This Policy describes how the Hellenic Professionals Informatics Society (HePIS) (together “HePIS” or “we”) collect and process data which identify individuals (“Personal Data”) of users of our services (“Users”, “you”), and your associated rights. This Policy applies to HePIS products and services, including websites operated by HePIS. Your privacy is extremely important to us and we are committed to offering you a safe and hassle-free experience while visiting our websites and using our services.
1. How We Collect and Use Personal Data
We may collect and/or process your Personal Data only as stated in this Policy, for the purposes described below.
HePIS was established in 2006 and since then, more than 25.000 people have taken part in its initiatives. Moreover, it has a network of 3.500 registered members.
It has operated many projects aimed at fostering youth employability, enhancing gender equality, increasing awareness of the ICT sector and creating opportunities for undeserved and marginalized social groups.
HePIS may need to collect and process Personal Data (including name, address, email address, phone number and other information) in the context of the following activities where there are specific target groups involved (including but not limited to: students, youth, socially vulnerable groups, unemployed people, women, teachers, trainers):
• EU, EEA and nationally (co-)funded projects
• Projects (co-)funded by philanthropic foundations or other private entities
• Privately funded training activities of all types, including the Coding Bootcamps being organized in the framework of the Alliance for Digital Employability
We may disclose Personal Data to third parties in the following circumstances:
• if we have obtained your consent to do so
• when we are required by law or court order, or by a regulatory or governmental authority legally authorized to request such disclosure
• if required to protect the rights, property or safety of HePIS and/or its business partners.
We use MailChimp, a US-hosted third-party provider to send and manage our email communications which is certified as adhering to the EU-US Privacy Shield.
We do not sell, share, rent, forward, exchange or otherwise pass on any Personal Data to third parties, other than in the specific circumstances described above.
If you have opted in to receiving marketing communications, we may occasionally contact you via electronic means (e.g. email, SMS, telephone) to inform you of new products and services, and other HePIS developments. You have the option of opting out of such communications at any time, by using the “unsubscribe” links in the communications or by contacting us at email@example.com.
From time to time HePIS may run surveys, polls and similar initiatives (“Surveys”), to request information from Users to assist us to improve our products, services and operating practices. Participation in Surveys is always voluntary, and Personal Data provided in Survey responses will always remain strictly confidential. The results of Surveys may be aggregated and anonymized, and such anonymized information may be shared with third parties.
We also use Google Analytics to improve the content and functions of our websites (by collecting information about how visitors use the sites), and the Google AdWords service to provide you with customized advertisements that suit your interests and preferences. Google anonymously collects information such as age, gender, geographical location, webpage views and visits to other websites, including using cookies. You can manage cookie preferences through your Google account, by going to Google Account Settings and editing your preferences. To opt out of being tracked by Google Analytics, you can visit the relevant Google page.
2. Services to Children
Where the User of our services is a child below the age of 16 years, we will request consent for the collection and processing of Personal Data from a holder of parental responsibility over the child.
3. Retention of Personal Data
Where retention of Personal Data is required by law, HePIS complies with required retention periods. In other circumstances, HePIS retains Personal Data for as long as necessary for the business purposes set out above.
4. Cross-Border Transfer
We aim to comply with the data protection law in all countries where we do business, including the laws of the European Union. We transfer Personal Data across borders in accordance with applicable law. When we transfer or store Personal Data of EU residents outside the European Economic Area, we do so in compliance with the applicable EU laws on data.
You have the right to access, correct or delete your Personal Data. However, you acknowledge and accept that upon deletion of specific Personal Data several services provided by HePIS may not be available. Under EU law, you have certain rights of portability of your Personal Data to other service providers. To exercise these rights, please email firstname.lastname@example.org.
6. Data Security and Integrity
We use appropriate technical and organizational measures to protect Personal Data from unauthorized use, access, disclosure, alteration or destruction. These precautions include physical, electronic and managerial procedures in compliance with the ISO 27001 international information security standard.
8. Third-Party Sites and Services
HePIS websites contain links to third party websites. HePIS is not responsible for the privacy practices or the content of any third-party websites or services.
9. Amendments to Policy
We may revise this Policy to reflect changes in HePIS products and services or the law, or for other reasons. If we make any material change to this Policy, we will notify you by email. You will be bound by any changes to this Policy when you use HePIS services after we have provided notice of such changes.
10. Questions and Complaints
If you have any questions or complaints relating to this Policy, or your Personal Data that HePIS holds, please email email@example.com. You also have the right to complain to the data protection authorities in your country regarding the processing of your Personal Data, to the extent provided by applicable law (e.g. the EU General Data Protection Regulation or relevant privacy laws of other countries).