General Data Protection Regulation (GDPR)
On May 25, 2018, the European Union's General Data Protection Regulation (GDPR) will go into effect across all European Union markets. We believe this presents a new opportunity for marketers to strengthen their brand loyalty by focusing on consumer privacy while delivering amazing experiences. Think of it as experiential privacy — having privacy be a key part of the customer experience, through relevant privacy notices presented in context and choices that are on brand. More info about GDPR.
TERMS OF USE – PRIVACY POLICY & COOKIES
Members’ Platform
Panionios G.S. Smyrnis
1. General
This unified Policy governs the terms of use, the protection of personal data, and the use of cookies on the Members’ Platform of the sports association “Panionios Gymnastikos Syllogos Smyrnis” (hereinafter the “Association”).
The platform is addressed exclusively to adult natural persons aged 18 and over, in accordance with the Association’s Articles of Association.
Use of the platform constitutes unconditional acceptance of these terms.
2. Data Controller
The controller of the personal data is:
Panionios Gymnastikos Syllogos Smyrnis
Headquarters: Nea Smyrni, Athens
Contact email:
3. Scope of application & age restriction
The platform is used exclusively for:
• registration and management of regular members,
• management of subscriptions,
• administrative communication between the Association and its members.
Registration or use by minors is not permitted.
The Association does not knowingly collect data from minors.
4. Types of personal data
Only the strictly necessary personal data required for registration and membership status are collected, in accordance with the Articles of Association and the applicable sports and civil legislation, including indicatively:
• Full name
•Email address
• Contact telephone numbers (mobile and landline)
• Residential address
• Date of birth
• Identity card details (number, date of issue, issuing authority)
• Details of two (2) active members who propose the new registration
• Membership details
• Subscription status
The above data constitute personal data within the meaning of Regulation (EU) 2016/679 and are processed with enhanced security measures.
4.1 Processing of identity card details
Within the framework of registration and membership, the Association collects and processes identity card details and date of birth (number, date of issue, and issuing authority) exclusively for the purposes of:
• identifying the member,
• ensuring the uniqueness of the registration,
• complying with the Association’s Articles of Association and the applicable sports and civil legislation.
• Processing is carried out pursuant to Article 6(1)(b) and 6(1)(c) of Regulation (EU) 2016/679 (performance of a contract and legal obligation).
• Identity card details are not used for any other purpose, are not disclosed to third parties, and are protected by enhanced technical and organizational security measures.
•These data do not constitute special categories of data within the meaning of Article 9 GDPR.
5. Purposes of processing & legal basis (Article 6 GDPR)
The data are processed exclusively for:
1.Registration and management of members
2.Legal basis: performance of a contract
Management of subscriptions and financial obligations
Legal basis: performance of a contract & legal obligation
3.Administrative and operational communication
Legal basis: legitimate interest
The data are not used for commercial advertising.
6. Subscription payments (no e-commerce)
The Association does not operate an online store.
Subscription payments are made exclusively:
a) Via Stripe
Electronic payments are processed directly by Stripe.
The Association does not store or manage card details.
Stripe acts as an independent Data Controller, in accordance with its own Privacy Policy.
b) Via bank deposit (Credia Bank)
In the case of bank deposit, the Association receives only the details appearing on the deposit receipt, solely for accounting identification.
c) Exceptionally, via cash deposit or POS
This will take place at the Association’s offices. The purpose of the Members’ Platform is for all payments to be made electronically and transparently; for this reason, members should comply with paragraphs 6(a) and 6(b).
7. Disclosure of data to third parties
Personal data:
• are not sold,
• are not rented,
• are not disclosed to third parties
except where:
• required by law,
• strictly necessary for the operation of the platform (e.g. Stripe, hosting provider).
All providers are bound by Article 28 GDPR.
8. Data retention period
Data are retained:
• for as long as the member maintains active membership,
• and for as long as required by tax and sports legislation.
Thereafter, they are deleted or anonymized in a secure manner.
9. Data subject rights
Members have the right to:
• access,
• rectification,
• erasure,
• restriction of processing,
• objection, lodge a complaint with the Hellenic Data Protection Authority.
Requests:
Response time: up to 1 month.
10. Data security
The Association applies:
• encryption (SSL),
• access control,
• organizational and technical protective measures.
11. Cookies Policy
The platform uses strictly necessary cookies, which are required for:
• user authentication,
• session security,
• the basic operation of the platform.
The following are not used:
• advertising cookies,
• profiling cookies,
• third-party behavioral analytics cookies.
Disabling cookies may affect the functionality of the platform.
12. User obligations
The user must:
• provide accurate information,
• protect their login credentials,
• use the platform exclusively for lawful purposes and purposes permitted by the Articles of Association.
13. Amendments
The Association reserves the right to amend this Policy.
The current version is always published on the Members’ Platform.
I declare that the information I submit, including identity card details, is true and that I have been informed of its processing in accordance with the Terms of Use and the Privacy Policy of Panionios G.S.
