OIKOMEDIA’S PRIVACY POLICY

The present Privacy policy applies to all Users of the Platform (hereinafter referred to as the “Users” or the “User” and “Platform” respectively) and forms an integral part of the Platform’s Cookies’ Policy. The present Privacy Policy provides the User with general information regarding how the Data Controller uses your personal data and other information required by data protection legislation. In case of future amendment, the User will be provided with necessary updates and information through the update of the present Privacy Policy, uploaded in the Platform. 

1.Who is the Data Controller? 

1.1. The Company with the company nameOIKOMEDIA AMKE”, address: Markou Evgenikou 7-9, 11471 Athens, Greece, Telephone: +302106612184, email: contact@oikomedia.com, is the Data Controller for the processing of the User’s Personal Data (herein after referred to as “Data Controller”). 

1.2. Data Controller’s Contact details: For any issue or concern with regards to the present Privacy Policy and to the processing of User’s personal data or data uploaded by the User to use Alpha and Omega application (hereinafter referred to as “Alpha and Omega”), the User can communicate with the Data Controller, by using one of the following alternatives:

By calling at +30210 6612184, from Monday to Friday from 10.00 a.m. to 17.00 p.m.

By sending an email at the following email address: contact@oikomedia.com

By sending correspondence to the following address: Markou Evgenikou 7-9, 11471, Athens, Greece.

  1. What is the purpose and the legal basis for User’s data processing? 

2.1. Platform’s operational purpose is to facilitate cross-border collaborations of media professionals who voluntarily register and make their professional data (indicatively contact and other) available to other media professionals. This is feasible only through the procedure of User’s registration-account creation, where all data related to this purpose can be uploaded and made available to other Users so as to enable the communication for journalistic purposes. For the specific purpose of processing, the legal basis is User’s prior consent. In addition, for the legitimate interest of the Plattform to verify the use of each account by the authorised User, which simultaneously satisfies User’s legitimate interest for safe access and use of his account.

2.2. To enable Users to make profitable use of digital tools/applications offered by the Platform free of charge such as Αlpha and Omega (and any other application/tool added in the future, whether free or charge or not). It is defined that specifically for Alpha and Omega, the processing purpose is to enable User to extract results based on statistical computer assisted algorithms. It is highlighted that the Platform provides Users only with a computer assisted algorithmic tool and is neither aware nor liable for the purposes for which the results will be initially or further used by the User. In addition the Platform is neither aware nor checks data files uploaded by each User while using platforms applications such as Alpha and Omega for which compliance with data protection legislation the User is fully and solely liable. For the specific purpose of processing, the legal basis is User’s prior consent expressed through User initiated and voluntary uploading of data files.

2.3. To inform Users about their expressed will to participate in events, programs and services notified through the Platform, for which purposes the User has previously initiated communication with the Platform. For the specific purpose of processing, the legal basis is User’s prior consent.

2.4. To inform Users about programs and services following User’s initiated request to receive such information or the User’s previous participation in programs / services / events. For the specific purpose of processing, the legal basis is User’s prior consent.

2.5. To send User informative newsletters with the purpose to inform him about new activities, projects and other issues of interest of the Platform. For this purpose of processing the legal basis is the User’s prior consent. 

2.6. Processing of data with the purpose to communicate with the User for reasons related to User’s permitted use of the Platform as well as for reasons related to the proper operation of the Platform. For this purpose of processing the legal basis is the Platform’s legitimate interest to safeguard the continuous and proper operation of the Platform offered to Users free of charge.

2.7. Processing of data with the purpose to communicate with the User
following User’s initiative to communicate with the Platform. For this purpose of processing the legal basis is the User’s prior consent.
 
2.8. Processing of data for reasons related to Data Controller’s compliance with legal obligations. In such cases processing of data takes place for only the necessary each time data in order for Data Controller to comply with obligations imposed by various legal provisions.
In case of the above provisions where the legal basis is User’s prior consent, the User can always withdraw his consent at any time without affecting the legitimacy of the data based on consent prior to its withdrawal.
  1. Which personal data are processed? 

3.1. Registration- account creation:

In order for a User to voluntarily create an account in the Platform, the User should fill in the necessary data: his name, email address, and password (step 1). Following that, the User is transferred to another page where he can upload his profile picture (optional) and choose his country, city, specializations, professions (obligatory). In addition, he can add his bio and professional experience (optional) (Step 2). The User is exclusively liable for  the content of bio and professional experience uploaded on the Website. The User has been appropriately notified for the purposes of processing as defined below as well as for the purposes of Website’s operation, thus the User is strictly advised to avoid including and making public any personal data that does not wish to be publicly notified and available to other Users of the Platform. The User acknowledges that with his registration, his profile is public. Data collected and processed are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed, meaning to enable the communication of media professionals voluntarily registering in the Platform and making available their professional details, following their own initiative through a registration/account creation procedure.

3.2. Use of digital tools/ applications such as Alpha and Omega.

Alpha and Omega is a digital tool enabling User to analyse data uploaded by him in the Platform and extract results according to algorithmic methods inserted. Data Controller does not have any knowledge or control of the data uploaded by each User, for which User’ bears the sole and exclusive liability for the compliance with data protection legislation. The User is exclusively liable for the legitimacy, compliance of the data with data protection regulation with regards to its collection and processing in general, data minimization, correctness, accuracy and update of data uploaded in the Platform.

3.3. Sending of applications and requests for the User’s participation in the events, programs and Services.

In order for the Data Controller to deal with applications and request by Users, the data processed are User’s full name, status/professional activity, email, country and data related to User’s portfolio.  

3.4. Request of information for programs and services.

In order for the Platform to deal with User’s request of information, the data processed are User’s full name, status/professional activity, email, country and data related to User’s portfolio.  

3.5. Newsletters

In order for  the User to receive newsletter email he should optionally insert his valid email address in the appropriate section of the Platform. Through the acceptance of the present Privacy Policy, the User declares that he is the owner of the email address notified to the Platform for the above purpose.

3.6. Platform’s communication for reasons related to User’s permitted use of the Platform.

In order for the Platform to communicate with the User for the above purposes, Data Controller can process all data relating to User’s account, uploaded content and data related to the User’s use of the Platform.

3.7. Processing of data with the purpose to communicate with the User following User’s initiative to communicate with the Platform.

In order for the Data Controller to communicate with the User for the above purpose, Data controller can process all personal data voluntarily submitted by the User, including his name and email address.

  1. How the Platform collects data.

4.1 The information can be collected by the following ways:

4.1.1. When the User registers and creates an account on the Platform. 

4.1.2. When the User sends Data Controller applications and requests for his participation in events, programs and services.

4.1.3. When the User asks Data Controller to provide him information about the programs and services.

4.1.4. When the User subscribes in the Platform to receive newsletters.

4.1.5. When the User reports a problem with the Platform and Data Controller needs to ask him more information.

4.1.6. When the User voluntarily communicates with the Platform.

4.1.7. When the User visits the Platform.

4.1.8. When the User uploads data to Use Platform’s applications such as Alpha and Omega.

  1. How long are User’s data stored and when are they deleted?

5.1. User’ s account data:

Without prejudice to User’s deletion/erasure right mentioned below, the Data registered and stored in the User’s account will be stored as long as the User wishes to make use of the Platform for the purpose mentioned above, meaning to enable the communication of media professionals, use of Alpha and Omega application and maintain his account. In case a User wishes to delete his account, he can delete his account through account’s settings or contact Data Controller at the above mentioned contact details.

5.2. Digital tool “Alpha and Omega”:

Files of data uploaded by the User to use this tool will be stored for as long as the User does not deletes them and maintains his account.

In case a User wishes to delete a project from Alpha and Omega he can delete the project from the settings. In that case the project and all files relating to that project will be deleted. User acknowledges that the Platform should not be used as a storage tool and thus he should only store the necessary data for analysis only for the time period necessary to use the analysis methods and extract results and delete them immediately after that. The Platform does neither check nor control each User’s retention period of data used for Alpha and Omega. Each User is exclusively liable to comply with data protection provisions requiring minimum possible retention periods. 

5.3. Sending applications and requests for the User’s participation in the events, programs and Services.

Those data are stored as long as the User maintains his account. In case a User wishes to delete this data he can delete his account through account’s settings or contact Data Controller at the above mentioned contact details.

5.4. Request of information for programs and services.

Those data are stored as long as the User maintains his account. In case a User wishes to delete this data he can delete his account through account’s settings or contact Data Controller at the above mentioned contact details.

5.5. Newsletters

Data related to newsletters will be stored only for the period that the User wishes to receive them. In case the User wishes to withdraw his consent for the future, he can always either opt out from the email or contact Data Controller at the abovementioned contact details.

5.6. Platform’s communication for reasons related to User’s permitted use of the Platform.

Data related to such communication will be stored only as long as the User wishes to use the Platform and maintains his account. In case a User wishes to delete his account he can delete his account through account’s settings or contact Data Controller at the above mentioned contact details.

5.7. Platform’s communication following User’s initiative to communicate with the Platform.

Data related to such communication will be stored and processed only as long as the User wishes to use the Platform and maintains his account. In case a User wishes to delete his account he can delete his account through account’s settings or contact Data Controller at the above mentioned contact details.

