0
You have no items in your shopping cart.
Menu
Search
Wishlist
0
Filters

Personal data protection policy

For the use of the platform conferences.rc.aueb.gr (hereinafter, the platform) and access to the services we provide to you through it, we will need to process your personal data.

When we refer to processing, we mean a series of different operations on this data, such as its collection and registration, retrieval, use and transmission, while personal data is any kind of information that concerns you and can lead to your identification.

This processing must be transparent and lawful, for this purpose we have created this information text. Through this text you can, among other things, be informed about who we are, what data we process about you and under what conditions, what your rights are.

This information is your right, but also an obligation of the Athens University of Economics and Business according to articles 13 and 14 of the GDPR, depending on whether your data has been provided by you or collected from third-party sources or through the use of the application.

This text has been designed to be comprehensive, yet user-friendly. Please refer to the section that interests you and do not hesitate to contact us with any questions you may have.

 

1. Who we are

We are The Research Centre of the Athens University of Economics and Business (hereinafter referred to as RC-AUEB) (hereinafter, the RC/AUEB or the entity), which is headquartered in Athens, Kefallinias Street, number 45.

RC/AUEB is the controller of your data, since we determine the purposes and means of this processing and are responsible for the protection of your data and our compliance with the requirements of the General Data Protection Regulation (hereinafter GDPR) and national law 4624/2019.

It is noted that RC/AUEB belongs to the Athens University of Economics and Business.

 

2. What are our contact details?

For any issue that interests you, you can contact us directly, in any of the following ways:

a. Our postal address is: Kefallinias 45, P.C. 112 57, Athens

b. Our phone number is: +30 210 8203830

c. Our e-mail is: info@rc.aueb.gr and conferences@rc.aueb.gr

d. The e-mail of our Data Protection Officer (DPO) is: dpo@aueb.gr

For any questions, concerns or problems you may have, do not hesitate to contact us. AUEB has appointed a Data Protection Officer (DPO), with whom you can contact and raise any issue that concerns you while using the platform.

Communication with us is also possible through the platform, in the Unit Communication

 

3. What categories of your data do we process?

In order to use the application and access our services, it is necessary for us to collect and process your personal data. This data is collected in three ways:

  1. You provide them to us through your account or by completing the data requested on a case-by-case basis in a form.
  2. Collected through the use of the platform.
  3. Collected from third-party sources.

Your personal data is processed for many different purposes, with each purpose including only the data necessary for its realization.

Overall, this data can be divided into the following categories:

  1. Identification and contact data: Name, surname, email, contact phone number.
  2. User account data: Language settings, password
  3. Purchase data: Events for which a transaction has been made, accompanying or additional products and services (incl. souvenirs, meal)
  4. Payment details: Transaction details, tax document details (receipt or invoice)
  5. Application usage data: Products that have been placed in the cart.
  6. Device data: Indicatively, device ID, IP address, device configuration settings, operating system.
  7. Customer service data: Indicatively, your comments, requests and reports to the RC/AUEB and our responses to you.

 

 

4. For what purposes do we process your data?

 

4.1. For the use of the platform and the provision of our services

The first and main reason why we will need to collect and process your personal data is to be able to provide our service through the use of the conferences.rc.aueb.gr platform. This use constitutes a complete experience, which starts from creating an account and reaches the submission of your requests and questions to us.

This reason is divided into individual purposes, which are described in more detail below. Your personal data collected and processed for all these purposes are retained until your account is deactivated or after 3 years of inactivity. In the latter case, an information message will be sent one (1) month before the end of this period, in order to determine whether you wish to keep your account active.

 

4.1.1. Creating an account on the platform

To purchase products and services through the platform, you have the option of creating an account, but this is not mandatory. To create an account, you will need to fill in the following personal information: Name, surname, telephone number and email address.

At the same time, you will be asked to confirm that you have read and accept the Terms of Use of the service, as well as that you have taken into account this Privacy Policy.

The collection and processing of your data for this purpose is necessary for the provision of our service (article 6 par. 1b GDPR).

