Privacy Policy

1. Introduction

SCC (Social Computation Consultant) is committed to protecting and safeguarding the privacy of visitors and clients. This Privacy Policy explains how we collect, use, store, and disclose personal data through our website https://www.myscconsultant.com/.

By accessing our site and providing consent where required, you agree to the terms described in this Privacy Policy. If you do not agree with any part of this policy, please do not use our site.

2. Data Controller & Contact Information

The Data Controller of your personal information is:

SCC (Social Computation Consultant)
Address: Omirou 1, Ampelonas, Larissa, Greece, Zip Code 4040
Email: info@myscconsultant.com

For any questions or requests regarding your personal data, you can contact our Data Protection Officer (DPO):

Data Protection Officer (DPO): Chris Chitoudis
DPO Email: info@myscconsultant.com

3. What Data We Collect

When you use our site, we may collect the following categories of data:

1. Personal Data You Provide Voluntarily

   • Contact Information: Name, surname, email address, telephone number, company details (when you fill out contact forms, register for a newsletter, request services, etc.).

   • Account/User Information: Username and password (if there is any member area or client portal).

2. Data Collected Automatically During Browsing

   • Technical Data: IP address, browser type/version, operating system, device type (desktop/mobile/tablet), screen resolution, referral URLs.

   • Usage Data (Analytics): Pages you visit, time spent on each page, navigation path, clicks (clickstream), login/logout events, server logs.

   • Cookies and Similar Technologies (Web Beacons, Pixel Tags): See the “Cookies” section below.

3. Data from Third Parties

   • When we use third-party services (e.g., Google Analytics, Facebook Pixel, embedded content), additional aggregate or anonymized usage data may be collected. For more information, see the “Third-Party Sharing” section.

4. Legal Basis for Processing

We process your personal data based on one or more of the following lawful bases under the General Data Protection Regulation (GDPR – Regulation (EU) 2016/679):

1. Consent (Article 6(1)(a) GDPR):
   When you provide your consent—for example, subscribing to our newsletter or submitting a contact form. You may withdraw your consent at any time.

2. Performance of a Contract (Article 6(1)(b) GDPR):
   To provide the services you request (e.g., training, workshops, consulting services).

3. Legal Obligation (Article 6(1)(c) GDPR):
   When processing is necessary to comply with legal requirements (e.g., maintaining accounting records, tax obligations).

4. Legitimate Interest (Article 6(1)(f) GDPR):
   When processing is necessary for our legitimate interests (e.g., ensuring network security, fraud prevention, website improvement, marketing). We always balance our interests against your rights and freedoms.

5. Purposes of Processing

We use your personal data for the following purposes:

1. Service Provision & Communication

   • To process your service requests (e.g., training, workshops, consulting).

   • To respond to inquiries submitted via contact forms or email.

2. Account/Client Management

   • To create, update, and maintain your account details (if there is a login area).

   • To provide post-purchase support or after-sales service.

3. Marketing & Newsletters

   • To send newsletters and informational emails about new services, workshops, events, and promotions.

   • To analyze open rates and click-through rates for content optimization.

4. User Experience (UX/UI) Improvement

   • To collect usage statistics (via Google Analytics and other tools).

   • To draw insights for improving site content, design, and functionality.

5. Legal & Tax Compliance

   • To maintain tax and financial records, invoices, and other accounting information to meet legal obligations.

6. Cookies & Similar Technologies

The website https://www.myscconsultant.com/ uses cookies and similar technologies (web beacons, pixel tags) to enhance functionality and user experience. Specifically:

1. Strictly Necessary Cookies

   • These cookies are essential for the website’s basic functions (e.g., session cookies for navigation, cart persistence, login sessions).

   • No consent is required for strictly necessary cookies, as they are fundamental to site operation.

2. Functional Cookies

   • They store user preferences (e.g., language choice, display settings).

   • They enable features like saving form inputs in progress.

   • Disabling these cookies may affect site functionality.

3. Analytics/Performance Cookies

   • They gather anonymous data about site usage (e.g., Google Analytics, Hotjar).

   • They help analyze traffic, identify issues, and improve content.

   • Your explicit consent (opt-in) is required for these cookies to function.

4. Marketing/Advertising Cookies

   • They are used for personalized advertising, remarketing campaigns, and ad performance measurement (e.g., Facebook Pixel, Google Ads).

   • Explicit consent (opt-in) is mandatory.

   • You can opt out via your browser settings or through each provider’s opt-out links (e.g., Google Analytics Opt-Out Browser Add-On).

6.1 Managing & Disabling Cookies

To manage or disable cookies, adjust your web browser settings. Each browser (Chrome, Firefox, Safari, Edge, etc.) offers options to delete individual or all cookies and to block future storage. Please note that disabling cookies may impair certain site functions.

7. Third-Party Sharing

To achieve the purposes described above, we may share your data with third parties only under GDPR compliance:

1. Service Providers

   • Examples: Web hosting providers, email marketing platforms (e.g., MailChimp/Sendinblue), CRM systems, payment processors (e.g., PayPal, Stripe), IT support providers.

   • Data is shared to ensure the proper operation and support of our services and is governed by Data Processing Agreements that guarantee GDPR-level protection.

2. Analytics Providers

   • Google Analytics, Hotjar, or similar tools that receive anonymized or pseudonymized usage data.

   • These providers use data solely for statistical analysis and do not disclose personal information to third parties.

