Contact Data Export - Terms of Use & Legal Framework
Data Source
The contact information provided through our service is primarily based on the General Commercial Registry (G.E.MI.), the official public business registry of Greece.
G.E.MI. serves as the "National Commercial Publicity Bulletin" according to Law 4919/2022 and European Directive 2017/1132. Its purpose is transparency and public access to business information.
The information we provide includes:
- Company name and trade name
- Contact details (email, phone, address)
- VAT ID and G.E.MI. registration number
- Legal form and business activity
The exported contact details concern the contact information of the business as published in G.E.MI. Where the data of sole proprietorships constitutes personal data, it is provided in the capacity of the individual as a professional, with the legal basis of legitimate interest (Article 6(1)(f) GDPR) and the framework for re-use of public data (Law 4727/2020).
Our data comes from public sources: G.E.MI., AADE (major debtor lists), Diavgeia (public contracts, state aid), and international sanctions lists (EU, UN, OFAC).
Legal Framework
European GDPR Regulation
Data processing is based on Article 6(1)(f) of Regulation (EU) 2016/679 (GDPR) - legitimate interest for providing business information services.
G.E.MI. data is publicly available by law and intended for third-party access in the context of business activities.
Greek Legislation
Law 4919/2022 - General Commercial Registry
This law establishes G.E.MI. as the national commercial publicity registry, promoting transparency and protecting business transactions through public access to corporate information.
Law 4624/2019 - GDPR Implementation
The Greek implementation law of GDPR, regulating the protection of individuals with regard to personal data processing.
Law 3471/2006 - Electronic Communications
The law on data protection in electronic communications (ePrivacy). Article 11 regulates unsolicited communication and specifies that prior consent is required for "direct marketing purposes for products or services and for any advertising purposes".
Law 4727/2020 - Open Data & Re-use of Public Sector Information
This law transposes European Directive (EU) 2019/1024 and provides that public sector data may be reproduced and re-used, including for commercial purposes.
Permitted Use
The data may be used for:
- Due diligence & evaluation - Evaluation of partners, clients, suppliers
- Market research - Market research and industry analysis
- Business intelligence - Business intelligence and monitoring
- AML/KYC compliance - Support for AML/KYC compliance (Law 4557/2018)
- Data verification - Verification of details
Prohibited Use
According to Law 3471/2006, the following are prohibited without prior consent:
- Newsletters & Mailing Lists - Adding to mass mailing lists
- Advertising content - Offers, discounts, promotional messages
- Repeated communication - Continuous sending without response
- Data resale - Distribution to third parties
Any unsolicited commercial communication (email, SMS, automated calls) may require prior consent under Article 11 of Law 3471/2006, regardless of volume or personalization, and this regulation also covers recipients that are legal entities. Sole responsibility for the existence of a lawful basis lies with the sending user. BizList.gr provides no assurance that any specific communication is lawful and does not encourage such use.
User Obligations
When using the data for communication, according to Law 3471/2006 (Article 11):
- Identify yourself - Name or company name, contact details
- Provide opt-out option - Valid address to terminate communication
- Respect refusal - If someone asks not to receive emails again, stop
- Disclose source if asked - The information comes from G.E.MI.
- Compliant use - Use the data in accordance with this Acceptable Use Policy and Law 3471/2006; you assume sole responsibility for having a lawful basis for any communication.
- Indemnification - The user indemnifies BizList.gr for any third-party claim arising from the use of the data in breach of these terms.
Data Subject Rights
According to GDPR, every individual has the right to:
- Access - Learn what data we maintain
- Rectification - Request correction of inaccurate information
- Objection - Object to data processing
The publication of this information does not require consent — the publicity obligation arises from the establishment of the legal entity and the law (Law 4919/2022, Directive 2017/1132/EU).
Erasure Request
Sole proprietorships: Individuals with a sole proprietorship may request removal of their data. The data is removed from the platform and added to a blocklist to prevent reappearance. Contact us.
Legal entities (OE, EE, IKE, EPE, SA): Corporate publicity data is not removed. It concerns data that is mandatorily published in G.E.MI. and is publicly available by law. Its removal would contradict the purpose of commercial publicity (Law 4919/2022, Directive 2017/1132/EU).
Politically Exposed Persons (PEPs): Data of politically exposed persons (members of parliament, ministers, mayors, regional governors, MEPs) comes from public sources and is maintained in accordance with Law 4557/2018 (Prevention of money laundering). This data is maintained on the basis of legitimate interest, to support the AML/KYC compliance of obliged entities using the platform (Law 4557/2018); the data controller is not itself an obliged entity. It is not removed as a rule, but every request for correction of inaccuracy or mistaken identification is examined.
Persons on sanctions lists: Data of persons appearing on sanctions lists (EU, UN, OFAC) comes from official publications of international organizations. Its maintenance is necessary for AML/KYC compliance. It is not removed. A correction request is examined in case of mistaken identification.
Email addresses whose holders have submitted to us an objection regarding the display or export of their data are not included in contact data exports. This exclusion applies to objections that have reached the data controller; it does not cover refusals declared to third-party users of the service.
Disclaimer
- Our service provides access to publicly available information
- Responsibility for lawful use of the data lies exclusively with the user
- We bear no responsibility for any unlawful use by third parties
Related Legislation & Sources
European Legislation
- GDPR Regulation (EU 2016/679)
- ePrivacy Directive (2002/58/EC)
- Directive 2017/1132/EU - Company Law & Registry Disclosure
- Directive (EU) 2019/1024 - Open Data and Re-use of Public Sector Information
Greek Legislation
- Law 4919/2022 - G.E.MI.
- Law 4624/2019 - GDPR Implementation
- Law 4727/2020 - Open Data & Re-use of Public Sector Information
- Law 3471/2006 - Electronic Communications