Privacy Policy

Notification and Consent Statement for Personal Data Processing

The application Cherriz (hereinafter referred to as “the Application”) handles responsibly and treats as a matter of primary importance the issues of personal data protection and privacy. In this context, we publish this Notification in accordance with Article 13 of the General Data Protection Regulation to inform you about the use of your personal data.


If you have any questions or concerns of any kind or if any term in this Notification and the way we process your personal data is unclear to you, you can contact us at the following email:

Data Controllers:

Email Address: privacy@cherriz.app

Collection and Processing of Personal Data

You may see below the purposes of processing the personal data collected from the users of the Application, the types of the data, as well as the legal basis for their processing:

(a) Purposes of Data Processing:

  • Ensuring the smooth operation of the application and the protection of both the Application and its administrators as well as the users from malicious behavior.
  • Optimization of the Application’s Services within the framework in which the application may provide personal data to third parties, natural or legal persons.
  • Optimization of website usage

(b) Types of Personal Data:

  • Personal information, (full name, age, University of attendance, photos), contact details, (email as provided by the attending University), information on other matters (related to events organized, participation in them, photos, video material, content of exchanged messages
  • Login information, user activity within the website

(c) Legal Basis of processing:

  • Consent
  • Purposes of the legitimate interests pursued by the Application.
    The personal data provided by the users of the application are used exclusively for the purpose for which they were submitted.
    As per its legitimate interests, the management of the Application may assess the patterns of use as enacted by the users and measure how well its current strategy performs, i.e. track social media metrics.

Disclosure to Third Parties

The Application may disclose the above personal data to companies providing computer support and website hosting support, as well as to entities of any legal personality that have purposes or objects compatible with the purposes of the Application, which are bound to the Application with the same obligations for the protection of your personal data.

Security

The Application collects, retains, and processes personal data in a manner that ensures its protection. Specifically, the processing of personal data is carried out exclusively by authorized personnel or by personnel appointed for this purpose, while all appropriate organizational and technical measures are taken to ensure the security of the data and protection against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, and any other form of unlawful processing.

Retention Period

The personal data you submit to the Application are retained only for the period of time required to fulfill the purposes for which they were collected, and for as long as the user remains a member of the application, according to the law.

Subject Rights

In this section, your rights regarding your personal data are presented.
The Application and its administrators ensure the smooth exercise of the following rights:

  1. Right to information/update
    • You have the right to request and receive clear, transparent, and easily understandable information about how we process your personal data.
  2. Right of access
    • You have the right to access your personal data free of charge.
  3. Right to rectification
    • You have the right to request the correction of your personal data if it is inaccurate or incomplete.
  4. Right to erasure
    • You have the right to request the deletion or removal of your personal data when they are no longer necessary for the purposes for which they were collected or there is no lawful reason to continue processing them. The right to erasure is not absolute, to the extent that there is a particular legal obligation or other legitimate reason for the Application to retain your personal data.
  5. Right to restriction of processing
    • You have the right to restrict or suppress further processing of your personal data. In cases where processing has been restricted, your personal data remains stored without undergoing further processing.
  6. Right to data portability
    • You have the right to request your personal data that you have provided to us in a structured, commonly used, and machine-readable format, and to transmit this data to another controller.
  7. Right to object
    • You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data by the Application and its administrators, unless they demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

Consent Withdrawal

You are informed of your right to withdraw your consent at any time, without affecting the lawfulness of the data processed based on consent before its withdrawal, by contacting us at the email address: privacy@cherriz.app

Submitting a Complaint

For further information and advice regarding your rights or to submit a complaint, you can contact the Hellenic Data Protection Authority at the telephone number: +30 210 6475600 or visit their website: https://www.dpa.gr

Changes to this Notice

Our goal is to continuously review and update this Notice to comply with relevant legislative and regulatory requirements, while providing the best protection for your personal data. Any updates will be communicated through this website.


Definitions

Personal Data: any information relating to an identified or identifiable natural person, whose identity can be directly or indirectly verified, especially by reference to an identifier such as, but not limited to, name, telephone number, email address.

Special Categories of Personal Data (“Sensitive Personal Data”): personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data, data concerning health or sex life, or sexual orientation.


Data Subject: the identified or identifiable natural person to whom Personal Data and/or Sensitive Personal Data relate.
Processing: any operation or series of operations carried out with or without the use of automated means on personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or any other form of making available, alignment or combination, restriction, erasure, or destruction.


Data Controller: For the purposes of this policy, Data Controllers separately or jointly determine the purposes and the manner of processing Personal Data.


Processor: The natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of the Data Controller.


Consent: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

Strictly Necessary Cookies
For the operation of certain websites, it is necessary to collect certain cookies. In this case, your consent is not required. These are “first recipient cookies” without which the operation of our website is impossible. They allow you to browse and use the features of the website, such as accessing secure areas, etc. All your preferences and settings (e.g. language and country, login information, browser settings and plugins settings), stored in cookies, are reproduced on our websites, and cannot identify you personally. Without them, many services of our website are impossible to function effectively.

Performance, Analysis and Research Cookies
These cookies are solely used for internal research purposes aimed to improve the service we provide to all our users. These are cookies which aim to analyze your interaction with our website anonymously (the collected data does not personally identify you), gathering information such as the number of visitors to our websites and individual pages, as well as the frequency of return visits. They also track keywords used in search queries, the geographical location of users (including country, region, and, where applicable, city or municipality), among other factors. Furthermore, they record the pages you visit, the duration of your visits, and your points of interest. Your consent will be required for their use.
 
Advertising Cookies
These cookies help us in customizing advertisements that we think may be of interest to users, as well as collecting and using additional data concerning users’ activities on our websites and/or services (e.g., to enable them to personalize advertisements on third-party platforms). They enable us to gather information about users’ interest in any of our advertised products and services. Additionally, we utilize various tools (such as, but not limited to, Google Analytics, Google AdWords, Facebook pixel, etc.) to personalize the content and advertisements on our websites, provide social media features, and analyze website traffic. It’s important to note that for this purpose, we may share information regarding your website behavior with third-party providers of social media, advertising, and analytics services, who may combine it with other information you’ve provided to them or that they’ve collected from your use of their services. Your consent will be required for their use.