myAADEapp: Privacy policy

1. Controller

The Independent Authority for Public Revenue (hereinafter IAPR) is the controller of the personal data collected and processed through the myAADEapp application.

The Controller’s contact details are:

Postal Address: 10, Karagiorgi Servias Str., Athens, Postal Code 10184

Telephone: +30 213 162 1000

2. Personal Data We Process

The personal data of natural persons that are processed during the myAADEapp application’s operation are as follows:

I. Through the myAADEapp application, the following data is displayed:

- Full name and TIN.
- Debt details: type of debt, whether or not the debt is settled, overdue balance, total debt amount, installments, payments, bank card details.
- Refund details: refund type, refund amount.
- Request Details: request status, procedure, request submission service, request code, request submission date, request content, documents attached to the request, response of IAPR services to the request, documents attached to the response to the request.
- Appointment Details: appointment date and time, procedure, service, unique appointment number.
- Messages and documents sent through the application My Messages.
- Contact details and IBAN.

ΙΙ. The myWallet service of the myAADEapp application stores the following data:

- Printouts of the Tax Register Details: Surname, Surname (b), First Name, Tax Identification Number, Competent Tax Office, Date of Commencement of Activity and Business Title, Business Status, Address of Business Activity, Book Category, End of Management Period, End of First Management Period, Subject to payment of  VAT, VAT Status, Intracommunity Transactions, business activities, Date and Reason for Cessation of Activity, associated TINs.
- Vehicle Registration Fee Printouts: Vehicle registration number, vehicle type, fee calculation basis, first classification (EU/EEA), TIN, Full name, payment amount, payment deadline.
- Printouts of Public Debt Awareness Certificates: Surname, First Name, Father’s Name, ID number, address, TIN, Competent Tax Office, period of validity, reason for granting the public debt awareness certificate, information about the claim to be collected or the property to be transferred, withholding amount, payment code, applicant details.

- Prints of UPT tax returns: surname, name, TIN, Company Name, Representative, Postal Address, Tax Office, Declaration Number / Year, Number of the Money List, Date of Issue, Notice Number, Settlement Details (Number of Rights, Value of Rights, Principal Tax, Deductions, Amount of UPT, Debt Identity, Payable up to, Installments), Plots and Buildings and Lands Declaration Details.

- Prints of Monthly Tax Account Updates: TIN, Full Name, Debts, Payments, Offsets, Write-offs, Refunds, Balance of Debts out of Adjustment, Balance of Adjusted Debts.

ΙΙΙ.  The myAADEapp application does not collect data from your mobile phone. Depending on the operating system (Apple iOS, Google Android or other) on which the myAADEapp application is installed, it may request access to data and features of your mobile device in order to be installed and function, such as:

- Location data: to use the map with the tax authorities’ location.
- Device storage: to store the printouts of the myAADEapp application’s myWallet service on your mobile device.
- Fingerprint or biometric data: to access the application if you choose to identify yourself in this way.

ΙV. Through the myAADEapp application, the following data is stored:

- Debt payments made through myAADEapp application
- IBAN registered through the myAADEapp application and the date of its modification.

IAPR takes all the necessary technical and organizational measures to ensure the integrity, availability and confidentiality of the data it processes. 

3. Purpose and Legal Basis

The purpose of processing the personal data carried out through the application is to provide digital public services for the optimal service of taxpayers (Article 6, par. 1, point e, of GDPR).

4. Data Retention Time

The data stored in the myAADEapp application’s myWallet service is deleted after the user logs out of the application or after the application is deleted from the user’s mobile device.

5. Data Recipients

Only authorized IAPR personnel have access to the personal data of the myAADEapp application.

6. Transfers to Third Countries

The personal data processed during the myAADEapp application’s operation are not transmitted to a third country or international organization.

7. Rights of Data Subjects

In accordance with the law on personal data protection, when we process your personal data, you have certain rights that we must inform you about. In particular, you have the rights to access your data, to correct it if it is inaccurate or incomplete, to delete it in certain cases (you can read more about the right to delete it here), to object and to limit the processing under conditions.

To exercise your rights or for any other reason regarding the processing of your personal data, you can contact the Independent Data Protection Officer Support Department of IAPR as follows:

a) Online: If you are a registered user of IAPR’s online services, you can submit your request through myAADE portal (choosing Questions to IAPR), selecting the subject category “Personal Data Protection-GDPR.” If you are not a registered user, you can submit your question through the IAPR’s website ( in the Contact section where you will find a Request Submission Form, in which you must select “Personal Data Protection-GDPR” as the subject category.

b) By phone at: +30 213-2113127,29, +30 213-2113130 and +30 213-2113132.

c) By post to the address: IAPR, Independent Data Protection Officer Support Department, 20, Panepistimiou Str., Postal Code 10672, Athens.

8. Right of complaint to the supervisory authority

You have the right to appeal to the Hellenic Data Protection Authority (Α.Π.Δ.Π.Χ.) for issues concerning the processing of your personal data. For the competence of this Authority and how to submit a complaint, you can visit its website (, where detailed information is available.