GEK TERNA Group applies an Integrated Health, Safety, and Environmental Management System in  accordance with ISO 45001:2018 andISO 14001:2015, throughout its range of activities, in order to reduce the negative impact of its operation on the Health and Safety of employees, and the Environment  but also the creation of a positive impact. 

Therefore, GEK TERNA Group is committed to: 

☞ Comply with applicable legal and other requirements. 

☞ Define and review the objectives it has set and 

☞ ensure the necessary resources to achieve the objectives related to the Health & Safety of its employees and the Environment. 

In addition, GEK TERNA Group is committed:  

☞ To prevent injuries, diseases, pandemics and adverse health and safety incidents that that could arise from its operation and activities, to recognize occupational risks, and to minimize their consequences for all its employees. 

☞ To contribute to the prevention and combating of violence and all forms of harassment at work and incidents that occur during work, whether related to it or resulting from it. 

☞ To ensure employee participation in issues related to health and safety at work. ☞ To contribute to the elimination of fatalities and serious injuries as a result of road traffic incidents. ☞ To identify and evaluate the environmental aspects of its activities 

☞ To protect flora and fauna, biodiversity, and ecosystems. 

☞ To reduce the amount of waste generated and ensure in an environmentally sound way its handling and disposal. 

☞ To conserve natural resources through reuse, recycling, recovery of materials and packaging, to reduce pollution and maintain environmental balance. 

☞ To support the procurement of energy-efficient products and services that affect energy performance. ☞ To use energy responsibly in all its operations. 

☞ To support studies that consider the improvement of energy performance. 

☞ To act towards climate change mitigation and adaptation. 

☞ To protect ancient monuments and cultural heritage by adopting environmentally friendly methods and technologies. 

☞ To continually improve the Integrated System in relation to the operating framework within which it operates. 

GEK TERNA Group’s Top Management believes that ensuring the health and safety of employees, protecting  the environment, and using energy responsibly, results from everyone’s collective effort and commitment. 

Last updated: September 2025

Welcome to https://www.gekterna.com/  (hereinafter the “Website”). 

The Website has been created by the company “GEK TERNA S.A.” (hereinafter the “Company”), headquartered in Athens Municipality, on 85, Mesogeion Avenue, PC 115 26, Greece, with the purpose of providing information and services to its visitors/users (hereinafter the “Users”).

The Company acts as the Data Controller of the personal data it collects through the use of the Website, in accordance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter the “GDPR”).

This Policy provides you with information regarding the types of personal data we collect, how and for what purposes we process them, the third parties with whom we may share such data, as well as the rights you have in relation to your data.

What data do we process

The personal data we collect and further process during your browsing of the Website are the following:

• Technical information during your visit to the Website, such as IP address, date and time of visit, browser type and operating system, device model, as well as other information collected through cookies and similar technologies, relating to the analysis of your browsing on the Website. For detailed information about cookies and how to manage them, please refer to the Company’s Cookie Policy, available here. 

Why do we process your personal data and what is the legal basis for processing

In the context of using the Website, the Company processes your data in accordance with the following purposes and legal bases:

• Legitimate Interest

To safeguard and pursue the Company’s legitimate interests, we process the personal data concerning you, as described above, in order to ensure the uninterrupted, proper, and secure operation of the Website, to maintain data backups, and to address issues of business continuity in general.

Furthermore, on the basis of our legitimate interest, we handle any general communication we receive from you, so as to ensure our prompt and effective response to any request or inquiry you may submit through the Website’s contact form or via our other official channels.

• Consent

In addition, if you provide your consent for the use of technologies such as cookies, information about you will be automatically collected in accordance with the Website’s Cookie Policy, for purposes of analysis, personalization, and/or advertising. You may change your cookie preferences or withdraw your consent at any time through the Website’s Cookie Policy.

• Legal Obligation

The Company is required to process your requests relating to the protection of your personal data, and more generally to comply with any personal data requests we may receive from competent police, judicial, or other supervisory authorities.

Who are the recipients of your data

The Company does not disclose your personal data to third parties, except where this is required for the optimal fulfillment of the above processing purposes, and only to the following categories of partners, always under strict confidentiality guarantees (e.g. cooperation agreements/personal data protection clauses) and security measures:

• Website support and management companies.
• Other Group companies with which we cooperate for the fulfillment of the above purposes.
• Any administrative, judicial, or public authority, or generally any legal or natural person to whom the Company may be obliged or entitled to disclose such data by virtue of law or court decision.

