espa logo

Data Protection



Through its Website, the office of Mr. Stavros Ristanis, which for short will be called “THE CLINIC”, has the ability to collect the personal data needed by you to create an individual account on its website, through which you can place orders. . THE CLINIC also has the ability to collect the personal data needed to execute your order if you choose not to create an account but to complete your order as a “Guest”.

The personal data collected by THE CLINIC are collected, processed, registered and stored confidentially, by the Data Controller in accordance with the applicable provisions on personal data protection of Greece (N.2472 / 97 as currently in force) and the provisions of European Law (EC). 2016/679).

The personal data that may be collected are never disclosed to third parties (with the exception where provided by law and the Competent Authorities and those defined in paragraph 3.3 hereof), but their personal character is preserved. THE CLINIC maintains electronic records with this data exclusively for communication, statistical purposes and to improve the services provided and customer management.


You have the right, once you have created an account on the website of the CLINIC, to access, correct or delete your personal information, as well as to refuse the processing of your data, addressing at any time to the Data Controller of the CLINIC:

via email to
by phone from 9am to 2pm Monday to Friday at 2651402467
by mail: Stavros Ristanis, Orthopedic Surgeon, 12 Omirou Square, PC 45332, Ioannina

In case you placed an order as a guest and you want to process your personal information, you can contact the Data Processing Manager of the CLINIC at any time:

via email to
by phone from 9am to 2pm Monday to Friday at 2651402467
by mail: Stavros Ristanis, Orthopedic Surgeon, 12 Omirou Square, PC 45332, Ioannina

In case you encounter problems regarding the above, you can contact the Data Controller of IATRIOU using the contact details mentioned above.

Minors have access to the website only with the consent of their legal guardians or guardians.


3.1 Data collection methods

When filling in your details on the order form on the “Purchase Completion” page and as soon as you click the “Complete Order” button, we collect the personal data you placed on the form as defined in the Terms of Use. In this context, we collect your name, surname, e-mail address, your city address, your area postal code, your telephone and your e-mail. When you receive your order, you will be sent a thank you email by us which may have a discount coupon as well as the prompt for review.

Finally, if you have registered, when you request to view pages on the Website, the CLINIC servers automatically recognize the IP address of your computer (the numeric web address assigned to each computer on a network. The IP address is as follows: XXX .XXX.XXX.XXX).

In case you do not fill in the required details we will not be able to complete our transaction.

When you visit this Page, we also collect certain information through automated means, using technologies such as cookies, web server logs and web beacons. You can find more about these technologies on the Cookies Policy page

3.2 Use of personal data

The personal data we collect from you every time you place an order is necessary for the overall management of your order by the CLINIC. This management includes the detection of online fraud and fraud related to modern means of payment, the prevention and management of payment (non-payment) incidents and the maintenance of the rights of the CLINIC in relation to its commercial activity. The personal data of the orders are kept in our file for tax purposes for as long as the current tax provisions define per case. After this time they are automatically anonymized.

The personal information we collect from you when you create an account is essential for your faster service when you place an order and for your personal use as in order to see the orders you have placed. This information is kept in our file for 5 years unless you choose to unsubscribe via the delete / anonymize option in your account tools. In order to delete / anonymize the personal data of your orders, the storage time specified by the current tax provisions per case must have expired. If you choose to unsubscribe before this time, the personal data of your orders will not be deleted at that time but will be automatically anonymized after this time.

We have the right to process the data we have in order to interpret the use of our Website by visitors (frequency of views from various other Websites, sales statistics and origin of visitors to our Website, etc.).

The data regarding the profile of our visitors will be kept only by the CLINIC as defined by Greek law.

The CLINIC is not going to transfer or dispose of your personal data and information in any way to its subsidiaries, third parties and commercial or business associates without your prior notification.

In case the CLINIC is forced by law or by a court decision to communicate the personal data of its visitors, it will notify its visitor if possible (unless the CLINIC deems that it is not obliged to do so) .

Taking into account the level of technology related to the telecommunications sector, the CLINIC can not guarantee the confidentiality, and the integrity of the verification of the authenticity of the emails that the visitor sends or receives from the CLINIC.

