Privacy Policy

INFORMATIVE NOTICE REGARDING THE PROCESSING OF PERSONAL DATA COLLECTED FROM CANDIDATES ADMITTED TO THE ICOM-CECA CONFERENCE 2024

ICOM Greece, in adherence to its mission and institutional values, undertakes to protect personal data of natural persons regardless of their nationality or residence, respecting every human being’s identity, dignity and fundamental freedoms in accordance with standards adopted regarding the processing and circulation of personal data. In pursuit of this undertaking, ICOM Greece will comply with accountability standards and implement consistent and appropriate safety measures and suitable policies.

Terms: 

Personal Data

means any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable

natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing

means any operation or set of operations which is performed on personal data or on sets of personal data, whether

or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 Who we are and contact details

 Data Controller is ICOM Greece (Hellenic National Committee of the International Council of Museums), based in Athens, 15 Agion Asomaton str , Tel.: (+30) 210-3239414. The Data Controller may be reached at the following e- mail:

icom@otenet.gr

 Scope of the present informative notice and to whom it is addressed

This informative notice covers personal data related to participation in the ICOM-CECA Conference (18-22 November 2024), entitled “Delicate topics, challenging audiences” (“Person Concerned”) admitted to activities such as research / thematic papers, market of ideas, workshops, posters, organized by ICOM Greece, even if in collaboration with its partners.

 Data categories and processing – Scope and legal basis of processing

 The request to submit the following personal data shall be deemed as mandatory: name, surname, date and place of birth, nationality, marital status, telephone numbers, address, email and photograph of the concerned subject.

 Personal data of the Person Concerned are processed for institutional purposes and to comply with obligations relating to the administration of educational programmes, in particular:

1. To manage the scheduling of contractual, administrative and other activities connected to candidates’ applications to programmes (e.g. research / thematic papers, market of ideas, workshops, posters);

2. To keep up to date the application form in Data Controller’s databases;

3. To comply with security rules and procedures;

4. To promote ICOM Greece and/or its activities. To this aim, personal data, such as image and/or voice (e.g. photos, audios, videos) may be processed and published on the Organization’s website or social media;

5. To collect surveys aimed at assessing satisfaction for services offered (e.g. website);

6. To perform storage, historical research and analysis activities for the Data Controller’s statistical purposes;

7. Only upon specific authorization from the Person Concerned, the Data Controller may send email communications concerning workshops, posters, events, panel discussions or other institutional activities and information.

 

Processing of personal data is performed in execution of public interest duties and for the Data Controller’s institutional purposes, provided that they do not prevail over the Person Concerned’s fundamental rights and freedoms that require personal data protection.

 

Automated decisions

 ICOM Greece will never adopt a decision which may relate to the Person Concerned based solely on automated processing. Any decision associated with personal data processing will be taken by a natural person.

 Personal data sharing

 Personal data shall be disclosed solely to recipients duly authorized by ICOM Greece. Personal data may/could be shared with recipients acting as processor(s) or as independent controller(s).

 Personal data could be shared with (but not be limited to): a) entities providing information technology or telecommunication services (including, but not limited to, services such as e-mail, newsletters, website); b) entities providing security; or c) authorities charged by law or by decision of public bodies/entities to verify the fulfilment of obligation(s), when institutional purposes or public interest or public security are to be protected.

 Data could even be shared with partners collaborating with the Organization on events, research / thematic papers, market of ideas, workshops, posters, if deemed necessary to fulfil the aims of the collaboration.

 Data retention period

 Personal data will be processed by ICOM solely for purposes declared in this Statement. The data may be stored for a longer period(s) solely for archiving purposes, in accordance with the Organization’s records retention schedule.

 
Rights of Data Subjects

Right of access

Data Subjects have the right to obtain from the Data Controller confirmation as to whether or not personal

data concerning them are being processed, to access such personal data and to obtain the following information:

a) the purposes of the processing operation; b) the personal data categories concerned; c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular those in third countries or international organizations; d) the expected period of personal data storage or applicable criteria for determining such period; e) the existence of the right to request from the Data Controller rectification or erasure of personal data or restriction of processing of personal data concerning or to object to such processing;

f) data source, if personal data are not being provided by Data Subjects themselves; g) existence of automated decision making process, including profiling and, in such cases, relevant information concerning applied logic, as well as importance and consequences for Data Subjects arising from the processing.

Right to

rectification

Data Subjects have the right to amend inaccurate Personal Data. Taking into account the purposes of the

processing, Data Subjects are entitled to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure

Data Subjects have the right to request erasure of personal data to be obtained without unjustified delay and

the Data Controller will be bound to erase Personal Data for any of the following reasons: a) Personal Data are no longer necessary to the purposes for which they were collected or processed; b) consent on which Data Processing is based has been withdrawn and there is no other legal basis for Processing; c) Data Subject has denied the right of Processing and there is no other prevailing legitimate reason for Personal Data Processing;

d) Personal Data have been unlawfully processed. In some cases, the Data Controller will have the right not to erase Personal Data should the Processing be mandatory to fulfil legal obligations, for public interest reasons, for filing purposes in the public interest or for statistical use or establishment, exercise or defence of legal claims.

Right to limit

processing

Data Subjects have the right to restrict processing in the following cases: a) the Data Subject contests the

accuracy of the personal data (restriction will last for the time necessary for the Data Controller to assess accuracy of the data); b) the processing is unlawful, and the Data Subject opposes the erasure of the personal data and requests the restriction of their use instead; c) the Data Controller no longer needs the personal data for processing but they are required by the Data Subject for establishment, exercise or defence of legal claims;

d) the Data Subject objects to the data processing and is awaiting verification whether the Data Controller’s

legitimate grounds override those of the Data Subject. Should a processing restriction apply, personal data will

  

only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims

or for the protection of the rights of another natural or legal person or for reasons of important public interest.

Right to data

portability

Data Subjects have the right to request and obtain any personal data they have provided to the Data Controller in a structured, commonly used and legible format or to ask for the data to be transmitted to another Data Controller, where technically feasible. In such case, the Data Subject shall be bound to give specific authorization in written form regarding the new Data Controller to whom the personal data is to be transferred.

Right to object

Data Subjects have the right to object, in any situation, for reasons related to their personal situations, to the

processing of personal data related to them, included profiling. The Data Controller will refrain from further processing operations on the data in question, unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedom of the data subject, or for the establishment, exercise or defence of a legal claim.

The undersigned hereby gives consent to the processing of his/her personal data, being aware that the consent given with this declaration can be revoked at any time by contacting the following e-mail: cecaathens2024@gmail.com

 

Data Controller

ICOM Greece

Accessibility Options

More Readable Font

Font Resize

Highlight Links

Reset or Remove Styles

Text Contrast Change

Red:

Green:

Blue:

Background Constrast Change

Red:

Green:

Blue: