The American-Hellenic Chamber of Commerce (AmCham Greece, “we”, “us” or “our”) is committed to protecting and respecting your privacy and intends to process your personal data in a lawful, fair and transparent manner.
In this privacy statement, we explain which personal data we collect, how the data is used and for what purposes the data is processed. The term “Personal Data” or “Data” used in this policy means information that identifies you personally either alone or in combination with other information available to AmCham Greece and has the same meaning as set out in the General Data Protection Regulation 2016/679 (the “GDPR”).
This statement also provides details of the rights you have as data subject.
1. WHO ARE WE
Your data is processed by AmCham Greece, a non for profit organization based in 109-111 Messogion Avenue, 11526 Athens, Greece.
For the purposes of the GDPR we are the data controller.
2. WHAT PERSONAL DATA AMCHAM GREECE COLLECTS AND PROCESSES
AmCham Greece collects and processes Personal Data when a data subject is one of our members, participates in AmCham Greece activities (i.e. events, delegation meetings etc), visits our website or clicks on the links of AmCham Greece correspondence.
AmCham Greece collects, stores and processes overall the following categories of personal data directly from the data subjects:
-Identification and contact data details (such as name, email address, telephone numbers, job title, company name, office location details, individual pictures, credit card details etc.
-Activities (such as the participation in our events and meetings).
AmCham Greece collects Personal Data in various ways, such as:
• Though the membership: by becoming our member or by providing us with Personal Data members are consenting to and authorizing the collection and processing of their data;
• through the members’ profile page;
• through the registration/participation to our events, surveys and other online forms: contact details (last name, first name, job title, e-mail address, telephone number and function) will be saved with your explicit consent in case you are not a member.
• through emails: when you send an e-mail to AmCham Greece yourself for information purposes, in order to join an event, or when you complete the information form via the website and submit that form for applying for membership, we save your data in our database pending the conclusion of the membership process. AmCham Greece has a legitimate basis for so doing on the grounds that it is necessary for the execution of the procedure necessary for the completion of the membership process .
• through websites;
• Business cards: If you hand us a business card, you are also registered in our database. The basis for storing this data is that of our legitimate interest.
• Through direct contact in the context of our mission and activities (ministers, chiefs of cabinets, representatives, EU Community officials, US delegates, university professors, other academic staff, public bodies and institutions, news agencies etc.) AmCham Greece collects this data in the framework of its mission and activities, in particular its advocacy and knowledge-sharing activities aimed at representing/defending/promoting as effectively as possible the interests of its members in certain legal, technical and economic matters, so the use of such data is on the basis of legitimate grounds for doing so.
During our events, pictures may be taken and videos may be recorded. These materials could be used for marketing, communication purposes and may also be uploaded to our website and third-party’s supplier platforms, such as LinkedIn, Google+ etc. Should you wish not to feature in those materials, please contact us at dataprotection@amcham.gr
• Public data and data that we indirectly collect: AmCham Greece sometimes processes public data, for example, data that is subject to a publication requirement, or data that you have made public.
• Data that you spontaneously transmit to us can also be processed: when you contact us by phone or on-line, the team member taking your call or reading your message, can note your name, first name, email or on-line address and telephone number to inform your AmCham Greece contact person of your calls and to optimize the service we provide and our internal functioning.
3. FOR WHAT PURPOSE DO WE USE YOUR PERSONAL DATA
We have a number of lawful reasons to process your Personal Data. The legal basis for processing your data is in order to allow us to provide the services we engage to provide you with. This allows us to fulfil our legal obligation to you. The processing of AmCham Greece’s members’ personal data is necessary for legal reasons and for the performance of our contract to which the data subject is party. Additionally, we may process Personal Data of other stakeholders with legitimate interests pursued by AmCham Greece for outreach activities, sharing our positions on different policy matters, advocating for the interest of our members and marketing purposes.
Business purposes
We may process personal data from data subjects for the following business purposes, serving and addressing the needs and demands from our members and external stakeholders:
•Notify you via our e-newsletters about our (committee specific) activities;
•Organize and promote our events;
•Send e-correspondences with (external) stakeholders;
•Include you in our Members Directory (with access restricted to membership);
•Gather your input through surveys;
•Notify you about general announcements;
•Understand your interest in our website and improve its user friendliness.
In all cases we will process your Personal Data only on the basis of a legitimate and genuine reason of ours and if we are not harming any of your rights and interests.
4. WHO RECEIVES YOUR PERSONAL DATA
AmCham Greece processes your personal data in accordance with the purposes mentioned in point 3.
AmCham will not sell or provide your information to third parties and will only provide this Personal Data to third parties if this is necessary for the execution of our agreement with you or to comply with a legal obligation. In specific cases, your personal data may also be transmitted to some third parties:
• When organizing events, AmCham Greece can transmit personal data information (such as your first and last name or the title of your position) to other member companies or chambers of commerce or other public or private authorities co-organizing an event or to external service providers such as event organizers, but purely for organizational reasons and security.
• In case AmCham Greece has concluded a contract for the provision of certain goods and services (IT, insurance, payroll provider, etc.) your contact details (last name, first name, job title, gender, e-mail address, telephone number, function) will be shared if necessary for the execution of the contractual relationship.
• Accountants for financial reporting matters;
• Event organizers;
• Information and Communication Technologies’ providers;
• Official public bodies within the framework of the legal obligations that we are obliged to respect
We always conclude a data processing agreement with such third parties to ensure the same level of security and confidentiality of your Personal Data.
5. HOW LONG DO WE STORE YOUR PERSONAL DATA
AmCham Greece retains your Personal Data as long as necessary for the purposes described in point 3 and in accordance with any legal time retention periods in force. These data are deleted as soon as the relationship with AmCham Greece ends, unless you instruct us otherwise for future reference. For administrative reasons, AmCham Greece will archive your first and last name, given that these data cannot be deleted from the minutes of the Board, Committees, subcommittees, task forces, delegation groups, etc. Members should inform us when an employee leaves their company, so that AmCham Greece does not use the data of the person for the provision of our services.
6. WHAT RIGHTS CAN YOU EXERCISE TO ENSURE THE PROTECTION OF YOUR PERSONAL DATA
6.1. You can have access to your Personal Data
If you wish to have access to your Personal Data processed by AmCham Greece you can do so by exercising your right of access. AmCham Greece can confirm that it does not keep particular categories of Personal Data (e.g. data relating to race, ethnicity, health, sexual orientation).
6.2. You can request to have your data corrected
You are invited to let us know of if there are changes in your Personal Data (last name, first name, job title, gender, e-mail address, telephone number, function, address), so that we can make the necessary corrections or additions to this data.
6.3. You can request the deletion of your data
If you believe that AmCham Greece is processing certain personal data on an illegal or prohibited basis, without legitimate grounds or purpose to do this, you can ask that your personal data be erased. Please note that AmCham Greece is entitled in such a case to keep your Personal Data when a legal retention period requires it to do so.
6.4. You may request the restriction of the processing of your Personal Data
If your Personal Data are inaccurate and you have requested the data be modified or if you believe that AmCham Greece is processing your Data with no legitimate basis, you may request on the restriction of the processing of your Data.
6.5. You may request that your personal data be directly transferred to a third party (“data portability”). If you wish to do so, you can ask AmCham Greece to transfer the Data that you have personally provided us with either to yourself or directly to a third party.
6.6. You may sometimes refuse to have your data processed in a completely automated way. Some data processing and some processes are entirely automated, without human intervention. AmCham Greece does not make use of such automated processing of personal data –e.g. for profiling.
6.7. You can withdraw your consent
As your Personal Data are processed on the basis of your consent, you may withdraw this consent at any time. AmCham Greece will then delete your Data. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If you wish to exercise one or more of the rights outlined above, please contact AmCham Greece at dataprotection@amcham.gr and specify which right you want to exercise.
For the substantive issues relating to this privacy statement, please email the same address dataprotection@amcham.gr
Finally, please note that you can, at any time, submit a complaint to the local supervisory authority at complaints@dpa.gr if you believe that AmCham Greece does not respect your rights as stated above.
7. WE PROTECT YOUR PERSONAL DATA
AmCham Greece makes every effort to secure your personal data to the extent possible and to protect your privacy in an optimal way. AmCham Greece has implemented technical and organizational measures to ensure the protection of Personal Data processed through our website against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access. For the best possible protection of your Personal Data outside the limits of our control, your device should also be protected (such as by installing an updated antivirus system) and your internet service provider should take appropriate measures for the security of network data transmission (such as, firewalls and anti-spam filtering, etc.).
While we take all reasonable steps to protect your personal data, we cannot guarantee that the personal data you disclose to us will be 100% secure, nor that any data breach will not occur.
8. CHANGES TO THIS PRIVACY STATEMENT
This privacy statement is not a static document and it is likely to be modified over the course of time. We will post the updated Policy on the Website. We may also personally notify you in case of material changes, including but not limited to, by sending you an email regarding such changes. You are thus encouraged to periodically review this page for any changes.