The Company has taken all necessary measures to ensure that its staff and partners are specifically authorized for these purposes and are fully bound by confidentiality and the obligations set out in the applicable legislation concerning the collection and further processing of your personal data.

Protection of your data

Our Company has implemented all appropriate organizational and technical measures, in line with technological standards and applicable laws and regulations, to ensure that the processing of personal data, whether carried out by the Company itself or by third parties on its behalf, is lawful, appropriate and secured at a level sufficient to prevent any unauthorized or accidental access, processing, deletion, alteration, or other use thereof.

Retention period of your data

The personal data processed by the Company are retained for as long as is necessary for the fulfillment of each processing purpose. Upon the completion of this period, the data will be deleted, unless otherwise required by law or if necessary for the establishment, exercise, or defense of the Company’s legal claims.

As for the data collected based on your consent, they are retained until you withdraw your consent.

Your Rights

In any case, we would like to inform you that, in accordance with applicable law, you have the following rights, which you may exercise after confirming your identity:

• the right of access to your personal data, as well as to information relating to their processing,
• the right to rectification of inaccurate data and to have incomplete data completed,
• the right to erasure (“right to be forgotten”),
• the right to restriction of processing of your data in the cases explicitly provided for by law,
• the right to data portability in a structured, commonly used, and machine-readable format (e.g. USB), either to you or directly to another controller,
• the right to object to processing based on our legitimate interests, as described above,
• the right to withdraw any consent you may have given, immediately and free of charge, in the manner described above.

To exercise your rights, you may contact us at: dpo@gekterna.com

Contact Information

For any questions, clarifications, or requests regarding the protection of your personal data, you may contact directly the Data Protection Officer (DPO) at:  dpo@gekterna.com 

Right to Lodge a Complaint

If you exercise any of your rights and are not satisfied with the outcome, you have the right to lodge a complaint with the Hellenic Data Protection Authority via its online portal (https://eservices.dpa.gr/).  For more information, you may consult the website of the Hellenic Data Protection Authority (www.dpa.gr). 

What about third-party websites?

The Website provides access to third-party websites through appropriate links. These links are provided solely for the convenience of the Website Users, while the websites to which they refer are subject to their own terms of use and privacy statements. The placement of these links does not imply approval or acceptance of the content of such websites by the Website administrator, who bears no responsibility for their content, their privacy practices, or the accuracy of the materials contained therein.

The Company has no control over third-party websites or their content, whether accessed through this Website or made available on it. Therefore, the Company does not endorse, sponsor, advise, or otherwise accept any responsibility for such websites or their content. Should the User decide to access any of the third-party websites through the Website’s links, they acknowledge and accept that they do so at their own risk.

Further Information

This Privacy Policy applies exclusively to the use of the Website https://www.gekterna.com, which has been created and is managed by GEK TERNA S.A.

For information regarding the processing of personal data carried out by the individual companies of the Group, please refer to their respective privacy policies:

Privacy Policy GEK TERNA

Privacy Policy TERNA

Privacy Notice regarding the operation of a CCTV system

Privacy Notice regarding the operation of a CCTV system

1. Purpose

At GEK TERNA Group we recognize the importance of respecting human rights as the foundation of responsible business behavior and contribution to sustainable development.

The purpose of this Policy, which is based on the guiding Principles of the United Nations on Business and Human Rights, is primarily the voluntary expression of our commitment to respect and uphold internationally recognized human rights, while simultaneously acknowledging the responsibility to identify, assess, manage, and address potential impacts on the rights of stakeholders.

