ICCS – Information on Personal Data Protection

In accordance with Regulation (EU) 2016/679 and the relevant Greek legislation

Since 25.5.2018, the General Data Protection Regulation (EU) 2016/679, also known as GDPR, has been in force, strengthening the framework of protection for data subjects regarding the processing of personal data within the European Union. ICCS, with respect for personal data, complies with GDPR within the scope of its activity and purpose and takes the prescribed technical and organizational measures for the effective protection of personal data, as provided by GDPR and Greek legislation accordingly.

  1. Data Controller – Contact details

ICCS is the Data Controller with the following contact details:

Head Office Address: 42 Patission Str., P.C. 10682
Telephone: +30 210 772-3847 / 1863
E-mail: dpo@iccs.gr

  1. What personal data of mine are collected and how?

The personal data collected and processed by ICCS are only those necessary for each specific and clearly defined purpose and the corresponding legal basis.

Processing refers to the personal data you provide to ICCS in real interactive time when you use our official websites, our services, or interact with us, for example by completing an application or registering, such as:

  • Identity Data (User ID, Full Name, Father’s and Mother’s Name, Photograph, Identity Card or Passport Number, Issuing Authority, Date of Issue)
  • Contact Data (postal address, landline and mobile phone numbers, e-mail address)
  • Demographic Data (Nationality, Citizenship, Date of Birth, Place of Birth, Country of Birth)
  • CV Data

In cases where processing is based on consent, ICCS follows the procedures provided by law for obtaining such consent.

  1. For what purposes is processing carried out and what is the legal basis?

Personal data are collected according to GDPR and applicable law, either at the beginning of your relationship with the Institute or later, and are processed on the following legal bases:

  • Your consent, where required
  • The execution of a contract between us
  • The fulfillment of our legal obligations
  • The protection of vital interests
  • The fulfillment of a duty in the public interest
  • The safeguarding of our legitimate interest

ICCS may process your personal data for the following purposes per legal basis:

With your consent

  • For identification and communication with you

For the fulfillment of contractual obligations

  • In case of concluding a contract with ICCS or during the pre-contractual process
  • For communication during the pre-contractual process or during contract performance

For the fulfillment of our legal obligations

  • Compliance with obligations imposed by applicable law, regarding our personnel
  • Compliance with obligations to disclose data to Public Authorities (Supervisory, Independent, etc.)

For the protection of vital interests

  • To safeguard your or another individual’s vital interests

For the fulfillment of a duty in the public interest

For reasons of our legitimate interest, such as:

  • Development and improvement of our services through your activities and interests
  • Handling your complaints
  • Managing risks from non-compliance with grant agreements
  • Ensuring IT systems’ protection and security
  1. Who are the recipients of my personal data?

Access to your personal data is granted to ICCS staff, within the framework of their duties assigned by ICCS as the Data Controller.

ICCS is obliged or entitled to disclose your personal data to various third-party recipients such as:

  • Public bodies
  • Independent Authorities

always under the condition of respecting confidentiality and secrecy obligations.

  1. How long is my data retained?

ICCS retains your personal data for a period determined by the applicable legal and regulatory framework in each case.

  1. Data logging on our website

Cookies
In certain cases, our website and its pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Their purpose is to make our website more user-friendly, efficient, and secure. Cookies are small text files stored on your computer by your browser.

You can adjust your browser settings to be informed each time cookies are placed and to allow cookies only in certain cases, to exclude acceptance in certain cases or in general, and to enable automatic deletion when closing the browser. If you disable cookies, the functions of this website may be limited.

Cookies required for electronic communication are stored based on Art. 6 para. 1 GDPR. The website administrator has a legitimate interest in storing cookies to ensure technically error-free and optimized services. Other cookies (e.g., analytics cookies) are addressed separately in this Data Protection Statement.

Server log files
The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser automatically communicates to us. The information includes:

  • Browser type and version used
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of server request
  • IP address

These data are not combined with other data sources.

They are recorded based on Art. 6 para. 1 GDPR. The website administrator has a legitimate interest in the error-free technical display and optimization of the website. For this purpose, server log files must be recorded.

  1. How is my data protected?

At ICCS, we work daily to ensure that the personal data we receive:

  • Are lawfully and fairly processed in a transparent manner with respect to the data subject
  • Are collected solely for specific and lawful purposes
  • Are adequate, relevant, and limited to what is necessary
  • Are accurate and kept up to date
  • Are retained only within the prescribed timeframe and no longer
  • Are processed in a manner that ensures their necessary protection
  1. What are my rights?

As a data subject, you have the following rights:

  • Right of access: You may request information and access to your personal data held by us at any time.
  • Right to rectification: You may ask us to correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”): Unless legal provisions require us to retain your data, you may ask us to delete them.
  • Right to data portability: You may request the transfer of your data to another entity.
  • Right to object and restrict processing: You may request the cessation or restriction of processing of your data.
  • Right to withdraw consent: You may withdraw your consent to processing at any time.

ICCS will make every effort to respond to your request without delay and in any case within one month of receipt. This deadline may be extended by two months if necessary, considering the complexity and number of requests. You will be informed of any such extension and the reasons within one month of receipt of your request. If you submitted the request electronically, the response will also be provided electronically, unless you request otherwise.

If ICCS satisfies your request a) for restriction of processing, b) objection to processing, or c) deletion of your data from Institute’s records, and if such data are necessary for the preparation or continuation of a contract, this automatically entails either termination of the respective contract by you or the impossibility of processing your related request.

ICCS has the right to refuse your request for restriction or deletion of personal data if such processing is necessary for establishing, exercising, or defending its legal rights or fulfilling its obligations.

These services are provided free of charge. However, if your requests are manifestly unfounded, excessive, or repetitive, ICCS may either impose a reasonable fee or refuse to respond, after informing you.

  1. Withdrawal of consent

You have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

  1. Data Protection Officer

The Data Protection Officer is ICCS Researcher A, Dr. Dimitris Kalogeras, with the following contact details:

9 Iroon Polytechniou Str., Zografou, Athens
Tel.: +30 210 7721863
E-mail: dpo@iccs.gr

  1. Hellenic Data Protection Authority

You have the right to file a complaint with the Hellenic Data Protection Authority (www.dpa.gr), which is the competent supervisory authority for the protection of fundamental rights and freedoms of natural persons against the processing of their personal data, if you believe your rights are violated in any way.