The new General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (generally known as “the GDPR”) is in force as of 25.5.2018, with the aim of enhancing the protection of personal data for all individuals within the European Union. The Department of Biochemistry-Biotechnology, Postgraduate Program “Toxicology” of the University of Thessaly is the organiser of the Scientific Summit on Tobacco Harm Reduction: Novel products, Research & Policy and the administrator of the relevant website, is based in Larissa, Greece (Viopolis Mezourlo, 41 500 Larisa) and fully complies with the national and EU legislation in force in relation to the collection, processing and storage of personal and sensitive data.
The aim of this Privacy Protection Policy (hereinafter referred to as “the Policy”) is to inform you on the type of personal data collected, on how and for which purpose such data is being collected and processed, on the third parties sharing such data and about your rights, when subscribing as conference speakers or conference committee members (hereinafter referred to as “Speakers”, or as conference participants.
We should like to inform you that the processing of conference speaker and participant personal data is governed by this Policy and the applicable legislation in relation to the protection of personal data, including Regulation (EU) 2016/679 (General Data Protection Regulation).
The term “personal data” shall mean any information related to an identified or identifiable natural person (“data subject”). An identifiable natural person is that person, whose identity may be directly or indirectly identified, particularly by referring to an identification item such as the name, the number of the proof of identification, location data, or online identity item, or to one or more factors attributable to the bodily, physical, genetic, psychological, financial, cultural or social identity of that natural person.
The Organisation, being the conference organiser and administrator of this website, acts in its capacity as controller and collects and processes personal data that is voluntarily provided by you when visiting the conference website, when making use of website services (e.g. registration, newsletter subscription, participation of a speaker in the conference, etc.), or when opting to contact the Organisation and/ or the conference contact persons in any way whatsoever.
You may opt not to provide your personal data (excluding data that is related to the use of Internet communication protocols and that is usually collected when visiting a website). However, in such case, some of the website functions, including services provided on the website, may become unavailable or inefficient.
The Organisation’s aim in relation to the personal data that is collected and subjected to processing is for such data to comply with their purported use, to be accurate and complete, and to be subjected to legal, legitimate and transparent use.
(a) The Organisation does not collect personal data of visitors. When accessing the website as visitors, you may be assured that no personal data is being stored or used.
(b) The controller’s email address is firstname.lastname@example.org and they may be contacted in relation to any matter related to personal data. Questions sent to this address will be replied immediately.
(c) The Organisation collects conference participant and speaker personal data with the aim to:
- use it in the context of smoothly and safely organising the conference
- contact you.
(d) The data collected and processed in relation to conference participants and speakers is the following:
- Your full name.
- Your company or organisation.
- Your profession.
- Your email address.
- Your telephone number.
- Your postal address.
- Your tax (VAT) registration number and tax office.
(e) When is this data collected and how is it used?
This data is voluntarily provided by you, when registering as a conference participant and/ or speaker. This data is preserved by us and is used only for serving the above purposes, about which you have been duly informed and explicitly assented by providing such data.
No personal data item is made available to third parties, and no third party access to such data is being granted, with the exception of the entities mentioned in the “Personal data recipients” section below, in other words to our external collaborators acting on our behalf.
Your personal data is being subjected to lawful and legitimate processing, and in a manner that is transparent for you. It is being collected for the abovementioned specific, explicit and lawful purposes and it is not being subjected to further processing in a manner that is not compatible with these purposes. It is appropriate, relevant and limited to what is necessary in the context of the purposes for which it is being processed.
Your personal data shall be kept for as long as it shall be necessary to fulfil the purposes described in this Policy, unless a longer preservation period is otherwise compulsory or permitted subject to the Greek law in force. In any case, every effort shall be made not to exceed the time necessary for the applicable purpose. The criteria used for determining the data preservation period include the following (a) the period of our relationship with you; (b) the period that is necessary for the Organisation to comply with a legal commitment; (c) the period that is considered appropriate in relation to our legal position (such as for judicially defending rights, in relation to audits by regulatory authorities, etc.).
We guarantee the protection of this data from non-authorised or illegal processing and random loss, destruction or damage, by using suitable techniques and organisational measures. What is more, to better safeguard the storage of personal data, we use modern cryptography techniques.
The collection and processing of personal data includes:
- In the case of speakers:
(a) publishing your details (your full name, your status and your company, organisation or institution) on the conference website and in the conference printed materials;
(b) publishing abstracts of your conference presentations on the conference website (http://www.nosmokesummit.org);
(c) using the content of your presentation or speech in newsletters, conference proceedings (printed and/ or electronic);
(d) sending your presentation to journalists;
(e) posting your photographs of the sessions and/or the conference venue;
(f) using your presentation in combination with the video of your address (webcasting);
(g) posting and/ or publishing the .pdf file of your presentation.
