Data protection policy of “FORUM EXHIBITIONS – PUBLICATIONS – CONFERENCES SINGLE MEMBER SOCIETE ANONYME”

We thank you for visiting our website and for your interest in our company. We are very serious about protecting your personal data. We process your data in accordance with the laws and regulations applicable to the protection of personal data, particularly including the EU General Data Protection Regulation (EU-GDPR) and the country-specific implementing laws applicable to us {Law 4624/2019, any Greek law applicable at the time, and the decisions of the Hellenic Data Protection Authority (HDPA)}. In this data protection policy, we provide you with comprehensive information about the processing of your data by FORUM EXHIBITIONS – PUBLICATIONS – CONFERENCES SINGLE MEMBER SOCIETE ANONYME and your rights in this respect.  Personal data is information that makes it possible to identify a natural person, particularly including the name, date of birth, address, telephone number, e-mail address and IP address.  Anonymous data is data from which no one can establish a personal connection to the user.

Controller and Data Protection Officer

The controller is:

Forum Exhibitions-Publications-Conferences Single Member SA
Vouliagmenis Avenue, 328
17342, Agios Dimitrios of Attica
Greece
Tel.: +30 210 5242100

Website: www.forumsa.gr

Contact information of the Data Protection Officer:

Email: gdpr@forumsa.gr (contact person: Gialouris Athanasios)

Your rights as a data subject (incl. contact option)

First, we would like to inform you of your rights as a data subject. These rights are codified in Art. 15 – 22 EU-GDPR. They are:

• The right of access (Art. 15 EU-GDPR),
• The right to erasure (Art. 17 EU-GDPR),
• The right to rectification (Art. 16 EU-GDPR),
• The right to data portability (Art. 20 EU-GDPR),
• The right to restriction of data processing (Art. 18 EU-GDPR),
• The right to object to data processing (Art. 21 EU-GDPR).

To assert these rights, please contact us at the email: gdpr@forumsa.gr.

Any questions about data processing in our company should be directed to the same e-mail address. You are also entitled to complain to the data protection supervisory authority (HDPA).

Rights of objection 

Please note the following with respect to the rights of objection:  When we process your personal data for purposes of direct advertising, you have the right to object to such data processing at any time without indication of reasons. The same applies to profiling to the extent that it is related to direct advertising.

When you object to processing for purposes of direct advertising, we will no longer process your personal data for these purposes. You can notify your objection free of charge and without observing requirements of form via email: gdpr@forumsa.gr.

In the event that we process your data for the sake of legitimate interests, you can object to such processing at any time for reasons having to do with your particular situation; the same applies to any profiling on the basis of these provisions.

We will no longer process your personal data unless we can demonstrate compelling, legitimate reasons for the processing that override your interests, rights and freedoms, or when the processing serves the purpose of asserting, exercising or defending against legal claims.

Purposes and legal grounds of data processing 

In processing your personal data, we comply with the provisions of the EU-GDPR and all other applicable provisions of data protection laws. The legal grounds for data processing are particularly set out in Art. 6 EU-GDPR.

We use your data for business initiation, the fulfilment of contractual and statutory obligations, the performance of the contractual relationship, the offering of products and services and the strengthening of customer relationships, which can also include analyses for marketing and direct advertising purposes. This particularly includes the organisation of trade fairs, exhibitions, congresses and similar events. Specifically, we use data for the following purposes, although this list is not exhaustive:

• Registration as exhibitor and/or visitor
• Verification of a person’s status as a trade visitor (trade visitor legitimation).
• Planning your trade fair visit on the basis of announcements and targeted trade information sent by e-mail and post.
• Smooth execution of your trade fair participation as an exhibitor by providing targeted information about service offers and services.
• Registration for newsletters.
• Voluntary participation in market and opinion research surveys.
• Review of conditions for the accreditation of media representatives and bloggers.
• Analysis of our website usage for performance, user-friendliness and offer improvement and also for marketing purposes.

