ACS Athens Global maintains a database of the ACS Athens (American Community Schools) community (Alumni, Current Employees, Former Employees, Friends of ACS Athens, Parents, Partners) in order to stay in touch with our constituents who have vested interested in keeping updated on news, events, career initiatives and fundraising activities of ACS Athens.
Some of our database (but not all) choose to join our online community by registering on this website and creating an online profile. In both instances (individuals with offline database records and individuals with online profiles), we collect and store personal information (or “data”) about you. We are committed to protecting and respecting your privacy and this Policy sets out what information we collect about you, where and how we use (“process”) it.
We may change this Policy from time to time. If we make any significant changes we will advertise this on the website or contact you directly with the information. Please check this page occasionally to make sure you are happy with any changes.
If you have any questions about this Policy or concerning your personal information, please contact the ACS Athens Data Protection Officer at firstname.lastname@example.org or call +30 (210) 6070263.
For the purposes of current and future legislation covering data protection in EU and Greece, the Data Controller is ACS Athens.
What type of personal information we collect:
The information we have about you depends on where we collect it, but may include:
Where we collect information from
We collect personal information when you:
[Note: we have not included public sources used in data matching and tele-appending, on which further advice should be sought, if relevant to your organization]
How we use your information
We will use your personal information in a number of ways, always with a legal basis for processing your data. These may include:
[Note: The above is a selection of the ways in which data might be used. You should delete where not applicable and add any other intended uses you have. Note that we have not included profiling, wealth screening, or transference of personal data off the ToucanTech database to other third parties – you should clearly state if you are doing any of these things, and potentially seek legal advice on the nature of this processing.
Our legal basis for processing your information
The use of your information for the purposes set out above is lawful because one or more of the following applies:
Updating your consent preferences
If you have an online profile on this website you can update your consent options by logging-in and clicking on “My Settings” in your profile. Scroll down to find your ‘Consent options’ where you will see a list of consents and the options “opt-in”, “opt-out” and “unspecified”.
Via ‘My Settings’ you can also choose to hide your profile from Google, limit access to your profile so that it’s only viewable to your connections and adjust some of the automatic notifications that you receive from this website. Please note that your name (but not full profile) may appear in various places around the community website, such as a ‘Recent Joiners’ box and in ‘Search’ results irrespective of the privacy settings you have selected.
If we are using consent as our legal basis for processing your data, we must have an explicit “opt-in” from you for this specific type of processing.
If we are using legitimate interests as our legal basis for processing your data, we will process your data responsibly in a way that you would reasonably expect, and you can opt-out at any stage.
If you click ‘unsubscribe’ at the bottom of one of our emails sent you will be automatically opted-out of these types of email communications in the future.
If you want to contact us about your consent preferences please contact email@example.com.
How we keep your information safe
We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.
Your data is stored on a dedicated, secure cloud server hosted by Amazon Web Services (AWS) in the EU and managed by our website provider, ToucanTech. Industry-standard firewalls, anti-virus, encryption, and backup methods are in place, as well as strict data handling protocols.
We always ensure only authorized persons have access to your information, which means only our approved employees and contractors, and that everyone who has access is appropriately trained in data management.
If you have an online profile for this website you are responsible for keeping your login details (email and password) confidential and we ask that you do not share your password with anyone.
No data transmission over the internet can be guaranteed to be completely secure. So, whilst we strive to safeguard your information, we cannot guarantee the security of any information you provide online and you do this at your own risk.
Who has access to your information?
Third parties who provide services for us. We select our third-party service providers with care. We provide these third parties with the information that is necessary to provide the service and we will have an agreement in place that requires them to operate with the same care over data protection as we do
Third parties if we run an event in conjunction with them. We will let you know how your data is used when you register for any event.
Web hosting, email hosting, analytics, and search engine providers that enable us to run our community database and improve our website and its use
Third parties in connection with restructuring or reorganization of our operations, for example, if we merge with another business. In such an event, we will take steps to ensure your privacy rights will be protected by the third party.
Other than this, we will not share your information with other organizations without your consent.
Keeping your information up to date
Please let us know if your contact details change. This is important to safeguard your privacy in case of a data breach risk. Online members can update their details directly by logging in to the website and clicking on ‘My Settings’ under your profile. You can also update your details by contacting us at firstname.lastname@example.org.
Use of aggregated data
Where data can be aggregated and anonymized, our website provider (ToucanTech) might use this for research purposes without restriction. For example, they may monitor traffic patterns, site usage, response rates, and data trends to help make improvements to the website software. They are entitled to do this because the resulting data will not personally identify you and will therefore no longer constitute personal data for the purposes of data protection laws.
How long we keep your information for
We will hold your personal information for as long as it is necessary for the relevant activity.
Where we rely on your consent to contact you for direct email marketing/ fundraising purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for [two] years. We may periodically ask you to renew your consent.
If you ask us to stop contacting you, we will keep a record of your contact details and limited information needed to ensure we comply with your request. If you ask us to remove your personal data from our database we will delete all the information we hold out apart from your name and the dates that you attended ACS Athens and archive your record in our database.
You have the right to request details of how we use your personal information through making a subject access request. Such requests have to be made in writing by contacting [details].
You also have the following rights:
All of these rights are subject to certain safeguards and limits or exemptions. To exercise any of these rights, you should contact email@example.com.
If an individual believes that ACS Athens has not complied with this policy or acted otherwise than in accordance with Data Protection Laws, please contact ACS Athens immediately.
If you feel your complaint has not been addressed satisfactorily, please contact the Data Protection Office of ACS Athens. You can also make a referral to or lodge a complaint with the Data Privacy Authority at your location (Examples: If in UK contact: Information Commissioner’s Office (ICO) at https://ico.org.uk • If in Greece, contact: Data Protection Αuthority of Greece)
This Policy was last updated in February 2022.