- In the case of conference participants and speakers:
(a) using your full name and email address for posting information material about the conference and related matters, until the end of the next conference or until 31.05.2019 at the latest;
(b) for investigating breaches of applicable legal provisions, rules or regulations, or of the terms and policies of our website, and for protecting our rights, our he property and our security, as well as those of users or of third parties;
(c) for ensuring the Organisation’s compliance with their legal commitments (e.g. for revealing information as required by the law, a regulation or a court order).
The Organisation uses modern cryptography technologies for transmitting the data exchanged on our website. This applies not only to the information sent or received in relation to financial data of users, but also during the entire visit to the website.
We take all necessary security measures so as to ensure maximum protection and security of the personal data of website users/ visitors.
Right to information, and of access, correction, objection, transfer and deletion
As the subject of your personal data, you may contact the controller so that they inform you about, and grant you access to such data. You also reserve the right to modify such data, object to its processing, as well as to transfer or delete it. Also, in some cases, you may revoke the consent granted for the processing of this data. If you fear that there is a breach of any of your rights regulated by the applicable Greek and EU regulatory framework in relation to personal data, you may always contact the Data Protection Authority.
The contact details of the Hellenic Data Protection Authority are the following: Hellenic Data Protection Authority. Postal address: 1-3, Kifissias str., Zip code: GR-11523, Athens. Tel.: +302106475600. email: email@example.com.
If you have any questions, comments or concerns in relation to the processing of your personal data by the Organisation, or if you wish to exercise your rights, you can contact us by email (firstname.lastname@example.org).
This conference is addressed only to persons aged eighteen (18) years or older. By continuing the use of, or visit to, this site, the age of the visitor/ user is deemed to be eighteen (18) years or older. The conference organisers shall not be liable for the exposure of minors to the website contents or for its use by minors in any other way whatsoever. Visitors aged from sixteen (16) to eighteen (18) years may use the services of this website only under the supervision of their parents or parental custodians who, by continuing their browsing on the conference website, agree to the privacy terms and conditions and grant their relevant consent. In any other case, the conference organisers shall not be liable for such use/ participation. We shall not keep or make any use of personal data if during the collection or processing of such data we become aware that the user is a minor or he/ she has not been granted necessary parental consent.
Personal data recipients
The Organisation shall not sell, exchange or rent personal data to third parties, be they legal or natural persons, nor shall they aim to disclose your personal data to any third party whatsoever, excluding: (a) external contractors of the Organisation that act on its behalf, by committing to implement, partially or fully, actions related to the promotion, organisation and organisational support of the conference and to its creation and management; (b) providers of website/ database hosting services; (c) newsletter management service providers; (d) natural or legal persons performing such processing.
Access to your personal data may also be open to public authorities and agencies, if such access is required subject to the legislation in force. Your personal data may also be transferred, if the legal form of the Organisation is modified in any way whatsoever. In such a case, the Organisation shall make every possible effort to inform you by email, or in any other appropriate way, about the change in the control of your personal data, and you will have a clear choice to exercise your rights, including that of deletion of your personal data.
Transfer of personal data outside the EEA and guarantees
In the context of organising and managing this conference, the Organisation may effect a cross-border transfer of data outside the EEA. In any case, the Organisation shall fully comply with the statutory provisions in force and shall effect data transfers to companies registered in the EEA pursuant to the provisions of the EU legislation. Transfers of data to companies registered outside the EEA may be only effected to countries with an adequate statutory and regulatory framework in relation to the protection of personal data. In case that the third country does not ensure such an adequate level of protection, corresponding to that of the EU, the cross-border transfer of data shall be effected only on the basis of a specific data transfer agreement.
Explicit consent for video recordings, photo shootings and live streaming
By registering on the conference website, which is a requirement for attending the conference as a speaker or participant, and by subsequently being present at the conference venue and attending the conference in any capacity whatsoever, you explicitly and unreservedly consent to the use of the images and oral statements and presentations by the Organisation. Such images may be recorded on video during the days of the conference and/ or may be used for live-streaming the conference sessions during the days of the conference, for any purpose whatsoever and, more in particular, for information, promotion, commercial or other purposes, or generally for promoting the conference as appropriate (such as, indicatively, on printed media or on the Internet [on this website, on other websites, on social media, etc.] or using any other audio or video services [television, radio]).
The Organisation reserves the right to revise this Policy, at any time and at their absolute discretion. All revisions will be promptly displayed on this webpage and will be accompanied by a clear indication of the date of last update. You are encouraged to frequently read this Policy, so as to be aware of any modifications or updates to it. If you continue to visit the conference website and/or use our services, it is assumed that have read, understood and fully accepted any revisions to our Policy, which would be promptly posted on this webpage.
Last update: 25 September 2018