For further information, you can contact us at: email@example.com
1. Data Controller
Data controller of the Website (pursuant to art. 26 GDPR) is Corallia Unit of the Research Center Athena Research and Innovation Center in Information, Communication and Knowledge
Technologies whose registered office is situated at Kifissias Ave. 44, Maroussi (Hereinafter referred to as “Data Controller”).
2. How we collect your personal data
We collect personal data both directly and indirectly:
Directly: we obtain personal data directly from individuals in a variety of ways, including but not limited to the following cases: a) an individual registers via MS Forms to attend in meetings (physical or online) and events we host and during attendance at such events; b) an individual subscribes to our newsletter; c) we establish cooperative relationships with an individual.
Indirectly: we obtain personal data indirectly about individuals from a variety of sources, including
a) our networks and contacts; b) social and professional networking sites (e.g., Facebook, Instagram, LinkedIn, YouTube, Twitter).
3. What types of data do we collect?
The personal data that the Data Controller collects, and processes fall primarily within the following categories: some of these categories may not concern you to the extent that the type and number of the necessary collected personal data depend in any case on the capacity of the data subject, i.e., if the subject is a participant or simply a candidate participant. These data fall into the following categories:
- contact details (name/ surname, e-mail address, street address, mobile phone number);
- personal information (company name, position in the company);
- videos and photos (from people that attend our events, courses, etc).
Where appropriate we may also ask your interests and motivation for supporting Corallia, we will never make this question mandatory, and only want to know the answer if you are comfortable providing us with that information. In limited circumstances, the personal information that Corallia collects may include information that is considered “sensitive data”. This may include personal information regarding health and If you are under sixteen (16) you should ask permission of a parent or guardian before sending personal or sensitive information to anyone online.
4. What we do with your personal data
We process your personal data with the purpose of:
- Disseminating the results of our projects to several types of stakeholders;
- Sending invitations and providing access to guests attending our events, workshops and webinars;
- Administering, maintaining, and ensuring the security of our information systems, applications, and websites;
- Processing online requests/ queries and responding to communications from individuals;
- Complying with contractual, legal, and regulatory obligations;
- Conducting research (e.g., interviews, surveys).
5. How we secure your personal data when we process it
We continuously apply a personal data risk assessment process to identify, analyse, and evaluate the security risks that may threaten your personal data. Based on the results of this risk assessment, we define and apply a set of both technical and organisational measures to mitigate the above security risks, including but not limited to:
- Data Protection Policies to guide our personnel when processing your data;
- Written contracts with organisations that process personal data on our behalf;
- Non-Disclosure Agreements with our personnel;
- Back up process, antimalware protection, access control mechanisms, etc.
- Our partners have appointed a Data Protection Officer.
6. Do we share personal data with third parties?
We may occasionally share personal data with trusted third parties to help us deliver efficient and quality services. When we do so, we ensure that recipients are contractually bound to safeguard the data we entrust to them before we share the data. We may engage with several or all the following categories of recipients:
- Parties that support us as we provide our services (e.g., cloud-based software services such as Dropbox, Microsoft SharePoint, Google Drive);
- Our professional advisers, including lawyers, auditors, and insurers;
- Dissemination services providers (e.g., Mailchimp);
- Law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with applicable law or regulation;
7. Do we transfer your personal data outside the European Economic Area?
We do not own file servers located outside the European Economic Area (EEA). However, some partners may use cloud and/ or marketing services from reputable providers such as SharePoint, Dropbox, Mailchimp, Google, etc., situated both inside and outside the EEA. We always check that such providers comply with the relevant GDPR requirements before start using their services.
- cookies to improve site performance;
- cookies for anonymous traffic statistics;
- cookies for Google Advertising Features.
Then we provide detailed information on each of these types of cookies.