Finally, we may use the information in other ways, for which we will provide specific notice at the time of collection.

3.3 Data recipients

All personal data is intended for their use by the CLINIC. With the exception of photos, the personal information collected from the Website may be requested from time to time by our trading partners, in order to ensure that the aforementioned purpose is addressed, as well as to detect payment fraud and Merchant Management organized by the CLINIC or its trading partners. THE CLINIC restricts as much as possible the recipients, in order to ensure adequate protection, in accordance with the current Greek and European legislation. The CLINIC is also obliged to forward some of your personal information to cooperating companies, in order to send the products you have purchased to the shipping address you have stated (phone number, address and name of recipient), to the service provider via sms for shipping messages about your order (mobile phone) in its accounting office or to contact you via email about your order (address, name and other payment details). With the above cooperating companies, IATREIO has included in its contracts with them the obligation on their part to use your personal data only for the tasks described above in accordance with the applicable legal provisions by the competent judicial, police and other administrative principles.

3.4 Security and confidentiality of personal data

THE CLINIC has made significant efforts to take all precautionary measures to maintain the confidentiality and security of personal data and to prevent their distortion, damage, destruction and accessibility by unauthorized third parties. Technical and organizational security measures include state-of-the-art technology. However, the CLINIC can not control the risk associated with the operation of the Internet and therefore draws your attention to the potential risks associated with its use and operation.

3.5 Information we collect through automated means

When you visit this page, we collect specific information through automated means, using technologies such as cookies, web server logs and web beacons.

We may use third party web analytics services on this page, our social networking pages, or our mobile applications. The service providers who manage these services use technologies such as cookies, web server logs and web beacons to help us analyze how visitors use the page. The information collected through these media (including the IP address) is disclosed to these service providers, who use the information to evaluate the use of the website.


We do not sell or disclose personal information we collect about you, except as described here. We may share your personal information with:

Our associates for the purposes described in the Clinic’s Privacy Policy.

Service providers who provide services on our behalf based on our instructions. We do not authorize these providers to use or disclose the information unless necessary to provide services on our behalf or to comply with legal requirements. Examples of such service providers include entities that process credit card payments, process orders, and provide network hosting and advertising services.

Other third parties with your consent.

In addition, we may disclose information about you

(i) whether we are required to do so by law or legal process;

(ii) law enforcement or other government officials, or

(iii) when we believe that the disclosure is necessary or appropriate to prevent bodily harm or financial loss, or in association with an investigation into suspected or actual fraudulent or unlawful activity.

We also reserve the right to transfer the personal information we have about you in the event of the sale or transfer of all or part of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to direct the transferee to use the personal information you have provided to us in a manner consistent with our Privacy Policy. Following such sale or transfer, you may contact the entity to which your personal information will be transferred with any questions regarding the processing of such information.


We offer specific options regarding the personal information we collect from you, such as how we use the information and how we communicate with you. To update your preferences, ask us to remove your information from our mailing lists or submit a request, please contact us as set out below.

5.1 Withdrawal of Consent

You may withdraw any consent you have given us or object at any time for lawful reasons regarding the processing of your personal information. We will implement your preferences within a reasonable time. In some cases, withdrawing your consent to the use or disclosure of your personal information may mean that you will not be able to take advantage of any of our products or services.

5.2 Review, update and modification of Personal Data

Subject to applicable law, you may have the right to request access to and receive details of the personal information we hold about you, to update and correct inaccuracies in your personal data, and to request that they be blocked or deleted; it depends on the situation. The right of access to personal information may in some cases be restricted by the requirements of local law. You may request that your personal information be revised, changed or deleted as described in paragraph 2.


We maintain appropriate administrative, technical and physical safeguards designed to protect the personal information you provide from accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. Among other things, the data is stored on a Server certified according to ISO 9001: 2015, ISO 27001: 2013 and ISO 27001.


If you have any questions or comments about this or if you would like to update the information we have about you or your preferences, please contact our Data Controller at the beginning of this information.