Personal Data Protection Policy

This Personal Data Protection Policy applies to the premises of the INNOVATION FOOTPRINT, the services it provides, and the organization’s official website.

 

1. General Information

This Policy sets out the terms and conditions under which INNOVATION FOOTPRINT ensures the privacy of its clients (trainees, learners, beneficiaries), individuals seeking information, as well as its staff and collaborators, whose personal data is processed to fulfill our mission as a certified Lifelong Learning Centre.

We take the privacy of all third parties seriously and apply this Policy to ensure a high level of information security in compliance with the applicable legislative and regulatory framework. The purpose of this Policy is to inform you about how we collect, retain, and process your personal data, which you provide when you choose to receive training and certification services from us.

All personal data is collected and retained for a strictly necessary period and for specific, explicit, and lawful purposes. Processing is conducted lawfully and fairly, in a transparent manner, ensuring data integrity and confidentiality, in accordance with applicable legal provisions.

 

2. Purpose of Data Collection & Processing

We collect and use your personal data solely to manage our relationship effectively and to offer you quality, up-to-date education and consulting services tailored to your needs. Specifically, we collect information for the following purposes:

1) Enrollment and Participation:
For your enrollment and participation in adult education and vocational training programs, including:

  • Managing supporting documents required by current legislation for ESF-funded programs etc.
  • Collecting data for certified training schemes (e.g. EFET, Safety Technicians, Sprayers) and ISO/IEC 17024-based certification schemes (e.g. Security, Sales).
  • Organizing timetables, internships, and, where applicable, certification exams.
  • Coordinating seminars, lectures, and educational visits.
    This applies also to the trainers/instructors of the programs.

2) Execution of Contract:
To fulfill the service contract you or a third party have signed for you, and to handle matters related to your participation in educational programs, as well as legal obligations and the interests of Ke.Di.Vi.M. (e.g. reporting to EOPPEP, the Ministry of Education, certification bodies, insurance and social security entities). Includes compliance with legal frameworks governing Lifelong Learning Centres (accounting records, obligations to KEP, SEPE, KEPEK, etc.). Also applies to instructors.

3) Quality & Operational Improvement:
To improve the quality and efficiency of our organization and manage our relationship with you before, during, and after your participation. Includes managing customer databases, satisfaction surveys, and complaints.

4) Service Improvement & Communication:
To inform you about programs that better meet your needs. With your consent (via Registration/Consent Form), we may contact you about upcoming seminars, training opportunities, and labor market updates via email or SMS.

Refusal to provide consent during the registration or update process may result in our inability to provide the requested educational services or even a unilateral termination of services without liability.

INNOVATION FOOTPRINT is the Data Controller. Data collected is relevant, limited to what is necessary, accurate, and updated when needed. In case of changes requiring renewed consent, we will inform and request your consent accordingly before any further action.

 

3. Legal Framework

This Policy and the operation of INNOVATION FOOTPRINT comply with:

  • General Data Protection Regulation (EU) 2016/679 (GDPR)
  • National laws and regulations applicable to the processing of personal data, particularly in the field of lifelong learning, adult vocational training, and professional certification.

Indicative legislation includes: Government Gazettes FEK 3057/18-11-2012, 229/19-11-2012, 237/05-12-2012, 3324/12-12-2012, Law No. 4111 (FEK 18/25-01-2013), FEK 756/03-04-2013, Law No. 4152 (FEK 107/09-05-2013), Law No. 4218/2013 (FEK 268/A), Law No. 4316/2014, Law No. 4386/2016 (FEK 83/A), Law No. 4093/2012 (FEK 222), Law No. 2009/1992, Law No. 2327/1995, Law No. 2817/2000, Law No. 3369/2005, Law No. 3879/2010, Law No. 4115/2013, and related Presidential Decrees and Legislative Acts.