 

4.1.2. The product market

In order to purchase a product through the platform, i.e. to secure your participation in one of the events offered, your personal data will need to be processed. The purchase of the product does not require the creation of an account, as it can also be done as a guest.

The personal data that will be processed for this purpose are communication data and purchase data.

The collection and processing of your data for this purpose is necessary for the provision of our service (article 6 par. 1b GDPR).

 

4.1.3. Making a payment

After completing your selections and adding the products you are interested in to your shopping cart, you will be asked to proceed with the payment process.

Payment is made through the secure electronic transaction systems of the National Bank, using a bank card. It is noted that RC/AUEB does not have access to your card details or any information related to your bank account or card, as the only information we obtain from the National Bank is the confirmation or otherwise of the transaction.

Therefore, the personal data collected and processed for this purpose are exclusively payment data.

The collection and processing of your data for this purpose is necessary for providing our service (article 6 par. 1b GDPR).

 

4.1.4. Issuance of a document

When completing your purchase, you will be asked to select the type of document you would like us to issue, with the data we will process being determined by this type.

In the event that you choose the Retail Receipt version, the data that is processed is: Name, Surname, email, Country.

Accordingly, in the event that you choose to issue an Invoice, the data that is processed is: Name, VAT number.

The collection and processing of your data for this purpose is necessary for our compliance with a legal obligation (article 6 par. 1c GDPR), namely the obligation we have under law to issue legal tax documents for the services we provide.

 

4.1.5. Responding to your requests and questions

RC/AUEB provides you with the opportunity to contact us in order to bring to our attention any issue that concerns you or any problem you encounter while using the application and receiving our services.

This communication is provided through the special Unit Communication where you can inform us about any questions or problems you are facing.

To fulfill this purpose, your identification data and any other information you may provide us regarding the issue you are facing will be processed. At the same time, RC/AUEB will obtain from your account any information regarding with this issue, to the extent that this is absolutely necessary for the examination and response to your request.

The collection and processing of your data for this purpose is necessary for providing our service (article 6 par. 1b GDPR).

 

4.2. To improve the platform and your experience using it

Our goal is not only to offer you a platform that is elementary useful, but to make its use a complete experience for the user, through which they will be able to satisfy their requirements and needs in an easy-to-use, fast and functional manner.

In this context, the platform provides you with certain additional functions and features, which are not directly related to the provision of our service, but are an integral part of this experience.

This reason is divided into individual purposes, which are described in more detail below. Your personal data collected and processed for all these purposes is retained until your account is deactivated or after 3 years of inactivity.

 

4.2.1. Maintaining the history of your choices

Through your account you can see the complete history of the products you have added to your shopping cart, as well as the purchases you have made. The data processed for this purpose is purchase data and application usage data.

The collection and processing of your data for this purpose is necessary for the purposes of our legitimate interests, which consist in this case in our commitment to provide you with a platform that is as useful as possible (article 6 par. 1f GDPR).

 

 

4.3. For the security of your data and the prevention of illegal or abusive acts

 

4.3.1. Temporarily maintaining a deactivated account

The platform provides you with the option to delete your account. In this case, your account will be deactivated, however, your personal data will be retained for a period of 3 months.

This retention aims to enable RC/AUEB to monitor any abusive behavior and malicious practices, such as users who attempt to avoid their obligations under the Terms of Use or to delete their history by creating a new account.

The collection and processing of your data for this purpose is necessary for the purposes of our legitimate interests, which consist in this case of our right, but also our obligation towards our customers to maintain a platform with rules and security for its users (article 6 par. 1f GDPR).

 

4.3.2. Preventing fraud and fraudulent transactions

As already mentioned, in order to obtain the products and services offered through the platform, we will need to retain certain payment data.

The RC/AUEB must ensure that payments made are secure and prevent fraud, such as illegal use of a bank card or use of false cardholder information.

To identify and cancel suspicious payments, we use automated tools and process payment, user identification, application usage and account data.

The collection and processing of your data for this purpose is necessary for the purposes of our legitimate interests, which consist in this case of our right, but also our obligation towards our customers to maintain an application with rules and security for its users (article 6 par. 1f GDPR).

