Privacy Policy

Privacy Policy

  1. Introduction
    Whenever an individual person (data subject) comes in contact with PALIRIA SA
    (hereinafter “Company”) or uses any of its products / services, discloses to it personal
    information and data (hereinafter ‘’Personal Data’’).
    This Privacy Policy aims to inform the data subject what personal data (PD) the Company collects, why PD are collected, what is the legal basis for processing PD and how the data subject can update, manage, export or delete its own personal information.
    Furthermore, this Privacy Policy documents Company’s compliance with the EU’s relevant legislation and in particular with the General Data Protection Regulation 679/2016 and Company’s respect for the protection of privacy and security of personal data. This Privacy Policy applies to personal data provided to or processed by the Company (as data controller) in the course of its activities.
    This Privacy Policy was posted on our website on 27.04.2021 and replaces any earlier post.
    It is addressed to any natural person who has or intends to have any kind of cooperation
    with the Company.
  2. Information
    Further information on the Data Protection Regulation and the terminology used for what
    constitutes personal data, what is a data subject or the rights the natural person has, based
    on the legislation for the protection and security of such data, can be obtained from the
    website of the Greek Data Protection Authority ( or by any national Data
    Protection Authority (DPA).
  3. Who are we
    Paliria was founded in 1957, on the island of Evia-Greece as a privately owned business by the entrepreneur Antonis Souliotis. Its primary purpose was the production and distribution of traditional ready to eat meals for the Greek and International markets. Paliria S.A. remained a personal business until 1982, when it acquired the corporate form that has until today. This corporate structure gave Paliria a potential that resulted in a leadership position in the Greek market. In 1989 Paliria began to invest in modern and technologically advanced facilities and new offices. The project was completed in 1992 with the reallocation of its operations.
    In 2000 Paliria established a wholly owned subsidiary, Paliria Bulgaria Ltd., in order to
    invest in a new factory to boost export efforts.
    From 2010 and afterwards Paliria shifted even more its focus on exports, leading to a
    significant rise in sales and profits in the next years.
    Today, Paliria is the leading Greek exporter of ready to eat meals and proudly holds the
    position of No 1 Dolma producer in the world and for a good reason. Awards like the Great Taste Award 2013, 2014 and 2017 (UK) and the Superior Taste Award 2016,2017,2018 and 2019 by the International Taste and Quality Institute-Brussels, justify the popularity of our dolmas.
    Paliria’s products are distributed in more than 60 countries around the globe and total
    annual production exceeds 25.000 tons.
    Our vision is to become a world class ambassador of Greek and Mediterranean Cuisine for consumers around the globe.
    Our mission is to sustain growth through customer satisfaction, innovation, commitment to quality and global expansion.
    Our management team and staff are committed to this set of values:
    – Respect to the tradition of Greek and Mediterranean Cuisine
    – Careful selection of Natural Ingredients
    – High Quality and Food Safety Standards
    – Customer Satisfaction
    – Innovation

Respect to tradition
We rely on authentic Greek and Mediterranean recipes to produce our products and offer
consumers worldwide an outstanding homemade Mediterranean food experience.

Quality food is our priority; therefore, we use the highest food safety standards and conduct thorough inspections at every stage of the production process to ensure it. We also select very carefully our ingredients, and their freshness and purity are a constant prerequisite for our suppliers.

Customer Satisfaction
Paliria sells to distributors, wholesalers, retailers, ethnic food specialists and food service
operators worldwide. Ensuring our customers’ satisfaction is embodied in our values and its prioritization is reflected in the long-lasting relationship we enjoy with partners and
customers. Whether customers are looking for bio, kosher or organic products or even for a specific recipe we are able to meet perfectly their needs. This is another reason why Paliria is trusted by numerous reputable retail chains around the world.

We detect upcoming trends and incorporate new ideas in our daily business. We work on
traditional recipes and try to incorporate the most innovative technologies in relation to
packaging to give consumers the best products. New technologies also enable us to produce traditional food on a large scale.


Paliria manages 6 state of the art production facilities, in Greece, Bulgaria, Jordan and China. The total annual production output, is almost near 25,000 tons including a wide range of traditional ready to eat meals and appetizers. Total workforce for 2022, exceeds the 2.000 employees.

