GDPR Privacy Policy & Compliance

Dear friends of NOΕSIS.

We would like to inform you about the privacy policy used by NOΕSIS with respect to your personal data and that we make every effort to safeguard your information and the way we process it.

1. Protection of personal data and data protection
Data is an obligation, it should be collected and processed only when absolutely necessary. We hate spam as much as you do! We will never sell, rent or distribute in any other way or disclose your personal information.

2. Relevant legislation
In addition to our operational and in-house IT systems, this website is designed to comply with the following national and international data protection and privacy laws:

EU Data Protection Directive 1995 (DPD)
EU General Data Protection Regulation (GDPR) 2018
United Kingdom Data Protection Act 1988 (DPA)

3. Personal information collected by this site and why we collect it
This site collects and uses personal information for the following reasons:

3.1 Monitor site traffic
Like most websites, this one (www.noesis.edu.gr) uses Google Analytics (GA) to track user activity. We use this data to determine the number of people who use our site, to better understand how they find and use our web pages and to see their progress within the site.

Although GA records data such as your geographical location, your device, your web browser and your operating system, none of this information is made personally known to us. GA also records your computer’s IP address, which could be used to identify you, but Google does not give us access to it. We believe that Google is a third party data processor.

GA uses cookies, details of which can be found in the Google Developer Guides. For your information, our site uses GA’s analytics.js application.

Disabling cookies in your browser will prevent GA from tracking any part of your visit to pages within this website.

3.2 Contact Forms and Email Links
If you choose to contact us using the Contact Us contact form or an email link like this, none of the data you provide will be stored on this site or transferred or processed or processed by any third party data processing operator as defined in section 6.0. Instead, this data will be emailed to us via the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by a TLS security protocol (sometimes known as SSL), which means that e-mail content is encrypted using 256-bit SHA-2 encryption before it is sent over the Internet. The contents of the email are decrypted by our local computers and devices.

3.3 Electronic newsletter
If you choose to participate in our email newsletter, the email address you submit to us will be forwarded to MailChimp, which provides us with our email marketing services. We consider MailChimp to be a third party data processor (see section 6.0). The email address you submit will not be stored in the in-site database or in any of our computer systems.

Your email address will remain in the MailChimp Database as long as we continue to use MailChimp’s email marketing services or until you explicitly request its removal from the list. You can do this using the delete link that contains all the email newsletters we send you.

If you are under 16, you MUST have your parents’ consent before subscribing to our email newsletter.

As long as your email address remains in the MailChimp database, you will receive periodic (approximately once a month) email updates from us.

4. How we store your personal information
As detailed in section 3 above, some personal information will be stored in the database of this site. This data is stored under a pseudonym, that is, the data requires additional processing using a separately stored “key” before it can be used to identify an individual.

Nickname is a requirement of the GDPR and we have implemented it on this site.

5. About the server of this site
All web traffic (file transfer) between this site and your browser is encrypted and transferred over the HTTPS protocol.

6. Our third party data processors
We use a number of third parties to process personal data about us. These two entities have been carefully selected and all comply with the legislation set out in Section 2. Both (2) of these entities are headquartered in the US and comply with the Interstate Agreement known as the EU-U.S Privacy Shield.

Google (Privacy Policy)
Mailchimp (Privacy Policy)

7. Data breaches
We will report any unlawful breach of this website or any third party data processing database to anyone and anyone directly concerned and to the authorities within 72 hours of the breach, provided that the personal data that is stored in a recognizable form, have been stolen.

8. Data controller
The webmaster of this site is: Science Center and Technology Museum, headquartered at: Sixth kilometer of Thessaloniki – Thermi street, 57001, Thermi, Greece

9. Changes to our privacy policy
This privacy policy may change from time to time depending on legislation or industry developments. We will not explicitly notify our customers or users of our website of these changes. Instead, we encourage you to periodically check this page for policy changes.