The Civil Non-Profit Company under the name “Cycladic Identity CIVIL NON-PROFIT COMPANY” (“Cycladic Identity”) is committed to respect and protect your personal data. We understand and take into serious consideration the fact that you are aware of and interested in your personal data and the respective processing carried out with respect to such data.
1. Who is the Controller of your Personal Data and how can you communicate with them?
Controller for the retention, collection, storage and further processing and use of your personal data is the:
“Cycladic Identity CIVIL NON-PROFIT COMPANY”
Registered seat: 8 Aggelou Vlachou str., PC 105 56, Athens, Greece
Tel.: +30 210 7228321-3 (internal 119)
Cycladic Identity, in compliance with the applicable legal framework, has taken all the steps required by implementing the appropriate technical and organizational measures for the lawful retention and further processing and safe storage of your personal data, while it is committed to ensure and protect, by all means, the processing and safe storage of your personal data from the risk of accidental or unlawful loss, breach of security, alteration, unauthorized disclosure of or their otherwise unlawful processing.
For more information, you may contact us via email at: email@example.com.
2. What type of personal data do we process and for which purposes?
Personal Data is all information that identifies you, such as your name, address or email address or your telephone number. Cycladic Identity processes the following personal data and for the below purposes:
2.1. Personal Data which we collect and process on your behalf
- When you register in our website in order to create a personal account: Your name and surname, email address, postal address, contact details (fixed-line or mobile phone number).
- For the purpose of sending our newsletter, when you subscribe to the relevant service: Your name and surname, email address.
- When you participate in the various events and programs organized by Cycladic Identity: Your name and surname, email address, postal address, contact details (fixed-line or mobile phone number)
2.2. Personal Data relating to children
The processing of personal data referring to children is being carried out subject to prior consent or authorization by the parents or the holder of parental responsibility over the child, unless otherwise specified by law. The processing of personal data referring to children takes place when the children participate in the various programmes and events organized for children by Cycladic Identity. For the purposes of the present, children are considered to be those individuals who have not reached the age of 18 years.
2.3. Purposes of Processing
Cycladic Identity collects, retains and processes only those personal data which are limited to what is necessary in relation to the purposes for which the processing is being realized.
We use your personal data for the purposes referenced below:
- For administrative purposes, to achieve the statutory objectives of Cycladic Identity, the implementation of actions, as well as for the purposes of managing the subscriptions you make in order to facilitate your choices and to optimize our services
- For the purposes of direct marketing and/or promotional purposes, such as participation in competitions or in order to send the email that we periodically send to those who have subscribed to our newsletter, as well as, based on your consent, for profiling purposes in order to personalize the products and services provided to you.
Please note that when you subscribe to our newsletter, you declare that you agree to be included in the personalized list of recipients and to receive our newsletter and all the information contained therein. For this purpose we will contact you only via email. In each newsletter, the recipient is given the option to declare that he or she does not want to receive further emails from us (unsubscribe). To do this, click the “Unsubscribe” option included in each email sent to you.
- Where the processing of your personal data is necessary for the purposes of legitimate interests pursued by us or for compliance purposes with national and/or European legislation.
- Where the processing is necessary to protect your vital interests or those of another natural person, as well as where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Cycladic Identity as data controller.
Please note that where the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time, without affecting the legitimacy of the processing based on said consent until the withdrawal thereof. The withdrawal of your consent can be made in writing or via email using the contact details referenced in section 1 above, or if such consent withdrawal relates to the newsletter subscription, via the above-described procedure.
3. How do we collect your personal data?
We collect your personal data, directly from you, when you express your interest in the services, and events of Cycladic Identity, when you participate in courses or other programs, when you register your data online on our website or when you subscribe to our newsletter, as well as when you decide to help us by contributing to our work.
Cycladic Identity also processes your personal data that it receives or which are brought to its knowledge by third parties, either natural persons or legal entities, for the performance of events in which you participate.
4. To whom do we disclose your personal data?
We do not transfer your personal data to third parties, except to those with whom we cooperate and are required to facilitate the provision of our services to you, always under conditions that ensure that your personal data are not subject to unlawful processing, meaning other than the purpose of the transmission thereof in accordance with the above. For instance, we may transfer your personal data to third parties – natural persons or legal entities- that may provide promotional and marketing services on our behalf, to companies responsible for the management and maintenance of our website as well as to companies providing legal, accounting or other services. We inform you that the above categories of recipients of your personal data do not process your data beyond the above mentioned purposes. In any case, Cycladic Identity guarantees that it will not transfer, disclose, provide etc. your personal data to third parties, without your consent, for any purpose or use. However, we reserve the right to disclose information related to you, if we are obliged to do so by the applicable legislation or if such disclosure is required by the competent governmental authorities, administrative authorities or other law enforcement bodies.
In case the transfer of your personal data to a third country outside the European Economic Area (EEA) is necessary, we will always ensure the provision of an adequate level of protection for the processing thereof, by contractually binding our counterparty or partner to whom we disclose your data in order to ensure the same level of protection as that provided in Greece.
5. Storage period of your personal data
We will retain/store the personal data provided by you, only for as long as required to fulfill the purpose pursuant to which you have communicated such information to us and in compliance with the applicable legal provisions.
7. What are your rights with respect to your personal data?
You may exercise the rights referenced below, pursuant to the terms and specific provisions of GDPR:
- Right to access your personal data that we process, as well as other information in relation to the processing thereof.
- Right to rectification of your personal data, in case of inaccurate personal data concerning you or in case you want to update your information.
- Right to object to the processing of your personal data when there is a legitimate interest, including your right to object to the processing of your personal data for promotional purposes.
- Right to obtain restriction of processing of your personal data, which means you may request the restriction of the particular processing, provided that the accuracy of your personal data is contested by you or you have objections for the processing carried out or there is another reason provided for in the relevant Greek or European Legislation on the Protection of Personal Data.
- Right to portability of your personal data, in order to receive your data in case you have provided it to us with your consent, and to use it elsewhere.
- Right to erasure of your personal data without undue delay and subject to your relevant request pursuant to the provisions of the applicable Greek and European Legislation on the Protection of Personal Data.
- Consent withdrawal. Where we process your personal data based on your consent, you also have the right to withdraw such consent at any time and without affecting the legitimacy of processing for the period before the withdrawal of your consent.
- Right to be informed in cases of security breach incidents, where applicable.
Please note that the exercise of these rights is not absolute and may be subject to limitations by law. In any case you have the right to lodge a complaint at the competent Greek independent authority, which is the Data Protection Authority (http://www.dpa.gr/), in case you have further queries on the processing of your personal data or in case of unlawful processing thereof.
For all the above cases, as well as for any further information you may send us an email with your relevant request, at: firstname.lastname@example.org.
8. Security of personal data
We have implemented technical and organizational measures to ensure the lawful collection, processing and effective protection of your data from loss, alteration or unauthorized access by third parties thereto. We have, inter alia, implemented the following technical and organizational measures and procedures to protect your personal data:
- access to your personal data is restricted to the authorized persons
- IT systems used to process the data are only accessible by authorized persons
- access to the abovementioned IT systems is monitored to detect and prevent any unauthorized access
- adoption of specific procedures for the retention of your personal data and the safe deletion/ destruction thereof
Our procedures and security measures we implement are being constantly improved to pace with technological developments.