Privacy Policy

Who we are

The non-profit company named “AMKE FOR THE PROTECTION OF AQUATIC ECOSYSTEMS” and the distinctive title “iSea”, based in Thessaloniki, 12 Kritis Street (https://isea.com.gr/, tel. 2313090696, email: info@isea.com.gr) is active in the field of aquatic ecosystem protection ecosystems, promoting measures for environmental protection, and conducting and promoting scientific research as a basis for sustainable development with the aim of environmental, social and economic welfare.

Scope of application

This privacy policy describes how personal data (hereinafter referred to as “data”) is collected, processed, stored, managed, transferred, protected, and generally used by iSea, always in accordance with the relevant national and European legislation, in particular the General Data Protection Regulation (EU) 2016/679 (GDPR). It is expressly noted that visiting and using the website, applications and services of “iSea” constitutes acceptance of this privacy policy. At the same time, with this text, “iSea” undertakes the obligation to protect the confidentiality of data and is obliged to comply with the applicable Greek and European legislation, to protect the rights of the subjects with whom it transacts, to ensure transparency in matters of data processing and storage and to protect them from risks of violation.

Why we collect your data

The data collected, processed, and stored by “iSea” is that required to achieve the respective purpose of collection, processing, and storage, depending on the relationship between the company and the data subject, the status of the data subject, the legal provisions, and the explicit consent of the data subject (if given). In particular, legitimate reasons for collecting, processing, and retaining data may include the following:

  • execution of contractual terms between the company and the data subject,
  • creation of a database of volunteers, sponsors, and external partners,
  • implementation of research programs,
  • recruitment and employment of staff,
  • use of the website, web applications, and social media of “iSea,”
  • statistical and marketing reasons, as well as for promotional activities, including invitations to participate in company activities, provided that the data subject gives their explicit consent, and
  • the explicit consent of the data subject for any other purpose.

In case “iSea” is going to collect, process, and store data for another legitimate reason, the data subject will be explicitly informed and asked to give their explicit consent to the specific terms to be determined on a case-by-case basis.

How we collect data

The way in which data is collected varies depending on the relationship between the company and the data subject, the status of the data subject, the legal provisions, and the explicit consent of the data subject (if given).

Indicatively and not restrictively, we may collect your data in one or more of the following ways:

  • by signing a cooperation agreement, in printed or digital form.
  • by completing a Recruitment Form, Employment Contract, or other documents required by law for the commencement of an employment relationship with “iSea”, including official documents that prove and that are required by law and labor legislation.
  • by completing a printed or digital data collection form.
  • by registering as a user on the website, applications, and social media platforms.
  • by subscribing to the email newsletter.
  • by communicating via email and receiving documents that you voluntarily share with “iSea”.

In any case, the company requests, collects, processes, and stores only the personal data that is absolutely necessary for the processing in question, primarily based on its intended purpose

What kind of data we collect

The data we collect, process, and store can be divided into two (2) separate categories:

1. personal data that cannot be identified by “iSea” and is directly related to the use and operation of the internet.

When visiting the “iSea” website, the server records the user’s IP address, as well as the date and time of connection, which are kept in special files (log files) for the following reasons:

  • to ensure the security of networks, information, and services from accidental events or illegal or malicious actions that jeopardize the availability, authenticity, integrity, and confidentiality of stored or transmitted data (e.g., checking for “denial of service” attacks),
  • establishing, exercising, or defending legal claims,
  • complying with our legal obligation to retain them in order to ensure the protection of your data from malicious use,
  • for possible searches for information by police or judicial authorities, which we must be able to provide, always under strict conditions and terms and in accordance with the applicable legal framework.

Also, and again for the reasons mentioned above, when you visit our website, certain information may be collected automatically, beyond your computer’s IP address, such as the type of browser you are using and the configuration of your operating system, the websites you visited immediately before and after visiting our website, and the browser and operating system configuration, the websites you visited immediately before and after your visit to the Website, websites and advertisements you view and links you click on within the Website, basic server connection information and information collected through HTML, cookies and other similar technologies.

