INFORMATION NOTE ON THE PROTECTION OF PERSONAL DATA
Subject of the Personal Data Protection Information Notice
The Hellenic Institute of Byzantine and Post-Byzantine Studies of Venice, hereinafter referred to as “the Institute”, located in Venice, Italy, at 3412 Castello Street, P.C. 30122 , in its capacity as Data Controller, collects and further processes your personal data only if absolutely necessary, for explicit and legitimate purposes, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter “GDPR”), Law 4624 /2019 and Law 3471/2006 as applicable.
This notice aims to inform users of this website https://istitutoellenico.org/el/home-2/ (hereinafter the “website”) about the processing of their personal data.
Definitions
For the purposes of this Policy, the following terms have the following meanings:
“Personal Data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one whose identity can be verified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
‘special categories of personal data‘ means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership, as well as the processing of genetic data, biometric data for the purpose of positive identification, data concerning health or data concerning the sex life of a natural person or sexual orientation.
‘processing‘ means any operation or set of operations which is performed, whether or not by automated means, on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
‘controller‘ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, or the specific criteria for their appointment may be provided for by Union or Member State law. For the purposes of this Policy, the Institute shall act as a Data Controller.
“Processor“: the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
‘Data Subject’: the natural person whose personal data are processed, e.g. trainees, partners, employees, etc.
‘Consent‘: of the data subject: any freely given, freely given, specific, explicit and informed indication of intent by which the data subject signifies his or her agreement, by a statement or by a clear affirmative action, to the processing of personal data relating to him or her.
“Existing Legislation“. 4624/2019, Law 3671/2006, the case law of the Court of Justice of the European Union (hereinafter “CJEU”) as well as the Decisions, Directives and Opinions of the European Data Protection Board (hereinafter “EDPS”) and the European Data Protection Authority (hereinafter “DPA”).
Personal data collected and processed by the Institute
Data collected by the Institute through the website https://istitutoellenico.org/el/home-2/ (hereinafter the “website”)
The following data is collected and processed when browsing and using the Website:
Register of researchers
Categories of Personal Data | Purpose | Legal Basis | Lead time | Recipients |
Identification data (e.g. full name, nationality, date and place of birth, ID card number) Contact data (e.g. telephone, mobile phone, email) Educational data (e.g. CV data, letters of recommendation) Professional data (e.g. status, profession) Survey data (e.g. survey subject, survey programme, requested length of stay) |
Candidate assessment | Article 6 par. 1(b) of the GDPR | The statutory limitation periods provided by law | Processors: data service providers |
Identification data (e.g. full name, nationality, date and place of birth, ID card number) Contact data (e.g. telephone, mobile phone, email) Educational data (e.g. CV details, letters of recommendation) Professional data (e.g. status, profession) Survey data (e.g. survey subject, survey programme, requested length of stay) |
Keeping a register of researchers | Article 6 par. 1(b) of the GDPR | The statutory limitation periods provided by law | Processors: data service providers |
Presentation of research fellows
Personal Data | Purpose | Legal Basis | Retention time | Recipients |
Identification data (e.g. full name) Educational data (e.g. CV details, degree, research topic) |
Promotion of Institute researchers | Article 6 par. Article 6(1)(a) of the GDPR | Until consent is withdrawn | The data becomes public |
Image data |
Form for obtaining author publications
Personal Data | Purpose | Legal Basis | Retention time | Recipients |
Identification data (e.g. full name, address, postal code) Contact data (e.g. email) |
The acquisition of author publications by interested parties | Article 6 par. 1(b) of the GDPR | The statutory limitation periods provided by law | Processors of the processing |
* No automated decision-making processes including profiling are carried out.
Data we collect automatically
When you use our Website, we also collect information automatically, some of which may constitute personal data. This includes information such as language settings, IP address, location, device settings, device settings, device operating system, activity data, time of use, redirect URL, status report, user information (information about browser version), operating system, browsing result (single visitor or registered customer), browsing history, type of data viewed. We may also collect data through cookies. For information on the use of cookies, click here.
Rights of Data Subjects
The Institute ensures that it is able to respond promptly to the requests of data subjects to exercise their rights in accordance with the existing legislation.
In particular, each data subject has the following rights:
Access | Correction |
Under certain conditions
Restriction | Delete | Portability |
For those processing activities based on consent, data subjects may withdraw consent at any time if they wish to do so.
If any of the above rights are exercised, the Institute will respond promptly [in any case within thirty (30) days from the submission of the request], informing you in writing of the progress of its satisfaction.
For any complaint regarding this notice or personal data protection issues, if we do not satisfy your request, you may contact the Hellenic Data Protection Authority via the following link: www.dpa.gr.
Data Protection Officer (DPO) details
To exercise all of the above rights, as well as for any issue concerning the processing of your personal data by the Institute, you can contact the Data Protection Officer of the Institute at dpoistitutoellinico@gmail.com .
Disclaimer for Third Party Websites-Social Media Cubes
In this Website there are social media widgets (e.g. YouTube) with the use of which, after the user logs into the social network, a special digital fingerprint is created, for which both the Institute and the social network itself act as joint controllers.
For the Institute, the purpose of the processing of this data is to improve the functionality of the website and the services provided, as well as to analyze its traffic. The legitimate basis for the processing of personal data is to serve the legitimate interests of the Institute (GDPR Article 6(1)(f))
The Institute does not control and is not responsible for any subsequent processing carried out on them by the Joint Controllers.
For more information about the data processing policy and the options for setting up these networks, you can visit the following website:
https://www.youtube.com/channel/UC_Psu9WrmIV-AhPBNq3xDXQ
https://policies.google.com/privacy
General
[…]
The Hellenic Institute of Byzantine and Post-Byzantine Studies of Venice collects and further processes your personal data in accordance with the national and EU legislation on personal data protection and in particular in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Law No. 4624/2019. For more information regarding the protection of your personal data, please read our Privacy Policy, available on our website. In any case, you can contact our Data Protection Officer at dpoistitutoellinico@gmail.com .