 

 

4.4. For the execution of our terms of service

 

4.4.1. Checking the user's compliance with their obligations under the Terms of Use

The platform's Terms of Use list a series of obligations of users towards RC/AUEB and its software.

In the event that it is determined or comes to our attention that the use of the application and acceptance of our services is in violation of these obligations, we reserve the right to temporarily lock your account and/or terminate it immediately and without notice.

For this purpose, and depending on the specific obligation, the observance of which is being monitored, RC/AUEB will use all of your data held in your account, in order to evaluate the behavior in question and proceed to take the necessary measures.

At the same time, in the event that RC/AUEB receives a complaint from a third party regarding behavior that violates the terms of use of the service, we will also collect your data that is de facto included in this complaint.

The collection and processing of your data for this purpose is necessary for the purposes of our legitimate interests, which consist in this case in the company's right to monitor compliance with the Terms of Use of the service (article 6 par. 1f GDPR).

 

4.4.2. Preventing re-registration

In the event that RC/AUEB ascertains and confirms user behavior that directly violates the Terms of Use and/or harms the interests and image of AUEB or RC/AUEB and/or constitutes the commission of a criminal offense, RC/AUEB reserves the right not only to immediately terminate the user account in question and without notice, but also to prohibit the re-registration of this user with a new account.

For this reason, and in cases of account termination, RC/AUEB will retain your identification and contact information in a special file of terminated accounts, so that the application does not allow the re-registration of these details.

The collection and processing of your data for this purpose is necessary for thepurposes of our legitimate interests, which consist in this case of the right of RC/AUEB to protect its business activity, property and image from users who violate its Terms of Use (article 6 par. 1f GDPR).

 

4.5. Carrying out marketing activities

You will only receive offers and advertisements from us if you have agreed to receive news and personalized offers (advertising, coupons and promotions) and if you have agreed to the display of news based on usage during the registration process. This applies to both non-personalized (sent to all customers) and personalized (sent only to you and based on the analysis of your personal data that you have either explicitly provided to us or resulted from your use of the Application) newsletters sent electronically (email, SMS, messages within the platform, promotional messages) to your terminal equipment (smartphone, tablet, PC, etc.).

We will also process your personal data in order to organize promotional activities. By participating in any promotional activity, you authorize us to process the personal data you have shared with us in relation to the promotional activity and to communicate it through different means or through the Application itself.

The collection and processing of your data for this purpose is carried out on the basis of your consent (article 6 par. 1a GDPR)

If you do not wish to receive the news and personalized offers mentioned above, you can withdraw your consent by making a written statement to the Company.

Please note that the revocation and subsequent changes apply only for the future and will take effect or be implemented no later than 48 hours after the revocation.

 

 

4.6. The establishment, exercise and support of legal claims

 

4.6.1. The protection of the rights and interests of AUEB

The AUEB and the RC/AUEB reserve the right to exercise its legal claims against customers in the event that it is deemed that the use of the service caused harm to the interests of the organization.

For this purpose, RC/AUEB will process all of your account information in order to extract the data that is relevant to the disputed claim, while it will also produce additional data by drafting, through its attorneys, all types of extrajudicial, procedural and judicial documents.

The collection and processing of your data for this purpose is necessary for thepurposes of our legitimate interests, which consist in this case of the right of the entity to protect its business activity, property and image from users who violate its Terms of Use (article 6 par. 1f GDPR).

 

4.6.2. The body's defense against judicial and extrajudicial claims

You also have the right to exercise your legal claims against RC/AUEB, in the event that you believe that our behavior or practices have violated your rights.

In the event that you exercise these rights, the entity will process all of your account information in order to extract the data that is relevant to your claim and necessary for its defense/defence against your actions.

The collection and processing of your data for this purpose is necessary for thepurposes of our legitimate interests, which consist in this case in the right of the entity to defend itself, its interests and rights before judicial, police and administrative authorities (Article 6, paragraph 1f of the GDPR).

 

4.6.3. Providing opinions to the Personal Data Protection Authority

In the event that you are not satisfied with the processing of your personal data by RC/AUEB and our response to a request you have made, you certainly have the right to file a complaint with the competent supervisory authority.