Please note that sending an email or submitting a contact form does not in itself constitute sufficient reason for us to include you in our database, nor do we retain your details for marketing purposes.

2. personal data that you provide for various reasons, from which iSea can identify you

This data varies depending on the relationship between the company and the data subject, the status of the data subject, legal provisions, and the data subject’s explicit consent (if given). In particular, this data may include, as appropriate, the following information:

  • Employees: those mentioned in the law, in the recruitment form, and in the employment contract, including the official documents proving them and attached to the above recruitment documents (in particular, full name, date of birth, gender, home address, contact telephone number, email address, formal and substantive qualifications, previous employment, etc. indicative and not exhaustive).
  • Candidates: those mentioned in the applications submitted, as well as those included in the CVs and provided by the candidate of their own free will (in particular, full name, date of birth, gender, home address, contact telephone number, email address, formal and substantive qualifications, previous employment, etc. (indicative and not exhaustive).
  • Volunteers: the information provided in the volunteer participation forms and declarations (in particular, full name, date of birth, gender, home address, contact telephone number, email address, etc., by way of example and not limitation).
  • Sponsors/Partner companies/External partners: the information provided in the contracts concluded between them and “iSea” (in particular, full name or company name, registered office, tax identification number, contact details of legal entities, personal details of natural persons – their representatives, etc. (indicative and not exclusive references) and any information necessary for the execution of the contract between us and throughout the duration of its validity for the purpose of its execution.
  • Fishermen/Owners of fishing businesses: what is required for the development of the research programs in which they participate (name, contact information, vessel information, etc., indicative and not limited).

Social media

The company has official accounts on the following social media platforms: Facebook and Instagram. Through these platforms and with your consent as the legal basis, we collect and process certain data about you (in particular the username that you use and your photo), for the purpose of informing you and/or communicating with you.

Your consent is given by “liking” or following our pages, and you can revoke it just as easily, in exactly the same way (by withdrawing the “like” or unfollowing). Your consent implies acceptance of our data protection policy and, if you do not agree with it, you must withdraw your consent. In particular, with regard to social media pages, our company is jointly responsible for processing your data together with the respective social media platform, without however bearing any responsibility for the way in which each platform processes your data.

Our company encourages users to submit comments on posts and/or pages maintained on social media. Although we are not obligated to monitor the content submitted by users, our priority is to ensure a safe online environment. For this reason, we reserve the right to remove without notice any post that violates the terms of use of the website as stated in the relevant section, and in particular content that is abusive, vulgar, pornographic, threatening, promotional or that infringes intellectual property rights or contains false statements regarding the user’s identity, while retaining the right to block users who submit such content.

If you believe that user content hosted on our website or your company’s social media violates or otherwise infringes on our terms of use, please contact us immediately.

Detailed information on the processing of Personal Data

The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

Google Analytics with anonymized IP (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
This integration of Google Analytics anonymizes your IP address. It works by shortening Users’ IP addresses within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server and shortened within the US.

Personal Data processed: Cookies; Usage Data.

Place of processing: United States – Privacy PolicyOpt Out.

Contact form (this Website)

By filling in the contact form with their Data, the User authorizes this Website to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.

Personal Data processed: email address; first name; last name.

This type of service allows you to view content hosted on external platforms directly from the pages of this Website and interact with them. This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.

Google Site Search (Google Ireland Limited)

Google Site Search is a search engine embedding service provided by Google Ireland Limited that allows this Website to incorporate content of this kind on its pages.

Personal Data processed: Cookies; Usage Data. Place of processing: Ireland – Privacy Policy.

Google Drive (Google Ireland Limited)

Google Drive is a content hosting and file management service provided by Google Ireland Limited that allows this Website to embed and display files, documents, and multimedia content directly on its pages, enabling users to view and interact with stored content.

Personal Data processed: Cookies; Usage Data.

Place of processing: IrelandPrivacy Policy

This type of service allows interaction with social networks or other external platforms directly from the pages of this Website.
The interaction and information obtained through this Website are always subject to the User’s privacy settings for each social network.
This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.
It is recommended to log out from the respective services in order to make sure that the processed data on this Website isn’t being connected back to the User’s profile.

