Last updated: 16 July 2026
Effective from: 16 July 2026
This document describes how NAMA CONSULTING ENGINEERS AND PLANNERS S.A. ("NAMA", "we", "us" or "our") processes personal data of visitors to the website www.namanet.gr (the "Website"), which cookies and similar technologies the Website uses, and the terms under which you may use the Website.
We process personal data in accordance with Regulation (EU) 2016/679 (the "GDPR"), Greek Law 4624/2019, and Greek Law 3471/2006 on the protection of personal data in the electronic communications sector.
This policy applies only to the Website. It does not apply to processing carried out by NAMA in the context of its professional activities, its contractual relationships, or its recruitment procedures, nor to third-party websites that may be linked from the Website.
| Legal name | NAMA CONSULTING ENGINEERS AND PLANNERS SOCIETE ANONYME |
| Legal form | Société Anonyme (Α.Ε.) |
| Registered office | 30–32 Perrikou Street, Athens, Central Athens Sector, 11524, Greece |
| G.E.MI. number | 005060001000 |
| VAT number (ΑΦΜ) | 094284920 |
| ekontak@namanet.gr | |
| Telephone | +30 210 6974600 |
| Website | www.namanet.gr |
NAMA has not appointed a Data Protection Officer, as it is not required to do so under Article 37 GDPR. Please direct any privacy-related enquiry to the contact details above.
The Website is an informational presentation of NAMA's work and services.
The Website does not:
NAMA itself does not maintain any database of Website visitors. All personal data described in this policy is processed on our behalf, or in their own capacity, by the third-party providers listed in Section 5, on their own infrastructure. We access only aggregated or pseudonymised reports.
Even though the Website collects no data from you directly, the mere act of visiting a website necessarily involves the processing of certain data — above all, your IP address, which is personal data under the GDPR.
Provider: Cloudflare, Inc. (Cloudflare Pages)
To transmit the Website to your device and to keep it secure and available, the following are processed automatically: your IP address, the date and time of the request, the pages and files requested, the HTTP status code, the volume of data transferred, the referring URL, your browser type and version, and your operating system.
Provider: Cloudflare, Inc. (Cloudflare Web Analytics)
We use Cloudflare Web Analytics to obtain aggregate statistics on Website traffic. This service does not use cookies, does not use localStorage, and does not employ device fingerprinting to track visitors across sites or over time. It derives a page-view signal from the request itself and reports data only in aggregate (page views, referrers, country, browser and device category).
Provider: Microsoft Corporation / Microsoft Ireland Operations Limited
We partner with Microsoft Clarity to understand how visitors use and interact with the Website through behavioural metrics, heatmaps and session replay, in order to improve our Website and our services. Website usage data is captured using first-party and third-party cookies and other tracking technologies in order to determine the popularity of content and to analyse online activity. We additionally use this information for site optimisation and for security and fraud-prevention purposes.
In concrete terms, Clarity may record: pages viewed and the order in which they were viewed; mouse movements, clicks, taps and scrolling; session duration; screen resolution and device type; browser and operating system; referring URL; approximate geographic location derived from the IP address; and a pseudonymous identifier assigned to your browser. Clarity reconstructs this into a replay of your visit.
Clarity masks sensitive content by default, and the Website contains no input fields. We do not use Clarity to identify individual visitors, and we make no attempt to link Clarity data to any other information.
Microsoft acts both as our processor and, for certain purposes described in the Microsoft Privacy Statement, as an independent controller of the data collected through Clarity — including for its own analytics and advertising purposes. For more information about how Microsoft collects and uses your data, please see the Microsoft Privacy Statement.
Provider: Wistia, Inc.
Videos on the Website are hosted and delivered by Wistia. When a page containing a Wistia video loads, or when you play a video, your IP address, browser data, and information about your interaction with the video player (plays, pauses, watch duration, progress) are transmitted to Wistia. Wistia stores identifiers on your device (cookies and/or localStorage) for this purpose.
Provider: Mapbox, Inc.
We use Mapbox to display an interactive map. When the map loads, your IP address and technical request data are transmitted to Mapbox's servers, and Mapbox may collect telemetry data relating to your interaction with the map (such as pan and zoom events).
Provider: Google LLC / Google Ireland Limited
The Website uses typefaces and icons supplied by Google. Where these are loaded from Google's servers (fonts.googleapis.com and fonts.gstatic.com), your IP address and browser data are transmitted to Google at the moment the page loads. Google Fonts does not set cookies.
Provider: Contentful GmbH, Berlin, Germany
The editorial and blog content of the Website is stored in Contentful and retrieved through its GraphQL API. Where this retrieval takes place in your browser, your IP address and request data are transmitted to Contentful's infrastructure. Contentful does not set cookies for this purpose and does not track you.
The Website publishes an email address and a telephone number. If you choose to contact us, we will process the data you provide (your name, contact details, and the content of your message) in order to respond to you.
The Website contains a plain hyperlink to our LinkedIn page. It is not a plugin or an embed: no data is transmitted to LinkedIn unless and until you click the link, at which point LinkedIn's own privacy policy applies.