In our website you can find information about Paliria’s business activities, products and
contact details.

  1. What PD are processed
    Personal data (PD) means any information that can be used to identify directly or indirectly a specific individual (data subject).
    Company has to process PD (i.e. collection, recording, organization, storage, use, disclosure etc. of PD) in the context of the efficient performance of business functions and services and, often, in compliance with relevant legislation and regulations.
    The data subject is under no obligation to provide the Company with the personal data, that may be required, but, in the event of a refusal, the Company may not be able to provide specific services or respond to the requests of the data subject with consistency, speed and quality.
    When the data subject communicates with the Company in the context of a product survey or contacts the Company, visits Company’s website, asks questions, it may be asked for relevant personal information (PD such as: name, address, email, telephone number, etc.) depending on the type of cooperation or relationship.
    Furthermore, it is likely that the data subject may choose to voluntarily disclose additional PD (as in the case of sending a CV).
    5. How PD are collected
    Personal data can be collected (i.e., processed) through a variety of sources. This includes:
    -Personal data that the data subject sends or discloses to the Company directly, (e.g. during
    a contact or communication)
    – Personal data that the Company collects automatically, (e.g. during Company’s website visit)
    – Personal data that the Company collects (processes) from other sources, (e.g. professional chamber or survey data bases).
    – Most of the PD – that Company processes – are voluntary disclosed for one of the following reasons:
  1. Interest of the data subject for Company’s products/services.
  2. Information disclosed during communication or contact.
  3. Information from a previous cooperation of the data subject with either the Company or Company’s representative with whom the data subject had communication or cooperation.
  4. The corporate webserver automatically collects information (such as ΙΡ address, browser type or operating system) whenever someone visits it or interacts with it. The aim is to calculate number of visitors, identify points of interest, check the effectiveness of communication etc. The Company does not process geo positioning data.
  5. The data subject has made an information request, a complaint or enquiry to the Company.
  6. The data subject applied for a job or secondment with Company.
  7. The data subject contacted Company as a representative of an organization.

Personal information can be also disclosed to the Company in the following scenarios:

  1. Collection of personal information as part of an investigation or survey.
  2. Through Company’s partners or cooperating organizations.
  3. A Company’s employee disclosed relevant contact details.
  4. It is likely to use information from advertising networks, customers or third parties, to inform a potential customer about special services / issues that might be of interest.
  5. The data subject’s personal information is publicly available.
    When a data subject contacts Company, the latter keeps a record of the communication to resolve the individual may have. The Company does not allow any unauthorized entities, especially without the data subject’s consent, to have access to personal data.
  1. How PD are used
    Company processes (i.e., collects, stores, discloses, deletes etc.) individual’s personal data (PD) only for specific and limited purposes.
    In addition, Company processes the natural person’s personal data when there is a legal ground for processing and for the sake of, but not limited to:
  • Process the data subject’s request and ship the product.
  • Provide data subject with personalized and updated services/products.
  • Contact data subject on opinion survey (opinion can be posted on the corporate website) or inform data subject about new services or products that may of interest
  • Process the data subject’s payment or prevent or detect potential frauds
  • Respond to questions or complaints that the natural person has asked
  • Implement the framework of this Privacy Policy
  • Develop and improve the services, communication methods and functionality of corporate websites.
  • Provide personalized communication and targeted advertising. In cases where Company uses personal data for purposes of direct marketing or promotional communication for new services or other offers that the Company believes may be of interest, the data subject can exercise his / her rights (see §9) by informing the Company that he does not wish to receive such messages in the future (see §11 & 14).
  1. PD retention period

Company retains personal data of natural persons for only as long as it is required,
depending on the processing scope and as stated in this Privacy Policy.
For example, Company may need to use PD to respond to complaints or queries about a
product or service and may therefore retain personal data for a reasonable period of time
after the end of a cooperation with a natural person (e.g. for the period of potential legal
Company may also need to retain personal data for tax / accounting purposes, (retention
period is defined by legislation relevant to tax / financial investigation authorities).
Personal data that are no longer needed shall be deleted.
In addition, personal data retention period depends on the legitimate basis of data
processing (lawfulness of processing), such as:

