Privacy Policy

Privacy Policy

Privacy Policy

1. Introduction

This Privacy Policy concerns the website of the Department of Cultural Technology and Communication of the University of the Aegean, which operates on the domain ct.aegean.gr.

The Department respects the protection of the personal data of website visitors, students, prospective students, alumni, members of the academic community, and every natural person who communicates with the Department.

This policy explains which categories of personal data may be processed through or in connection with the website, for which purposes, on what legal basis, as well as what rights data subjects have under the General Data Protection Regulation 2016/679, known as GDPR, and the applicable national legislation.

2. Data Controller

The data controller for the personal data processed in the context of the operation of the website is:

University of the Aegean Department of Cultural Technology and Communication Administration Building, University Hill 81100 Mytilene Department Secretariat Email: secr-culturaltec@aegean.gr

For matters relating to the protection of personal data, you may also contact the Data Protection Officer of the University of the Aegean:

Data Protection Officer Email: dpo@aegean.gr

3. Hosting and Technical Management of the Website

The website is hosted on infrastructure of the University of the Aegean. Its technical management and maintenance are carried out by an external partner, who acts upon relevant assignment or authorization and gains access only to the extent necessary for the operation, maintenance, security, and technical support of the website.

4. Data Collected Through the Website

The website does not have contact forms, registration forms, event participation forms, a newsletter, or a login area for regular users.

During a simple visit to the website, the visitor is not asked to submit personal data through a form.

However, the following categories of data may be processed:

a) Technical visit data, such as IP address, date and time of access, pages requested, browser type, operating system, and other technical information necessary for the operation and security of the website.

b) Data sent via email, when the user chooses to communicate with the Secretariat or with another displayed email address of the Department. In this case, the content of the message, the sender’s email, and any information the sender includes in their message are processed for the management of the request.

c) Published academic and professional information, such as names of members of the academic community, official email addresses, position/capacity, curricula vitae, official photographs, office hours, course schedules, or examination schedules in which instructors’ names are mentioned.

d) Data related to embedded third-party content, particularly when pages of the website include embedded videos from YouTube.

The website does not publish grades, registration numbers, student lists, or announcements that individually concern specific students through public pages.

5. Purposes of Processing

Personal data is processed for the following purposes:

a) For the proper operation, maintenance, and security of the website.

b) For the prevention, detection, and handling of technical problems, malicious actions, or unauthorized access.

c) For the management of communication emails sent by users to the Secretariat or other official points of contact of the Department.

d) For informing the public about studies, announcements, academic activities, course schedules, examination schedules, events, and activities of the Department.

e) For the publication of academic and professional information concerning the staff, instructors, and associates of the Department, when this is necessary for the operation and academic mission of the Department.

f) For the display of educational, academic, or informational content through embedded videos from third-party services, such as YouTube.

6. Legal Bases for Processing

The processing of personal data is carried out, as applicable, on the basis of one or more of the following legal bases:

a) Performance of a task carried out in the public interest, when the processing is necessary for the fulfillment of the educational, academic, research, administrative, and informational mission of the University of the Aegean.

b) Compliance with a legal obligation, when the processing is required by applicable legislation.

c) Legitimate interest, when the processing is necessary for the security, technical operation, maintenance, and protection of the website and information systems.

d) Consent, where required, particularly for non-strictly-necessary cookies or for the loading of third-party content that may install cookies or collect data.

7. Cookies

The website uses only strictly necessary cookies, which are required for the basic technical operation, security, and management of the website.

The website does not use cookies for analytics, advertising tracking, remarketing, or visitor profiling.

Where a cookie information or management mechanism is displayed, its purpose is to inform the visitor and, where required, to obtain consent for non-strictly-necessary functions.

The visitor may also configure their browser to reject or delete cookies. Disabling strictly necessary cookies may affect the proper functioning of certain technical features of the website.

8. Embedded Third-Party Content

The website may include embedded videos from YouTube.

