1. Privacy and data protection
Data is an obligation, it should only be collected and processed when absolutely necessary.
We hate spam as much as you do!
We will never sell, rent or distribute in any other way or make your personal information public.
2. Relevant legislation
In addition to our business and internal IT systems, this website is designed to comply to the following national and international data protection and privacy laws:
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
- United Kingdom Data Protection Act 1988 (DPA)
3. Personal information collected by this website and why we collect it
This website collects and uses personal information for the following reasons:
3.1 Tracking website traffic
Like most websites, it uses WP STATISTICS to monitor user activity. We use this data to determine the number of people who use our website, to better understand how they find and use our websites, and to see their course through the site.
Although WP STATISTICS records data such as your location, device, web browser and operating system, none of this information makes you personally known to us.
Disabling cookies in your browser will prevent WP STATISTICS from tracking any part of your visit to pages within this website.
3.2 Contact forms and email links
In case you choose to contact us using the “Contact Us” contact form or an email link like this, none of the data you provide will be stored by this website or transferred or processed by any third-party data processor as defined in section 6.0. Instead, this data will be sent to us in an e-mail message via the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by a TLS security protocol (sometimes known as SSL), which means that e-mail content is encrypted using SHA-2, 256-bit encryption before being sent over the internet. The content of the email is decrypted by our local computers and devices. In addition, our email platform is hosted by Microsoft using Office 365, which is fully GDPR-compatible.
4. How we store your personal information
As detailed in section 3 above, some personal information will be stored in the database of this website. This data is stored under the alias, that is, the data requires additional processing using a separately stored “key” before it can be used to identify a person.
Pseudonymization is a GDPR requirement that we have implemented on this site.
5. About the server of this website
All online traffic (file transfer) between this website and your browser is encrypted and transferred through HTTPS.
6. Our third-party data processors
We use a number of third parties to process personal data for us. These two bodies have been carefully selected and all of them comply to the legislation set out in Section 2. Both (2) these entities are based in the USA and are in accordance with the transnational agreement known as EU-U. S Privacy Shield.
7. Data breaches
We will report any illegal breach of the database of this website or the database of any third party data processor to anyone and to all stakeholders as well as to the authorities within 72 hours from the moment of the breach, as long as it is obvious that personal data stored in identifiable form has been stolen.
8. Data controller
The controller of this website is the Historical Archive of Greek Refugees, whose headquarters are: Andreas Papandreou 29A, 55135 Kalamaria, Greece.