We would like to assure you that it is of prime importance for ODYSSEUS & ATHENA Institute to protect the personal data of natural persons who deal in any way with the organization. This is why we are taking appropriate steps to protect the personal data we process and to ensure that the collection and processing is always carried out in accordance with the obligations laid down by the applicable legal framework, both by the organization itself and by third parties processing personal data on behalf of the organization.
What data do we process
The personal data you provide to us, such as contact details (eg name, address, email, telephone number, other additional personal information, etc.), data required under an employment relationship (eg education / training / special knowledge and skills, past professional experience, social security, income tax, etc.) we only process when we have a legitimate reason to do so.
Legitimate reasons for processing your personal data consist of:
How and why we use your personal data
For proper compliance with our contractual commitments and the maintenance of communication between us.
Deriving from the contractual relationship between us (whether it is a contract for works from a contractor / subcontractor, or a supply contract, or a service contract, etc., or dealing with the processing of personal data at pre-contractual stage), we draw and use the information required for a smooth development of our co-operation, for example for the signing of amendments to the main project contract, the management of financial pending issues resulting from some cooperation, etc.
For communicating with you and managing our relationship with you.
We may need to contact you via email for administrative reasons, such as through the contact form on our website to answer your questions or comments to improve both our relationship with you and the quality of our services
To safeguard our legitimate interests and protect individuals and goods.
Who may receive your data
The Organization may forward personal data to the following categories of recipients:
When, and to the extent necessary, in the course of an audit (eg application of financial, tax, insurance, labor, or other general and / or more specific legislation) and in all cases according to the applicable legal procedures.
Partners of our organization (partner subcontractor banks, insurance companies, auditing company, etc.)
The organization maintains partners to whom it assigns the processing of personal data on its behalf (eg subcontracts, bank transactions). In these cases, the organization remains responsible for the processing of your personal data and sets out the details of the processing, executing a specific contract with the subcontractors to whom it entrusts the execution of processing activities in order to ensure that processing is carried out in accordance with the applicable legal framework and that any natural person may freely and without hindrance exercise the rights conferred by the legal framework.
The length of the data storage period is decided on the basis of the following specific criteria, as appropriate:
What are your rights with respect to your personal data
Any natural person whose data is being processed by the organization enjoys the following rights:
Right of Access:
You have the right to be aware and verify the legitimacy of the processing. So, you can access your data and get additional information about how we process it.
Right of Rectification:
Right of Erasure:
You have the right to request the deletion of your personal data under the restrictions of Article 17 of the Regulation.
Right to Restriction of Processing:
You have the right to request a limitation on the processing of your personal data in the following cases: (a) when you contest the accuracy of your personal data and until it has been verified, (b) when you object to the erasure of personal data, c) when personal data is not needed for processing purposes, it is, however, indispensable for the foundation, exercise, support of legal claims, and (d) when you object to the processing and until it is verified.
Right to Object Processing:
You have the right to object at any time to the processing of your personal data where, as described above, it is necessary for the purposes of legitimate interests we seek as processors.
Right to Portability:
You have the right to receive your personal data free of charge in a format that allows you to access, use, and edit it with commonly used editing methods. You also have the right to ask us, if technically feasible, to pass the data directly to another processor. This right exists for the data you have provided to us and is processed by automated means based on your consent or performance of a relevant contract.
Right to Revoke Consent:
Where processing is based on your consent, you have the right to recall it freely, without prejudice to the lawfulness of the processing which was based on your consent prior to you recalling it.
Right to File a Complaint with the DPA
Security of Personal Data
Odysseus & Athena Institute shall implement appropriate technical and organizational measures to ensure the safe processing of personal data and to prevent accidental loss or destruction and unauthorized and / or unauthorized access to, use, modification or disclosure of such data. In order to ensure the appropriate level of security against such risks and in order to select appropriate technical and organizational measures, the organization takes into account the latest technological and other developments, the cost of implementation, the nature, the scope and the purposes of the processing, as well as on the one hand, the likelihood and risk of occurrences of accidental loss or destruction and unauthorized and / or unauthorized access to personal data, use, modification or disclosure, and, on the other, how serious the consequences on the rights and freedoms of natural persons will be.
GDPR Team,December 2020
8 Adrianoupoleos str
39 Malvern terrace,