Home Privacy Policy

Privacy Policy

1. Introduction
Whenever an individual person (data subject) comes in contact with PALIRIA SA
(hereinafter “Company”) or uses any of its products / services, discloses to it personal
information and data (hereinafter ‘’Personal Data’’).
This Privacy Policy aims to inform the data subject what personal data (PD) the Company
collects, why PD are collected, what is the legal basis for processing PD and how the data
subject can update, manage, export or delete its own personal information.
Furthermore, this Privacy Policy documents Company’s compliance with the EU’s relevant
legislation and in particular with the General Data Protection Regulation 679/2016 and
Company’s respect for the protection of privacy and security of personal data.
This Privacy Policy applies to personal data provided to or processed by the Company (as
data controller) in the course of its activities.
This Privacy Policy was posted on our website on 27.04.2021 and replaces any earlier post.
It is addressed to a any natural person who has or intends to have any kind of cooperation
with the Company.

2. Information
Further information on the Data Protection Regulation and the terminology used for what
constitutes personal data, what is a data subject or the rights the natural person has, based
on the legislation for the protection and security of such data, can be obtained from the
website of the Greek Data Protection Authority (www.dpa.gr) or by any national Data
Protection Authority (DPA).

3. Who are we
Paliria was founded in 1957, on the island of Evia-Greece as a privately owned business by
the entrepreneur Antonis Souliotis. Its primary purpose was the production and distribution
of traditional ready to eat meals for the Greek and International markets. Paliria S.A.
remained a personal business until 1982, when it acquired the corporate form that has until
This corporate structure gave Paliria a potential that resulted in a leadership position in the
Greek market. In 1989 Palirra began to invest in modern and technologically advanced
facilities and new offices. The project was completed in 1992 with the reallocation of its
In 2000 Paliria established a wholly owned subsidiary, Paliria Bulgaria L.t.d, in order to
invest in a new factory to boost export efforts.
From 2010 and afterwards Paliria shifted even more its focus on exports, leading to a
significant rise in sales and profits in the next years.
Today, Paliria is the leading Greek exporter of ready to eat meals and proudly holds the
position of No 1 Dolma producer in the world and for a good reason. Awards like the Great
Taste Award 2013, 2014 and 2017 (UK) and the Superior Taste Award 2016,2017,2018 and 2019 by the International Taste and Quality Institute-Brussels, justify the popularity of our
Paliria’s products are distributed in more than 60 countries around the globe and total
annual production exceeds 25.000 tons.
Our vision is to become a world class ambassador of Greek and Mediterranean Cuisine for
consumers around the globe.
Our mission is to sustain growth through customer satisfaction, innovation, commitment to
quality and global expansion.
Our management team and staff are committed to this set of values:
– Respect to the tradition of Greek and Mediterranean Cuisine
– Careful selection of Natural Ingredients
– High Quality and Food Safety Standards
– Customer Satisfaction
– Innovation

Respect to tradition
We rely on authentic Greek and Mediterranean recipes to produce our products and offer
consumers worldwide an outstanding homemade Mediterranean food experience.
Quality food is our priority; therefore we use the highest food safety standards and conduct
thorough inspections at every stage of the production process to ensure it. We also select
very carefully our ingredients and their freshness and purity is a constant prerequisite for our

Customer Satisfaction
Paliria sells to distributors, wholesalers, retailers, ethnic food specialists and food service
operators worldwide. Ensuring our customers’ satisfaction is embodied in our values and its
prioritization is reflected in the long lasting relationship we enjoy with partners and
customers. Whether customers are looking for bio, kosher or organic products or even for a
specific recipe we are able to meet perfectly their needs. This is another reason why Paliria
is trusted by numerous reputable retail chains around the world.

We detect upcoming trends and incorporate new ideas in our daily business. We work on
traditional recipes and try to incorporate the most innovative technologies in relation to
packaging in order to give consumers the best products. New technologies also enable us to
produce traditional food on a large scale.


Paliria manages 6 state of the art production facilities, in Greece, Bulgaria, Jordan and China. The total annual production output, is almost near 25,000 tons including a wide range of traditional ready to eat meals and appetizers. Total man power for 2022, exceeds the 2.000 employees.

In our website you can find information about Paliria’s business activities, products and
contact details.

4. What PD are processed
Personal data (PD) means any information that can be used to identify directly or indirectly a
specific individual (data subject).
Company has to process PD (ie collection, recording, organization, storage, use, disclosure
etc of PD) in the context of the efficient performance of business functions and services and,
often, in compliance with relevant legislation and regulations.
The data subject is under no obligation to provide the Company with the personal data, that
may be required, but, in the event of a refusal, the Company may not be able to provide
specific services or respond to the requests of the data subject with consistency, speed and
When the data subject communicates with the Company in the context of a product survey or
contacts the Company, visits Company’s website, asks questions, it may be asked for
relevant personal information (PD such as: name, address, email, telephone number, etc)
depending on the type of cooperation or relationship.
Furthermore, it is likely that the data subject may choose to voluntarily disclose additional
PD (as in the case of sending a CV).
5. How PD are collected
Personal data can be collected (ie processed) through a variety of sources. This includes:
-Personal data that the data subject sends or discloses to the Company directly, (e.g. during
a contact or communication)
– Personal data that the Company collects automatically, (e.g. during Company’s website visit)
– Personal data that the Company collects (processes) from other sources, (e.g. professional
chamber or survey data bases).
– Most of the PD – that Company processes – are voluntary disclosed for one of the following

  1. Interest of the data subject for Company’s products/services.
  2. Information disclosed during communication or contact.
  3. Information from a previous cooperation of the data subject with either the Company or Company’s representative with whom the data subject had communication or cooperation.
  4. The corporate webserver collects automatically information (such as ΙΡ address, browser
    type or operating system) whenever someone visits it or interacts with it. The aim is to
    calculate number of visitors, identify points of interest, check the effectiveness of
    communication etc. The Company does not process geo-positioning data.
  5. The data subject has made an information request, a complaint or enquiry to the Company.
  6. The data subject applied for a job or secondment with Company.
  7. The data subject contacted Company as a representative of an organization.

Personal information can be also disclosed to the Company in the following scenarios:

  1. Collection of personal information as part of an investigation or survey.
  2. Through Company’s partners or cooperating organizations.
  3. A Company’s employee disclosed relevant contact details.
  4. It is likely to use information from advertising networks, customers or third parties, in order
    to inform a potential customer about special services / issues that might be of interest.
  5. The data subject’s personal information is publicly available.
    When a data subject contacts Company, the latter keeps a record of the communication in
    order to resolve the individual may have. The Company does not allow any unauthorized
    entities, especially without the data subject’s consent, to have access to personal data .
  1. How PD are used
    Company processes (i.e. collects, stores, discloses, deletes etc) individual’s personal data
    (PD) only for specific and limited purposes.
    In addition, Company processes the natural person’s personal data when there is a legal
    ground for processing and for the sake of, but not limited to:
  • Process the data subject’s request and ship the product
  • Provide data subject with personalized and updated services/products
  • Contact data subject on opinion survey (opinion can be posted on the corporate website) or
    inform data subject about new services or products that may of interest
  • Process the data subject’s payment or prevent or detect potential frauds
  • Respond to questions or complaints that the natural person has asked
  • Implement the framework of this Privacy Policy
  • Develop and improve the services, communication methods and functionality of corporate
  • Provide personalized communication and targeted advertising. In cases where Company uses personal data for purposes of direct marketing or promotional communication for new services or other offers that the Company believes may be of interest, the data subject can exercise his / her rights (see §9) by informing the Company that he does not wish to receive such messages in the future (see §11 & 14).

7. PD retention period

Company retains personal data of natural persons for only as long as it is required,
depending on the processing scope and as stated in this Privacy Policy.
For example, Company may need to use PD to respond to complaints or queries about a
product or service and may therefore retain personal data for a reasonable period of time
after the end of a cooperation with a natural person (e.g. for the period of potential legal
Company may also need to retain personal data for tax / accounting purposes, (retention
period is defined by legislation relevant to tax / financial investigation authorities).
Personal data that are no longer needed shall be deleted.
In addition, personal data retention period depends on the legitimate basis of data
processing (lawfulness of processing), such as:

  • When processing is necessary for the purposes of the legitimate interests pursued by the
    Company (controller), retention period will be as long as is necessary for the purposes of the
    legitimate interests pursued by the Company, as data controller, and for as long as is sti ll
    required until the lapse of any relevant claims.
  • When the data subject has voluntary disclosed his personal data (eg in a request for
    quotation), PD (both in paper and electronic form) will be retained for as long as there is a
    contractual relationship with the natural person or for as long as the relevant legislation
    imposes or until the consent of the natural person has been withdrawn. In any case,
    Company will retain the data in accordance with the requirements of the relevant legislation
    or until the lapse of any related claims.
  • If the natural person’s consent has been requested for PD processing and there are no other
    legitimate reasons to continue such processing, and the consent of the natural person is
    withdrawn, then personal data will be deleted. However, the e-mail address will be
    maintained to ensure that no message / form is sent to you in the future.
  • When processing is necessary for the performance of a contract to which the data subject is
    party or in order to take steps at the request of the data subject prior to entering into a
    contract; the personal data will be retained for as long as there is a contractual relationship with the natural person or for as long as the relevant legislation imposes or until the lapse of any related claims.
  1. Disclosure of PD Company does not disclose or share PD with any third parties, organizations or individuals,
    for purposes of direct or indirect marketing.
    In the following circumstances Company shares information with third parties: – -Data subject’s consent: Company shares personal information with companies,
    organizations and natural persons when there is a natural person’s explicit consent.
    External processing: Company discloses PD to partners (third parties) who trust, in order to
    process PD for Company’s use (e.g. accounting or IT support); in accordance with the
    Privacy Policy and appropriate confidentiality and security measures, as defined by the EU
    Regulation 679/2016.
    For legal purposes: Company shares PD with competent public authorities, when it is
    reasonably necessary and in order to comply with legislation, regulations, etc.
    In the context of scientific research/survey, the Company can disclose anonymized PD.
    For the purposes of the legitimate interests pursued by the Company, personal data can be
    disclosed to affiliated companies taking all appropriate technical and organizational
    measures for data protection and security.

9. Data subject’s rights
In the context of the Regulation for Data Protection, Company’s customers and other data
subjects (eg employees, suppliers, partners, etc) have the following rights, which should not
be contrary to relevant legislation and regulations.
The rights of data subjects, with respect to personal data protection, are:

  • Right to be informed: Data subject has the right to be provided with clear, transparent and
    easily understandable information about the use of his personal data and rights. This Privacy
    Policy provides relevant information.
  • Right to access and rectification: Data subject has the right to access, correct or update his
    personal data at any time.
  • Right to PD’s portability: Data subject can receive his personal data, which he has provided
    to Company, in a structured, machine-readable and interoperable format, and to transmit it
    to another controller. This right should apply where PD have been provided on the basis of
    consent or in the framework of the performance of a contract.
  • Right to erasure: Data subject has the right to ask Company to erase his personal information in certain circumstances. The exercise of this right can always be done in accordance with legal requirements (e.g. someone cannot ask for PD delete when labor law or tax authorities require to be retained for 7 years).
  • Right to restriction of processing: Data subject has the right to ask Company to restrict the processing of information in certain circumstances, including processing for direct marketing.
  • Right of data subject to submit a complaint to the Hellenic Data Protection
  • Authority, http://www.dpa.gr/ or any national Data Protection Authority about how Company processes his personal data.
  • Right to withdraw consent: If data subject has given consent to processing of PD, then has the right to withdraw his consent at any time (although if he does so, it does not mean that anything Company has done with a valid consent up to that date is unlawful). Data subject can withdraw his consent to the processing of PD at any time by contacting Company, through ‘’Contact Us’’ at Section 14. Section 11 highlights the ways a data subject can exercise his rights.
  1. Company’s obligations
    Accountability is among Company’s obligations with respect the principles of processing PD
    (ie legitimacy, objectivity and transparency, purpose limitation, minimization of PD, accuracy
    of PD, limitation of storage period, security, integrity, and confidentiality).
    Company will only process personal data where there is legal ground to do so. The
    lawfulness of processing is determined according to the scope for which PD are collected
    and used. In any case, the legal ground will be one of the following:
    – Consent: the data subject has given consent to the processing of his or her personal data for
    a specific purpose (eg consent has been given to receive marketing emails). A given consent
    can be withdrawn at any time by submitting an email to “Contact Us’’ (Section 14).
    – For the performance of a contract to which the data subject is party or in order to take steps
    at the request of the data subject prior to entering into a contract.
    – Compliance with legislation: when processing is necessary for compliance with a legal
    obligation to which the Company as controller is subject (eg labor or tax legislation).
    – Company’s legitimate interests: when processing is necessary for the purposes of the
    legitimate interests pursued by the Company as controller; except where such interests are
    overridden by the interests or fundamental rights and freedoms of the data subject. Where it
    is necessary for the Company to understand its customer, promote products/services and
    operate corporate websites and apps efficiently. For example, Company wil l rely on its legitimate interest when the content viewed on sites and apps is analyzed, in order to understand its use. It is also in Company’s legitimate interest to carry out marketing analysis to determine what products and services may be relevant to the interests of its customers and potential customers.