On our behalf and as the operator of the websites, Google will use various information to evaluate your pseudonymous use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

Your consent is also required under data protection laws. In asking for your consent, we inform you about the purposes of data processing and your right to object. If the consent also refers to the processing of special categories of personal data, we will expressly inform you of this in the consent declaration.

Processing of special categories of personal data within the meaning of Art. 9 para. 1 EU-GDPR is only done when required by statutory regulations and there is no reason to assume that your legitimate interests in preventing such processing are overriding.

Transfer to third parties

We will transfer your data only within the limits of the statutory provisions or when you have granted your consent. Otherwise, your personal data will not be transferred to third parties unless we are obligated to do so by virtue of binding statutory regulations (transfer to external entities such as supervisory authorities or criminal prosecution authorities).

Recipients of data / categories of recipients 

Within our enterprise, we ensure that only those persons who need your personal data to fulfil our contractual and statutory obligations receive it. In many cases, our departments are assisted in the performance of their duties by service providers and service partners, e.g. visitor registration processing, newsletter distribution, e-mailings, payment processing, order processing, credit check, web hosting, maintenance and analysis of data. All service providers and service partners have been carefully selected and the necessary data protection agreements have been concluded with all service providers and service partners. Personal data is processed by our service providers and service partners in compliance with the applicable data protection regulations for the provision of support and information to customers and interested parties and to provide the offered services.

Transmission of data/ Intent to transmit data to third countries 

The transmission of data to third countries (outside of the European Union or the European Economic Area) is only done when this is necessary to fulfil our obligations or is legally required or when you have granted us your consent to do this.

Compliance with the level of data protection is ensured, among other things, by the use of EU standard data protection clauses and – where necessary – by additional guarantees. The service providers are obligated by corresponding contractual regulations to comply with the data protection standards and thus the data protection level of the EU. Data processing or storage in third countries may also take place on the basis of your consent (Art. 49 para. 1 p. 1 letter a EU-GDPR), in which case you will be informed of this separately when obtaining your consent.

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

Duration of data storage 

We will store your data for as long as needed for the given processing purpose. Please note that numerous retention periods require that data continues to be stored. We are particularly required to do this by retention obligations under commercial law or tax law (e.g. Greek Tax Code, etc.). Data is routinely erased as soon as no further retention obligations are in effect.

Furthermore, we may store your data when you have granted us your consent to do this or in the event of legal disputes, when we use the data as evidence for purposes of statutory limitation periods, which can last up to twenty years; the regular limitation period is five years.

The data linked to cookies are automatically deleted after 14 months by using Google Analytics 4. The deletion of data whose retention period has been reached takes place automatically once a month.

Secure transmission of your data  

We employ appropriate technical and organisational safeguards to protect the data stored with us as well as possible against accidental or intentional manipulations, loss, destruction or access by unauthorised persons. The level of security is continually reviewed and adapted to meet new security standards in collaboration with security experts.

Data transfers from and to our website are always encrypted. As the transmission protocol for our websites, we offer HTTPS and we always use the latest encryption protocols. It is also possible to use alternative communication channels (e.g. postal service).

Obligation to provide data 

Some personal data is necessary for the establishment, performance and termination of the obligation and the fulfilment of the related contractual and statutory obligations. The same applies to the use of our website and the various functions it provides.

We summarised the details in the section above. In certain cases, data must also be collected and/or provided due to statutory provisions. Please note that it is not possible to process your request or perform the underlying contractual obligations without having this data provided to us.

Categories, sources and origin of data

The data we process is determined by the context: This depends, for example, on whether you issue an barcode invitation, buy a ticket online, subscribe to our newsletter, express your interest to participate in the Hosted Buyer Program, book a stand or send a message through our contact form.

Data You Provide To Us

The types of personal information that we collect directly from you depends on how you interact with us and the specific Service you may choose and may include:

Contact details, such as your name, email address, postal address, social media handle and phone number;

Account login credentials, such as usernames and passwords, password hints and similar security information;

Payment information, such as credit or debit card number;

Comments, feedback and other information you provide to us, including information that you send to customer support and messages, appointment inquiries and other information that you wish us to share with our exhibitors, visitors, partners and others; and/or

Interests and communication preferences, including Hosted Buyer Program, matchmaking and event planning and networking choices and preferred language.