  • When processing is necessary for the purposes of the legitimate interests pursued by the Company (controller), retention period will be if is necessary for the purposes of the legitimate interests pursued by the Company, as data controller, and for as long as is still required until the lapse of any relevant claims.
  • When the data subject has voluntary disclosed his personal data (e.g. in a request for quotation), PD (both in paper and electronic form) will be retained for as long as there is a contractual relationship with the natural person or for as long as the relevant legislation imposes or until the consent of the natural person has been withdrawn. In any case, Company will retain the data in accordance with the requirements of the relevant legislation or until the lapse of any related claims.
  • If the natural person’s consent has been requested for PD processing and there are no other legitimate reasons to continue such processing, and the consent of the natural person is withdrawn, then personal data will be deleted. However, the e-mail address will be maintained to ensure that no message / form is sent to you in the future.
  • When processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; the personal data will be retained for as long as there is a contractual relationship with the natural person or for as long as the relevant legislation imposes or until the lapse of any related claims.
  1. Disclosure of PD Company does not disclose or share PD with any third parties, organizations or individuals, for purposes of direct or indirect marketing.
    In the following circumstances Company shares information with third parties: Data subject’s consent: Company shares personal information with companies,
    organizations and natural persons when there is a natural person’s explicit consent. External processing: Company discloses PD to partners (third parties) who trust, in order to process PD for Company’s use (e.g. accounting or IT support); in accordance with the Privacy Policy and appropriate confidentiality and security measures, as defined by the EU Regulation 679/2016.
    For legal purposes: Company shares PD with competent public authorities, when it is reasonably necessary and in order to comply with legislation, regulations, etc.
    In the context of scientific research/survey, the Company can disclose anonymized PD. For the purposes of the legitimate interests pursued by the Company, personal data can be disclosed to affiliated companies taking all appropriate technical and organizational measures for data protection and security.
  1. Data subject’s rights
    In the context of the Regulation for Data Protection, Company’s customers and other data
    subjects (e.g. employees, suppliers, partners, etc.) have the following rights, which should not be contrary to relevant legislation and regulations.
    The rights of data subjects, with respect to personal data protection, are:
  • Right to be informed: Data subject has the right to be provided with clear, transparent, and easily understandable information about the use of his personal data and rights. This Privacy Policy provides relevant information.
  • Right to access and rectification: Data subject has the right to access, correct or update his personal data at any time.
  • Right to PD’s portability: Data subject can receive his personal data, which he has provided to Company, in a structured, machine-readable, and interoperable format, and to transmit it to another controller. This right should apply where PD have been provided on the basis of consent or in the framework of the performance of a contract.
  • Right to erasure: Data subject has the right to ask Company to erase his personal information in certain circumstances. The exercise of this right can always be done in accordance with legal requirements (e.g. someone cannot ask for PD delete when labor law or tax authorities require to be retained for 7 years).
  • Right to restriction of processing: Data subject has the right to ask Company to restrict the processing of information in certain circumstances, including processing for direct marketing.
  • Right of data subject to submit a complaint to the Hellenic Data Protection
  • Authority, or any national Data Protection Authority about how Company processes his personal data.
  • Right to withdraw consent: If data subject has given consent to processing of PD, then has the right to withdraw his consent at any time (although if he does so, it does not mean that anything Company has done with a valid consent up to that date is unlawful). Data subject can withdraw his consent to the processing of PD at any time by contacting Company, through ‘’Contact Us’’ at Section 14. Section 11 highlights the ways a data subject can exercise his rights.
  1. Company’s obligations
    Accountability is among Company’s obligations with respect the principles of processing PD (i.e. legitimacy, objectivity and transparency, purpose limitation, minimization of PD, accuracy of PD, limitation of storage period, security, integrity, and confidentiality). Company will only process personal data where there is legal ground to do so. The lawfulness of processing is determined according to the scope for which PD are collected and used. In any case, the legal ground will be one of the following:
    – Consent: the data subject has given consent to the processing of his or her personal data for a specific purpose (e.g., consent has been given to receive marketing emails). A given consent can be withdrawn at any time by submitting an email to “Contact Us’’ (Section 14).
    – For the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
    – Compliance with legislation: when processing is necessary for compliance with a legal obligation to which the Company as controller is subject (e.g. labor or tax legislation).
    – Company’s legitimate interests: when processing is necessary for the purposes of the legitimate interests pursued by the Company as controller; except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Where it is necessary for the Company to understand its customer, promote products/services and operate corporate websites and apps efficiently. For example, Company will l rely on its legitimate interest when the content viewed on sites and apps is analyzed, to understand its use. It is also in Company’s legitimate interest to carry out marketing analysis to determine what products and services may be relevant to the interests of its customers and potential customers.

