Privacy Policy

Responsible Declaration Law 1599/1986

Under my personal responsibility and being aware of the penalties provided by the provisions of paragraph 6 of article 22 of Law 1599/1986, I declare that the information and details provided are correct and truthful.

I confirm that I have read and fully understood the criteria and conditions for the eligibility of the ISIC card and that the documents I submit along with the application are complete, accurate, and truthful.

I authorize the issuer to contact the relevant authorities and schools/colleges/universities to verify the accuracy and authenticity of the documents.

I understand that the ISIC card may and will be canceled without notice by the ISIC issuing organization, before or after issuance, if it is proven that the information/documents are incorrect, inaccurate, or false, with no possibility of a refund.

I agree that the information and details provided may be stored by ATHANASIA G. DIMOPOULOU E.E., the exclusive representative of ISIC in Greece and Cyprus, and the ISIC Association, for the issuance of the ISIC. The information and details may be used for verification related to services and products where possession of the ISIC card serves as proof of certification. My information and details will not be made available to benefit providers or other organizations.

Benefit providers do not have access to your personal data, only the ability to verify its accuracy, validity, and the authenticity of the ISIC card.

All cardholders have the right to access and correct their information by contacting Athanasia Dimopoulou / ISIC CYPRUS.

For information about the ISIC Association, click here.

ISIC cards are issued based on the information you provide. Cards will not be replaced in cases of false, incorrect, or misleading information.

Cancellation policy

If all the required supporting documents and an ID-type photo are not submitted, or if it is found that the documents are incorrect or falsified and/or the photo is unsuitable, the application and transaction will be canceled.

A transaction can be canceled upon written request at the ISIC issuing location, only if the request is received before the processing and issuance of the card has been completed.

Under no circumstances will a cancellation be accepted after the card has been issued.

I agree to receive updates and newsletters.

By submitting your email address and other personal information, you acknowledge that you have read the privacy policy for this website and give your consent for us to process your data in accordance with that policy. If you change your mind at any time, you may send an email to the data protection officer at info@isic.com.cy.

General Data Protection Regulation

PRIVACY AND PERSONAL DATA PROTECTION STATEMENT

Information on the Processing of Personal Data

Introduction

We would like to assure you that for the company under the name “ATHANASIA G. DIMOPOULOU E.E.” (hereinafter referred to as the “Company”), the protection of the personal data of individuals involved with the Company in any way is of primary importance. For this reason, we take appropriate measures to protect the personal data we process and to ensure that the processing of personal data is always carried out in accordance with the obligations set out by the legal framework, both by the Company itself and by any third parties processing personal data on behalf of the Company.

Data Controller – Data Protection Officer (DPO)

The company “ATHANASIA G. DIMOPOULOU E.E.”, located in the Municipality of Athens, at 4 Filellinon Street, Athens, Postal Code 10557, email: info@isic.com.cy, website: https://isic.com.cy/, informs you that, for the purpose of conducting its business activities, it processes the personal data of individuals (such as, indicatively, its customers, suppliers, shareholders, and staff) in accordance with applicable national legislation and European Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter “Regulation”) as in force.

For any matter related to the processing of personal data, you may contact the Data Protection Officer (DPO), Ms. Athanasia Dimopoulou, i.e., the company “ATHANASIA G. DIMOPOULOU E.E.”, directly at the email: info@isic.com.cy, phone: +30 210 3232915.

What personal data do we process?

The personal data you provide to us [such as, indicatively, your full name, contact details, email address, phone number, date of birth, ID/passport number, profession, address, etc.] is processed only when we have a lawful reason to do so.

Confidentiality

  • The data processor ensures that staff understand the responsibilities and obligations associated with the processing of personal data. Staff roles and responsibilities are clearly communicated.
  • Before taking on their duties, employees must be aware of and agree to the company’s security policy and sign appropriate confidentiality agreements.

Database/application security

  • Encryption is implemented for required data through software or relevant security mechanisms.
  • Encryption is applied to storage media.
  • Pseudonymization or anonymization techniques are implemented where necessary.

Terminal Security

  • Users do not have the ability to disable or bypass the specified security settings.
  • Users do not have privileges to install or disable unauthorized software applications.
  • The screen is locked when the user is inactive for a specified period of time.
  • Critical security updates that are available are installed at regular intervals.

Network/Communication Security

  • For each access made via the Internet, communication is encrypted through appropriate encryption protocols.
  • Wireless access to the system is allowed only for specific users and processes, which are protected through encryption mechanisms.
  • Remote programs (teamviewer, anydesk) in use are protected with a password that changes at regular intervals.
  • Traffic to and from the information systems is monitored and controlled through appropriate protection mechanisms such as firewalls and IDS/IPS.
  • There is an appropriate network segregation: one for local wired computers and another for all wireless devices (mobile phones, tablets, laptops, and office visitors). This ensures that there is no access to the local network from sources that may have access to the files and cause issues.

Backup Copies

  • Backup creation and data restoration are defined through appropriate documented procedures and are protected with a password.
  • Backup copies are provided with the appropriate level of physical and environmental security according to the existing standards of the primary files.
  • A full backup is created periodically.
  • Backup creation procedures are regularly tested.
  • Backup copies are securely stored in locations separate from those of the primary files.
  • Backup copies, where required according to their classification, are encrypted.
  • Each employee locks their files in individual filing cabinets.
  • The accounting department uses locked cabinets in a secure area to protect all accounting files.

What are the lawful grounds for processing your personal data?

The lawful grounds for processing your personal data are:

(a) the execution of a contract that you entrust to us or intend to entrust to us, such as, for example, the execution of a project or the provision of services, in order to fulfill our contractual obligations within the above framework.

(b) the safeguarding and protection of legitimate interests, both yours and ours.

(c) compliance with a legal obligation, such as, for example, the publication of deeds and information of the anonymous company, the management of legal cases, etc.

(d) your consent given under the specific conditions set by the legal framework.

(e) the obvious public disclosure by the data subject and the processing that is necessary for the protection of vital interests of the data subject or another natural person (in the case that the data subject is physically or legally unable to consent) are the lawful grounds for processing any provided information related to health data.

How and why do we use your personal data?

  • To properly fulfill our contractual obligations and maintain communication between us.

From our contractual relationship (whether it is a contract for the execution of work by a contractor/subcontractor, a supply contract, a service provision contract, etc., or the processing of personal data at the pre-contractual stage), we gather and use the information required for the smooth progress of our collaboration, such as for signing amendments to the main project contract, managing any outstanding financial matters arising from our collaboration, etc.

  • For communication with you and managing our relationship with you.

We may need to contact you via email or phone for administrative purposes, such as to inform you about the progress of our collaboration, to arrange a professional meeting with a candidate employee, or to manage other requests or complaints from you, etc.

  • To comply with legal obligations.

For example, when we publish decisions of the General Assembly and/or the Board of Directors of the Company (including personal details of individuals) on our website or in the online space of the General Commercial Registry (GEMI), with statutory authorization, we designate and notify third parties as representatives of the Company to perform acts related to its business activities.

  • To safeguard our legitimate interests and protect individuals and assets.

For subscription to newsletters and sending updates and offers:

To subscribe to newsletters, receive updates, and offers, you need to provide us with your email address, unless it has already been published or you have previously received emails and did not request deletion. In any case, you have the right to unsubscribe, and this request will be fully respected.

By subscribing and giving your corresponding consent, you will be able to enjoy all of our updates and offers that we send via electronic messages and text messages or instant messaging through relevant services (for example, via SMS, Viber, Push Notifications, etc.).

Storage Period

The storage period of the data is decided based on the following specific criteria depending on the case:

  • When the processing is imposed as an obligation by provisions of the applicable legal framework, your personal data will be stored for as long as required by the relevant provisions.
  • When the processing is carried out based on a contract, your personal data is stored for as long as necessary for the execution of the contract and for the establishment, exercise, or/and support of legal claims based on the contract.

What are your rights regarding your personal data?

Every individual whose data is subject to processing by “ATHANASIA G. DIMOPOULOU E.E.” enjoys the following rights:

  • Right to rectification

You have the right to review, correct, update, or modify your personal data by contacting the Data Protection Officer (DPO) at the contact details above.

  • Right to erasure

You have the right to submit a request for the deletion of your personal data when we process them based on your consent or in order to protect our legitimate interests. In all other cases (such as when there is a contract, a legal obligation to process personal data, or public interest), this right is subject to specific limitations or does not exist depending on the case.

To exercise any of the above rights, you can contact the Data Protection Officer (DPO), Mrs. Athanasia Dimopoulou, or the company “ATHANASIA G. DIMOPOULOU E.E.” at email: info@isic.com.cy, phone: 210 3232915.

Right to file a complaint with the Hellenic DPA

You have the right to file a complaint with the Hellenic Data Protection Authority (www.dpa.gr): Call Center: +302106475600, Fax: +302106475628, Email: contact@dpa.gr

Personal Data Security

“ATHANASIA G. DIMOPOULOU E.E.” applies appropriate technical and organizational measures aimed at the secure processing of personal data and the prevention of accidental loss or destruction, as well as unauthorized or unlawful access, use, modification, or disclosure of such data. However, due to the nature of the internet, which is freely accessible by anyone, we cannot provide guarantees that unauthorized third parties will never be able to breach the applied technical and organizational measures, gaining access and potentially using personal data for unauthorized or unlawful purposes.

Cookie Information

What are Cookies?

Cookies are small files with information that a website stores on a user’s computer (usually in a web browser such as Chrome, Opera, Mozilla Firefox, Edge, etc.), so that whenever the user connects to the website, the website retrieves this information and provides services related to it. A characteristic example of such information is the user’s preferences on a website, as indicated by the choices the user makes on that website (e.g., selecting certain “buttons”, searches, advertisements, etc.).

How and Why We Use Cookies

The website www.isic.com.gr uses cookies to collect information about your online activity, to store your preferences and settings, as well as to optimize your browsing experience on our company’s site. We also use cookies for personalizing content and advertisements, providing social media features, and analyzing your traffic. Furthermore, we share information about how you use our website with social media, advertising, and analytics partners, who may combine it with other information that you have provided to them or that they have collected in relation to your use of their services. Cookies in no way harm your device and may allow us to offer you faster and better navigation on our website.

Use of Cookies:

We store on your device the strictly necessary cookies for the operation of the website. By continuing to use the site, you accept the use of cookies. The cookies sent by our website and stored on your electronic device include, but are not limited to, the following:

  • Google Analytics
  • PHPSESSID
  • icl_current_language

By disabling cookies or withdrawing your consent, certain functions of the website will not be available. Additionally, the performance and functionality of the website may be affected.

Links to Other Websites:

Our website may contain links to external websites. “ATHANASIA G. DIMOPOULOU E.E.” is not responsible for the privacy practices or the content of websites that are not owned by “ATHANASIA G. DIMOPOULOU E.E.”. Therefore, we recommend that you carefully read the privacy statements of these external websites.