In order to examine your complaint, the Personal Data Protection Authority will request from our company our views on the contents thereof, as well as any relevant document or information related to its content.

In order to fulfill this legal obligation, but also to defend the interests and rights of the body against the complainants, we will need to process any information from your account that is relevant to the subject of your complaint, while at the same time we will collect, through the Authority's call, the text of your complaint, which also includes your personal data.

The processing of your data for this purpose is necessary for the purposes of our legitimate interests, which consist in this case in the defense of the AUEB and the RC/AUEB before an administrative authority (article 6 par. 1f' GDPR), as well as for the compliance with legal obligation(Article 6, paragraph 1c of the GDPR) which we have under Article 31 of the GDPR to cooperate with the supervisory authority.

 

 

4.7. Our compliance with our legal obligations

 

4.7.1. Responding to requests under the GDPR

As will be explained later in this document, as a data subject you have a number of rights under the General Data Protection Regulation. You can, for example, request access to your data, i.e. to be informed about it and to be provided with a copy, or request its deletion from our records.

RC/AUEB is obliged to receive and examine any of your requests and to respond to them within a specific deadline. For these actions, it is necessary to carry out additional processing operations, depending on the nature of your request.

For example, if you request access to specific information from your account, such as in relation to a specific purchase you made, RC/AUEB must search, extract and transmit the data you have requested.

At the same time, RC/AUEB reserves the right to request and collect additional identification information from you, in accordance with article 12 par.6 GDPR, in the event that it has reasonable doubts about your identity. This information consists of confirming your details by sending a copy of your identity card or other public document.

The processing of your data for this purpose is necessary for our compliance with a legal obligation (Article 6, paragraph 1c of the GDPR), as it consists of our obligation under Article 12 of the GDPR to facilitate the exercise of your rights and to respond to them in a timely manner.

 

4.7.2. Proof of our response to your requests

In any case where we receive a request from you under the GDPR as above, we are obliged to keep evidence of our subsequent actions. This evidence is kept through a special data subject request management file, where the details of the requests we receive, therefore your additional personal data, are recorded.

At the same time, in the event that you request data deletion (Article 17 GDPR) and this is satisfied, we are obliged to retain some minimal information about you (such as, for example, name, contact details and dates of submission and satisfaction of the deletion request), in order to be able to prove that we acted as we should.

The processing of your data for this purpose is necessary for our compliance with a legal obligation (Article 6(1)(c) GDPR), as it consists of our obligation under Article 12 GDPR to respond to your requests and Article 5(2) GDPR to demonstrate our compliance with the requirements of the General Data Protection Regulation.

 

4.7.3. Confirmation of consents obtained

According to Article 7(1) GDPR, where processing is based on consent, the controller is able to demonstrate that the data subject consented to the processing of personal data.

This means that if the processing of your data for a specific purpose is based on your consent, we are obliged to keep evidence of receipt of this consent.

The processing of your data for this purpose is necessary for our compliance with a legal obligation (Article 6, paragraph 1c of the GDPR), as this consists of our obligation under Article 7, paragraph 1 of the GDPR to prove receipt of your consent.

 

5. Who are the recipients of your data?

According to Article 4 of the GDPR, the recipient of the data is defined as "the natural or legal person, public authority, agency or other body to which the personal data are disclosed, whether or not it is a third party".

In fulfilling our contractual and legal/regulatory obligations, your personal data may be provided to third parties, in view of the purposes related to the necessity of data processing, in accordance with the respective contractual/regulatory framework and against which the necessary provisions have been taken for the protection and lawful processing of personal data concerning you, under the supervision of the legal representative of the controller. All third parties, to whom the PDS are disclosed, undertake to respect the principle of confidentiality and to operate with a view to their protection, in accordance with domestic law and the principles of the GDPR. Similarly, all processors appointed by us to process personal data on our behalf are contractually bound to comply with the provisions of the GDPR.

In particular:

- for making a payment, the recipient of your data is National Bank, which undertakes, as a processor on our behalf, the maintenance of your banking data and the processing of electronic transactions.

