PRIVACY POLICY OF PERSONAL DATA

This Personal Data Privacy Policy applies to K.Di.V.M.'s facilities. and the services it provides as well as for the organization's informative website.

1. Generally

This Privacy Policy defines the terms and conditions observed by K.Di.V.M. for the protection of the privacy of our customers (trainees, trainees, beneficiaries) those interested in information and our staff and partners, whose personal data are processed for the purpose of fulfilling our mission as a certified K.D.I.V.M. .We take the protection of the privacy of third parties seriously and therefore implement the following Privacy Policy, which ensures a high level of information security and complies with the applicable legislative & regulatory framework. The purpose of this Policy is to inform you about how we collect, maintain and process the information concerning you, such as your personal data that you provide us, choosing to receive education - training and certification services from our organization. All personal data concerning you, collected and kept for the strictly necessary time, for specified, explicit and legal purposes, are lawfully and legitimately processed in a transparent manner always in accordance with the applicable legal framework and in a way that guarantees the integrity and their confidentiality.

2. Purpose of data collection & processing

We collect and use your personal data exclusively for the effective management of your relationship but also to provide quality & modern training and consulting services, based on your needs. In detail, the data collection concerns:

• Your registration and participation in professional training and adult education programs that we implement. This includes the management of supporting / legalizing documents provided for by the current legislation for NSRF, Voucher, OAED-LAEK programs and the collection of information regarding the respective certified training programs (EFET, Security Technicians, Sprayers, etc.) and professional qualification certification schemes based on ISO /IEC 17024 (Security, vendors etc.). The management of the timetable, student internships as well as, as the case may be, the examination process for certification of professional qualifications. The efficient organization of seminars, lectures and educational visits. Accordingly, it also concerns the lecturers / adult trainers of the programs.
• The execution of the contract for the provision of educational and/or consulting services by us which you have signed or another natural or legal person has signed on your behalf. The management of issues that are directly related to your participation in the organization's educational programs and concern the fulfillment of a legal obligation towards the public and organizations or the interest of K.Di.Vi.M.. The management of K.Di.Vi.'s obligations. M. against EOPPEP, the Ministry of of Education, Certification bodies, insurance funds and social security bodies. Included are all the data that must be observed for Compliance with Greek and European law regarding the operation of LIFELONG LEARNING CENTERS (LEARNING CENTERS) (accounting entries, obligations to KFAS, SEPE, KEPEK, etc.). Accordingly, it also concerns the lecturers / adult trainers of the programs.
• The improvement of the quality and operational functioning of our educational organization and the management of our relations with you before, during and after the educational program of interest to you. It concerns the Management of customer databases, the measurement of satisfaction of participants and beneficiaries / questionnaires and the management of your complaints.
• Improving our educational services and keeping you informed so that we can provide programs that best meet your requirements. As part of these actions, we may provide you with useful information about seminars & training programs that we implement or other promotional messages, as well as inform you of news about the labor market, professional orientation (by email or sms) only and if you choose. in the Registration / application or Data Consent Form (Registration form).

Your refusal to provide consent during the registration application process, the information regarding the required collection, processing, transmission of data or interconnection of files with the electronic platforms of the programs, may result in the inability to provide the requested educational Services or even the unilateral suspension of the provision of Services on behalf of the educational organization and indeed for free.

Responsible for the processing of the above maintained file is K.Di.V.M.. These data are always relevant, useful at all stages of processing and no more than what is required in view of the purposes mentioned in this paragraph 2, are accurate and, if necessary, subject to updating. The educational organization in the event that a change / change in the nature of the data of the trainee / beneficiary of the program is required, such that their use requires additional information and re-obtaining his consent, immediately informs the client in an appropriate manner and obtains their consent before taking any further action regarding the modification, updating, updating and keeping of said records.

3. Legal framework

The legal framework for personal data protection that governs this Privacy Policy and the operation of the educational organization basically consists of no. 2016/679 General Regulation on the Protection of Personal Data (EU) but also by any law or regulation that has been issued in continuation or for the implementation of the above General Regulation, as well as by any national legislation concerning the processing and protection of personal data in general in relation to Lifelong Learning adult vocational training and the certification of professional qualifications. Indicative legislation: Gazette 3057/18-11-2012, Gazette 229/19-11-2012, Gazette 237/05-12-2012, Gazette 3324/12-12-2012, Gazette 18/25-01-2013 LAW NO. 4111, Gazette 756/03-04-2013, Gazette 107/09-05-2013 MINISTRY LAW NO. 4152, Official Gazette 1584 6/21/2013, Law 4218/2013 (Official Gazette 268, A'), LAW 4316/2014 Official Gazette 270 Issue A Article 120, MINISTRY OF LAW NO.

