Logo Konstantinos K.
Mitsotakis
Foundation

Privacy Policy

The protection of your personal data is of great importance to us.This
Privacy Policy (“Policy”) describes the terms of collection, storage, and
processing of your personal data by the data controller of the website ikm.gr,
namely the Konstantinos K. Mitsotakis Foundation (registered office:
2–4 Salaminos & 30 Psaromiligkou, 10553 Athens, Greece).This Policy
applies when you visit or use the Foundation’s website, provided you are a
natural person.

1. Legal Framework

The processing of personal data is carried out in accordance with:

  • General Data Protection Regulation (EU 2016/679 – GDPR),
  • Greek Law 4624/2019, and
  • Law 3471/2006 (implementation of Directive 2002/58/EC on
    electronic communications).

2. What are Personal Data

“Personal data” means any information relating to an identified or
identifiable natural person, such as name, email address, telephone number,
etc.

3. What Does “Processing” Mean

“Processing” refers to any operation performed on personal data, such as
collection, storage, use, disclosure, deletion, or destruction.

4. Data We Collect and Purpose of Processing

The website collects and processes personal data only when absolutely
necessary.We do not sell, rent, or disclose your data to third parties.

a) Website traffic monitoring (Google Analytics)

We use Google Analytics to collect anonymous statistics about website usage (e.g.,
number of visitors, visit duration, device type).Google may record IP
addresses, but we do not receive information that allows user
identification.Google acts as a data processor in compliance with
European data protection law.

b) Contact forms and email

When you contact us through a contact
form or by email, your data are used solely to respond to your inquiry and are
not disclosed to third parties.Email communications are protected by
TLS/SSL encryption for secure transmission.

5. Legal Basis for Processing

The processing of personal data is based, as applicable, on:

  • your consent,
  • compliance with a legal obligation, or
  • the pursuit of legitimate interests of the Foundation or third parties,
    provided that such interests do not override your rights.

For the sending of newsletters or the use of cookies, processing is based on
your explicit consent.

6. Data Recipients

Access to personal data is granted only to authorized Foundation staff bound
by confidentiality obligations and to partners acting as data processors under
the Foundation’s instructions and supervision.Data are hosted on servers
within the European Union, fully compliant with the GDPR, and are not
transferred outside Greece.

7. Data Retention Period

  • Data collected via contact forms are deleted once the communication is
    completed.
  • Data related to cookies are managed and deleted in accordance with the
    Foundation’s Cookies Policy.
  • Data are retained only for as long as necessary to fulfill their intended
    purpose.

 8. Data Security

The Foundation implements appropriate
technical and organizational measures to protect personal
data against accidental or unlawful loss, alteration, unauthorized access, or
disclosure.The website operates under HTTPS/SSL encryption.In the
event of a data breach, the Foundation will notify the competent authorities
and affected individuals within 72 hours, if required by law.

9. Minors

Minors under the age of 15 may use the website’s services only with the
consent of their parents or guardians.The Foundation does not knowingly
collect personal data from minors; if such collection is identified, the
relevant data will be deleted immediately.

10. Data Subject Rights

Under the GDPR, you have the following rights:

  • Right of access to your data and information about
    processing;
  • Right to rectification of inaccurate or incomplete data;
  • Right to erasure (“right to be forgotten”) of your data
    when no longer necessary;
  • Right to restriction of processing;
  • Right to data portability, i.e., to receive your data in a
    structured, readable format or to transfer them to another controller;
  • Right to object to processing or to withdraw consent where
    consent is the legal basis.

 11. Exercising Your Rights

To exercise your rights or request clarification, please contact the Data
Controller at: ikm@ikm.gr

12. Complaints

If you believe that the processing of your data violates applicable law, you
have the right to file a complaint with the
Hellenic Data Protection Authority (HDPA):

  • Address: 1–3 Kifisias Ave., 115 23 Athens, Greece
  • Tel.: +30 210 6475600
  • Email: contact@dpa.gr
  • Website: www.dpa.gr

 13. Policy Updates

This Policy may be updated periodically to reflect legal developments or
changes in website functionality.

 14. Data Controller

Konstantinos K. Mitsotakis Foundation2–4 Salaminos & 30 Psaromiligkou, 10553 Athens,
Greeceikm@ikm.gr