How We Use Your Information

Depending on how you interact with us and the Service, we use your personal information to:

Provide, activate and manage your access to and use of the Service;

Process and fulfill a request, download or other transaction;

Provide technical, product and other support and to help keep the Service working, safe and secure;

Enhance and improve the Service and our other products and services and to develop new products, services and benefits;

Offer you customized content and other personalization to make the Service more relevant to your interests and geography;

Respond to your requests, inquiries, comments and concerns;

Notify you about changes, updates and other announcements related to the Service and our other products and services;

Deliver targeted advertisements, promotional messages, notices and other information related to the Service and your interests;

Provide you with promotional messages and other information about products, events and services of ours, our affiliates and third parties, such as exhibitors, sponsors and media partners;

Invite you to participate in user testing and surveys as well as competitions and similar promotions;

Identify usage trends and develop data analysis, including for purposes of research, audit, reporting and other business operations, including determining the effectiveness of our promotional campaigns and evaluating our business performance; and/or

Comply with our legal obligations, resolve disputes, and enforce our agreements.

When you visit our website and webshops, we collect and process the following data using “Google Analytics”:

Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by means of the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

We use Google Signals. This allows Google Analytics to collect additional information about users who have activated personalized ads (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.

In Google Analytics 4, IP address anonymization is enabled by default. Due to IP anonymization, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Contact form/ Contact by e-mail (Art. 6 para. 1 letter a, b EU-GDPR) 

Contact form/ Contact by e-mail Forum SA

An email address that can be used for contacting us electronically is available on our website. When you write to us using this email address, we will process the data you enter into this email to contact you and answer your questions and wishes.

Newsletter (Art. 6 para. 1 s. 1 letter a EU-GDPR) 

You can also subscribe to a free newsletter on our website. The data provided in the newsletter application and your name will be used for sending you the personalised newsletter.

Naturally, you can always terminate the subscription by exercising the cancellation option provided in the newsletter, thereby revoking your consent. It is also possible to cancel your newsletter subscription directly in our website.

Advertising purposes with established customers (Art. 6 para. 1 s. 1 letter f EU-GDPR) 

We have an interest in cultivating customer relationships with our exhibitors and visitors and providing you with information and offers about our own similar events and services. Therefore, the data transmitted upon submitting the application (company name, address, telephone/ fax number and e-mail address) is processed by us and possibly by our service partners so that we can send you event-related information and offers by e-mail, in accordance with Art. 6 para. 1 s. 1  letter f EU-GDPR.

If you do not want this, you can object to the use of your personal data for direct advertising purposes at any time; the same applies to profiling to the extent that it is related to direct advertising. When you notify your objection, we will no longer process your data for this purpose.

The objection can be notified without observing formal requirements and without indication of reasons and without incurring separate costs aside from customary transmission costs at standard rates. It should be directed to Forum Exhibitions-Publications-Conferences Single Member SA,  Vouliagmenis Avenue, 328, 17342, Agios Dimitrios of Attica  Greece, or sent via email: gdpr@forumsa.gr

Cookies  

Our web pages use so-called “cookies” in several places. They serve the purpose of making our offering more user-friendly, effective and secure. Cookies are small text files that are placed on your computer and stored by your browser (locally on your hard drive).

These cookies make it possible for us to analyse how users use our websites. They allow us to design the website contents to meet the needs of users, for example. Cookies also enable us to measure the effectiveness of a given advertisement and place it in accordance with the user’s topical interests, for example.

Most of the cookies we use are so-called “session cookies.” These are automatically deleted after your visit. Permanent cookies are automatically deleted by your computer when the corresponding period of validity has expired (usually after six months) or when you delete them yourself before the expiration of the period of validity.

Most web browsers accept cookies automatically. Usually, however, you can also change your browser settings if you would rather not send us the information. In this case, you will still be able to use the offerings of our website without restrictions (exception: configurators).

