Skip to main content

Privacy Statement

The protection of personal data is a key concern of NEA METROPOLITIKI ATTIKI, hereinafter referred to as the “COMPANY”. Within the framework of the General Data Protection Regulation (EU) 2016/679 (GDPR), this text provides information on the processing of personal data and the rights of data subjects, in accordance with article 13 of the aforementioned Regulation. This statement describes the personal data protection practices and policies followed by the Company as Data Controller, in accordance with the General Data Protection Regulation (GDPR).

As part of its activities, the Company has undertaken the implementation of the initiative called "Hellenic Cosmos Center". The initiative consists of the creation and operation of an electronic platform, which aims to present and connect cultural institutions, organizations and groups that promote and highlight the culture and heritage of the Ancient Greek World.

The platform was launched with the participation of entities from Greece and Italy and is intended to expand to other countries with common historical and cultural roots. Through the platform, the parties involved have the opportunity to present their work, exchange information and develop collaborations of a cultural, social or touristic nature.

The listing of the parties involved is based solely on publicly available online sources and is illustrative in nature, without implying an evaluation or control by the Company. The presentation and inclusion of an entity or group is made exclusively upon the express consent of the same, who retain full rights over their data, including the right to modify or delete their account from the platform.

The platform is not for profit or advertising purposes. The Company does not intervene in any collaborations or transactions between the parties involved and bears no responsibility for their solvency, reliability or activity. Any collaboration that arises is carried out solely under the responsibility of the parties that undertake it.

By collecting this information, we act as data controllers and, by law, we are required to provide you with information about us, why and how we use your data, and the rights you have over it.

We invite you to read this carefully, in order to be adequately informed regarding the type of data we process.

1. PURPOSE OF THE PRIVACY STATEMENT

This applies to transactions between natural persons – data subjects with NEA METROPOLITIKI ATTIKI. In particular, this applies in the following cases:

  • existing, future and former customers, suppliers, consultants, external partners
  • employees,
  • other natural persons with whom the COMPANY has a business relationship

This does not apply to policies and practices of companies that are not related in any way to the COMPANY, and it is not responsible for the privacy policies and practices of other companies.

2. How Personal Data is collected

The COMPANY collects personal data if one of the following conditions applies:

  • To carry out the company's operations which cannot be implemented without the collection of personal data.
  • The collection is carried out in cases of emergency to protect the vital interests of the data subject or to prevent serious harm or injury to another natural person.

3. Disclosures of personal data – categories of recipients

The COMPANY does not disclose the personal data it collects and processes to third parties, unless this is required for the purposes of legitimately fulfilling our professional and business needs, in order to meet our contractual obligations to our suppliers and partners, or is required or permitted by law.

The data of suppliers, partners and citizens who come into contact with the COMPANY are processed within the framework of what is defined herein, by departments and employees of our company that are responsible for fulfilling its individual functions. The data may also be processed by cooperating third parties, by order and on behalf of the COMPANY, by order and on behalf of it, in cases of outsourcing of the company's functions, such as external technical services, accounting services, etc. There are no fixed such assignments and for this reason it is not possible to name reference to any future partners of ours within the framework of this. In any case, our company will ensure that it assigns processing departments to third parties, if and only if they meet high levels of data security and confidentiality, provide adequate guarantees and commitments for their protection and undertake the contractual commitments provided for by law.

Also, the data, to the extent necessary for the fulfillment of the purposes of the processing or other obligations, may be transferred to third parties. Our company, in any case where the transfer of data becomes necessary, ensures that it is transferred to third parties, provided that only these meet high levels of security and confidentiality of the data and provide adequate guarantees and commitments for their protection.

Finally, the company may disclose data to public authorities of all kinds (public services, tax authorities, insurance organizations, etc.) or to judicial or independent authorities, prosecutorial authorities or investigative bodies, if this is provided for or required by law or is deemed absolutely necessary for the protection of our legal rights or compliance.

To safeguard personal data, the COMPANY's Privacy Policy applies.

4. Information security

The COMPANY uses organizational, technical and administrative measures to protect personal data, personal and other information

5. Data Subject Rights

You can access, receive and transmit your personal data, rectify, erase or restrict processing, object to processing and withdraw your consent, where processing is based on your consent. Subject to any exemption under the GDPR, you have the following rights:

In accordance with existing legislation and the restrictions provided for therein, data subjects have the following rights regarding their personal data:

