This Privacy Policy (hereinafter referred to as the “Policy”) concerns the Organization of Fashion Revolution Greece (hereinafter “FR   Greece Organization”) and its personal data for natural persons.

Fr Greece is committed to the protection of the confidentiality and privacy of Personal Data and complies with the relevant provisions of the “General Data Protection Regulation” hereinafter referred to as “GDPR”. 

Definitions

Who is the Controller

FR Greece is the controller of personal data, which it processes in the context of the provision of its services, maintains and processes your personal data with confidentiality and respect for your privacy, taking the necessary technical and organizational measures to further protect them.

Principles On Which We Rely

Article 5 GDPR:

Collection of Personal Data

We collect information about you, including in the following cases:

We also collect data occasionally, from third parties, that may lawfully transmit to us information about our clients or whose records we may legally access, such as our external partners, Credit And Fraud Information Providers, lawyers, public services (administrative, tax, judicial, regulatory, insurance funds) or other NDAPs or NPDs.

Personal data is processed for the purposes as detailed below.

Please help us keep your information up to date by informing us of any changes to your personal data.

What Kind of Personal Data We Collect About You

The following categories of data about you may be collected and further processed as described in this Policy:

Categories of Personal Data Subjects

Categories of subjects include:

What are the Purposes of Processing & the Legal Basis of Data Processing

The processing of personal data is based on one of the “legal bases” as referred to in Article 6 §1 of the GDPR. An explanation of the legal bases for processing is available in Annex 1 hereto. The legal basis on which the processing of each use of your data is based refers to each processing purpose.

Participation management – for the processing of the sale, the configuration of the appropriate solution and the management of the Contract. (Article 6§1(a), 6§1(b) and 6§1(f) GDPR)

The provision of personal data in the context of the provision of services is a contractual obligation and their non-provision will affect the proper performance of the contract or make it impossible.

Support participants – to answer questions and support about our services.  (Article 6§1(a), 6§1(b) and 6§1(f) GDPR)

Promotion and Marketing Actions – to answer questions and to inform about our news and services (Article 6§1(a) and 6§1(f) GDPR)

The marketing consensus can be revoked at any time, with effect for the future.

Compliance with our Legal Interests – e.g. to improve our services, prevent and detect fraud against us [Article 6§1,(f) GDPR]

Compliance with our Legal Obligations – to comply with our legal obligations to police, regulatory, tax, accounting, auditors, judicial authorities and agencies [Article 6§1(c) GDPR]

The provision of personal data as above is a statutory obligation which depends on the specific request.

Processing of Specific Categories of Data: In accordance with Article 9 §1 and 2 of the GDPR, the processing of specific categories of data is permitted only in the specific cases specified by law, including the provision of consent under Article 9§2(a).

How We Ensure the Security of Personal Data

We ensure that personal data are processed, in compliance with policies and procedures in accordance with the purposes of processing. For example, the following security measures are used to protect personal data against misuse or any other form of unauthorized processing:

For How Long We Store Data

We store personal data for as long as required by the respective processing purpose and any other permitted linked purpose. The data shall be retained for the duration of our contract and, after its expiry, for as long as provided for by applicable law.

Information that is no longer necessary is safely destroyed or anonymised.

Especially for the data we process based on your consent (e.g. for marketing purposes), they are kept from the receipt of the relevant consent until it is revoked.

We restrict access to your data to the persons who need to use it for that purpose.

In particular, with regard to training programmes, the data used for the submission and/or management of the training programme, after the completion of the relationship between us, shall be kept for a minimum of 10 years. At the end of this period they are destroyed.

Who Are the Recipients of Data

The personal data we collect may be transmitted to third parties, provided that the legality of the transfer is justified.

Furthermore, where the legality of the transfer is justified, personal data may be communicated to the following categories of recipients:

Fr Greece uses  a number of services that cooperate in the provision of the services mentioned.

Although the transmission of data over the internet or a website cannot beguaranteed to protect against cyberattacks, both we and our partners are working to maintain physical, electronic and procedural security measures to protect yourdata.

Where the Processing Takes Place

Participants’ personal data are processed within the European Economic Area (EEA).

If an investigation into the provision of services is required outside the EEA, then this is done with your express consent[Article 49, §4(a)].

Violation of Personal Data

In the event of a breach of the security and integrity of the data available to us concerning personal data, FR Greece will take the following measures (in accordance with Articles 33 and 34 of the GDPR):

Your Rights as a Data Subject and how you can exercise them

You have the right to request access to your personal data, correction/deletion of your personal data, restriction of processing, right to object to the processing and/or exercise your right to data portability.

If data processing is based on your consent, you may withdraw your consent at any time, with effect for the future.

