Privacy Policy

Last updated: 2026-01-01

Data Controller

The University of the Aegean - Special Account for Research Funds (ELKE) is the data controller for personal data collected through this electronic payment platform. Contact: dpo@aegean.gr

Personal Data We Collect

When you register and make a payment, we collect:

  • Full name and father's name
  • Email address and phone number
  • Postal address (street, city, postal code, country)
  • Tax identification number (VAT/AFM) for invoice purposes
  • Payment information (payment method, transaction details)
  • Program registration details (selected program, category, amount)

Purpose of Data Processing

Your personal data is processed for:

  • Processing your registration and payment
  • Issuing receipts and invoices as required by law
  • Communicating about your registration status and payment confirmation
  • Fulfilling our legal and tax obligations
  • Statistical analysis (in anonymized form)

Legal Basis for Processing

We process your personal data based on: Contract performance (your registration), Legal obligation (tax and accounting requirements), and Legitimate interest (platform security and fraud prevention).

Data Retention

Your personal data is retained for the duration required by Greek tax and accounting law (currently 10 years for financial records). After this period, data is anonymized or deleted. Registration data without payments may be deleted after 2 years of inactivity.

Data Sharing

We may share your data with:

  • Payment processors (Alpha Bank) for completing transactions
  • Tax authorities as required by law
  • University departments for program administration
  • IT service providers under data processing agreements

Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure ('right to be forgotten') where applicable
  • Restrict processing in certain circumstances
  • Data portability
  • Object to processing
  • Lodge a complaint with the Hellenic Data Protection Authority

Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption of data in transit (TLS/SSL), secure payment processing through certified payment gateways, access controls, and regular security audits.

Contact & Data Protection Officer

For questions about this privacy policy or to exercise your rights, contact our Data Protection Officer at dpo@aegean.gr or write to: University of the Aegean, Data Protection Officer, University Hill, 81100 Mytilene, Greece.