loader image

Privacy policy

WEBSITE PERSONAL DATA PROTECTION POLICY

I. INTRODUCTION

1. General

Respect for your privacy and the management, protection, and security of your personal data are a priority for HELLENIC SCRIPTURE UNION , hereinafter referred to as the “HSU”.
The HSU. has established this data protection policy, which also includes the cookies policy as a single text and an integral part thereof (hereinafter the “data policy” or the “policy”), with the aim of informing you about the type of data that we collect or generate about you when you visit or communicate with our website (hereinafter the “website”).

This policy concerns the collection and processing of your data, the way such data is processed and its recipients, your rights and choices with regard to your personal data, as well as how you may contact us about any issue that may concern you in relation to your personal data.

2. Amendments

This edition was updated on 01/11/2019. This policy replaces all previous notices that we may have provided in the past regarding our information practices.

This data protection policy is governed by the relevant provisions of both Greek and EU law on the protection of individuals with regard to the unlawful processing of personal data. Specifically, it is governed by Regulation (EU) 679/2016 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter “GDPR”), the decisions, regulatory acts and opinions of the Hellenic Data Protection Authority (hereinafter “H.D.P.A.”) and any other relevant legislation which does not conflict with the GDPR.

Any future change to the above regulatory framework will be the subject of this policy. Therefore, we reserve the right to change this policy and to apply any change to your data and to our practices regarding its processing, in accordance with legal provisions, and/or to amend or replace all or part of this policy at our absolute discretion.

If there are substantial changes to this policy or our practices regarding your data change in the future, we will notify you by publishing the changes on our website.
However, should you wish any clarification or information regarding the changes, or if you have any disagreement, reservation or question relating to such changes, you may contact us using the details set out in the section below. Please note that any information/clarification provided to you in accordance with the above, regarding any possible changes to this policy, does not constitute a replacement, substitution or amendment of this policy.

In order to use our electronic services, it is necessary to read and accept this policy by means of the opt-in method. If you do not agree with this policy, you must refrain from any action or use of the website, or from sending correspondence, and especially from providing personal data.
In any case, for any information or clarification you may contact us and, in any case, you have the right to exercise your rights which are analysed and described in Section V below.

3. Content

This data protection policy includes:

  1. Information about the controller of your personal data, as well as our contact details for any matter relating to your data.
  2. The type of data we process and the methods of processing.
  3. The purpose of processing your personal data and the legal basis for the processing.
  4. What security measures we take to protect your data.
  5. The period for which we retain your data.
  6. Your rights and how you may access them, as well as your choices regarding the processing of your data.
  7. The protection and storage of your data by the HSU.

pastedGraphic.png

II. CONTROLLER OF PERSONAL DATA PROCESSING

1. Who is the Controller

The Controller of your personal data is HELLENIC SCRIPTURE UNION, having its registered office in Kifissia, 77 Levidou Street, Postal Code 14563, TIN 090114534, Kifissia Tax Office, telephone +30 210 8013504 and website https://hsu.gr

(hereinafter the “HSU”).

2. Who is the Data Protection Officer

The HSU has appointed a Data Protection Officer, whose contact details are: [email protected]. 

You may address the Data Protection Officer in order to raise any issue that concerns you regarding your personal data. Our Data Protection Officer is always available to provide you with clear explanations and to receive your comments related to your personal data.

3. Questions and Comments

You may contact us using the contact details mentioned above and submit your comments, questions, observations or any complaints you may have regarding this policy and the processing of your personal data in general.