5.8. Storage and processing required by law.

Regardless of the above mentioned provisions of article 5, Data Controller will store and process only necessary data for the period required in order to comply with its  obligations imposed by law each time (compliance with fiscal obligations etc).

  1. User’s exclusive liability for the use of the Platform and specific data processing. 

6.1. The User is informed that as mentioned above, the Platform only provides computer assisted tools that enable him to extract statistical analysis, free of charge. These results will be used for purposes defined exclusively by each User using the tool. Data Controller is neither aware nor checks the data files uploaded by each User for this purpose. Data files’ name are anonymised and Data Controller is not aware of which file is uploaded by each User. Each User is exclusively liable for the legitimacy, correctness and compliance of the data uploaded to use Alpha and Omega with all applicable legislation. 

6.2. The User acknowledges that the operational purpose of the platform is to enable professional communication of journalists with the use of contact details voluntarily notified by each User through the Platform. The Platform can neither check nor be liable for any use of those data voluntarily uploaded in the Platform by the other Users of the Platform.

6.3.The User undertakes to fully compensate the Platform and the Data Controller as well as any third party regarding any damage or loss (authoritative penalties and fines as well as legal cost and lawyers’ cost are included) with regards to User’s infringement of data protection legislation related to the use of the Platform in general and Alpha and Omega as well as for any infringement of this Privacy Policy provisions. 

  1. What are User’s rights ιn relation to the processing of his data and how can he exercise these rights?  

7.1. The Data Controller respects User’s right in relation to data processing.

7.2 The User can exercise his rights by contacting the Data Controller at the following contact details: Telephone: +302106612184, email: contact@oikomedia.com

For User’s facilitation, User’s rights are included in the following table along with a short explanation of each right (reference to articles corresponds to article of GDPR 2016/679):

 
 

Explanation

 

Right: Access (article 15)

The User can ask the Data Controller to:

• confirm whether the Data Controller  processes User’s personal data

• give the User access to data that the User does not dispose 

• give the User other information related to User’s personal data such as which are the data that the Data Controller disposes, what are the purposes of processing, to whom are these data disclosed, whether these data are transferred in foreign countries and how are these data protected, how long are the data stored, what are the User’s rights, how can a complaint be lodged, where were the data taken from to the extent this information is not included in the present Privacy Policy.

 

Right: Rectification (article 16)

The User can ask the Data Controller to rectify inaccurate personal data.

The Data Controller can seek to verify the accuracy of the data before rectifying them.

 

Right: Erasure/deletion (article 17)

The User can ask the Data Controller to erase his personal data: 

  • whenever, when the personal data are no longer needed for the purposes for which they were collected
  • when the User withdraws his consent
  • the personal data have been unlawfully processed

 The Data Controller is not obliged to comply with User’s request to erase his personal data, if the processing of User’s personal data is necessary:

  • for compliance with a legal obligation
  • for the fulfillment of another legitimate purpose or another legitimate legal basis
  • for the establishment, exercise or defense of legal claims 

 

 

Right: Restriction (article 18)

The User can ask the Data Controller to restrict (store but not process) User’s personal data when:

  • their accuracy is contested (see rectification), so that the Data Controller can verify the accuracy of the personal data or
  • the personal data have been unlawfully processed but the User opposes the erasure of the personal data or
  • they are no longer necessary for the purposes for which they were collected but the User still needs them for the establishment, exercise or defense of legal claims or there is another legitimate purpose of processing or other legal basis

 

Right: Data portability (article 20)

When processing is based on consent and the processing is carried out by automated means, the User can ask the Data Controller to receive his personal data in a structured commonly used and machine readable format or ask the Data Controller to transmit them to another controller directly from the Data Controller. Nevertheless, according to the law, this right refers only to those data that have been given by the User himself and not to those data that are inferred by the Data Controller based on the data that the User has provided.

 

Right: Objection (article 21)

The User can object at any time to the processing of personal data concerning him or her which is based on legitimate interest or performance of a task carried out in the public interest.

When the User exercises his right to object, the Data Controller has the right to demonstrate that compelling legitimate grounds for the processing that override the interest, rights and freedom of the User or for the establishment, exercise or defense of legal claims.  

 

Right: Consent withdrawal (opt-out)

The User has the right to withdraw his consent where consent is the basis of processing. Withdrawal is valid for the future.

 

Right: Supervisory Authority

The User has the right to lodge a complaint with the local supervisory authority related to data protection.

In Greece the supervisory authority for Data Protection is Data Protection Authority https://www.dpa.gr/

 

Right: Identity 

The Data Controller takes seriously the confidentiality of all files that include personal data, thus he is entitled to ask the User proof of his identity if the User submits a request in relation to those files.

