signs notifying of the existence of a CCTV system in a prominent place in all buildings where there is one installed.

Purpose of processing

We use a video surveillance system in properties managed by our Company.

We collect and maintain data through CCTV systems for the purpose of preventing and deterring criminal offences as a protection from crimes against life and property including, but not limited to, trespassing, damage to foreign property, thefts, etc., as well as the overall protection of Company buildings, people and/or assets visiting/located in the respective premises.

Legitimate interest

The above processing is necessary for the protection of our legitimate interests as a Controller and is based on the need to protect the premises, persons and goods located in the property managed by the Company where CCTV systems are installed against unlawful acts.

Personal data we collect

We only collect image data. Recording is limited to the entry/exit and does not capture any images from surrounding areas or adjacent properties. Recording takes place 24/7.


The recorded material can only be accessed by the competent/authorized personnel of companies with which we have concluded contracts for the provision of property security services.

Such material shall not be transferred to third parties without the consent of the data subject, except in the following cases:

(a) to the competent judicial, prosecutorial and police authorities where it contains information necessary for the investigation of a criminal offence concerning persons or property of the Data Controller;

  1. b) to the competent Judicial, Prosecutorial and Police Authorities when they duly request data in the performance of their duties; and

(c) to the victim or the perpetrator of a criminal offence, in the case of data which may constitute evidence of an offence following a prosecutor’s order.

Retention period

We keep the data for fifteen (15) days, after which they are automatically deleted.

In the event that an unlawful incident is detected, the relevant data shall be isolated in a separate file for the purpose of investigating and initiating legal proceedings in order to defend our legitimate interests and for as long as the investigation and disciplinary or judicial proceedings in relation to the specific incidents require, and until the irrevocable completion of the judicial proceedings if the criminal case is brought to court.

In case the incident concerns a third party, we will keep the video recording for up to three (3) months in order to give the opportunity to file a complaint in accordance with the provisions of the Criminal Code.

Rights of data subjects

As data subjects, you have the following rights:

  • Right of access: you have the right to know if we are processing your image, as well as to receive a copy thereof if the image is recorded or has not been lawfully deleted according to the above.
  • Right to restrict processing: you have the right to request that processing be restricted, such as not to delete any data that you deem necessary for the establishment, exercise or defence of legal claims (within the time periods of the above section).
  • Right to object: you have the right to object to the processing, provided that the conditions of the GDPR are met and that it does not conflict with compelling legitimate interests.
  • Right to erasure: you have the right to request that your data be deleted, as long as the conditions of the GDPR are met and it does not conflict with compelling legitimate interests.

You can exercise your rights by sending a request to the Company's Data Controller Office via e-mail at or via post. In any case, the Data Controller Office will respond to you within the deadlines laid down by the GDPR.

Right to lodge a complaint: If you consider that the processing of your data infringes Regulation (EU) 2016/679, you have the right to lodge a complaint with the Data Protection Authority, 1-3 Kifissias Ave., 115 23, Athens, Greece, tel. 210-6475600.

© Intrum REO Solutions, 2022