4386 / Official Gazette 83 Issue A 11-5-2016, IEK. Law 4093/2012 – Official Gazette 222, Law 2009/1992, 2. Law 2327/1995, Law 2817/2000

(AEEA), L. 3369/2005, L. 3879/2010, N.4115/2013, Acts of Legislative Content of 11-19-2012, 12-5-2012

4. What Personal Data Do We Collect?

The basic information we are obliged to request from you is the following:

• Contact Details (surname, first name, patronymic, residential address, telephone, email etc.)
• Personal Information (marital status, nationality, profession, qualifications, bank account number etc.)
• Financial Data (registry data, taxable individual/family income)
• Identification / registry details (ADT, ADD, VAT number, AMKA, A.M.IKA, Unemployment Card No., Chamber Registry No.)
• Specific personal data on a case-by-case basis such as Disabled Persons' Disability Certificates
• Voluntarily provided additional information that you provide to us such as printed satisfaction evaluation questionnaires, complaint forms, your opinions expressed in your writings, instructor evaluation questionnaires, etc. .

Other information we collect & Information from third parties: A) We may also collect other information about you during your use of our services, in ways that we describe at the point of collection and always with your consent on the spot. You can choose not to provide us with certain types of information, but doing so may affect your ability to use certain Services (voucher.gov.gr platform. B) We may, depending on the requirements of the respective program, carry out verification / validation by an external body of your personal information through the electronic platform of the respective institution. C) We may obtain information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we obtain from or about you.

The https://kepeth.gr/ is only an information website of K.Di.V.M. and only collects digital data of the visitor/member in the form of Cookies. Cookies are pieces of information, in the form of very small text usually consisting of letters and numbers, stored in the browser used by the user (Internet Explorer, Chrome, Mozilla, Firefox, etc.), helping the more efficient operation of our website. The information we store in cookies is the IP address, the domain name, as well as information about the user's PC system. However, these data are in no way related to personal data. They are collected automatically and are related to the proper functioning of our website, as well as the extraction of traffic statistics. In case you do not wish to download cookies to your computer, you should either disable them from your browser (settings) or leave our website. By visiting our website, you are immediately informed about the use of cookies, in the form of a pop-up window at the bottom or top of the screen. You are given the option to accept cookies or opt out.

5. When We Collect Personal Data.

We collect personal data in various cases and at all stages of providing our educational and consulting services to you. In detail: a) Direct data is collected directly from the interested parties themselves or their legally authorized representatives through the expression of interest / registration requests (where consent is also obtained) and from documented information / legalizing documents / supporting documents that the interested parties themselves provide for the programs , provide As the case may be in the payment / invoicing process. B) When providing information from you: registration of various requests, complaints/complaints, completion of satisfaction evaluation questionnaires, etc. C) By subscribing to our newsletters in order to receive informational materials / newsletters and other promotions via e-mail and/or sms (after you have first given your consent in the special form). D) From Actions through electronic devices and interfaces: Connecting to our websites. Connection to the WiFi network we provide in our facilities. Also, in special cases, your information may be transmitted by third parties, such as certification bodies, external partners. E) During the process of evaluating/recruiting staff or trainers/instructors through CVs, EOPPEP register and the specific requirements of each program.

6. Terms of Third Party Access to Your Personal Data. Transmission and transfer of Personal Information

It is part of the philosophy of the educational organization and its staff and a core principle of management that we will not share your information with third parties for their own independent business or marketing purposes without your consent. It is generally the policy of the educational organization not to provide Personal Customer Data to any third party, business, organization, entity, for scientific, commercial, advertising and marketing purposes, except for the exceptions described in the next paragraph. K.D.V.M. does not process data for the purpose of providing customized content and suggestions based on your past activities on our Services (no Profiling). We do not transfer / transmit your personal data to external recipients who may be located in third countries.

