Back to News

Our compliance procedure

We are happy to inform you that Stergiou Limited and are in the final turn to conclude compliance with the new European regulation on data protection, i.e. the General Data Protection Regulation, with effect from 25 May 2018.

Data protection, security, and privacy are very important to us.

The compliance procedure includes several steps, divided into three phases, and we follow the GDPR Compliance Toolkit provided by the Publishers Association. The Toolkit has been developed by for the Publishers Association by law firm Harbottle & Lewis together with technology consultancy Stigmergist, offers a full practical guide for publishers, outlining what they need to do to comply with the new regulations before they apply from 25 May 2018. 

Stergiou, a member of the Publishers Association, is close to the end of the second phase, and now we are beginning the third phase, i.e. implementation.

Among our obligations is the regular updating of all our customers, suppliers, and counterparts, including our employees, about the new regulation.


During this procedure, please keep in mind the following:

  • You have the right to unsubscribe and ask for the deletion of your data from the first email. We will delete your data; you will not receive the following communication. Of course, you can return as a new customer/supplier, or open a new account at a later date.
  • Each email will ask you to agree, disagree, give your consent, etc. If we do not receive any response within five business days of sending each email, we will assume that we do not have your consent, and all your data and history will be automatically, securely, and permanently deleted after 25 May 2018. 

Our plan

Between now and 25 May, we will be sending you several emails, and it is a good opportunity to unsubscribe or ask us to delete your personal details from the first email if you like.

Within our emails, we are obliged to inform you about:

  • The new regulations.
  • Our updates on all policies and notices.
  • Which personal data we are keeping, for how long, and where.
  • Your rights, according to the regulation. For example, the new regulation requires that you have complete control over your data. This means that you must have access to your data and that you can update or delete it.
  • Our obligations and all changes in our IT systems, security, policies, and notices.
  • The relevance of your data, and the retention period. We cannot retain irrelevant data, and we must define a retention period. After this period, data will be securely and permanently deleted unless you request otherwise by accessing your data profile.
  • The introduction of a new and specific policy about how we obtain your data, and how often we must ask you to update and confirm your data.
  • The creation of a new legal and GDPR centre for your information. We have constantly updated the content, adopting all legislation amendments. Note that GDPR compliance does not have a deadline of 25 May. According to the law, it is an ongoing procedure.
  • An invitation to confirm your data, open an account to access and manage your data, and change all your communication and other preferences.

The list of the changes we have to complete by the 25 May is very long, and we must fully complete it for your protection.

However, we need your cooperation and patience. We understand that a large number of emails is frustrating. Thus, we are grouping the required communications to keep the amount of necessary communication to a minimum.

Next steps - future emails & communication

This communication was an introductory email, but a significant one.
We have planned the following emails between now and the 24 May:

  1. An explanation, in easy words and human language, of the new regulation. We will also attach links to official information and the relevant website section. This email will also include a Q&A section.
  2. What type of data we have, why, how we have obtained it, and where it is kept. Also, we will inform you about the Personal Data Manager and all security measures for your data, our policy and steps in case of data breaches, and much more. Note that, according to our policy, we never buy or transfer our data to and from third parties, and we do not keep and record payment details or IPs.
  3. An invitation to confirm your consent, renew your subscription to our mailing list (newsletters), update your details and preferences.
  4. An invitation to open your account with Without an account, you cannot have access to your personal data and keep total control. Note that after opening your account with one click, you can always delete or change your preferences. So far, opening an account has been optional for you to place an order. Now, an account is obligatory.
  5. An invitation to agree or disagree with our new policies and the overall changes.
  6. Possibly, we will have to send you one more email if there is a legislative amendment or update that requires new communication with you.

We will guide you step by step. No action is required unless we ask for.

Thanks for understanding and your cooperation.

Leonidas Stergiou
Founder and Director
Stergiou Limited