We do not disclose personal data to any recipient other than the providers below, each of which processes data solely in the context of the corresponding function.
| Provider | Function | Establishment | Capacity |
|---|---|---|---|
| Cloudflare, Inc. | Hosting, CDN, security, aggregate analytics | USA | Processor |
| Microsoft Corporation / Microsoft Ireland Operations Ltd | Behavioural analytics, session replay | USA / Ireland | Processor and, for its own purposes, independent controller |
| Wistia, Inc. | Video hosting | USA | Processor |
| Mapbox, Inc. | Map display | USA | Processor |
| Google LLC / Google Ireland Ltd | Fonts and icons | USA / Ireland | Independent controller for data it receives |
| Contentful GmbH | Content management | Germany | Processor |
We may also disclose personal data to public authorities where we are required to do so by law, and to our legal or other professional advisers where necessary to establish, exercise or defend legal claims.
Cookies are small text files placed on your device by a website. Similar technologies (localStorage, pixels, SDKs) achieve comparable results. Under Article 4(5) of Law 3471/2006, which transposes the ePrivacy Directive, storing information on or accessing information already stored on your device requires your prior consent, except where this is strictly necessary to provide a service you have expressly requested.
Strictly necessary
| Name | Provider | Domain | Purpose | Duration | Type |
|---|---|---|---|---|---|
__cf_bm | Cloudflare | namanet.gr | Distinguishes human visitors from automated traffic (bot management). Necessary for the security of the Website. | 30 minutes | First-party |
cf_clearance | Cloudflare | namanet.gr | Stores the result of a security challenge you have passed, so that it is not repeated. Set only if a challenge is issued. | Up to 1 year | First-party |
_cfuvid | Cloudflare | namanet.gr | Supports rate limiting. Set only where rate-limiting rules are active. | Session | First-party |
nama_consent * | NAMA | namanet.gr | Stores your cookie preferences, so that we do not ask you on every page. | 6 months | First-party |
* The name and duration of the consent cookie will depend on the consent management platform selected; this row is to be finalised on implementation.
Analytics / behavioural — Microsoft Clarity (consent required)
| Name | Provider | Domain | Purpose | Duration | Type |
|---|---|---|---|---|---|
_clck | Microsoft | namanet.gr | Stores a pseudonymous Clarity user ID and preferences, so that returning visits can be recognised. | 1 year | First-party |
_clsk | Microsoft | namanet.gr | Groups multiple page views into a single Clarity session. | 1 day | First-party |
CLID | Microsoft | clarity.ms | Identifies the first time Clarity encountered this browser on any website using Clarity. | 1 year | Third-party |
ANONCHK | Microsoft | c.clarity.ms | Indicates whether the MUID identifier is passed to another Microsoft cookie used for advertising performance. For Clarity it is always set to 0. | 10 minutes | Third-party |
MR | Microsoft | c.clarity.ms | Indicates whether the MUID identifier should be refreshed. | 7 days | Third-party |
MUID | Microsoft | clarity.ms | Microsoft user identifier, used to recognise unique browsers across Microsoft sites, for analytics and advertising. | 1 year | Third-party |
SM | Microsoft | c.clarity.ms | Synchronises the MUID identifier across Microsoft domains. | Session | Third-party |
Functional third-party content (consent required)
| Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
wistia | Wistia | Identifies the visitor to the video player and stores playback state. | 2 years | First-party |
wistia-video-progress-* | Wistia | Stores your playback position, so that a video resumes where you left it. Stored in localStorage. | Persistent | localStorage |
| Mapbox telemetry | Mapbox | Records interaction with the map. May use localStorage. | Session / persistent | localStorage |
Note. This table reflects the services in use at the date above and the documentation published by the respective providers. Cookie names and durations are determined by those providers and may change. We recommend that the table be verified against an automated scan of the Website at implementation and reviewed at least annually.
Some of our providers are established in, or process data in, the United States, which is a third country for the purposes of Chapter V GDPR: Cloudflare, Microsoft, Wistia, Mapbox and Google.
These transfers are safeguarded as follows:
Contentful GmbH is established in Germany; however, its infrastructure and sub-processors may involve transfers to third countries, subject to the same safeguards.
You may request a copy of the relevant safeguards by writing to us at the address in Section 2.
NAMA does not itself store any personal data relating to your visit to the Website. Retention is determined by each provider and by the duration of the cookies listed above.
| Data | Retained by | Period |
|---|---|---|
| Server and security logs | Cloudflare | In accordance with Cloudflare's retention policy; generally a short period (a matter of days) for security logs. |
| Aggregate analytics | Cloudflare | Aggregated data only; no individual-level retention. |
| Clarity session replays | Microsoft | 30 days from recording. Favourited recordings and a randomly selected sample are retained for up to 9 months. |
| Clarity heatmaps and labelled sessions | Microsoft | Up to 9 months. |
| Cookies | Your browser | For the durations stated in Section 6.2, or until you delete them. |
| Correspondence you send us | NAMA | As set out in Section 4.8. |
Where personal data is processed on the basis of your consent, it is deleted or anonymised once you withdraw consent, subject to the provider's technical deletion cycles.