When a visitor views or loads a page containing embedded content from a third-party provider, such as YouTube, the third-party provider may collect technical data, use cookies or similar technologies, and process data in accordance with its own privacy policy.

The Department does not have full control over the data processing carried out by third-party providers of embedded content. For this reason, visitors are advised to also review the privacy policies of the respective providers.

The website does not use Google Maps or OpenStreetMap embeds, social media feeds, or social media embeds. Any sharing links to social networks function as simple links and not as embedded third-party social network scripts.

9. Analytics, Newsletter, and Forms

The website:

does not use analytics tools based on cookies. For this purpose, WP Statistics is used, which is based on the cookie-less tracking method and complies with the GDPR of the European Union.

does not have a newsletter,

does not have contact forms,

does not have registration or participation forms,

does not have user comments,

does not have login accounts for regular visitors, students, or external users.

Communication with the Department takes place through the official email addresses displayed on the website.

10. Published Content and Personal Data

The website publishes general announcements, updates, academic information, course schedules, examination schedules, information about Department activities, and PDF files.

Published files and announcements may include names of instructors, staff members, associates, or speakers, when this is necessary for academic and administrative information purposes.

The website is not intended for the publication of students’ personal data, grades, registration numbers, individual requests, or personalized administrative acts.

11. Data Recipients

Access to personal data may be granted only to strictly necessary authorized persons or services, depending on the purpose of the processing.

Possible recipients are:

a) the competent services of the University of the Aegean,

b) the Secretariat of the Department, in the case of communication emails or administrative requests,

c) authorized members of the academic, administrative, or technical staff, where required,

d) the external partner responsible for the technical management or maintenance of the website,

e) third-party providers of embedded content, such as YouTube, only to the extent that the visitor loads or views the relevant embedded content.

12. Transfer of Data Outside the European Economic Area

The website does not use analytics, advertising tools, external CDNs, newsletter services, or forms that send data to third-party providers.

However, the display of embedded YouTube videos may involve data processing by Google/YouTube, in accordance with its own policies and its own compliance mechanisms. This processing may, as applicable, involve the transfer of data outside the European Economic Area.

13. Data Retention Period

The website does not collect personal data through forms and does not maintain newsletter lists or regular user accounts.

Emails sent to the Secretariat or other official email addresses of the Department are retained for as long as is necessary for the management and documentation of the relevant request, in accordance with administrative needs and the policies of the University of the Aegean.

Technical log files, where maintained by the University’s hosting infrastructure, are retained for as long as is required for purposes of security, technical operation, problem diagnosis, and protection of information systems, in accordance with the University’s corresponding technical and organizational policies.

14. Data Security

The University of the Aegean and the Department take appropriate technical and organizational measures to protect the website and data from unauthorized access, loss, alteration, malicious use, or unlawful processing.

Access to the website’s administration environment is restricted to authorized persons. The external technical support partner gains access only to the extent required for the maintenance, updating, security, and proper operation of the website.

15. Rights of Data Subjects

Every natural person whose data is processed has, under the conditions provided by law, the following rights:

a) right to be informed,

b) right of access to personal data,

c) right to rectification of inaccurate or incomplete data,

d) right to erasure, where applicable,

e) right to restriction of processing,

f) right to object to processing,

g) right to data portability, where applicable,

h) right to withdraw consent, where the processing is based on consent.

To exercise their rights, data subjects may contact the Data Protection Officer of the University of the Aegean at the email address dpo@aegean.gr.

16. Right to Lodge a Complaint

If you believe that the processing of your personal data violates applicable legislation, you have the right to lodge a complaint with the competent supervisory authority:

Hellenic Data Protection Authority

Before lodging a complaint, you may contact the Data Protection Officer of the University of the Aegean, so that the matter can be examined and the necessary clarifications provided.

17. Changes to This Policy

This Privacy Policy may be amended when the operation of the website changes, when new services are added, or when adaptation to applicable legislation is required.

Any newer version will be published on this page.

Last updated: 13 July 2026