Facebook and Instagram Like button and social widgets (Meta)

The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.

Personal Data processed: Cookies; Usage Data.

Place of processing: United States – Privacy Policy.

YouTube button and social widgets (Google Ireland Limited)

The YouTube button and social widgets are services allowing interaction with the YouTube social network provided by Google Ireland Limited.

Personal Data processed: Usage Data.

Place of processing: Ireland – Privacy Policy.

Category of Personal Information collected according to the CCPA: internet or other electronic network activity information.

This type of service allows this Website and its partners to inform, optimize and serve advertising based on past use of this Website by the User.
This activity is facilitated by tracking Usage Data and by using Trackers to collect information which is then transferred to the partners that manage the remarketing and behavioral targeting activity.
Some services offer a remarketing option based on email address lists.
In addition to any opt-out feature provided by any of the services below, Users may opt out by visiting the Network Advertising Initiative opt-out page.

Users may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.

Remarketing with Google Analytics (Google Ireland Limited)

Remarketing with Google Analytics is a remarketing and behavioral targeting service provided by Google Ireland Limited that connects the tracking activity performed by Google Analytics and its Cookies with the Google Ads advertising network and the Doubleclick Cookie.

Personal Data processed: Cookies; Usage Data.

Place of processing: Ireland – Privacy PolicyOpt Out.

This type of service helps the Owner to manage the tags or scripts needed on this Website in a centralized fashion.
This results in the Users’ Data flowing through these services, potentially resulting in the retention of this Data.

Google Tag Manager (Google Ireland Limited)

Google Tag Manager is a tag management service provided by Google Ireland Limited.

Personal Data processed: Usage Data.

Place of processing: Ireland – Privacy Policy.

This type of service analyzes the traffic of this Website, potentially containing Users’ Personal Data, with the purpose of filtering it from parts of traffic, messages and content that are recognized as SPAM.

Akismet (Automattic Inc.)

Akismet is a SPAM protection service provided by Automattic Inc.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy.

Google reCAPTCHA (Google Ireland Limited)

Google reCAPTCHA is a SPAM protection service provided by Google Ireland Limited.
The use of reCAPTCHA is subject to the Google privacy policy and terms of use.

Personal Data processed: Cookies; Usage Data.

Place of processing: Ireland – Privacy Policy.

Cloudflare Turnstile (Cloudflare, Inc.)

Cloudflare Turnstile is a spam protection service provided by Cloudflare, Inc.

Personal Data processed: browser fingerprint; browser information; IP address; Trackers; Usage Data.

Place of processing: United States – Privacy Policy.

Category of Personal Information collected according to the CCPA: internet or other electronic network activity information.

Payment processing services enable this Website to process payments by credit card, bank transfer or other means. To ensure greater security, this Website shares only the information necessary to execute the transaction with the financial intermediaries handling the transaction.
Some of these services may also enable the sending of timed messages to the User, such as emails containing invoices or notifications concerning the payment.

PayPal (PayPal Inc.)

PayPal is a payment service provided by PayPal Inc., which allows Users to make online payments.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: See the PayPal privacy policy – Privacy Policy.

Category of Personal Information collected according to the CCPA: internet or other electronic network activity information.

This processing constitutes:

  • a Sale in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Nevada, Delaware, Iowa, New Hampshire, New Jersey, Nebraska, Tennessee, Minnesota, Maryland, Indiana, Kentucky, Rhode Island and Montana

Donorbox

Donorbox is a donation platform provided by Donorbox Corporation, which allows Users to make online single or multiple donations.

Personal Data: various types of Data as specified in the privacy policy of the service.

Place of processing: California, USA – Privacy policyTerms.

This processing constitutes:

  • a Sale in California
  • a Sharing in California

Payment by bank transfer (this Website)

In the event that the chosen payment method is a direct bank transfer to the current account indicated by this Website, the Owner will collect the payment details of the User, i. e. the current account number of the sender, the SWIFT code, the bank and the name of the sender. Such data will be collected and processed exclusively within the transaction and for billing purposes only.