- for the provision of technical support for the platform, the recipient of your data is the company RDC Informatics, which undertakes, as a processor on our behalf, the performance of processing operations necessary for this purpose.

- for the purpose of carrying out promotional activities, partners of our company who provide advertising and marketing services may also become recipients of your data.

- for the exercise and support of the legal rights of the AUEB and the RC/AUEB , the recipients of your data are our attorneys-at-law, the Personal Data Protection Authority, as well as any other public official involved, such as bailiffs, prosecutorial and judicial authorities, and court officials.

- for the entity's compliance with a request from a judicial/law enforcement authority to provide information, the recipient of your data becomes the judicial/law enforcement authority that has requested the information that we will transmit.

 

 

6. What are your rights?

From the moment we collect information related to you, you become the subject of the data concerning you and have the rights provided for by the provisions of the legislation on the protection of personal data.

These rights of yours are:

The right of access

You have the right to ask us, at any time, for confirmation as to whether we are processing your personal data and what it is, as well as to receive copies of that data. You can read more about this right here.

The right to correction

You have the right to ask us, at any time, to correct any information you consider inaccurate. You also have the right to request that information you consider incomplete be completed. You can read more about this right here.

The right to erasure

You have the right to ask us to delete your personal data in certain circumstances. You can read more about this right here.

Your right to restriction of processing

You have the right to ask us to restrict the processing of your information in certain circumstances. You can read more about this right here.

Your right to object to processing

You have the right to object to the processing of your personal data. You can read more about this right here.

Your right to data portability

This only applies to information you have given us. You have the right to request that we transfer the information you have given us to another organisation or to provide it to you. The right only applies if we process information based on your consent, or to enter into a contract and the processing is automated. You can read more about this right here.

Clarifications regarding your rights

These rights of yours are not absolute. Their satisfaction is provided for by law, under conditions related to the characteristics of each request and the legal basis of the processing, and may be prevented by the protection of the rights of other persons, the fulfillment of our legitimate interests and the observance of our legal obligations.

In any case, we encourage you to exercise your rights whenever you consider it appropriate or necessary and we undertake to examine your request and respond (positively or negatively) immediately and within the deadline set by the legislator.

Your request will be processed free of charge, however, in the event that your request is manifestly unfounded or excessive, particularly due to its repetitive nature, we may:

a) impose the payment of a reasonable fee, taking into account the administrative costs of providing the information or communication or carrying out the requested action, or

b) refuse to comply with the request.

This possibility, which is only applicable in special cases, with a reasoned response, and for no reason will it constitute an excuse for not processing your request.

 

 

7. The possibility of filing a complaint with the Personal Data Protection Authority.

Your personal data, which we process, belongs to you, as the data subject. The processing we carry out is carried out according to specific rules and for specific purposes.

In any case in which you disagree with this processing, its scope, duration, purposes and recipients or you consider that we are violating your rights over your personal data, you can contact us and/or submit a complaint to the competent supervisory authority.

The competent supervisory authority is the Personal Data Protection Authority (1-3 Kifissias Ave., 115 23 Athens). In the following link you can find detailed information on how to submit a complaint:

https://www.dpa.gr/index.php/en/individuals/complaint-to-the-hellenic-dpa

It is noted that, for the best possible satisfaction of any request or right of yours, it is preferable to first contact the RC/AUEB, as otherwise, the competent Authority may reject your complaint due to failure to comply with due process.

 

8. How do you exercise any of your rights?

To exercise any of your rights under the GDPR, as well as for any issue regarding the protection of your personal data, you can contact the Data Protection Officer (DPO) of AUEB at the following email address: dpo@aueb.gr, as well as with the support of the platform at the email address conferences@rc.aueb.gr.

Communication with us is also possible through the platform, through Unity Communication.

 

Date of preparation of the Personal Data Protection Policy:

3-4-2025

Information

CONTACT DETAILS
RC AUEB
45, Kefallinias Str., Athens 112 57 Greece
Tel.: (+30)210 8203830
conferences[at]rc.aueb.gr

My account
Customer service
Powered by nopCommerce
Developed by RDC Informatics
Copyright © 2025 RC-AUEB CONFERENCES. All rights reserved.