In more detail, you have the right to:

a. Access: Right to be informed about the processing of data by us, and right of access to data.

b. Correction: Right to request correction or completion of your data, if these are inaccurate or incomplete.

c. Delete: Right to request the deletion of your data. This right can be met if:

We reserve the right to refuse to satisfy the above right if the processing of the data is necessary for the fulfilment of our legal obligation, for reasons of public interest or the establishment, exercise or support of legal claims (Article 17 §3).

d. Restriction of processing: Right to mark the data, with the aim of limiting their processing. For example, when you have questioned the accuracy of your personal data, for the period required for verification.

e. Portability: Right to receive your data in a structured, commonly used and readable format by machines as well as to request that it be transmitted, both to you and to another person who will process it.

F. Objection: Right to object at any time to your data processing, including profiling, also when the processing reason relates to online marketing.

Fr Greece will review your request and reply to you within one month of receipt of the request either for its satisfaction or for the objective reasons preventing its satisfaction or, given the complexity of the request and the number of requests, within an additional two months.  (Article 12 §3)

The exercise of these rights takes place at no cost to you, by sending arequest/letter/email to the Data Controller.

If you are not satisfied with our use of your data or our response to the exercise of your above rights, you are entitled to lodge a complaint with the Privacy Authority.

You may exercise the above rights in the contact details listed below.

Contact Details of the Controller

For any matter regarding the processing of your personal data and the exercise of your above rights, you can contact us by e-mail greece@fashionrevolution.org  and by post at: Athens University of Economics and Business, Research Centre, Management Science Lab, Fashion Revolution Greece, Troias 2 46, Athens, 113 62, Greece

Contact Details of the Privacy Authority

Country Coordinator Dr Fiori Zafeiropoulou, Phone: +30 2111189357, email greece@fashionrevolution.org  and by post at: Athens University of Economics and Business, Research Centre, Management Science Lab, Fashion Revolution Greece, Troias 2 46, Athens, 113 62, Greece

Cookies

Cookies  are important for the effective operation of the website  https://raiseyourvoice. gr/  and to improve your online experience. Click “Accept  cookies”to continue or select”More information” to see detailed descriptions of cookies  and choose whether to accept certain cookies or not.

What are cookies?

Cookies  are small text  files that contain information stored in your computer’s web browser when browsing https://raiseyourvoice. gr/  . These       cookies can be removed at any time, as you can modify your browser settings to reject some or all cookies. 

We use cookies to continuously improve the functionality of our website, your effective browsing, and the connection and navigation of pages.

Information generated by the cookie file about your use of the website (including your IP  address) will be transmitted and stored on Googleon its servers.  

If you do not accept cookies,you may not be able to use some features of our Service and we recommendthat you leave them enabled.

For more information about cookies, pleasefind out here:  www. allaboutcookies. org

Recording Data & Repetitive Marketing

We may collect information sent by your browser each time you visit our website. This log data may include information such as your computer’s IP address, browser type, browser version, pages you visit, the time and date of your visit, the time spent on these pages, and other statistics.

In addition, we may use third-party services, such as Google Analytics,that collect, monitor and analyze this type of information in order to improve the functionality of our website and ourservices.

FR Greece  uses remarketing services to advertise on third-party websites after your visit to our website.

The Google AdWords remarketing service is  provided by Google Inc..

Google  also recommends that you install the Google Analytics Exception Navigation Add-in  –  https://tools. google.   com/dlpage/gaoptout – for your web  browser. The GoogleAnalytics opt-out browser add-on enables visitors to prevent GoogleAnalyticsfrom collecting and using theirdata.

For more information about Google’sprivacypractices, visit Google’s  website  at http://www.   google. com/intl/el/policies/privacy.

Commercial Contact – Newsletter

The visitor/user can visit this website https://raiseyourvoice. gr/  maintained and managed by the Organization of Fashion Revolution Greece, without revealing its identity and without providing any personal information, subject to the acceptance of the relevant cookies  (see above).

In general, you are not required to submit personal data to FR Greece online, but we may ask you to provide certain personal data in order to obtain additional information about our services and events.  The Agency may also request your permission for certain uses of your personal data and you may either consent to or deny such uses.

However, in order for the visitor/user to become the recipient of electronic information material (e.g. Newsletters) sent by FR Greece in order to be informed about issues of its services, Human Rights, Racism and Violence and in general current events and to receive in the future privileges from the Agency may give its express consent regarding its registration with the services of the Website and the granting to the Agency of the information reflected in the relevant contact form. You will be able to unsubscribe from the relevant recipient list at any time by following the instructions contained in each communication.

Personal information collected is stored on password-controlled restricted servers and FR Greece uses specific technologies and procedures to enhance the protection of such information against loss or misuse and to protect it from unauthorized access, notification, modification or destruction.

To this end, if any visitor/user is aware of any illegal, malicious, inappropriate or improper use of personal data, which is in any way related to the use of the Website, he undertakes to notify the Event directly to the Agency.

Update the Privacy Policy

This policy is reviewed when there is a significant change. This review will be available on our websitehttps://raiseyourvoice. gr/