PRIVACY POLICY

PRIVACY POLICY AND INFORMATION NOTICE ON PROCESSING OF PERSONAL DATA

We welcome you to HELLENIC MINISTRIES, a non-for-profit organization, based in Athens, Greece (12, Lidias str.) The information provided here describes how HELLENIC MINISTRIES and Connected entities, collect information about you, whether you are a member of staff, a volunteer, or a beneficiary. We value your privacy so we would like to outline the way in which your personal data is treated by our organization.

Who collects your personal data and what kind of information we use

Our organization collects personal data under the GDPR (Rule 679/2016) which is the legal framework in the EU. The collected information considered personal data is the information that identifies you personally, along or combined with other information. You, probably, provide us data when you are a beneficiary, apply for a job when you sign a work contract with us, or send us the information for other reasons. In most of the above situations, we will probably collect your e-mail address for marketing purposes. We may, also, collect information like your name, physical address and contact details. At our website www.hellenicministries.org we use a traffic customization application only for statistic reasons (cookies) and the transmission of data from the relevant contact form is subject to the security terms of each application, including how to encrypt them.

We do not collect sensitive information (under the meaning of article 4 GDPR) unless it is given voluntarily. Such information is your medical record when you are a beneficiary. We may use medical or other sensitive personal data, provided by you, to meet your needs under contractual obligations.

Personal Data Processing- Legal Basis      

  • We process your personal data in a framework of a contract with you. That means it is used to carry out the obligations arisen from contractual obligations between us (oral or written). Such data may be collected in case you are a beneficiary, as well.
  • We also collect the information with respect to processing a job application.
  • Information may also be collected in order to comply with legal obligations as those are dictated by national or international law. Such obligations are usually related to accounting, tax, or/and labor authorities.
  • Moreover, we collect and use your personal data in order to be effective when we deal with issues connected to your fundamental rights as an individual. Such data refers to health and safety, the applicable regulation for the technical support as well as the transferor change of personal data related to business matters.
  • We collect your data under your explicit consent for the purposes mentioned above and for the time which is necessary for the completion of any contractual obligations between you and our organization.
  • Lastly, for the protection of goods, individuals as well as the premises, there, probably, is CCTV monitoring in operation in some of our facilities.

In case you are a beneficiary

In case you are a beneficiary, it is important to know that we do not keep, storage or/and process any kind of your personal data except those which are absolutely necessary for the legal reason we have collected them. Always after your given consent and usually, in order to offer assistance (medical, legal, or other). In any case, are valid all your rights as they defined in this Privacy Policy.

Your rights as a Data Subject

Under the GDPR you have specific rights, which HELLENIC MINISTRIES and Connected entities, follow. These are listed below:

  • You have the right to ask the Organization to confirm if we have collected any of your personal data and the way in which it has been used, if applicable.
  • You have the right to ask for a correction or erasure of your personal data
  • You have the right to access/restrict/object to the use of your personal data, in case this data is no longer needed or it is inaccurate.
  • You have the right to withdraw any consent provided to HELLENIC MINISTRIES and Connected entities, along with the right to address a complaint to the supervisory authority.
  • We do not provide your personal information to third parties connected with a contract with the organization.

Transfers and duration of Personal Data in HELLENIC MINISTRIES and other Connected entities

Your personal data collected and stored in our Organization is transferred for contractual or business purposes to related organizations and companies. In case we use your data for the aforementioned reasons we will transfer it, process and store it for the duration of our relationship with you (either as member of staff, member of the board of directors, volunteer, or other). For as long as our relationship with you is valid and in order to fulfill our contractual and legal obligations, we process and store your personal data (in case you are an employee or a beneficiary). So, the duration of the storage and processing of this data may be on a short or long term and basis and it will be used only for the purposes for which it has been collected and processed.

We may share your personal data with organizations, companies, affiliates and other entities that perform services on our behalf. We may disclose personal information, in good faith, in order to comply with the law or the judicial system. It is, also, possible to disclose personal data in order to cooperate with a government investigation, preventing a possible crime (e.g. fraud).