 

Right: Cost

The User will not have to pay for the exercise of his rights in relation to personal data unless as provided by law, the request to acquire access to information is unfounded or excessive. In that case the Data Controller can charge the User with a reasonable fee under the specific circumstances. The Data Controller will inform the User for any possible charge before he completes the request.

 

Right: Timetable

Data Controller aims at answering at User’s valid requests the latest within one (1) month from their receιpt, unless the request is extremely complicated or the User has submitted multiple requests, in which case the Data Controller aims at answering them within three months. In case the Data Controller needs more than one month for the reasons above mentioned, he will inform the User. The Data Controller may ask the User if he wants to explain what exactly he wishes to receive or what is his concern. This will help Data Controller to act more quickly in relation to User’s request. In any case the User should mention specific and true data and/or facts so that the Data Controller can answer and/or satisfy accurately to User’s request. Otherwise, the Data Controller reserves his right for any faults that are outside of his control. Additionally the Data Controller can reject requests that are unfounded, excessive, abusive, made in bad faith or are illegitimate in the framework of the legal provisions. 

8 . How is data security safeguarded?

8.1. The Data Controller implements all appropriate security measures to ensure protection and confidentiality of personal data among which the following are included:

  1. Strong password policies in all servers
  2. HTTPS protocol for interacting with APIs and Web clients
  3. SSH protocol for server connection
  4. Periodical server updates with latest security fixes

8.2. Please note that only specifically authorized employees of the Data Controller, acting under the authority of the Data Controller and only on his instructions as well as recipients, where necessary, handle the data submitted by the User. For the processing, the Data Controller chooses persons with appropriate qualifications that have sufficient safeguards as to technical knowledge and personal integrity to protect confidentiality. The Data Controller takes all necessary security measures for the protection and safeguard of secrecy, confidentiality and integrity of personal data also through relevant contractual commitments of his associates. In any case the security of the Website may be infringed due to reasons that reside outside of the Data Controller control sphere as well as due to technical or other problem of the net or force majeure or accidental facts. In that case, the security of personal data cannot be guaranteed.

  1. Who are the recipients of data?

9.1. The recipients of User’s personal data are associate companies that provide technical infrastructure  for the operation of the Website, hosting provider as well as the company that undertakes to send electronic communication related to the operation of the Platform to Users and the company that undertakes to send newsletters. Where necessary as per applicable laws, the Data Controller will sign agreements with such companies, which refer to the implementation and regular monitoring of security measures. In case data are transferred outside ΕU all necessary guarantees are in place.

9.2. In case the Data Controller receives a request to notify or transfer data following a request by the appropriate Administrative Authority, Attorney, Court or other Authority, he may notify / transfer those data in order to fulfill his duty executed in favor of the public interest towards these authorities (with or without User’s previous notification) in accordance with the appropriate legal provisions. If the User should be previously notified in accordance with the legal provisions, then the User has the right to object to this processing as provided in article 7 above.

9.3. Αs to the professional details of each User, they are available to all register Users of the Platform for the purposes mentioned above.

  1. Communication with the Data Controller

10.1. For any issue related to the present privacy policy, User’s data processing as well as exercise of User’s rights, the User can contact the Data Controller using one of the following ways:

Telephone: +302106612184, 

Email: contact@oikomedia.com

In case the User becomes aware of any data breach incident, he is kindly requested to notify the Data Controller immediately.

10.2. The present terms are governed and supplemented by the Cookies Policy and consist along with that Policy a uniform text.

  1. Connection to other Websites/social media

This Website connects with other websites through hyperlinks. These websites are not related to Data Controller’s Website and their content is neither checked nor recommended by the Data Controller. Thus, the accuracy, legitimacy, completeness or quality of their content and legitimacy of the processing of User’s personal data cannot be checked and no guarantee is provided for them. The Data Controller cannot be held liable for them or any damage that may be caused to the User due to or following their use. The Data Controller cannot check the processing of the User’s personal data by those linked Websites and thus does not bear any liability. When the User accesses those websites he should take under consideration that terms and conditions of each website apply. For any issue that may occur as to the content or the use of the linked website, the User should directly contact the operator or administrator of each website. The Data Controller does not approve or embrace the Content or the services of the linked websites, which the User accesses through the Website.

The Website gives the User the possibility to connect and interact with social media following his own initiative and will. In that case the Data Controller is not liable for the processing of User’s data taking place through or by the social media. The User should directly address each specific social media in order to exercise his legitimate rights.

  1. Amendments to this Privacy Policy

The Data Controller reserves the right to amend this present Privacy Policy, for example when this is necessary to comply with new requirements imposed by applicable laws, guidelines or technical requirements, or in the course of a revision of the Data Controller’s processes and practices. The User will be notified of any amendment to this Privacy Policy through the Platform. The User should regularly check this Privacy Policy for any amendments.