The security policy is of public character and is binding on all personnel who handle personal data in any way and is in accordance with the relevant legislation.
UNICERT COLLEGE makes every effort to comply with the legislation related to the Protection of Personal Data (GDPR) in the field in which it operates. This policy sets out the basic principles by which UNICERT COLLEGE processes the personal data of customers, employees, suppliers, partners and others. The Management of UNICERT COLLEGE is committed to meet the requirements of the new General Data Protection Regulation (GDPR) and recognizes the protection of personal data as its priority. All UNICERT COLLEGE employees, for an indefinite or fixed term, for independent service contract or wok contract, are bound by this Policy. The aim is to ensure the processing environment and the creation of a work culture and awareness of the safe use of personal data and, for this purpose, all necessary resources are available.
- Basic Definitions
The basic definitions of the terms used in this document are presented below, as set out in Article 4 of the General Data Protection Regulation (GDPR), in order for the data subject to become familiar with the terminology of the Regulation:
Personal Data: any information relating to an identifiable or identifiable natural person (“data subject”); to an identity number, location data, online ID or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of the individual concerned.
Personal data of special categories: Personal data, which are by nature particularly sensitive to fundamental rights and freedoms, need special protection, as the processing of them could pose significant risks to fundamental rights and freedoms. This personal data includes data, which includes racial or ethnic origin, political views, religious or philosophical beliefs or trade union affiliation, as well as the processing of genetic data, biometric data for the purpose of unambiguous identification, relating to health or data relating to the sexual life of a natural person or to sexual orientation.
Processor: the natural or legal person, public authority, service or other entity that, alone or in conjunction with others, determines the purposes and manner of processing personal data.
Perform the Processing: the natural or legal person, public authority, service or other entity that processes personal data on behalf of the controller.
Processing: any operation or sequence of operations performed with or without the use of automated means, on personal data or on personal data sets, such as collection, registration, organization, structure, storage, adaptation or modification; the retrieval, search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
Principle: The Authority for the Protection of Personal Data.
- Basic principles concerning the Processing of Personal Data
UNICERT COLLEGE, as the processor, strictly adheres to the data protection principles, which are set out in Article 5 of the General Data Protection Regulation (GDPR).
3.1. Legitimacy, Objectivity and Transparency
UNICERT COLLEGE processes personal data legally, objectively and transparently towards data subjects.
3.2. Purpose Restriction
Personal data is collected only for specific, explicit and legal purposes and is not processed for any other purpose.
3.3. Data minimization
UNICERT COLLEGE keeps the exact personal data of the subjects and ensures that their observance is limited to what is necessary in relation to the purposes of processing. At the same time, it implements the appropriate technical measures in order to achieve the above objectives.
The personal data held by UNICERT COLLEGE is accurate and up to date. They shall take steps to ensure that personal data which are inaccurate in relation to the purposes for which they are processed, are deleted or corrected in a reasonable time.
3.5. Limit the Storage Period
Personal data is kept for no longer than the necessary period for the purposes for which UNICERT COLLEGE processes it.
3.6. Integrity and confidentiality
Taking into account the technological level and other available security measures, the cost of implementation, as well as the possibility and seriousness of the risks to personal data, UNICERT COLLEGE uses appropriate technical or organizational measures for the processing of Personal Data, in a way that guarantees the appropriate security of personal data and their protection against accidental destruction, loss, damage, unauthorized or illegal processing.
UNICERT COLLEGE is responsible and is able to demonstrate compliance with the General Regulation on Data Protection to the competent Personal Data Protection Authority.
- Privacy Notice, Consent and Rights of Data Subjects
4.1. Notification to Data Subjects
Prior to the collection of personal data or the collection of any processing activity undertaken by UNICERT COLLEGE, including, but not limited to, the sale of products, services or marketing activities, UNICERT COLLEGE is responsible for providing appropriate information to its subjects and, in particular, information on the types of personal data collected, the purposes of the processing, the processing methods, the rights of the data subjects in relation to their personal data, the registration period, any international data transfers, if the personal data in the context of cooperation with third parties, as well as the security measures of UNICERT COLLEGE for the protection of personal data. This information is provided through the Privacy Notice.
4.2. Consent – Free revocation
When the collection of personal data is based on the consent of the data subject, UNICERT COLLEGE is responsible for ensuring that data subjects provide their consent freely, explicitly and in full knowledge of the content of the text to which they consent. UNICERT COLLEGE provides data subjects with the ability to revoke their consent at any time. The processing of personal data should be done only for the purpose for which they were collected from the beginning. If UNICERT COLLEGE wishes to process the collected personal data for another purpose, it must seek the consent of the data subjects in an explicit and specific written manner. Any such request must contain the original purpose for which the data were collected, as well as the new or additional purpose (s).
UNICERT COLLEGE makes every effort to keep the number of personal data it collects to a minimum. If personal data is collected by a third party, UNICERT COLLEGE ensures that such data is collected legally.