However, the circumstances where we may share your information with third parties are summarized below:

• According to what is provided in the existing legal framework of LIFELONG LEARNING CENTERS (L.L.L.C.) and the implementation guides of the co-financed training programs, the educational organization must process and transmit simple or special category personal data of the trainees / beneficiaries of the programs (the details mentioned in par. 2 depending on the type of the program) to: all the competent supervisory / auditing services and the Public organizations & bodies involved in the respective training program of the educational organization, as implementation bodies or as management bodies authorities, and/or in issuing attestations/certificates and managing payments. Indicative: EOPPEP, EFET, Ministry of of Labor-SEPE, OAED, Min. of Rural Development, G.G.D.V.M. Ms. It includes sending your supporting/legalizing documents in paper form and/or electronically via the respective digital platform (such as voucher.gov.gr etc.)
• In special cases to Service Providers and/or third parties who carry out the processing on our behalf. We may also share your information with companies that provide services on our behalf or on our behalf, such as ISO/IEC 17024 certification bodies and qualification schemes, IT subcontractors, companies that send bulk emails on our behalf, banks, law firms offices, postal service companies, insurance funds and social security agencies, etc.
• To Other third parties when required by law or when we have to protect our services and our compliance with the requirements of the programs we implement. There may be instances in which we will share your information with other third parties to comply with the law or to respond to a mandatory legal process and to protect the rights, property, corporate reputation and/or safety of the teacher organization and its instructors - lecturers. We also reserve the right to retain personal information collected and process it for the purposes of collecting and paying customer debts and complying with accounting and tax rules and regulations as well as special record retention laws. In particular, We reserve the right to disclose any personal information we have about you: a) upon written authorization / order from you (the customer himself) & approval from the administration, b) court order, c) statutory control by the Greek police, d) legal audits by public and independent authorities and bodies such as A.P.D.P.X, ADDAE - DOU, SEPE-KEPEK, Ministries Education, EOPPEP, health services.

In order to provide you with the best training services, we provide access to your personal data, or certain specific categories of your personal data, to our appropriate and authorized personnel. This includes: the Secretariat, the project / program manager, & the trainers / lecturers of the program, the Legal Services department if and when needed.

7. Information Security and Protection Actions

The Security of the data of the educational organization and our customers (trainees, trainees, beneficiaries) those interested in information and our staff and partners, is the main concern of the company and the philosophy of all our employees. We have taken reasonable organizational and technical means to protect the information we collect in connection with the services provided and in particular any sensitive personal data collected. The information security system of the educational organization includes a series of technical and organizational measures and methods to ensure data integrity, controlled and classified access to them, protection of personal data from malicious actions / external threats, and natural disasters, as well and from unintended modification. Our IT Department follows international standards and practices to ensure network security and database encryption. We take reasonable steps to ensure that information about you is kept only for as long as is necessary for the purpose for which it was collected or for as long as is required by contract or by applicable law. Data is stored in electronic databases as well as physical/printed files. The educational organization keeps all its files (digital and physical) in its own facilities and does not use the services of external providers related to the processing and storage of data (eg Servers, cloud, File Repositories, lockers, etc.). Compliance with the Information Security policy and therefore the protection of information & data security in all the activities of K.D.V.M.2, is mandatory for all employees of the company and is stated in the Code of Conduct which they sign .

8. Access & Rights in relation to Personal Data

Under existing regulatory framework and national law in some jurisdictions, you have the right to request details of the information we collect and to correct inaccuracies in that information. The organization's secretariat can further inform you about your rights regarding: access and view objections, portability, restriction of processing, and deletion of your file. We may refuse to proceed with requests that require disproportionate technical effort and are extremely impractical, or risk the privacy of others, or involve access not otherwise required by domestic & European law. The data registered / sent by the educational organization and processed by third parties (OAED, voucher, EOPPEP etc.) are not our property & responsibility and for any access and exercise of rights to your data, after completing your application, you must contact the relevant body. If you want to submit a request for access to your information, the deletion of your personal data, contact the educational organization, where you will fill in a relevant written request.

In summary we pledge that:

1. You will have information and access to your personal data whenever you request it.

2. Your data will not be processed beyond the purposes for which we have your consent.

3. You can request correction or deletion of your personal data with a simple request / request.

4. You can get your data in a structured format and send it wherever you want.

5. We will not use your data in ways that we have not already disclosed to you and we have your consent (commercial promotion, profiling, automated actions). You can change your mind at any time.

6. We manage your data with complete transparency, legality and objectivity. We do not provide or sell them to anyone.

7. Your data we hold is only what we actually need to provide/sell the product/service we have agreed upon.

8. We are committed to keeping your data safe and secure. This includes our working only with trusted partners.

9. We respect your privacy and personal data and always try to accommodate your requests to the extent possible, in accordance with the Law and our current obligations.

Tthis Policy can be found at the reception of K.Di.V.M. and on his website. This policy may be amended and for this reason please check periodically and especially before your application to ensure that you are aware of any changes.