GDPR Compliance

Controller

The data controller is Georgios Thoidis, an independent individual based in Chamilo, Kilkis, Central Macedonia, Greece. Contact: 72Hourai@proton.me.

Data Protection Officer

Operating below the GDPR thresholds requiring a formal DPO (Art. 37), no DPO has been appointed. All data protection matters are handled directly by the controller at the address above.

Lawful Basis (Art. 6)

We process personal data on the basis of: contract performance (sprint delivery), legitimate interest (security, abuse prevention), consent (cookies, marketing), and legal obligation (Greek tax & accounting rules).

Your Rights

• Access (Art. 15)
• Rectification (Art. 16)
• Erasure / "right to be forgotten" (Art. 17)
• Restriction of processing (Art. 18)
• Data portability (Art. 20)
• Objection to processing (Art. 21)
• Withdrawal of consent at any time (Art. 7(3))

To exercise any right, email 72Hourai@proton.me. We respond within 30 days.

Processors & International Transfers

We use third-party processors including Lemon Squeezy (USA, payments), Lovable Cloud (hosting), and an email provider. Where personal data is transferred outside the EEA, we rely on Standard Contractual Clauses or equivalent safeguards.

Supervisory Authority

You have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA), Kifissias 1-3, 11523 Athens, Greece — www.dpa.gr.

Data Breach Notification

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the HDPA within 72 hours and affected individuals without undue delay, in line with Articles 33–34 GDPR.