4.4. Relationship of UNICERT COLLEGE with Third Parties
In cases where UNICERT COLLEGE employs a third party vendor or trading partner, which entrusts it to process personal data on its behalf, it ensures that the processor provides the appropriate security and personal data protection measures to deal with potential related data risks. UNICERT COLLEGE makes every effort to ensure that its trading partners process personal data only for the performance of their contractual obligations to UNICERT COLLEGE, always in accordance with its instructions and for no other purpose.
4.5. Data Subjects Access Rights
UNICERT COLLEGE, as processor, is responsible for providing data subjects with access to their personal data, which will also allow them to review, correct, delete or transfer it.
4.6. Data Portability
Data Subjects have the right to obtain, upon request, a copy of the data provided to UNICERT COLLEGE in a structured format and to transfer this data to another controller. UNICERT COLLEGE is responsible for ensuring that such requests are processed within one month, provided that such requests are not manifestly ill-founded. In exercising the right to data portability, the data subject has the right to request the direct transfer of personal data from one controller to another, if this is technically possible.
4.7. Right to Erasure
Upon request, the Data Subjects have the right to request from UNICERT COLLEGE the deletion of their personal data, if they no longer wish their data to be processed and if there is no longer a legal reason for UNICERT College to possess it, UNICERT COLLEGE will immediately take the necessary actions (including technical actions) to satisfy the request and will ensure the same from any third parties who use or process personal data on its behalf.
4.8. Right of objection
The Data Subject is entitled to oppose at any time the processing of personal data concerning it, including profiling.
4.9. Right to restrict processing
Upon request, Data Entities have the right to request UNICERT COLLEGE to restrict the processing of their data in accordance with Article 18 § 1 a-d of the General Data Protection Regulation (EU) 2016/679.
4.10. How to Exercise all the rights of the Data Subjects and revoke their consent
The exercise of his rights is exercised by the Data subject, as well as the revocation of his consent, with his written application to the company UNICERT COLLEGE. The Data subject may also freely withdraw his consent without prejudice to the legality of the processing based on it until its revocation. By sending a written application / letter or email to the address: firstname.lastname@example.org.
Responsible for the processing of the personal data of the subject is UNICERT COLLEGE based in Athens, Str. 1A Rethymnou, PC 106 82.
Also, the subject can address the Personal Data Protection Authority, at the following data www.dpa.gr , email: email@example.com , contact phone: 210 7101410, address: 1-3 Kifissias Ave., PC 115 23, Athens.
- Response to Personal Data Breach Incidents
If you continue to have any questions or need any clarification regarding the processing of your personal data by UNICERT COLLEGE, you can contact us and UNICERT COLLEGE will be happy to serve you immediately.
- GENERAL INFORMATION
- PROVISION OF CONSENT
Please read this policy carefully for more details about the information we collect when you use this site. Select “Accept” to continue or “Settings” to choose what kind of cookies you accept. If you choose to opt-out of placing the necessary cookies, you may not be able to use certain parts of the website.
- WITHDRAWAL OF CONSENT
- WHAT ARE COOKIES
Cookies are small files with letters and numbers that are placed in your browser or on your hard drive. Cookies serve various purposes. For example, they allow us to analyze how efficiently our site works. More details about the types of cookies we use will be seen below.
- WHAT PERSONAL INFORMATION DO WE COLLECT?
Some cookies collect personal information. Most collect information that allows the user to be identified. They collect general information, such as how the user got to the site and how they used it, or what part of the world they are in.
- WHAT TYPES OF COOKIES WE USE
In general, the use of the website may lead to the installation of four types of cookies, the purpose and function of which are described below:
6.1 Absolutely necessary cookies
The absolutely necessary cookies are essential for the proper functioning of the website and allow you to browse and use its functions. These cookies do not recognize your personal identity. Without these cookies, we can not offer effective operation of our website.
6.2 Performance cookies
These cookies collect information about how visitors use the site, for example, which pages they visit most often and whether they receive error messages from web pages. These cookies collect aggregate, anonymous information that does not identify a visitor. They are used exclusively to improve the performance of a website.
6.3 Functionality Cookies
These cookies allow the website to remember the user’s choices, such as language or region, to provide enhanced and personalized features. The information collected by these cookies may be anonymous and it is not possible to track browsing activity on other websites. If you do not accept these cookies, the performance and functionality of the website may be affected and your access to its content may be limited.
6.4 Advertising / Targeting Cookies
These cookies are used to provide content that best suits you and your interests. They can be used to send targeted advertising / bids, limit ad impressions, or measure the effectiveness of an advertising campaign.
6.5 If you wish, you can opt out of the collection of data from cookies of this category through the service http://www.youronlinechoices.com. Selecting to not allow your data collection to be displayed for targeted advertising does not mean that you will no longer see advertising. It just means that you will see an ad that does not suit your interests.