Privacy Policy
This Privacy Policy (hereinafter referred to as the “Policy”) describes the way in which the civil non-profit corporation “GET INVOLVED CIVIL NON-PROFIT CORPORATION”, located in Chalandri, Attica, hereinafter referred to as the “Organisation”, operating as a Data Controller, processes the personal data you provide, to participate in actions organized by it and/ or to access educational material it develops, as well as the photographic and video material it collects from the various activities it organizes (hereinafter referred to as “Data”).
The purpose of the Organisation is to organize educational conferences and seminars in any scientific field with the participation of Greek and foreign scientists, as well as to conduct and publish academic research to enhance financial literacy, sustainable development, and AI technologies. In any case, the purpose of Get Involved is non-profit.
Our Organisation makes its best effort to comply with both Greek and European legislation on personal data protection, including Regulation (EU) 2016/679 (hereinafter referred to as “GDPR”), as it stands.
1. What is personal data?
The term “Personal Data” refers to any information relating to an identified or identifiable natural person (subject of data). An identifiable natural person is one whose identity can be verified, directly or indirectly, in particular by reference to an identifier, such as name, identification number, location data, online identifier, or one or more factors that approximate the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.
2. What is Data processing ?
Data processing is any operation or series of operations performed, with or without the use of automated means, on personal data or on sets of personal data, such as collection, recording, organization, structuring, correction, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3. What does the term “Data Controller” mean?
A data controller is a natural or a legal person, a public authority, an agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; when the purposes and the means of such processing are determined by the European or the state (Greek) legislation, the data controller or the specific criteria for its determination, can be provided by the European or the State law themselves.
4. What is “consent”?
Consent consists of any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
5. Data processed by the Organisation
The Organisation, within the scope of its purpose and its activity, collects personal data of its associates, members, and, in general, of natural persons who participate in educational activities it organises. To achieve its purposes, the Organisation processes the following categories of personal data:
- For its volunteers: full name, contact details, such as phone number, residential address, email address, academic level, and/or other information contained in the curriculum vitae they submit to the Organisation, photos they send themselves, as well as photographic and video material collected by the Organisation, during its events.
- For those who benefit from its actions (hereinafter referred to as “beneficiaries”): full name, contact details, such as phone number, residential address, email address, academic level, and/ or other information contained in the curriculum vitae they submit to the Organisation, as well as photos they send themselves or photographic and video material from the various educational events of the Organisation.
- For those who have subscribed to the Organisation’s Newsletter or wish to access its educational material (hereinafter referred to as “Newsletter subscribers”): full name and email address. Newsletter subscription is either upon specific request or automatically by submitting an application to participate in events, organized by the Organisation, or to access educational material it develops and publishes. However, individuals may request removal from the newsletter list at any time without affecting their participation in the Organisation’s events or access to published materials.
- Newsletter subscribers may also disclose the following data on a non-obligatory basis: full name, e-mail address, studies and title of the degree/s, name of University, current occupation, and employer.
6. Purposes of Data Processing by the Corporation
The Corporation processes your Data, according to the present Policy, complying with all obligations prescribed by the relevant legislative framework. The Corporation processes your Data exclusively for the following purposes:
- Recruitment and onboarding of volunteers to the Organisation and organisation of events
- Organisation and management of events and facilitation of connections between beneficiaries and companies
- Distribution of newsletters and educational materials
- Documentation of events and informing the public about the Organisation’s activities
- Coordination of events and issuance of certificates
7. Legal Basis for Processing
Data Category | Purpose of Processing | Legal Basis (Art. 6 (1) GDPR) |
CVs and contact details of volunteers | Recruitment and onboarding of volunteers to the Organisation and organisation of events | Performance of a contract (Article 6(1)(b) GDPR) |
Contact details, CVs and academic information of beneficiaries | Organisation and management of events and facilitation of connections between beneficiaries and companies | Performance of a contract (Article 6(1)(b) GDPR) |
Newsletter subscribers’ name and email address | Distribution of newsletters and educational materials | Legitimate interest (Article 6(1)(f) GDPR) |
Photographs and video recordings from events | Documentation of events and informing the public about the Organisation’s activities | Legitimate interest (Art. 6(1)(f) GDPR) |
Personal data shared with partners (name and email address) | Coordination of events and issuance of certificates | Performance of a contract (Article 6(1)(b) GDPR) |
8. Data retention
The Organisation retains your Data only for as long as necessary to achieve its purposes, as they are analyzed in Section 6, unless an extension of this particular timeframe is deemed crucial, due to legal claims or legal obligations of the Organisation.
9. Your rights
Υοu have the following rights under the GDPR:
- The right to access (Article 15 GDPR): You have the right to request free access to your Data.
- The right to rectification (Article 16 GDPR): You have the right to request the correction of any inaccurate personal data. You also have the right to demand any additions to your incomplete data.
- Τhe right to erasure (“right to be forgotten”) (Article 17 GDPR): You have the right to request the deletion of Data, under certain particular conditions, e.g., when the Data are no longer necessary or in case you have withdrawn your consent or in case you wish to cancel your subscription to the Organisation’s Newsletter after your explicit declaration.
- The right to restriction of processing (Article 18 GDPR): You have the right to request the limitation of your Data processing for as long as the examination of your objections to the processing is pending.
- The right to Data Portability Article 20 GDPR): You have the right to request the transfer of your Data to another controller, if applicable.
- The right to object (Article 21 GDPR): You have the right to object to the processing of your Data, at which point the Organisation will abstain from any processing of your Data, unless there are compelling legitimate grounds for the continuance of the processing, which override your rights. In case you have provided your consent for the collection, processing, and use of your Data, you have the right to revoke, with no retroactive effect, your consent at any time.
In addition, you preserve the right to lodge a complaint in writing regarding the protection of your personal Data with the Ηellenic Data Protection Authority, Kifisias Avenue, 1-3, Postal Code 115 23, Athens, tel: +30 210 6475600, email: contact@dpa.gr.
10. Data disclosure to third parties
In situations where an event of the Organisation is organized in collaboration with another entity, the Organisation has the right to share with its collaborator the data needed to execute and promote an event (e.g., name, surname, email, photographic and video material from the event) or to fulfill contractual obligations.
11. Data Security and Connection to Third-Party Networks
The Organisation implements all necessary technical and organisational measures to ensure the security of your personal data. However, please note that any links from the Organisation’s website or networks operated by the Organisation, including the Google Classroom platform, to any third-party website or network through links, hyperlinks, banners or other means, shall not give rise to any responsibility or liability on the part of the Organisation with regard to the privacy and personal data protection practices adopted by such third-party website or network.
12. Contact Information
For any further information or requests regarding the processing of your personal data, you can contact us at the email address below: a.efstathiadis@getinvolved.gr.
13. Response time to requests
The Organisation responds to your requests without undue delay, and, in any case, within one month from receiving your request. However, there are exemptions, in which the Organisation may need a maximum of two months from the previous deadline to handle your request.
14. Applicable law
The applicable law governing the processing of your personal data is Regulation 2016/679/ΕU (“GDPR”), the Greek Law 4624/2019, as well as any other pertinent piece of legislation, as it is modified and stands today. The competent courts for any possible disputes over personal data are the Courts of Athens.
15. Amendments to the present Policy
The Organisation updates the present Policy whenever it deems it necessary. If there are substantial amendments to this Policy or in the way in which your Data are being processed, there will be an update on the website of the Organisation, which will include the new Policy, before the amendments enter into force, and the Organisation will inform you by any appropriate and punctual means. The Organisation encourages you to visit its website regularly to stay informed about any updates to this Policy.