We delete your personal data:

  • When the reason or reasons for which the personal data collected and processed is no longer needed due to the absence of contractual reasons
  • When you withdraw your given consent

Security measures

Our precautions regarding the protection of your personal data are commercially reasonable.  Even if perfect security on the internet doesn’t exist, we follow a strict policy regarding access to personal data by authorized employees only. The precautions and safety measures refer to physical files, containing personal data, as well.

How to Update, access, correct your personal information

 If you would like to access, update or correct your personal data please contact us by sending an e-mail to [email protected]

Please be advised that we will contact you and ask you to verify your identity. We reserve the right to modify our Privacy Policy at any time. Any changes we make to our Privacy Policy will be effective as of the date that policy is posted on our website and it will replace any prior Privacy Policy.

ESPECIALLY FOR CAMERA OPERATION

HELLENIC MINISTRIES keeps a closed-circuit television (CCTV), based on already installed cameras to prevent criminal activity involving persons and facilities. Cameras are also available in conspicuous places to record entry-exit activity in areas of the organization. The image, which concerns persons and their activities, remains in the file for a short period of time (as long as the capacity of the device allows and not more than 10 days) and, in any case, as provided by law (articles 3, 6 and 20 par. 1 of Directive 1/2011 - Principle of Personal Data Protection).

Website: https://hellenicministries.org/policy/

Hellenic Ministries Data Privacy Agreement

 

1. Introduction

This Data Privacy Agreement (“Agreement”) outlines the principles and procedures that Hellenic Ministries follows to protect the personal data of its donors, employees, and partners in compliance with the data protection laws of the United Kingdom, South Africa, Canada, Australia, the United States of America, Greece, and the European Union.

2. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on personal data, such as collection, storage, use, and disclosure.
  • Data Subject: The individual whose personal data is being processed.

3. Data Collection and Use

  • Purpose Limitation: Personal data will be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  • Data Minimization: Only personal data that is necessary for the purposes stated will be collected.
  • Lawful Basis: Personal data will be processed only if there is a lawful basis for doing so, such as consent, contract performance, legal obligation, vital interests, public task, or legitimate interests.

4. Data Subject Rights

  • Access: Data subjects have the right to access their personal data.
  • Rectification: Data subjects have the right to request correction of inaccurate personal data.
  • Erasure: Data subjects have the right to request the deletion of their personal data under certain conditions.
  • Restriction of Processing: Data subjects have the right to request the restriction of processing under certain conditions.
  • Data Portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format.
  • Objection: Data subjects have the right to object to the processing of their personal data under certain conditions.

5. Data Security

  • Technical and Organizational Measures: Appropriate technical and organizational measures will be implemented to ensure a level of security appropriate to the risk, including encryption, access controls, and regular security assessments.
  • Breach Notification: In the event of a data breach, Hellenic Ministries will notify the relevant supervisory authority and affected data subjects without undue delay, in accordance with applicable laws.

6. International Data Transfers 

  • Adequacy Decisions: Personal data will only be transferred to countries that have been deemed to provide an adequate level of data protection by the relevant authorities.
  • Standard Contractual Clauses: Where necessary, standard contractual clauses or other approved mechanisms will be used to ensure adequate protection for personal data transferred internationally.

7. Compliance with Local Laws

Hellenic Ministries seeks to be in compliance with local data privacy laws:

  • UK: Compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
  • South Africa: Compliance with the Protection of Personal Information Act (POPIA).
  • Canada: Compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws.
  • Australia: Compliance with the Privacy Act 1988 and the Australian Privacy Principles (APPs).
  • USA: Compliance with the California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPAA), and other relevant federal and state laws.
  • Greece: Compliance with Law 4624/2019, which implements the GDPR and incorporates Directive (EU) 2016/68012 .
  • European Union: Compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)23 .

8. Changes to This Agreement

Hellenic Ministries reserves the right to modify this Agreement at any time. Any changes will be communicated to data subjects in a timely manner.

9. Contact Information

For any questions or concerns regarding this Agreement or Hellenic Ministries data protection practices, please contact: [email protected]

 

Last modified August 2024