Privacy Policy

The following privacy policy provides information regarding the processing of personal data by the “INITIATIVE FOR EUROPEAN PROGRESS – NON-PROFIT CIVIL COMPANY” (hereinafter NPCC) and describes how the NPCC protects personal data, as well as the procedure by which you, as a natural person, can exercise your rights. The NPCC processes your personal data always with respect for the fundamental rights of natural persons, in accordance with the applicable European and Greek legislation (including the General Regulation (EU) 2016/679, Greek Law 4264/2019, and any other relevant applicable legal text).

We reserve the right to amend and update this Privacy Policy whenever deemed necessary. If there are changes, the updated text will be posted on our website. For this reason, please read this Privacy Policy carefully and periodically check our website.

Data Controller

The “INITIATIVE FOR EUROPEAN PROGRESS – NON-PROFIT CIVIL COMPANY” is the controller of personal data. The contact details of a responsible person for questions regarding personal data are provided at the end of this privacy policy.

Personal Data

Personal data means all information relating to an identified or identifiable natural person. This includes data concerning your identity (such as full name, address, date of birth), your electronic devices, payment details, as well as information about how you use our website or other online services.

If our website contains links to third-party providers or websites, please note that these websites are governed by their own privacy policies, for which we bear no responsibility. This policy does not cover any of your activities once you leave our website.

Processing of Personal Data on Our Website

During your visit to our website, the “INITIATIVE FOR EUROPEAN PROGRESS – NON-PROFIT CIVIL COMPANY” may process:

(a) The data you have entered for registration on the website and offered services (username, password, full name, phone number, email address, communication content).

(b) Personal data automatically collected during your browsing (IP address, device type, browser, referring website, date and time of your visit to our site).

Purpose of Processing

We process the personal data you provide in order to properly deliver our services and, in particular, to enable your registration as an account holder on our website. Additionally, we collect and process personal data of registered users to inform them about our news and events that may be of interest.

We also process personal data to ensure the proper operation and security of the website, the continuous improvement and optimization of our services, and to communicate with you for surveys and to collect feedback about our activities and events.

If you are a simple visitor to our website, and only with your explicit consent (which you provide via a relevant field), we may add you to our newsletter recipient list. In this case, we will retain only the absolutely necessary contact details (such as email address or social media profile) in order to send you information about upcoming events and activities. You always have the right to withdraw your consent at any time by selecting the “unsubscribe” option at the bottom of each related communication.

Furthermore, with your explicit consent and depending on your choices regarding cookie management during your website visit, we may process personal data collected via cookies and related technologies. The purpose of this processing is to improve your browsing experience and analyze website usage. This consent can be withdrawn at any time, while more information is available in our Cookie Policy.

Legal Bases for Processing

The collection and processing of your personal data takes place only when there is a legal basis, namely:

  • It is necessary for the purposes pursued by the NPCC (Article 6(1)(f) GDPR).

  • It is necessary for communication with you.

  • You have given your explicit consent for the processing of personal data (Article 6(1)(a) GDPR).

  • For our compliance with legal obligations and for dispute resolution.

Recipients and Transfers

Your personal data is processed internally within the NPCC by our authorized staff, bound by confidentiality obligations. If we use any third party (e.g., technical service providers) to process personal data on our behalf and according to our instructions, we ensure, through contractual terms and regular checks, that they comply with data protection legislation.

Your personal data is not knowingly sent to countries outside the EU/EEA. If data is transferred to such countries, we will take all necessary measures to ensure that the transfer is carried out with appropriate safeguards, in accordance with the European Commission’s standard contractual clauses or other lawful mechanisms.

Data Security

We process your data in a way that ensures its protection.

Specifically, your personal data is processed only by authorized staff or partners bound by the same obligations towards the NPCC. We take all appropriate organizational and technical measures for data security and protection from accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, and any other form of unlawful processing. Among other things, we implement internal security policies and use every technology available to safeguard your data. However, please note that no method of electronic transmission or storage provides absolute security.

Data Retention Period

Personal data is retained only for as long as required for the purpose it was collected, or as imposed by the relevant legal framework. After the necessary period, data is deleted or anonymized.

Data Subject Rights

According to applicable data protection legislation, and provided that the relevant legal conditions are met, you have the following rights:

  • Right of access: To know whether we process your data, to access the data, and receive additional information about its processing.

  • Right of rectification: To request updating, correction, or completion of your personal data.

  • Right of erasure (“right to be forgotten”) under conditions: To request deletion of your data, unless another legal basis for processing exists (e.g., legal obligation).

  • Right to data portability: To receive your personal data free of charge in a structured, commonly used, machine-readable format or request that we transfer it directly to another controller, where technically feasible.

  • Right to object to processing: To object at any time to processing based on Article 6(1)(e) or (f) GDPR, unless the NPCC demonstrates compelling legitimate grounds.

  • Right to restriction of processing: To request restriction of processing in certain cases, such as when the accuracy of the data is contested or when you oppose deletion and request restriction instead.

  • Right to object to automated decision-making: To request exclusion from decisions based solely on automated processing, including profiling.

  • Right to withdraw consent: You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Contact

For any matter related to personal data protection, you may contact:

📧 support@europrogress.org
📍 6 Mavrommateon Street, 10682 Athens, Greece

The competent authority is the Hellenic Data Protection Authority. You have the right to lodge a complaint with the Authority regarding issues related to the processing of your personal data. However, you must first attempt to exercise your rights with the NPCC before turning to the Authority. For the Authority’s jurisdiction and complaint submission procedure, you may visit its website: www.dpa.gr > My Rights > Submit a Complaint, where detailed information is available.