Log In Register How it Works

Privacy Policy

Updated at 2022-09-10

We, RubyChat (“we”, “our” or “us”) are committed to protecting and respecting your privacy when you use our website at www.rubychat.org and our Services. In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular with Greece`s Law 4624/2019, which provides for the implementing measures of the GDPR (“DPA”), the General Data Protection Regulation ("GDPR"), and only as described in this privacy policy.

Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website. However, we reserve the right to put this data to additional uses to the extent permitted or required by law or necessary to support legal or criminal investigations. In this case, we will inform you again about this further data processing to the extent required by law and obtain your consent.

Responsible for data processing

Responsible for data processing in accordance with the provisions of the GDPR and DPA is:


RubyChat.org Contact us

General information on data processing

In the course of our business and website operations, we process data. This also includes disclosure by transmission to third parties and, where applicable, to so-called third countries outside Greece and the EEA. Where we transfer data outside Greece or EEA, we have highlighted this accordingly below.

Data processing

All personal data that we obtain from you via the website will only be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned or only with your consent.

In particular, Art. 6 GDPR specifies when data processing is permitted. RubyChat collects personal data if:

RubyChat processes and stores your personal data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

a) Hosting

To provide our website, we use the services of Cloudflare who process the below-mentioned data and all data to be processed in connection with the operation of our website on our behalf. The legal basis for the data processing is our legitimate interest in providing our website.

b) Collection of access data and log files

We also collect data on every access to our website. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing website.

c) Contacting us

When contacting us, your details are processed for the purpose of handling the request and its processing and may include your Name, E-mail address and other contact details, if provided. Your details may be stored in a customer relationship management system or comparable enquiry system. We delete the enquiries if they are no longer necessary. We review the necessity every two years; furthermore, the legal archiving obligations apply. The legal bases for processing are our legitimate interest and the provision of pre-contractual or contractual measures.

d) Account registration

On our website, we offer you the opportunity to register by providing personal data and non- personal data, in particular your Username, E-mail address. The data is entered in the registration form is transmitted to us and stored. Registration is necessary in order to set up your customer account, which you can use to buy our services. The processing of the data for this registration thus serves the fulfilment of the contract of use or the implementation of pre-contractual measures. You can delete your customer account at any time on our website either by using the delete function in your account or by contacting us.

e) Using our Services

We collect, process, and use the information you provide in the context of using our chat for the purpose of executing the contract this may include personal data and non- personal data, in particular the data you chose to publish. Within the chat you are able to display certain information, share certain details, engage with others, exchange knowledge and insights, post and view relevant content. Content and data are publicly viewable. You have choices about the information you chose to publish. You don’t have to provide additional information. However, information helps you to get more from our Services. It’s your choice whether to include sensitive information and to make that sensitive information public. Please do not post or add Personal Information that you would not want to be available.

We store the information you provide for the period of processing and handling the services. Afterwards, your data will be deleted. Data that we are required to store due to legal, statutory or contractual retention obligations will be blocked instead of being deleted to prevent it being used for other purposes. The processing of the data serves the fulfilment of the contract with you. Please note when using our services, you become the data controller and we become the data processor in accordance with Art. 29 of the GDPR, for further information please refer to our Data Processing Addendum.

f) Use of cookies

We use so-called cookies on our web site. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent as well as our legitimate interest.

g) processing of data for system notifications

By using our services, you are giving your consent to receiving system notifications per email. The provider is SendGrid operated by Twilio Inc., a Delaware corporation, with a place of business at 101 Spear Street, 1st Floor, San Francisco, California, 94105. Those typically include administrative information about your account or profile activity. The system notifications are designed to serve as reminders or helpful tips enhancing your experience on our website. The legal bases for such notifications are Art. 6 (1) b) GDPR to provide you with our services and Art. 6 (1) a) GDPR your consent.

Duration of data storage

We only store personal data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 6 years, irrespective of the processing purposes.

Transfer of personal data

We will not disclose or otherwise distribute your personal data to third parties unless this:

However, we are entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors within the framework of the DPA and GDPR. External service providers support us, for example, in the technical operation and support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfilment of reporting obligations.

The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain in accordance with the DPA and the GDPR responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organizational measures, and additional controls by us.

We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfil our legitimate interests.

Automated decision-making

Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place at RubyChat.

Direct marketing in the context of a customer relationship

We use the data you provide to fulfil and process our contract and to respond to your enquiries in accordance with Art. 6 (1) (b) GDPR or on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.

Your data subject rights

These rights are standardized in the DPA and the GDPR. These include:

Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.

The competent supervisory authority

The Hellenic Data Protection Authority (DPA) is the relevant data protection supervisory authority in Greece. The DPA is located at Kifissias 1-3, PC 115 23, Athens, Greece (www.dpa.gr/en). We would, however, appreciate the chance to deal with your concerns before you approach the DPA.


State-of-the-art internet technologies are used to ensure the security of your data. During the online enquiry process, your details are secured with SSL encryption. For secure storage of your data, the systems are protected by firewalls that prevent unauthorized access from outside. In addition, technical and organizational security measures are used to protect the personal data you have provided against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.

Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so in your account or by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.

Links to other providers

Our website also contains - clearly recognizable - links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.

The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.

Changes and updates to the privacy policy

We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.

Concerns and Contact

If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us.

Who should I contact for more information?

If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us .