In addition, appropriate technical and organizational measures are implemented in order to
protect both Company and its partners against unauthorized access or alteration, tampering
or destruction of possessed PD.

Data collection, storage and processing practices, including security measures, to protect
against non authorized access to systems, are monitored.
– Access to personal information is limited & controlled, and subject to strict contractual
obligations of confidentiality.
– In case that outside partners (for maintenance or support purposes) have potential access to
PD, certain appendices to the existing cooperation contracts cover the requirements of the
Data Protection Regulation.
Throughout the entire processing cycle of PD (from collection to destruction), appropriate
technical and organizational measures are taken in order to ensure the confidentiality,
integrity and availability of PD. Similar measures are required by third parties handling or
processing PD.

Whereas Company’s products are indented for children under the age of 15; Company does
not knowingly process personal data about children under 15.

  1. Access to data subject’s PD
    Within the scope of the rights granted to the data subject by the Data Protection Regulation,
    the data subject can view and request a correction or limitation of processing or deleting of
    his/her PD, (see in detail natural person’s rights in Section 9)
    The natural person can exercise his/her rights by sending an email to ‘’Contact Us’’ (Section
    14) asking for a Subject Access Request (SAR) form, and submitting the properly filled SAR
    form through the “Contact Us”. Company has to respond to the natural person within one
    month of the receipt of SAR.
  2. Use of Cookies
    The cookie is information, in text file format, which stores at the computer of the data subject
    in order to: Store information about visitor’s preferences, location, equipment etc. Protect visitor’s information against unauthorized access. Maintain certain features of the website. Provide personalized and more efficient ads. Collect tracking data and statistics (google analytics).

Cookies can be stored on the corporate website visitor’s hard disk and can be enabled
(turned on) or disabled (turn off) by the browser settings.
The website visitor (data subject) can learn more about cookies, including the how and what
cookies are set up, by visiting the sites www.aboutcookies.org or www.allaboutcookies.org.

The corporate website uses the following cookies:
Google Analytics ( _ga & _gid)
Google Analytics cookies record, anonymously, how the website is used by the visitor in
order to improve it. These cookies are stored on the hard drive (_ga for 2 years & _gid for 24
hours) to capture information such as the number of visits, duration and visit origin,
improvement of speed and quality of service.
Google Tag Manager (_dc_gtm_UA-55865005-1)
GTM or Google Tag Manager supports optimization of statistical data. In addition, optimizes
tracking data on website conversions in order to feedback to the Google Analytics app user’s
interaction data.
Vendd λειτουργικό cookie ( ASP.NET_SessionId)
This cookie is used by ASPNET for basic website operations and captures visitor
preferences, such as language settings. Disabling this cookie may have unexpected side
effects while browsing. It is deleted by the visitor’s computer at the end of the website tour.
Vendd λειτουργικό cookie (VisitorGUID)
This cookie personalizes the visitor while browsing the corporate website.
Addthis (__atuvc)
A cookie of AddThis to facilitate sharing content (video, photos, blogs, …) in social media.
The cookie’s retention period is set by AddThis.
NOTE: The data subject, even after the initial cookie setting, can change the browser’s
cookie settings for the corporate website, at any time, by visiting the browser settings.

  1. Links to other websites
    Transmitting information via internet is not completely secure. Although Company has take
    all measures to protect personal data, it cannot guarantee the security of any personal data
    sent to corporate website while still in transit and so the data subject provides it at his own
    Where Company provides links to websites of other organizations, this Privacy Policy does
    not cover how that organization processes personal information. Data subjects are
    encouraged to read the privacy notices of the other websites they visit.

  1. Contact Us
    2nd km Psahna – Politika Country Road,
    34 400 Politika Evia, Greece
    Contact Person: Angelina Yolova
    tel +30 22280 24735
    fax +30 22280 24113