2. Scope of Application
The Policy covers all countries where GEK TERNA Group operates and identifies human rights by categories of stakeholder groups, as follows:

a. Human rights for employees, subcontractors and suppliers:

• The right to fair and favorable working conditions that foster an environment of progress, principles, and meritocracy.
• We provide equal opportunities to all employees. All actions concerning employees, such as promotions, compensation, transfers to other departments, participation in groups, etc., are based solely on meritocratic criteria related to the value, ethics, performance, abilities, achievements, effectiveness, and qualifications of each employee.
• All employees are expected to treat their colleagues and every collaborator fairly and with respect, and not to exclude them from the processes of the Group, as long as they meet the necessary conditions and cooperation requirements.
• The right of everyone to enjoy the highest attainable standard of physical and mental health.
This is ensured through the following systematic actions:
• Implementation of a Certified Occupational Health and Safety Management System based on the international standard ISO 45001, with the adoption of appropriate procedures and allocation of necessary resources to protect every employee.
• Implementation of Safety and Health Plans for all projects and facilities.
• Conducting a Professional Risk Assessment Study based on applicable legislation for all facilities.
• Regular inspections of facilities and construction sites by competent personnel, as well as by safety technicians and occupational physicians, while monitoring compliance with legislation and any required conformity based on changes in the legislative/regulatory framework.
• Targeted training and implementation of Safety Guidelines for the execution of hazardous tasks.
• Systematic implementation of personnel training programs.
• Provision for First Aid in case of injury.
• Consultation with employees for the improvement of each planned action and for the collection of information and experiences.
• Establishment and implementation of a compliance assessment process with legislative and regulatory requirements.
• Implementation of a Policy to combat violence and harassment in the workplace.
• Implementation of a reporting hotline for compliance, health and safety issues, as well as for environmental matters.
• Monitoring of the established Inspection Reports provided by the Labour Inspection Body for controlling the implementation of labor legislation and ensuring both labor rights and the safety and health of employees.
• Preparation of an annual evaluation of suppliers and subcontractors, aiming to provide accurate information in view of new collaborations.
• Implementation and monitoring of processes for determining requirements in terms of protection measures, health, and safety of subcontractors and suppliers.
• Physical security of facilities and control of visitor access, supported by modern electronic means, with the aim of protecting the health and safety of both themselves and employees.
• Continuous contact and information from the Official Public Health Bodies (EODY / WHO) and Health and Safety at Work (SEPE / ELINYAE).
• Preparation of a Written Risk Assessment for crisis management during a pandemic, such as the Covid-19 pandemic.
• Drafting of an Internal Regulation, Protocols, and Operating Instructions for the implementation of measures for the prevention and protection of health against the spread of a pandemic such as Covid-19, under the supervision of the Incident Management Team and the Health and Safety Department.
• Increased presence of doctors, occupational physicians, or nurses whenever necessary.
• Provision of appropriate Personal Protective Equipment to all employees.
• All employees are provided with a contract for additional private Life and Health coverage.
• Ensuring the necessary health and safety equipment for healthcare and technical staff on a case-by-case basis.
• Contributing to the creation of an environment with adequate hygiene conditions, with daily presence of cleaning crews, continuous presence of cleaning staff, waste management, collection and management of any hazardous waste through specialized collection bins, regular checks on the preparation of beverages and fast food items internally, regular inspection and maintenance of refrigeration/heating and natural or artificial ventilation systems.
• Ensuring the readiness of fire safety installations in the workplace and conducting evacuation drills in case of emergency.

The right to be free from discrimination.
• Any form of discrimination based on race, religion, gender, social status, culture, politics, sexual preference, or any other category is not allowed.
• There is full respect and protection for the rights of minorities.
• There is full respect and protection for the rights of women.

The right to freedom of association.
• The right of employees to negotiate collectively is acknowledged.
• The right of employees to negotiate in individual groups is also acknowledged.

The right to be free from forced or compulsory labor.
• We commit to never having and to never allowing forced labor or labor under any conditions, anywhere.
• We base our work relationships on mutual respect, transparency, integrity, and fairness.
• We create the appropriate conditions to express our ideas, beliefs, and opinions in our work environment, encouraging open and two-way communication on any matter related to work and company activities.
• We do not tolerate any form of bullying, harassment, or aggressive behavior in the workplace.

Children’s rights.
• We never employ workers under the age of 18.
• The right of access to safe water for human consumption and sanitary use.

b. Human rights related to customers and end users

The right to privacy.