We use cookies to make your offering more user-friendly, effective and secure. We also use cookies so that we can analyse how users use our websites. They allow us to design the website contents to meet the needs of users, for example. Cookies also enable us to measure the effectiveness of a given advertisement and place it in accordance with the user’s topical interests, for example.

Cookies are stored on the user’s computer and transmitted from there to our website. As the user, therefore, you have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the setting in your Internet browser. Furthermore, already placed cookies can always be deleted using the Internet browser or other software programs. This is possible in all commonly used Internet browsers.

The legal basis for the use of technically necessary cookies is our legitimate interest, Art. 6 para. 1 letter f EU-GDPR.

Otherwise, the legal basis in each case is generally your consent, if no specific legal basis is mentioned below. You can revoke your consent at any time. You can manage your revocation via the cookie icon placed on the bottom left of each of our web pages. Here you can also find more information about the use of cookies.

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

 Cookiebot

We have integrated the consent management Platform Cookiebot (https://www.cookiebot.com) on our website to obtain consent for data processing and use of cookies or comparable functions. With the help of cookiebot you have the possibility to give your consent for certain functionalities of our website, e.g. for the purpose of integrating external elements, integrating streaming content, statistical analysis, measurement and personalized advertising. With the help of Cookiebot you can grant or reject your consent for all functions or give your consent for individual purposes or individual functions.

The settings you have made can also be changed afterwards. The purpose of integrating Cookiebot is to let the users of our website decide about the above-mentioned things and, as part of the further use of our website, to offer the option of changing settings that have already been made. By using Cookiebot, personal data and information from the end devices used, such as the IP address, are processed.

The legal basis for processing is our legitimate interest in Consent Management, Art. 6 Para. 1 S. 1 letter f EU-GDPR. By processing the data, we help our customers (according to GDPR this is the responsible party) to fulfill their legal obligations (e.g. obligation to provide evidence). Our legitimate interests in processing lie in the storage of user settings and preferences with regard to the use of cookies and other functionalities. Cookiebot stores your data as long as your user settings are active. You can object to the processing. You have the right to object to reasons arising from your particular situation.

You can find additional information about the use of cookies and the possibility of objecting to the use of cookies via the cookie icon placed on the bottom left of each of our web pages.

User profiles / Web tracking processes

Google Analytics

We use Google Analytics, a web analysis service of Google Inc. (“Google”), on our websites. Google Analytics uses so-called “cookies,” which are text files that are stored on your terminal device and enable us to analyze your use of our websites. The information about your use of our websites that is generated by the cookie is usually transmitted to a Google server in the United States and stored there. Because IP anonymization is activated, however, your IP address is first truncated by Google within the member states of the European Union or in other signatory states of the Agreement on the European Economic Area.

Only in exceptional cases is the full IP address transmitted to a Google server in the United States and truncated there. Google uses this information on our behalf to analyze your use of the website, to compile reports of website activities and to provide other services to us related to website use and Internet use. The IP address transmitted from your browser in connection with Google Analytics is not commingled with other data of Google.

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

You can prevent the storage of cookies by setting your browser software accordingly; if you do this, however, we point out that you may not be able to fully use all functions on our websites. You can also prevent the reporting of the data generated by the cookie and relating to your use of the website (including your IP address) to Google and the dissemination of these data by Google by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout?hl=en .

You can object the collection of your data by Google Analytics. This will place an opt-out cookie on your terminal device that will prevent the collection of your data on future visits to this website.

You can manage your objection via the cookie icon placed on the bottom left of each of our web pages. Here you can also find more information about the use of cookies.

We also use Google Analytics to evaluate data from double-click cookies and AdWords for statistical purposes. If you do not want this to happen, you can deactivate this function in the ad settings manager: adssettings.google.com/authenticated?hl=en.

We also point out that we use the Google Tag Manager. This function does not collect any personal data. Instead, the Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that serve to measure traffic and user behavior, register the effects of online advertising and social media channels, set up remarketing and the orientation to target groups and test and optimize websites, among other purposes.

You can find additional information about the Google Tag Manager here: www.google.com/analytics/tag-manager/use-policy.