You have the right to submit any complaint regarding issues of protection of your personal data that may arise from their processing by the HSU to the Hellenic Data Protection Authority, which is the supervisory authority in our country. You will find relevant details at the following link: www.dpa.gr

However, we consider it our obligation and duty to address any concerns you may have regarding your personal data which we process, and we will therefore be glad if you contact us.

pastedGraphic.png

III. COLLECTION AND PROCESSING OF DATA

1. WHAT data we collect about you and HOW we collect it

When you browse our website and when you use the email address published on it, we collect various types of personal data about you, either directly from you, or from third parties, or by automated means, such as indicatively:

  • Identity data, which you provide to us when sending us email correspondence.
  • Contact data, which you also provide to us when sending email correspondence, and which concern your email address and any other contact details you disclose in your email (landline or mobile telephone number, fax, business or home address, etc.).
  • Any other data that forms the content of your email correspondence to us.
  • Technical data, such as your Internet Protocol (IP) address, login data, browser type and version, operating system and platform, and other technology on the devices you use to access our website, etc.
  • Data via cookies: number of visits to the website, length of stay, visitor interaction with the website (see the Cookies Policy for details).

We do not knowingly collect any information from any person under sixteen (16) years of age. Our services are intended exclusively for persons who are at least sixteen (16) years old or older. If you are under sixteen (16) years old, do not use our website and, in particular, do not provide us with any information about yourself, including your name, address or your contact details (telephone, email, etc.).

If we find that we have collected or received personal data from a minor under sixteen (16) years of age, we will delete it immediately, unless consent or approval has been given by a parent or guardian. If you believe that we may have information from or about a minor under sixteen (16) years of age, please contact us.

Data collected directly from you

We collect directly from you the following personal data:

  • When you use the website’s email address or contact form, you provide us with your full name, the email address from which you sent us the message, the date and time on which you sent it, and the content of your message.

Data and information collected by automated means

We collect by automated means the following data and information about you:

  • Through the use of cookies and other similar technologies, we collect and/or generate data regarding your preferences, such as the search terms you have entered or the links you have clicked within the website, the form you use, etc.
  • Data regarding the devices through which you visit our website, such as your IP address, login data, browser type and version, operating system and platform and other technology on the devices you use to access our website, etc.
  • Data regarding the page from which you linked to our site and the page to which you moved when you left.

2. HOW and WHY we use your personal data

All of the above personal data, which, as mentioned, you either provide to us or is generated by automated means, is used by us for the following legitimate purposes.

Please note that if EU or national law restricts or prohibits certain actions of the HSU. for which we use your data, we will cease using your personal data for those purposes.

In particular, your personal data is used by us for the following purposes:

  • For the management of electronic communication with you and any matter you raise through it.
  • For the creation, storage and maintenance of a database containing our customers and potential customers.
  • For sending you commercial communication via newsletter, SMS or other multimedia, relating to updates on activities and news of the HSU.
  • For optimising and tailoring your experience on our website.
  • For other purposes for which we will notify you, or which will be specified, as the case may be, at the point where your information is initially collected.

The legal basis for processing the personal data concerning you is your consent, which we always request before processing your personal data (Article 6 §1(a) GDPR), as well as our legitimate interest in monitoring our communication with visitors to our website, which prevails over your interests and fundamental rights (Article 6 §1(f) GDPR).

pastedGraphic.png

TABLE: PERSONAL DATA, PURPOSES AND LEGAL BASIS

A / Website electronic correspondence archive

Personal Data Processed

  • Full name
  • Email address
  • Message content and any personal data you disclose to us through it

Purpose of Processing

  • Communication with customers, potential customers and website visitors

Legal Basis for Processing

  • Your consent (Article 6 §1(a) GDPR), which you submit to us electronically using the opt-in method
  • The legitimate interest of the company (Article 6 §1(f) GDPR), consisting in monitoring communication with customers, users and visitors of the website

pastedGraphic.png

B / Cookies

Personal Data Processed

  • moove_gdpr_popup

Purpose of Processing

  • Storage of cookie preferences

Legal Basis for Processing

  • Your consent (Article 6 §1(a) GDPR), which you submit to us electronically via the opt-in method or through your browser settings

pastedGraphic.png

3. To whom we DISCLOSE your personal data and WHY

As a rule, the HSU does not disclose your personal data to third parties, with the exception of the administrator of this website. The administrator of our website processes your personal data on behalf of the HSU and under our instructions. As such, the administrator bears the capacity of a processor, pursuant to Articles 4(8) and 28 GDPR, and has concluded a private agreement with the HSU which sets out the terms and conditions of processing and protection of your personal data, as well as his responsibilities towards the HSU and towards you.