3. Advertising Partners

   • Facebook, Google Ads, etc., to display targeted ads or measure campaign performance.

   • To the extent required by these third-party tools, they collect anonymized or pseudonymized data for remarketing.

4. Legal & Regulatory Authorities

   • If required by law (e.g., court orders, supervisory authority requests), we may disclose data to public or governmental authorities.

5. Corporate Transactions

   • In the event of a merger, acquisition, or assets sale, personal data may be transferred to the new data controller, under legal conditions that ensure continued protection.

Under no circumstances do we sell or lease your personal data to third parties for their own marketing purposes.

8. Cross-Border Data Transfers

Your data may be transferred or stored on servers outside the European Union (e.g., United States, Canada) where our service providers operate. Such transfers are conducted with lawful safeguards (e.g., Standard Contractual Clauses) to ensure the same high level of data protection.

9. Data Retention

We retain your data only as long as necessary for the purposes for which it was collected, taking into account:

• Legal retention requirements (e.g., accounting records: at least 10 years).

• The duration of our business relationship (e.g., up to 2 years after the last interaction, unless you request deletion earlier).

• Marketing/newsletter records: until you withdraw consent or request removal.

Retention Periods by Data Type:

Data TypeRetention Period

Contact Form Data2 years after last communication or until consent is withdrawn

Account/User Data Until account deletion or consent withdrawal

Invoicing/Accounting Records 10 years, per tax/accounting laws

Newsletter Subscription Data Until consent withdrawal or removal from mailing list

Analytics Usage Data (Anonymized) 24 months, with anonymization after the first six months

10. Data Subject Rights

Under the GDPR, you have the following rights regarding the processing of your personal data:

1. Right of Access (Article 15 GDPR):
   You can request confirmation of whether we process your data and obtain a copy of that data.

2. Right to Rectification (Article 16 GDPR):
   You may request correction of any inaccurate or incomplete personal data.

3. Right to Erasure (“Right to Be Forgotten,” Article 17 GDPR):
   You can request deletion of your data if there is no lawful basis for retaining it (e.g., you have withdrawn consent, and no other legal basis exists).

4. Right to Restrict Processing (Article 18 GDPR):
   You may request that we temporarily suspend processing of your personal data (e.g., if you contest its accuracy).

5. Right to Object (Article 21 GDPR):
   You have the right to object to processing based on our legitimate interests. If you exercise this right, we will cease processing unless we have compelling legitimate grounds.

6. Right to Data Portability (Article 20 GDPR):
   You may request your personal data in a structured, commonly used, machine-readable format (e.g., CSV) and, if technically feasible, have it transferred to another data controller.

7. Right to Withdraw Consent (Article 7(3) GDPR):
   If you have given consent for any processing (e.g., newsletter), you can withdraw it at any time without affecting the lawfulness of prior processing.

8. Right to Lodge a Complaint (Article 77 GDPR):
   If you believe we have infringed upon your data protection rights, you may file a complaint with the Hellenic Data Protection Authority at www.dpa.gr.

To exercise any of these rights, please send a request via email to info@myscconsultant.com. We will respond within one month of receiving your request, unless an extension of up to two months is necessary for complex or numerous requests. In such cases, we will notify you in writing within one month.

11. Data Security

SCC implements appropriate technical and organizational measures to ensure the security of personal data, preventing unauthorized access, disclosure, alteration, or destruction. Specifically:

• SSL/TLS Encryption: All communication between users and our servers is encrypted via HTTPS (SSL/TLS).

• Restricted Access: Only authorized personnel (employees/contractors) have access to personal data, strictly on a need-to-know basis.

• Backups: Data is stored in encrypted backups to facilitate recovery in case of loss or damage.

• Firewall & Antivirus: Our hosting environment uses firewalls and malware detection to guard against threats.

• Incident Response Procedures: We have a defined breach notification procedure to comply with Article 33 of the GDPR in the event of a suspected or confirmed data breach.

Despite these measures, no system is 100% secure. If you discover a security vulnerability or suspect that your data may be at risk, please notify us immediately at info@myscconsultant.com.

12. International Data Transfers

As mentioned in section 8, some of your data may be transferred to countries outside the EU/EEA when hosted by service providers (e.g., Amazon Web Services, Google Cloud, Microsoft Azure). All such transfers rely on lawful mechanisms (e.g., Standard Contractual Clauses) to ensure that your data remains protected at EU levels.

13. Third Parties & Confidentiality

Under no circumstances do we sell or rent your personal data to third parties for their own marketing use. We only share data with:

• Service Providers bound by Data Processing Agreements ensuring GDPR compliance.

• Legal & Regulatory Authorities when required by law.

We remain responsible for protecting your data even when it is shared with third parties.

14. Right to Lodge a Complaint

If you have any concerns or complaints about how we process your personal data, you may:

1. Contact us first (DPO) at dpo@myscconsultant.com or info@myscconsultant.com.

2. If you are not satisfied with our response, you may file a complaint with the Hellenic Data Protection Authority at www.dpa.gr.

15. Changes to the Privacy Policy

This Privacy Policy may be reviewed and updated periodically (at least annually) or whenever there are significant changes to our data processing activities or relevant legislation. Any new version will be posted on this page with an updated revision date. We recommend that you check back regularly for updates.

16. Acceptance and Use of the Website

By using https://www.myscconsultant.com/, you accept the terms of this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our website.