 

4. What Personal Data We Collect

We are obliged to collect the following categories of personal data:

  • Contact Information: Name, surname, patronymic, address, phone number, email, etc.
  • Personal Details: Marital status, nationality, occupation, education, bank account number, etc.
  • Financial Data: Tax records, personal/family taxable income, etc.
  • Identification Data: ID card, passport number, TIN, AMKA, IKA number, unemployment card number, Chamber registration number.
  • Special Categories of Data: Disability certifications (where applicable).
  • Voluntarily Provided Information: Evaluation forms, complaint forms, opinions shared in writing, trainer evaluations, etc.

Other Collected Data / Third-Party Sources:

  • We may collect additional data during your use of our services, with your on-the-spot consent.
  • Data verification may be required by external programs via online platforms.
  • We may also receive data from public or commercially available sources, always within legal limits and combined with existing information you’ve shared.

Our website is purely informational and only uses cookies for technical and statistical purposes (e.g. IP address, browser type). You may disable cookies through your browser or leave the website. Upon visiting our site, you are informed about cookies via a pop-up message with options to accept or decline.

 

5. When We Collect Personal Data

We collect personal data at all stages of service delivery. Specifically:

  • Direct Collection: From individuals or their legal representatives via registration/application forms and supporting documents. Also during invoicing/payment.
  • Feedback: From evaluation forms, complaints, surveys, etc.
  • Subscription: When you subscribe to our newsletters or promotional updates (with prior consent).
  • Digital Interaction: Through use of our website, WiFi services, and any official platforms.
  • Recruitment: Through resumes, EOPPEP registers, and other program requirements.

 

6. Third-Party Access, Data Sharing & Transfers

Our organization’s policy is to never share personal data with third parties for their own independent marketing or business purposes without your consent.

Ke.Di.Vi.M. does not process data for profiling or personalized content based on your usage history, nor do we transfer data to third countries.

However, we may share your data in the following cases:

  • Legal & Programmatic Obligations: With supervisory bodies and public institutions related to program implementation including document submission via digital platforms like voucher.gov.gr.
  • Service Providers: Third-party processors such as IT subcontractors, bulk email services, certification bodies (ISO/IEC 17024), legal advisors, postal services, insurance or social security providers.
  • Legal Requirements: When required by law, court orders, audits, or for debt collection, compliance with tax/accounting laws, or investigation by competent authorities (e.g. police, tax office, data protection authority, Ministry of Education, etc.).
  • Internal Access: Only authorized staff have access to your data, including administrative personnel, program managers, and instructors, as well as the legal department where necessary.

 

7. Data Security Measures

Protecting the data of our clients, partners, and staff is a top priority. We implement organizational and technical safeguards to protect sensitive information and ensure data integrity, secure access, and protection against threats, tampering, and disasters.

Our IT department follows international standards to encrypt databases and secure our network infrastructure. Data is stored in both digital and physical formats exclusively on-site—no third-party cloud or server storage is used.

Compliance with our Information Security Policy is mandatory for all staff, as outlined in our signed Code of Conduct.

 

8. Access & Rights Regarding Personal Data

In accordance with national and EU law, you have the right to:

  1. Access and review your personal data.
  2. Restrict processing or object to it.
  3. Request data correction or deletion.
  4. Receive your data in a structured format.
  5. Be informed about any new uses and give or withdraw your consent.
  6. Expect full transparency and fairness in data processing.
  7. Know that only necessary data is collected.
  8. Rely on our commitment to protect your data with trusted partners.
  9. Expect your privacy and rights to be respected to the extent possible under applicable law.

Note: Data transferred to third parties  is no longer under our responsibility. For access or rights concerning such data, please contact the respective authority directly.

To submit a request for access or deletion of your personal data, please contact our administrative office and fill out the appropriate form.

 

This Policy is available at the reception of INNOVATION FOOTPRINT and on our website.
We may update it from time to time, so we encourage you to review it periodically, especially before submitting a new application.