We have turned on the advertising reports features in Google Analytics. The demographic and interest reports contain information on age, gender and interests. This allows us – without being able to assign this data to individual persons – to get a better impression of our users. You can learn more about advertising features at support.google.com/analytics/answer/3450482?hl=en_AT&utm_id=add.

You can stop the use of the activities and information of your Google account under “Settings for advertising” at adssettings.google.com/authenticated via checkbox.

You can find Google’s data protection notice here: policies.google.com/privacy?hl=en.

You can prevent your participation in this tracking process in different ways: 

a) by changing the corresponding setting of your browser software; in particular, the suppression of third-party cookies means that you will no longer receive ads from third-party vendors; b)by deactivating the cookies for conversion tracking by setting your browser in such a way that cookies from the domain “www.googleadservices.com” are blocked; google.comthis setting being deleted when you delete your cookies;c) by deactivating the vendor’s interest-themed ads that are part of the self-regulation campaign “About Ads” at the link optout.aboutads.info, this setting being deleted when you delete your cookies; d)by means of permanent deactivation in the browsers Firefox, Internet explorer or Google Chrome at the link google.com/settings/ads/plugin.

Please note that if you do this, you may not be able to fully use all the functions of this offering.

The legal basis for processing your data is Art. 6 para. 1 S. 1 letter f EU-GDPR. You can find additional information about Google’s data protection policies here: policies.google.com/privacy?hl=en and services.google.com/sitestats/en.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at thenai.org.

Google Remarketing

We also use the Google Remarketing application. This is a process by which we would like to address you again. By means of this application, we can place our advertisements in other websites after you visit our website. This is done by means of cookies stored in your browser that enables Google to collect and analyse information about your usage behaviour when visiting different websites. For example, Google can determine your previous visit to our website. According to its own statements, Google does not combine the data collected within the scope of remarketing with any personal data that Google may have stored. In particular, pseudonymisation is employed for remarketing, according to Google.

About data protection on Facebook

Forum SA maintains a Facebook page. To the extent that we have control over how your data are processed, we make sure the applicable data protection regulations are obeyed.

Below, you can find the most important information about data protection law as it applies to our company websites.

Name and address of data controller for business

In addition to Forum SA, the following is a data controller for the company’s Web pages under the terms of the EU General Data Protection Regulation (EU-GDPR) and other provisions of data privacy law:

Facebook  
(Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)

However, if you use the Facebook platform and its functions, you do so at your own risk. This especially applies to using interactive functions (e.g., Comment, Share, Like).
Purpose and legal basis  

We ourselves maintain the fan pages to communicate with those pages’ visitors and to keep them informed about our latest developments.

We also gather data for statistical purposes, so that we can refine and optimise content and make our services more attractive. The social networks process the necessary data for this purpose (e.g., total number of page visits, page activities and data provided by visitors, interactions) and make them available. We have no influence over how these data are generated or presented.

Your personal data will also be processed for market research and advertising purposes by the Facebook providers, and by Forum SA as well. It may thus happen that user profiles may be developed from your usage and the interests that usage indicates. These profiles may be used for such purposes as displaying ads that presumably match your interests, both on and off the platforms. As a rule, cookies are stored on your computer for such purposes. Irrespective of those cookies, your user profiles may also store data that are not gathered directly on your devices. Such data may also be stored and analysed across multiple devices, especially – though not only – if you are a registered member and have logged into the platform.

Other than the above, we do not gather or process any personal data.

Forum SA will process your personal data on the basis of our legitimate interest in effectively providing information and communication under Art. 6 para. 1 letter f of the EU-GDPR.
If your consent is requested for data processing – in other words, if you indicate your consent by confirming on a button or the like (“opt in”) – your data will be processed on the basis of Art. 6 para. 1 letter a and Art. 7 of the EU-GDPR.

Your rights / Right to object 

If you are a Facebook member and do not want the network to gather data about you by way of our page and to link those data with the member data the network has stored for you, you must:

• log out of the network before visiting our fan page,
• delete the cookies on your device, and
• close and restart your browser.