In addition, appropriate technical and organizational measures are implemented in order to protect both Company and its partners against unauthorized access or alteration, tampering or destruction of possessed PD.

Data collection, storage and processing practices, including security measures, to protect
against non-authorized access to systems, are monitored.
– Access to personal information is limited & controlled, and subject to strict contractual
obligations of confidentiality.
– In case that outside partners (for maintenance or support purposes) have potential access to PD, certain appendices to the existing cooperation contracts cover the requirements of the Data Protection Regulation.
Throughout the entire processing cycle of PD (from collection to destruction), appropriate technical and organizational measures are taken in order to ensure the confidentiality, integrity and availability of PD. Similar measures are required by third parties handling or processing PD.

Whereas Company’s products are indented for children under the age of 15; Company does not knowingly process personal data about children under 15.

  1. Access to data subject’s PD
    Within the scope of the rights granted to the data subject by the Data Protection Regulation, the data subject can view and request a correction or limitation of processing or deleting of his/her PD, (see in detail natural person’s rights in Section 9) The natural person can exercise his/her rights by sending an email to ‘’Contact Us’’ (Section 14) asking for a Subject Access Request (SAR) form, and submitting the properly filled SAR form through the “Contact Us”. Company must respond to the natural person within one month of the receipt of SAR.
  2. Use of Cookies
    The cookie is information, in text file format, which stores at the computer of the data subject in order to: Store information about visitor’s preferences, location, equipment etc. Protect visitor’s information against unauthorized access. Maintain certain features of the website. Provide personalized and more efficient ads. Collect tracking data and statistics (google analytics).

Cookies can be stored on the corporate website visitor’s hard disk and can be enabled
(turned on) or disabled (turn off) by the browser settings.
The website visitor (data subject) can learn more about cookies, including the how and what cookies are set up, by visiting the sites or

The corporate website uses the following cookies:
Google Analytics ( _ga & _gid)
Google Analytics cookies record, anonymously, how the website is used by the visitor in
order to improve it. These cookies are stored on the hard drive (_ga for 2 years & _gid for 24 hours) to capture information such as the number of visits, duration and visit origin,
improvement of speed and quality of service.
Google Tag Manager (_dc_gtm_UA-55865005-1)
GTM or Google Tag Manager supports optimization of statistical data. In addition, optimizes tracking data on website conversions in order to feedback to the Google Analytics app user’s interaction data.
Vendd λειτουργικό cookie ( ASP.NET_SessionId)
This cookie is used by ASPNET for basic website operations and captures visitor
preferences, such as language settings. Disabling this cookie may have unexpected side
effects while browsing. It is deleted by the visitor’s computer at the end of the website tour.
Vendd λειτουργικό cookie (VisitorGUID)
This cookie personalizes the visitor while browsing the corporate website.
Addthis (__atuvc)
A cookie of AddThis to facilitate sharing content (video, photos, blogs, …) in social media.
The cookie’s retention period is set by AddThis.
NOTE: The data subject, even after the initial cookie setting, can change the browser’s
cookie settings for the corporate website, at any time, by visiting the browser settings.

  1. Links to other websites
    Transmitting information via internet is not completely secure. Although Company has taken all measures to protect personal data, it cannot guarantee the security of any personal data sent to corporate website while still in transit and so the data subject provides it at his own risk.
    Where Company provides links to websites of other organizations, this Privacy Policy does not cover how that organization processes personal information. Data subjects are encouraged to read the privacy notices of the other websites they visit.
  1. Contact Us
    2nd km Psahna – Politika Country Road,
    34 400 Politika Evia, Greece
    Contact Person: Angelina Yolova
    [email protected]
    Tel +30 22280 24735 fax +30 22280 24113