These are ensured through the following actions:
• Full compliance with GDPR.
• Appointment of a Data Protection Officer (DPO) and the existence of a Data Protection Unit.
• Personal data undergoes lawful, fair, and transparent processing.
• Personal data is collected only for specific, clear, and lawful purposes.
• Personal data must be adequate, relevant, and limited to what is necessary for processing.
• Personal data must be accurate and up-to-date, and efforts should be made to erase or correct it without delay.
• Personal data is kept in a way that the data subject can only be identified if necessary for processing.
• Personal data is processed in a secure manner.
• The data controller is able to demonstrate compliance with the other principles of GDPR (Principle of Accountability).
• Maintenance of backups and security systems.
• Implementation of an Information Security Management System – ISO 27001.

Avoidance of bribery and corruption.

It is ensured through the following indicative measures:
• Implementation of an Anti-Corruption and Bribery Policy.
• Implementation of a Corporate Gifts Policy.
• Implementation of a Donations and Sponsorships Policy.
• Implementation of a Conflict of Interest Policy.
• Installation and implementation of a Regulatory Compliance and Anti-Bribery • Management System according to ISO 37301 and ISO 37001 standards.
• Ongoing education and fostering a culture against bribery and corruption.
• Implementation of a reporting hotline for regulatory compliance, corruption, and bribery issues.
• Establishment of a Regulatory Compliance Unit and a Compliance Committee as independent bodies for monitoring regulatory compliance matters and addressing bribery.

c. Human rights in the local communities of the geographical areas of activity

To ensure the right to a safe, clean, healthy, and sustainable environment in the local communities of the geographical areas of activity, the following actions are taken:
• Conducting an Environmental Impact Assessment for each project to assess its potential environmental effects
• Strict adherence to approved Environmental Conditions to minimize any negative impacts on the environment.
• Implementing an Environmental Management System based on the international standard ISO 14001 to effectively manage environmental aspects and impacts.
• Conducting regular inspections to monitor environmental issues and ensure compliance with environmental regulations.
• Analyzing, assessing, and monitoring any environmental impacts that may arise from the company’s activities.
• Managing waste through licensed companies and collective systems to ensure proper disposal and minimize environmental harm.
• Developing and implementing Emergency Response Plans to effectively handle any environmental emergencies that may arise.
• Education and training of staff on environmental protection.
• Adequate supply of equipment for fire detection/suppression, as well as instruments for measuring and monitoring environmental factors.
• Availability of equipment for containment and cleanup of spills (spill kits, oil collection tanks).
• Implementation of environmental protection measures in accordance with environmental conditions and legal requirements.
• Analysis and assessment of environmental issues and impacts, and implementation of relevant monitoring programs.
• Identification of interests of environmental organizations for each project through the implementation of the Risk Assessment Process and development of an action plan if required.
• Development of Corporate Social Responsibility actions for the benefit of local communities.
• Publication of an Annual Corporate Responsibility – Sustainable Development Report (ESG).
• Monitoring changes in each legislative framework.
• Operation of a dedicated department for monitoring and renewing environmental permits.

Respect for the rights of local communities.

To ensure the respect of the rights of local communities, the following actions are taken:
• Monitoring the interests of the local and wider community to understand their needs, concerns, and priorities.
• Managing issues of interest through effective communication channels, including engagement with local media to address any concerns or provide updates on relevant matters.
• Drafting a Corporate Social Responsibility Report that outlines the company’s activities and initiatives related to local communities and their well-being. This report is then posted on the company’s website to ensure transparency and accountability.

3. Policy harmonization.

The policy is based on the United Nations Guiding Principles on Business and Human Rights, taking into account the following:
• The Universal Declaration of Human Rights of the United Nations.
• The International Covenant on Civil and Political Rights of the United Nations.
• The International Covenant on Economic, Social and Cultural Rights of the United Nations.
• The United Nations Guiding Principles on Business and Human Rights.
• The United Nations Global Compact Principles.
• The Declaration of the International Labour Organization(ILO) on Fundamental Principles and Rights at Work.
• United Nations Resolution 46/7 on Human Rights and the Environment.
• The voluntary commitments of the Management for safety and human rights.

4. Roles and responsibilities

Τhe Division of Corporate Social Responsibility and Sustainable Development of the General Division of Strategic Communication and Sustainability collaborated with the Division of Health, Safety and Environment, the Division of Human Resources, the Regulatory Compliance Unit and the respective Compliance Committee in drafting and finalizing the present Policy.