However, once you log in again, the network will again be able to recognise you as a particular user.
For a detailed discussion of the various ways in which your data are processed and how you can object to that processing (“opt out”), please see the information in the following links:

• Facebook: Data privacy policy
• Opt out: www.facebook.com/settings and youronlinechoices.com

Overall, you have the following rights concerning how your personal data are processed: a right of access; a right to rectification; a right to erasure; a right to restrict processing; a right to object to processing; a right to data portability; a right to lodge a complaint with a supervisory authority about unlawful processing of your personal data.  However, as Forum SA does not have full access to your personal data, you should assert your rights directly to the provider of the social media. These providers have access to their users’ personal data, and they are the ones who can take the appropriate measures and provide information.

Nevertheless, we will of course be happy to assist you if you need help.

Further information

Notes on copyright 

If you wish to publish pictures, text, maps, videos, music, etc. on our site, you should be aware that you may thereby assign all rights of use to the network. This may ultimately have legal consequences for you if you yourself are not the author of the materials or do not hold the rights to them.

Links to other companies

Our website contains clearly recognisable links to the websites of other companies. Such websites are operated and maintained solely by them. When we link to the websites of other companies, we have no influence over their content, and therefore can also assume no responsibility or liability for that content. Each provider or website operator is responsible for the content of their own websites.  Please read carefully the relevant personal data protection policies of the websites that you use, since they may significantly different from ours.

Video Conferencing

Microsoft Teams (Art. 6 para. 1 letter b EU-GDPR)

We use the video conferencing tool Microsoft Teams to communicate with our customers, business partners or exhibitors. We use this tool to conduct video conferences, telephone conferences or online meetings. Microsoft Teams is a service provided by Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA).
Microsoft Teams can be used either via your web browser or, alternatively, via the MicrosoftTeams app installed on your end device.

When using Microsoft Teams, different types of data are processed. Which data is processed also depends on the information you provide.

When using Microsoft Teams, your user data stored with Microsoft Teams (e.g. name, mail address, profile picture, language, etc.) will be processed. Furthermore, connection data (e.g. IP address) and metadata (e.g. meeting ID, phone numbers, dates, etc.) are collected. Finally, image and sound data from you will be processed. For this purpose, Microsoft Teams obtains access to the camera and microphone of your end device for the duration of the transmission, if you allow this. You can interrupt the image and sound transmission at any time. In addition, it is possible to make text entries (chat) and to transfer files together with their content (in the case of file exchange).

A logging of the chat process does not take place. Likewise, no video or audio recording is made and is prohibited. If, in exceptional cases, a recording is to be made, the express consent of all persons concerned will be obtained in advance.

The processing of data is carried out for the purpose of conducting video conferences and serves to carry out pre-contractual measures or contract performance, Art. 6 para. 1 letter b EU-GDPR.

The data will only be stored for as long as is necessary to achieve the purpose and no legal retention obligations prevent deletion. Please note that the data may have to be stored for verification purposes based on legal retention obligations. In this case, the data will be deleted at the latest after expiry of the respective retention obligation.

The processing of personal data takes place exclusively within the EU/EEA. Only in certain exceptional cases (e.g. creation of a support ticket), it cannot be excluded that personal data is also processed outside the EU/EEA. Microsoft is obligated by corresponding contractual regulations to comply with EU data protection standards and to guarantee the European level of data protection. The necessary contractual framework for data processing by Microsoft Teams has been concluded.

Further information on data processing by Microsoft Teams can be found at: privacy.microsoft.com/en-us/privacystatement

Automated decision-making

We do not employ purely automated processing procedures in making our decision.

Questions or comments

If you have any questions or comments on this Personal Data Security and Protection Policy or if you consider that we have not abided by the principles set herein, please e-mail us at gdpr@forumsa.gr or contact us at the following address: 328, Vouliagmenis Avenue, Agios Dimitrios, Attica, Postal Code 17342 or call us at 00302105242100 (contact person: Gialouris Athanasios)

Last update: 12 September 2023