Privacy Policy (GDPR)

The website www.ahepahj48.org (“Website”) is committed to protecting your personal data. Therefore, it takes the necessary and proportionate measures to protect, secure, and maintain the integrity and availability of your data.

By using www.ahepahj48.org, you accept the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, you should not use the website. Using our website after any changes to this Privacy Policy means that you accept these changes.

The Data Controller for the data collected and processed under this Policy is the company AHEPA HELLAS TMHMA HJ48 RIGAS FERAIOS VELESTINO based in Velestino, PC 37500, Velestino, Magnesia, Greece, and VAT number 996732851 (hereinafter “the Company” or “we”).

This Policy applies to the Company’s main website, www.ahepahj48.org.

Data We Collect from You

We collect data from you in three cases:

  • When you subscribe to our newsletter and receive informational messages about the company, its products, and services, we collect your email address.
  • When you send us your resume to become a member of our Company. In this case, we collect any personal data you choose to include in your resume.
  • For our members who have already registered as users on our website.

Data We Collect Through Automated Means

When you use our website, your device automatically provides us data, so we can serve and tailor our response to you. The type of information we collect through automated means generally includes technical information about your device, such as the IP address or other device identifier, the type of device you use, and the version of the operating system.

The data we collect may also include usage information and statistical data related to your interaction with the website.

We recommend that you read our Cookies Policy carefully to learn more about Cookies, how they are used, and how you can control their use.

Purpose and Legal Basis for Processing Personal Data

We use data for the following purposes: website operation, improvement of website services, evaluation of candidate members, promotion of informational messages to users. We also collect certain information for the development of statistics related to the use of our website.

The legal bases for processing your personal data under the General Data Protection Regulation (2016/679) are as follows:

  • Contract: Processing is necessary to take steps at the request of the data subject prior to entering into a contract. This legal basis applies to the processing of resumes we receive.
  • Legitimate interest: Processing is necessary for the website to protect its legitimate interests (e.g., to ensure smooth operation and security).
  • Consent: When none of the above legal bases apply, the Website processes personal data of visitors based on their lawful consent (e.g., for sending newsletters).
    Data Retention

We retain your personal data for the following periods:

When you subscribe to our newsletter, we keep the data until you decide to revoke your consent for sending the newsletter, delete your user account, or ask us to delete your data.

When you send us your resume, we keep it based on our Resume Policy to communicate with you.

For data we collect through automated means, please consult our Cookies Policy.

Data Recipients

We transfer your data to third-party data processors when necessary exclusively for the purpose of providing our services. They may need to be available to the Company’s staff and the technical consultants of the Website, the company HELLOBL. The company HELLOBL acts as a Data Processor in these cases.

The Company’s staff has graduated access to personal data, depending on the role and position of each employee in the Company. All persons who have access to your personal data are bound by confidentiality and proper processing rules.

It is noted that your personal data may be disclosed in any case where we are obliged to do so under applicable law or when necessary for our legitimate interests or in the context of processing by our partners or third parties, always ensuring that guarantees for their security and protection are met.

Communication with the Company

Communication with the Company is only through sending a postal letter or email to the addresses listed on the website.

Access to the letters and emails we receive is only granted to our authorized personnel, who are bound by confidentiality clauses or by a regulatory obligation of confidentiality. We retain the letters and messages we receive indefinitely for archival purposes unless you ask us to delete them.

We do not forward messages we receive to third parties without the express consent of the sender.

The exceptions are cases where forwarding to third parties or not deleting emails we receive is necessary to comply with our legal obligations or to establish, exercise, or support legal claims.

We use email service providers based in Greece. Therefore, our emails are subject to lawful access permitted under Greek law.

Technical Measures of the Website

We collaborate with our internet service provider, HELLOBL, to ensure that your personal data is protected. HELLOBL maintains the data of our website within the European space, so the data is governed by European legislation.

HELLOBL operates as a Data Processor for personal data.

Our website uses an encryption system (SSL) to ensure greater security during your navigation.

Our website may include hyperlinks, which redirect to third-party websites. These websites are not under the control of our website and, therefore, we cannot ensure that the personal data protection policy of these websites is consistent with ours. We recommend that you read these websites’ policies and terms and conditions of use carefully.

Social Media

The Company uses social media to promote its activities.

When you use social media to connect with our website, this policy does not apply. Instead, the processing of your personal data is subject to the privacy policy of the respective social media. We advise you to read the privacy policy of social media carefully before using them.

Your Rights

You have the following rights regarding your personal data:

Right to Information

You have the right to be informed about the collection and use of your personal data.

Right to Access

You have the right to receive confirmation from us whether or not personal data concerning you is being processed, and if so, you have the right to access personal data in a brief, comprehensible, transparent, and easily accessible form.

Right to Rectification

You can request, and we will ensure, that without undue delay, we rectify inaccurate or incomplete personal data, among others, through a supplementary statement.

Right to Erasure

You have the right to request us to erase your personal data without undue delay, and we will proceed with the erasure, subject to the conditions set by law.

Right to Restriction of Processing

You have the right to request us to limit processing activities only to specific purposes, subject to the conditions set by law.

Right to Object

You have the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning you. We will no longer subject the personal data to processing unless there are compelling and legitimate reasons for the processing, which override your interests, rights, and freedoms, or for the establishment, exercise, or support of legal claims.

Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, as well as the right to request the transmission of such data to another data controller without objection from us, subject to the conditions set by law.

Right to Human Intervention

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

If you have any questions about the personal data protection policy or want to request clarifications or if you wish to exercise any of your rights, please contact us at info@hj48.gr.

We will respond to your request within thirty (30) days of receiving it. In case an extension of the above deadline is required to investigate and/or process your request, we will inform you, explaining the reasons for the necessary extension of the deadline.

In any case, if you feel that your personal data protection has been violated in any way, you have the right to file a complaint with the Greek Data Protection Authority (www.dpa.gr).

LAST MODIFICATION: 29/12/2023