Privacy Policy

Last updated: January 2025

This Privacy Policy explains how the European Proteomics Amyloid Network (EPAN), through the Local Organising Committee at the National and Kapodistrian University of Athens ("we", "us", "our"), collects, uses, and protects your personal data in connection with the 5th EPAN Meeting 2026 Athens ("the Event").

We are committed to protecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Greek Law 4624/2019.

1. Data Controller

The Data Controller for the personal data collected through this website is:

European Proteomics Amyloid Network (EPAN)
Local Organising Committee
c/o Department of Medicine & Proteomics Core Facility, National and Kapodistrian University of Athens
Panepistimiopolis Zografou, 157 71 Athens, Greece
Email: jcourraud@uoa.gr

2. What Personal Data We Collect

When you register for the Event, we collect:

Identity & Contact Information

First name and last name
Email address
Phone number (optional)
Postal address (for payment confirmation/invoicing)

Professional Information

Affiliation (institution/organisation)
Position/job title
City and country of workplace

Event-Related Information

Registration type selected
Dietary preferences and allergies
Special requirements or comments
Talk recording consent preferences

Payment Information

Payment transaction reference (from EveryPay)
Payment date and amount

                Note: We do NOT collect or store your full credit/debit card details. All card payments are processed securely by EveryPay, a PCI DSS Level 1 certified payment provider.
            

3. Purpose & Legal Basis for Processing

We process your personal data for the following purposes:

Purpose	Legal Basis (GDPR Art. 6)
Processing your registration and payment	Performance of contract (Art. 6(1)(b))
Sending confirmation emails and event updates	Performance of contract (Art. 6(1)(b))
Preparing name badges and attendee lists	Performance of contract (Art. 6(1)(b))
Catering arrangements (dietary preferences)	Performance of contract (Art. 6(1)(b))
Generating attendance certificates	Legitimate interest (Art. 6(1)(f))
Legal compliance (e.g., financial records)	Legal obligation (Art. 6(1)(c))

4. Data Sharing

We may share your personal data with:

EveryPay (payment processor) – to process your payment securely.
Venue and catering providers – limited to name and dietary information for event logistics.
EPAN Scientific Committee members – for event coordination purposes.

We do NOT sell, rent, or share your personal data with third parties for marketing purposes.

5. International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). If any data is transferred outside the EEA (e.g., to Scientific Committee members in non-EU countries), we ensure appropriate safeguards are in place in accordance with GDPR Chapter V.

6. Data Retention

We retain your personal data only for as long as necessary:

Registration data: Until 12 months after the Event, unless you request earlier deletion.
Payment records: 7 years (as required by Greek tax law).
Event photographs/recordings: Indefinitely for archival purposes, unless you object.

7. Your Rights

Under the GDPR, you have the following rights:

Right of access – Request a copy of your personal data.
Right to rectification – Correct inaccurate or incomplete data.
Right to erasure ("right to be forgotten") – Request deletion of your data.
Right to restrict processing – Limit how we use your data.
Right to data portability – Receive your data in a machine-readable format.
Right to object – Object to processing based on legitimate interests.
Right to withdraw consent – Where processing is based on consent.

To exercise any of these rights, please contact us at jcourraud@uoa.gr. We will respond within 30 days.

8. Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the:

Hellenic Data Protection Authority (HDPA)
Kifisias 1-3, 115 23 Athens, Greece
Website: www.dpa.gr
Email: contact@dpa.gr

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

Secure HTTPS encryption for all data transmission.
PCI DSS compliant payment processing via EveryPay.
Access controls limiting data access to authorised personnel only.
Secure storage of registration data.

10. Cookies

This website uses only essential cookies necessary for the functioning of the registration system and payment processing. We do not use tracking or advertising cookies.

Essential cookies include:

Session cookies – to maintain your session during registration.
Payment gateway cookies – required by EveryPay for secure payment processing.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. Significant changes will be communicated via email to registered participants.

12. Contact Us

For questions about this Privacy Policy or your personal data, please contact:

Dr. Julie Courraud
Email: jcourraud@uoa.gr
Department of Medicine & Proteomics Core Facility, National and Kapodistrian University of Athens