Under Articles 15 to 22 GDPR, you have the right to:
Please note an important limitation. The identifiers used by the analytics services described above are pseudonymous. We hold no additional information capable of linking those identifiers to you. Under Article 11(2) GDPR, where we are not in a position to identify you, the rights of access, rectification, erasure, restriction and portability do not apply unless you provide additional information enabling your identification. If you wish to exercise those rights in relation to analytics data, please supply, so far as possible, the relevant identifier and the approximate date and time of your visit.
How to exercise your rights. Write to ekontak@namanet.gr or to the postal address in Section 2. We will respond without undue delay and in any event within one month of receipt, which may be extended by a further two months where necessary, taking account of the complexity and number of requests; we will inform you of any such extension within one month. Exercising your rights is free of charge, unless a request is manifestly unfounded or excessive.
Right to lodge a complaint. If you consider that the processing of your personal data infringes the GDPR, you may lodge a complaint with the Greek Data Protection Authority:
Hellenic Data Protection Authority (Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα) 1–3 Kifissias Avenue, 11523 Athens, Greece Tel: +30 210 6475600 Web: https://www.dpa.gr
You also have the right to an effective judicial remedy under Article 79 GDPR.
The Website is aimed at professional and business audiences and is not directed at children. We do not knowingly process the personal data of children. Under Article 8 GDPR as implemented by Article 21 of Law 4624/2019, in Greece the processing of a child's personal data on the basis of consent in relation to information society services is lawful where the child is at least 15 years old; below that age, consent must be given or authorised by the holder of parental responsibility. If you believe that a child has provided us with personal data, please contact us and we will delete it.
We and our providers apply appropriate technical and organisational measures under Article 32 GDPR, including encryption in transit (HTTPS/TLS), protection against automated and malicious traffic at the network edge, and minimisation of the data collected. No transmission over the internet can be guaranteed to be entirely secure; we cannot therefore guarantee absolute security, but we take reasonable steps to protect your data.
We may amend this policy to reflect changes in the Website, in the services we use, or in the applicable law. The current version is always available at https://www.namanet.gr/privacy-policy and is identified by the date at the head of this document. Where a change materially affects processing carried out on the basis of your consent, we will seek your consent again.
By accessing and using the Website, you accept these terms. If you do not accept them, please do not use the Website.
The Website presents NAMA's activities, projects and services for information purposes only. Its content does not constitute an offer, a proposal, a technical study, professional or engineering advice, or a recommendation of any kind, and must not be relied upon as a substitute for professional advice appropriate to your specific circumstances. Any professional relationship with NAMA arises only from a written agreement.
The Website and its content — including texts, photographs, drawings, plans, videos, graphics, logos, trade marks, distinctive features and software — are the property of NAMA or of its licensors and are protected by Law 2121/1993 on copyright and related rights, by industrial property legislation, and by the corresponding EU and international provisions.
You may view the content and reproduce it for your personal, non-commercial use. Any other use — in particular reproduction, republication, adaptation, translation, distribution, public performance, or commercial exploitation, in whole or in part — is prohibited without our prior written consent. Third-party trade marks appearing on the Website are the property of their respective owners.
You agree not to use the Website in any manner that is unlawful, that may damage or impair its operation or security, that involves unauthorised access to it or to any connected system, or that involves the automated collection of its content (scraping, data mining) without our permission.
We make reasonable efforts to keep the content of the Website accurate and current, but we give no warranty, express or implied, as to its accuracy, completeness or timeliness. The Website is provided "as is" and "as available". We do not warrant uninterrupted or error-free operation, nor that the Website or the servers on which it is hosted are free of harmful elements. We reserve the right to modify, suspend or discontinue the Website or any part of it at any time.
The Website may contain links to third-party websites, including our LinkedIn page. These are provided for your convenience. We exercise no control over their content, their privacy practices or their availability, and we accept no responsibility for them. Following such a link is at your own risk and the terms and privacy policy of the destination site will apply.
To the fullest extent permitted by law, NAMA shall not be liable for any indirect, incidental, consequential or special damage arising from your access to or use of, or inability to use, the Website or its content. Nothing in these terms excludes or limits liability which cannot lawfully be excluded or limited, including liability for wilful misconduct and gross negligence.
These terms and any dispute arising out of or in connection with the Website are governed by Greek law. The courts of Athens shall have exclusive jurisdiction, without prejudice to any mandatory provision conferring jurisdiction elsewhere, and without prejudice to your right to lodge a complaint with the Hellenic Data Protection Authority or to a judicial remedy under Article 79 GDPR.
If any provision of these terms is held invalid or unenforceable, that provision shall be severed and the remaining provisions shall continue in full force and effect.
NAMA CONSULTING ENGINEERS AND PLANNERS S.A. 30–32 Perrikou Street, 11524 Athens, Greece Email: ekontak@namanet.gr — Tel: +30 210 6974600