The policy is submitted for approval to the ESG Committee of the Board of Directors. The Human Resources Department is responsible for monitoring compliance with the Human Rights Policy and conducting periodic reviews.

Mechanism for complaints and grievances.

The Human Rights Policy is covered by the complaints and grievances mechanism of the Company’s Regulatory Compliance Unit, which is available at the following link.: https://gekterna.integrityline.com/frontpage .

The fundamental principles and values adopted by GEK TERNA Group, in conjunction with our beliefs, our corporate culture, our business ethics and primarily our voluntary ethical and compliance commitments are crucial pillars of our operations.

In this context, the established Purchasing Policy reflects and reinforces these principles and creates an agreed and transparent operating and behavioral framework with all our partners, subcontractors and suppliers.

Based on the Policy, we expect all our suppliers, partners and subcontractors to operate and behave based on the following principles, values and commitments:

• Respect for Human Rights
• Protection of the Environment
• Protection of the Environment
• Promotion of Health and Safety at Work
• Quality of products and services
• Meritocracy and Transparency / Anti-corruption
• Employment is freely chosen
• Respect to freedom of association
xChild labor shall not be used
• Living wages are paid
• Working hours are not excessive
• No discrimination is practiced
• Regular employment is provided
• No harsh or inhumane treatment is allowed
• Incidents of violence and harassment are not allowed
• Confidentiality and Personal Data Protection
• Fair Competition
• Tackling with climate change

Purchasing policy

The fundamental principles and basic conditions to protect Data and Systems from threats and breaches, to create a digitally secure work, investment and development environment, are reflected in the Information Security Policy of the GEK TERNA Group.

Information Security is an absolute priority and an explicit commitment for GEK TERNA Group.

We have adopted a security framework which includes a long list of technical, administrative and organizational protection measures. In compliance with the European Data Protection Regulation (GDPR) monitoring newer regulatory frameworks such as NIS2 and AI Act and based on International Standards such as ISO 27001 and ISO 22301, as well as internationally recognized best practices and advanced technologies, we implement Policies and Procedures that ensure the integrity, confidentiality and availability of our data.

The security measures cover both the protection perimeter within the Group and its environment. They include – among others – organization with specialized staff with many years of experience, access management to data and systems, staff training and awareness, as well as assessment of the level of security of our partners and suppliers to manage threats, while in addition there are institutionalized speaking bodies for instant digital transformation and IT security decisions.

At the same time, we implement continuous preventive monitoring of information systems and infrastructures and prepare regular resistance tests with the aim of immediately identifying and managing any incident before it turns into a threat. Through the most modern and valid tools and technologies, which are constantly upgraded, we ensure that any attempted breach or malicious activity is detected and dealt with in a timely manner.

The “management commitment” that we apply in practice is one of the main factors to ensure the desired result, thus actively supporting the existing security framework, as well as any action to upgrade it, so that we continue to be at the forefront of a continuous digital transformation.

The Information Security Policy is accompanied by the following policies, which shape the data and systems security framework:

• Remote Access
• Classification of Information
• Acceptable use of IT resources
• Password management
• Integration of New IT Applications
• Access to third parties outside the Group
• Security logic management
• Change management
• Security exceptions
• Update management
• Event recording of equipment, applications & networks
• Backups
• Proper use of the workplace
• Security incident management
• Information security audit & testing

At GEK TERNA Group we are committed to consistently ensuring the uninterrupted operation of our services and activities, fully understanding the responsibility towards our professional obligations.

The Business Continuity Policy is designed to:

• Minimize the impacts of events and activities that may affect the continuity of our operations.
• Ensure the timely recovery of critical processes and the smooth return to normal.
• Protect critical data as well as the integrity of our systems.

Our Strategy is based on:

• Analysis and assessment of risks in matching with appropriate countermeasures
• Development, implementation and regular revision of integrated Business Continuity Plan, certificated to the Standard of ISO 22301.
• Training and raising awareness of our staff for effective crisis management.
• Definition and training of working groups and crisis management.
• Performing regular tests of our Plan to ensure its effectiveness and our readiness.

With this policy, we ensure that we are prepared to respond effectively to any challenge with professionalism, responsibility and reliability.