  • Right to information and access: You have the right to be informed about the processing of your personal data and for this reason you are informed of this Privacy and Personal Data Protection Statement. At the same time, you have the right to access the personal data concerning you, upon your request.
  • Right to rectification: You have the right to request the correction of inaccurate data about you, which is kept within the framework of this or the completion of any incomplete data about you.
  • Right to erasure: You have the right to request the deletion of your data. Please note that this right is not absolute and is subject to legal restrictions. We may have legitimate reasons not to respond to such a request.
  • Right to restriction of processing: You have the right to request the restriction of the processing of your data, i.e. you have the right to request that our company stop further processing and simply retain your data. The exercise of this right is subject to the condition that such a possibility is granted to you by existing legislation. If the legal requirements are not met, the company may not be obliged to satisfy your request.
  • Right to data portability: You have the right to receive the data concerning you in a specific format and to request their transfer to another controller, provided that this is provided for by law for the processing being carried out at that time.
  • Right to object: You have the right to object at any time to the processing of your data, within the limitations provided for in existing legislation. Similarly, this right is not absolute and the company may have valid reasons to refuse to satisfy it.
  • Right to withdraw your consent: Where the processing of your personal data is based on your consent, you have the right to withdraw your consent immediately, easily and free of charge at any time for the continuation of such processing. The withdrawal of your consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal.
  • Right to complain to the Personal Data Protection Authority: We also inform you that based on the existing legislation you have the right, if you consider that the legislation for the protection of your data is being violated, to complain to the competent Data Protection Authority (for Greece, Hellenic Data Protection Authority -HDPA, 1 Kifissias Avenue – 115 23 – Athens, tel. 210 6475600, www.dpa.gr ) and to submit a relevant complaint.

6. Personal data retention period

The COMPANY retains your personal data for as long as is necessary for the purpose for which it was collected or for a longer period or as permitted by law. Once the personal data is no longer necessary for its original purpose, it is deleted in accordance with the COMPANY's policies and procedures.

7. On what legal basis does NEAMITROPOLITI KIATTIKI process personal data?

The COMPANY processes your personal data transparently according to the principles of lawfulness, proportionality, confidentiality and integrity, purpose limitation and accuracy, specific data retention time and data minimization.

The legal basis for processing your personal data in each case may be:

  • (a) the provision of the services that you assign to us and wish to receive from us, such as for example information about our activities and consequently the fulfillment of our contractual obligations in this context.
  • (b) the safeguarding and protection of legitimate interests, both yours and ours.
  • (c) compliance with an obligation imposed by law, such as regulatory compliance for tax purposes.
  • (d) the consent you provide under the specific conditions set by the legal framework, in order to receive updates on the activity, services, etc. of both the COMPANY and third-party collaborating companies, which process personal data in accordance with the applicable framework at each time.

The processing within the framework of the "Hellenic Cosmos Center" initiative is based on:

  • (a) the necessity of processing for the performance of a task carried out in the public interest or in the exercise of public authority (article 6 par. 1 sub-paragraph e) related to the promotion and promotion of cultural heritage, the networking of bodies and the facilitation of synergies, in accordance with the statutory purposes of the Company.
  • (b) the consent of the subjects when required.

8. Disclaimer

Within the framework of the “Hellenic Cosmos Center” initiative, the Company makes every effort to ensure that the recording and presentation of the parties involved on the platform is accurate and consistent with the purpose of the initiative. However, the Company bears no responsibility for:

  • the solvency, reliability, legality or general activity of the parties involved.
  • any inaccuracies, omissions or deficiencies in the information posted, which comes either from public sources or is provided directly by the parties involved themselves.
  • any collaboration, transaction or interaction that takes place between the parties involved, which is the sole responsibility.
  • any temporary or permanent inability to access the platform, due to technical errors, upgrades, maintenance, viruses, malware, cyberattacks, force majeure events or other reasons beyond its control.
  • any direct, indirect, consequential or indirect damage that may arise from the use of the platform, reliance on third-party information, or any collaboration between the listed parties.

The "Hellenic Cosmos Center" platform is exclusively illustrative in nature, has no controlling or supervisory role and does not provide any express or implied guarantee as to the accuracy, completeness, timeliness or reliability of its content.

The presentation of entities/groups is carried out exclusively with their express consent, who retain full rights to process, deactivate or delete their account at any time, in accordance with applicable personal data protection legislation.

The Company expressly reserves the right to remove, restrict or modify content (e.g., agency profiles/posts) in case of violation of the law, infringement of third party rights, abusive behavior or if it deems it necessary for reasons of protection of the platform, users or public order.

The Company does not have an advertising or profit-making nature and does not derive any financial benefit from the operation of the platform.

9. Communication

In General: The COMPANY is responsible for the collection, use and disclosure of your personal information in accordance with this Privacy Statement. If you have any questions about this or our privacy practices or would like to access your information, please contact us at dpo@developattica.gr . You also have the right to file a complaint with the supervisory authority (Personal Data Protection Authority).