9. How long do we retain personal data?
We retain personal data to provide our services, stay in contact with you, and comply with applicable
laws, regulations, and contractual obligations to which we are subject. Any personal information
gathered, regarding the visitors to this website are kept only for a certain period of time and then
10. What are your rights regarding the protection of your personal data?
You have the following rights regarding our processing of your personal data:
- Right of information – You can request to be informed about the categories of your personal data that we store and process, where they come from, the purposes of their processing, the categories of their recipients, the period of their storage as well as about your relevant rights (right of access).
- Right to withdraw consent – You can withdraw consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing conducted before you withdraw your consent.
- Right of access – You can ask us to verify whether we are processing personal data about you and if so, to have access to a copy of such data.
- Right to rectification – You can ask us to correct our records if you believe they contain incorrect or incomplete information about you or ask us to erase your personal data after you withdraw your consent to processing by providing any necessary supplementary documentation that justifies the need for rectification or completion.
- Right to erasure – You can demand the erasure of your personal data from the Data Controller’ records under certain circumstances, such as in case these data are no longer necessary or you have withdrawn your consent, or in case the data have been unlawfully processed etc.
- Right to restriction of processing – You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction.
- Right to data portability – In some circumstances, where you have provided personal data to us, you can ask us to transmit that personal data (in a structured, commonly used, and machine-readable format) directly to another entity.
- Right to object – You can object to our use of your personal data for direct marketing purposes, including profiling or where processing has taken the form of automated decision-making. However, we may need to keep some minimal information (e.g., e-mail address) to comply with your request to cease marketing to you.
- Right to Complaint – You have the right to lodge a complaint with the Hellenic Data Protection Authority (1-3 Kifissias Ave., 115 23 Athens, Tel: +30 2106475600) in case you consider that your rights are in any way violated. For the Authority’s competence as well as the way to lodge a complaint you can find detailed in-formation on its website (www.dpa.gr – Individuals – Complaint to the Hellenic DPA).
You can read the General Policy of Personal Data (GDPR) at the following link: gdprinfo.eu.
Please note the following as regards your rights:
- The Data Controller preserve in any case the right to deny your request for restriction of processing or erasure of your data, if their processing or storage is necessary for the establishment, exercise or defence of its legal rights or the fulfilment of its obligations.
- The right to data portability (point of above) does not include the erasure of your data from the Data Controller’ records. The erasure is regulated under point e above.
- The exercise of these rights is valid for the future and does not affect any previous data processing.
11. How can you exercise your rights?
For the exercise of your rights, you may send an email to firstname.lastname@example.org. In this framework and to facilitate the Data Controller in examining your request, you are kindly asked to specify which of your right(s) you are exercising. The Data Controller shall use their best endeavors to address your request within thirty (30) days of its receipt. The abovementioned period may be prolonged for sixty (60) more days, if deemed necessary, according to the Data Controller’ judgment and considering the complexity of the issue and the number of the requests. The Data Controller shall inform you within thirty (30) days of the request’s receipt in any case of prolongation of the abovementioned period. The abovementioned service is provided by the Data Controller free of charge. However, in case the requests manifestly lack foundation and/or are repeated and excessive, the Data Controller may, after informing you, impose a reasonable fee or refuse to address your request(s).
12. Data Protection Officer
You may contact Corallia’s Data Protection Officer for any matter regarding the processing of your personal data at the address 44 Kifissias Ave. Maroussi or by sending an email to email@example.com.
13. Disclaimer of liability for third party websites
We do not knowingly collect, use, or disclose information from children under the age of sixteen (16). If we learn that we have collected the personal information of a child under sixteen (16) we will take steps to delete the information as soon as possible. Please immediately contact us if you become aware that a child under sixteen (16) has provided us with personal information.
15. Amendments of this Information
The present Information may be periodically amended so that it is always compliant with the legal requirements and the actual data processing taking place. In case there are significant important amendments, you will be notified accordingly by any appropriate means, indicatively by a relevant notification on the website www.corallia.org. It is recommended that you regularly check the website www.coralllia.org where this notice is available to be informed on its most recent / updated version in case there are minor amendments.
Do you have an incident to report? Please submit it here .
This Information was updated on 10.10.2022 and is always available on the Website www.corallia.org.