Personal Data processed: first name; last name; payment info; physical address.

Category of Personal Information collected according to the CCPA: identifiers; commercial information.

This Website uses Trackers. To learn more, the User may consult the Cookie Policy or manage settings by clicking here

Manage cookies

 

Who has access to your data

We use third-party services (processors) for very specific and absolutely necessary services, such as hosting or web analytics, while the data referred to in case 1 (as analyzed in the previous chapter) is transferred to a partner responsible for the operation of the website and the applications that operate through it. To provide these services, we work with companies that guarantee the security of the data we transfer to them. However, it should be understood that in some cases we may be required to share data with judicial or police authorities, always under strict terms and conditions and in full compliance with the letter and spirit of the law.

The data collected through Google Analytics (e.g., the address visited by the user, the action performed, the duration of the visit, etc.) are generally transmitted to a Google server in the US and stored there.

In addition, the data referred to in case 2 (as analyzed in the previous chapter) are stored in the company’s existing registers/databases, which are accessed on a case-by-case basis and exclusively where their responsibilities require access to them:

  • The company’s partners, directors, and legal representatives.
  • The company’s accounting department and its legal representatives.
  • The company’s employees, depending on their area of activity.

This data will not be disclosed to third parties and external partners unless explicit consent is given for this purpose.

How long will your data be stored

Our company will store your data for as long as necessary based on our relationship (e.g., if you are an employee, partner, sponsor, etc.), your wishes (e.g. if you request their deletion), and the existence of any legal obligation (e.g. tax information). To determine the storage period, we apply the principle of limitation of the storage period, while in any case our priority is to keep them safe.

In any case, the following general rules apply:

  • If the legal basis for processing is the exercise of a legitimate interest, the processing and retention of personal data will be carried out for as long as necessary to achieve the company’s intended purpose, as well as for as long as is required until the statute of limitations for any relevant claims has expired.
  • If personal data is provided consensually by the data subject, it will be retained for as long as the relevant consent that was voluntarily granted has not been revoked.

However, even if consent is withdrawn, we will need to retain the necessary data for as long as required until the statute of limitations expires for any mutual claims.

  • If the legal basis for processing is the performance of a contract, we will retain your data for as long as the contractual relationship with our company is maintained or for as long as is necessary until the limitation period for any relevant claims has expired.

Please note that even if a request for data deletion is submitted, we may retain some of it, solely for the purpose of complying with legal obligations or for the establishment, exercise, and defense of legal claims.

What are your rights

Your rights regarding your personal data are regulated by the Greek legislation and, in particular, its harmonization with the General Data Protection Regulation (Regulation (EU) 2016/679) and are as follows:

  • Right of access, i.e. to submit a request to be informed whether we process data and, if so, what data, and some other information, such as the purpose of processing, the recipients, etc.
  • Right to rectification, i.e. to request the correction or completion of your data (important note: you have the option to correct any data through your profile)
  • Right to erasure, i.e. to request, under certain conditions, the erasure of your data
  • Right to restriction of processing, i.e. to ensure, under certain conditions, the restriction of the processing of your data by us
  • Right to object, i.e. to object at any time to the processing of your data based on our legitimate interest Right to object, i.e. to object at any time to the processing of your data based on our legitimate interest (commercial promotion)
  • Right to data portability, i.e. to request the data you have provided to us in a structured, commonly used and machine-readable format, if this is deemed technically feasible under the provisions of the GDPR.
  • In the event of a data breach that may put your rights and freedoms at high risk and provided that it does not fall under one of the exceptions provided for in the GDPR, we are obliged to inform you without undue delay.

* * *

If you wish, at no cost, to express your concerns, request clarification, submit complaints, or exercise any of your above-mentioned rights, including the right to withdraw your consent, please contact Mr. Ioannis Giovos at +30 2313090696 (ioannis.giovos@isea.com.gr)

If you believe that “AMKE FOR THE PROTECTION OF AQUATIC ECOSYSTEMS” and the distinctive title “iSea” do not meet the requirements of the General Data Protection Regulation, you can contact the Personal Data Protection Authority in Greece (http://www.dpa.gr/).