We reserve the right to disclose your personal data to a third party to whom we may choose to transfer all or part of the HSU Furthermore, in the event of a merger or acquisition or any other change in the HSU, the new owners, shareholders, managers, etc., shall have the right to use your personal data in the same way as defined in this policy.

Your stored data may be disclosed to the competent judicial, police and other administrative authorities, following a lawful request and in accordance with the applicable legal provisions. Moreover, in the event of a lawful order, official mandate or formal preliminary investigation, the HSU is obliged without further ado to make the relevant data available to the competent authority.

pastedGraphic.png

IV. PROTECTION AND MANAGEMENT OF YOUR PERSONAL DATA

1. SECURITY of your personal data

We implement appropriate technical and organisational measures to protect the personal information we maintain from unauthorised disclosure, use, alteration or destruction. We use encryption and, where appropriate, other technologies that can contribute to safeguarding the information you provide to us.

In particular, the data you submit to the company via email is processed by four employees who are authorised for this purpose. These employees possess professional qualifications that provide sufficient guarantees in terms of technical knowledge and personal integrity for maintaining the appropriate security of your personal data. The company, through the corresponding contractual commitments of its employees, takes all necessary measures for the physical and legal protection and for ensuring the confidentiality and integrity of your personal data.

In any case, the security of such data in the environment of the website is subject to factors beyond its sphere of influence, as well as factors attributable to technical or other failures of the network not controlled by the company, or to force majeure or random events.

2. RETENTION period of your personal data

We will retain your personal data for as long as you continue to interact with us and for as long as necessary to fulfil the purposes for which we collected and process it, as described in detail above, or for the period during which liability may arise from such processing, in accordance with applicable legislation.

In addition, we retain your personal data until you withdraw the consent you have given us or until you object to its processing by us, where such processing is based on our legitimate interest.

In determining the retention period of your personal data, we take into account the nature of your data, its volume, the purpose of processing, its security, etc. In any case, the personal data we receive via your email correspondence is deleted after the expiry of five (5) years from the receipt of each email message.

We reserve the right, in certain cases, to anonymise your data for research or statistical purposes, in which case it is no longer associated with an identifiable person. We therefore reserve the right to use this information for an indefinite period. In any event, your data is stored securely.

3. TRANSFER of your personal data to THIRD COUNTRIES

The company as a rule maintains your personal data within the European Economic Area (EEA). In the event that data is to be transferred to third countries outside the EEA for which there is no adequacy decision by the European Commission, or to international organisations, all appropriate safeguards provided for in the applicable legislation on the protection of personal data concerning transfers to third countries will be taken, and the relevant information will be posted on the company’s website.

pastedGraphic.png

V. YOUR RIGHTS AND CHOICES

With regard to your personal data which we hold and process, you have the following rights:

  1. To request access to your data so that you may confirm that we process it in accordance with the law and/or your own instructions and preferences.
  2. To request that we correct incomplete, outdated or inaccurate data we hold about you. Likewise, we also reserve the right to ask you at regular intervals to update your details.
  3. To request that we erase your data, provided that we are not legally obliged to do otherwise.
  4. To request that we restrict its use under certain conditions.
  5. To object to its use under certain conditions.
  6. To withdraw your consent regarding its use.
  7. To request data portability, under certain conditions.
  8. To request that your data not be used for direct marketing purposes.
  9. To lodge a complaint with the Hellenic Data Protection Authority.

To exercise your rights, you may contact the Data Protection Officer whose details are mentioned above (or, if a Data Protection Officer is not appointed, you may contact the company using the contact details mentioned above).

To exercise your rights regarding the use of cookies and other similar technologies, you may go to the cookie settings in your browser account and select the privacy-processing options you desire.

The above rights are exercised free of charge; however, where your right is exercised abusively, we may request a fee, in accordance with the conditions laid down by law. In any case, we respond to your requests within one month, except in exceptional cases where the response time to your request may be longer, in which case you will be notified in good time.

Your rights are described in more detail in the following table:

pastedGraphic.png

Access (Article 15 GDPR)

You may ask us to:

  • Confirm whether we process your personal data.
  • Give you access to any data that you do not already have at your disposal.
  • Provide you with other information about your personal data, such as which data we have, why we use it, to whom we disclose it, whether we transfer it abroad and how we protect it, how long we keep it, which rights you have, how you can submit a complaint, and from where we obtained your data, to the extent that such information has not already been provided in this Policy.

pastedGraphic.png

Rectification (Article 16 GDPR)

You may ask us to correct inaccurate personal data.
We may seek to verify the accuracy of the data before correcting it.

pastedGraphic.png

Erasure (Article 17 GDPR)

You may ask us to erase your personal data:

  • at any time when it is no longer needed for the purposes for which it was collected, or
  • when you unsubscribe from the online store (in which case it will in any event be deleted immediately), or
  • when it has been unlawfully processed.

We are not required to comply with your request to erase your personal data if the processing of your personal data is necessary:

  • to comply with a legal obligation, or
  • for the establishment, exercise or defence of legal claims.

pastedGraphic.png

Restriction (Article 18 GDPR)

You may ask us to restrict (i.e. to keep but not use) your personal data when:

  • its accuracy is contested (see Rectification), so that we can verify its accuracy, or
  • the processing is unlawful, but you do not wish the data to be erased, or
  • it is no longer necessary for the purposes for which it was collected, but we still need it for the establishment, exercise or defence of legal claims, or there is another lawful purpose or legal basis for processing, or
  • you have objected to processing based on our legitimate interest (Article 6 §1(f) GDPR) and you wish us not to process it, other than storing it, until we have ruled on your objection.

pastedGraphic.png

Portability (Article 20 GDPR)

Where processing is based on consent and is carried out by automated means, you may ask us to provide your personal data in a structured, commonly used and machine-readable format.
However, by law, this right only concerns data provided by the data subject itself and not data derived by the controller on the basis of the data provided by the data subject.

pastedGraphic.png

Objection (Article 21 GDPR)

You may object at any time to any processing of your personal data, for reasons related to your particular situation, where the legal basis for the processing is the legitimate interest of the company or the performance of a duty carried out in the public interest.

Withdrawal of consent (opt-out)

You have the right to withdraw your consent where consent is provided as the legal basis for processing. The withdrawal applies for the future.

Supervisory authority

You have the right to lodge a complaint with the supervisory authority regarding the processing of your personal data, namely with the Hellenic Data Protection Authority (www.dpa.gr).

Identity

We take very seriously the confidentiality of all records containing personal data and we reserve the right to ask you for proof of your identity if you submit a request concerning such records.

Costs

We will not charge you for exercising your rights in relation to your personal data, unless, as provided by law, your request for access to information is manifestly unfounded or excessive, in which case we may charge a reasonable fee under the specific circumstances. We will inform you of any charges before completing your request.

Timelines

Our goal is to respond to any valid request no later than one (1) month from its receipt, unless it is particularly complex or you have submitted several requests, in which case we aim to respond within three months. We will inform you if we need more than one (1) month, for the reasons mentioned above.

We may ask you to let us know exactly what you wish to receive or what precisely concerns you. This will help us to process your request more quickly.

In any case, you must provide specific and true information and/or facts so that we can respond and/or satisfy your request accurately; otherwise, we reserve the right with respect to any errors that may fall outside our control. The HSU may also reject requests that are unfounded or excessive or abusive or made in bad faith or generally unlawful, in accordance with legal provisions.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.