Privacy Policy

“Integrated State Aid Management Information System (iSAMIS)”


Purpose of the Privacy Policy


1.1. The Integrated State Aid Management Information System (iSAMIS) Website, www.opske.gr (hereinafter “the Service” or “the Website”), is under the auspices of the Ministry of Economy and Finance. The Ministry of Economy and Finance has implemented iSAMIS and put it into productive operation for the purpose of managing state aid actions, and acts as Controller of personal data collected from you and further processed during your visit to the iSAMIS Website and your use of the Service. 

1.2. This Privacy Policy is aimed at informing you in a transparent manner about the processing of your personal data when you visit the website of the Integrated State Aid Management Information System (https://opske.gr) (the “Website”). The Ministry of Economy and Finance respects the privacy of users of and visitors to the iSAMIS website. For this reason, within the framework of the applicable national and EU legal framework governing the protection of personal data – in particular the EU General Data Protection Regulation [Regulation (EU) 2016/679 (GDPR)], Laws 4623/2019 (Α’134) and 4624/2019 (Α’137) – it discloses this lawful, reasonable and transparent privacy policy for the purpose of providing visitors to and users of the Website (“data subjects”) with adequate information about the personal data it collects and further processes.

1.3. The full details of the Ministry of Economy and Finance are:


Ministry of Economy and Finance

Address:      5-7 Nikis St., Syntagma, Athens GR-10563
Telephone:     + 30 210 333 2000 
Email:         ministeroffice@minfin.gr 

Definitions


For the purposes of this document, the following definitions apply:


“Personal Data”: any information relating to an identified or identifiable natural person (“data subject”); the identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors assignable to the physical, physiological, genetic, psychological, economic, cultural or social identity of the natural person in question.


“Special categories of personal data”: personal data revealing racial or ethnic origin, political opinions, religious or philosophical convictions or trade union membership, as well as the processing of genetic data, biometric data for the purpose of indisputably identifying a person, health data or data concerning the sex life of a natural person or sexual orientation.
 

“Processing”: any act or set of acts which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
 

“Anonymisation”: the processing of personal data in such a way that the data can no longer be attributed to a specific data subject. 
 

 “Pseudonymisation”: the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of supplementary information, provided that such supplementary information is kept separately and is subject to technical and organisational measures in order to ensure that it cannot be attributed to an identified or identifiable natural person.
 

“Controller”: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; when the purposes and means of such processing are determined by EU or Member State law, the controller or the specific criteria for appointment of such may be provided for by EU or Member State law. 
 

“Processor”: the natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
 

“Consent” of data subject: any freely given, specific, express and informed indication of intention by which the data subject expresses his or her agreement – by means of a statement or a clear affirmative action – to the processing of personal data relating to him or her.
 

“Personal Data Breach”: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
 

“Existing legislation”: The provisions of the existing Greek, EU or other legislation to which the Ministry of Economy and Finance is subject and concern personal data protection issues, such as, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation - GDPR), and its enacting Law 4624/2019 (Α’137) and Law 4623/2019 (Α’134).


Personal Data Collected and Collection Method 


The Ministry of Economy and Finance, in the context of its services and operations, may collect personal data of its visitors, as well as of other natural persons with whom it transacts through the iSAMIS website. More specifically, it may collect the following: 


3.1 Data collected through the Website (https://opske.gr)

  • Data automatically collected during visits to the website

Through web infrastructure and software applications, the Website provides visitors and users with information services and technological applications related to the development interventions of the 2021-2027 Programming Period. Simply browsing does not require the visitor to provide/enter personal data. However, during a visit to and browsing of the Website, certain information can be automatically collected that can directly or indirectly identify you, such as:

  1. the internet protocol (IP) address of your computer;
  2. browser type and operating system;
  3. connection speed and information about the software programs installed on the computer;
  4. basic server connection information. 
     
  • Data from ordinary registered users collected during the use of iSAMIS

Ordinary registered users are those who have completed their registration with the iSAMIS system. Ordinary registered users are the Coordinator, the Officers of the Managing Authority/Intermediate Body [hereinafter MA/IB (operational users)], the Evaluators from the Evaluators’ Register, the MA/IB Evaluators – Members, the Call Managers, the Members of an Advisory Committee and the Members of the Objections Committee, the Experts, the Beneficiaries. Should the user, following registration with the Service, wish to electronically submit a request to participate in an available programme of the 2021-2027 Programming Period, the Website shall collect the data entered by the user for this purpose, depending on the conditions of the programme.

For more detailed information on the collection and processing of personal data through the Integrated State Aid Management Information System (iSAMIS), click here.
 

 

  • Data collected from the “HELPDESK” contact form

When you choose to contact us using the “HELPDESK” electronic contact form available on the Website, you will be asked to provide certain information, such as name, surname and email address, information about the Project (optional), as well as any further information you provide us with by filling in the field within “HELPDESK”. 
Purposes of processing-Legal basis: We collect the information you provide us with through the contact form for the sole purpose of serving you and of contacting you in response to your request. The legal basis for processing is the legitimate interest of the Ministry of Economy and Finance in facilitating communication with the public and processing the requests it receives in relation to iSAMIS.
 

  • Internet Technologies

During your browsing of the Website, the Ministry of Economy and Finance may collect certain necessary information related to traffic on the Website, such as the visitor’s internet protocol address (IP address) and the type of browser being used.
Purpose of processing – Legal basis: We collect the above information for reasons of functionality and optimum performance of the Service’s website. 
 

  • Cookies

Cookies are small text files with information, which are stored by the server of a website on the terminal device (computer, mobile phone, etc.) of a visitor/user during their navigation of the website.
 During your browsing on the iSAMIS website, Cookie technologies are not used. The Ministry of Economy and Finance, as the provider of the website, does not store any cookies when you enter the website (first-party cookies). In case of redirection from the Website to a third-party website, please refer to the applicable privacy policy and cookies of the given website.


Disclaimer for Third-Party Websites


Links may be provided on the Website and redirect the user to third-party websites. The Ministry of Economy and Finance does not control these third-party websites and is not responsible for the content posted on them or on further links that appear on them. The Ministry of Economy and Finance is not responsible for the privacy practices of third parties or for the content of third-party websites.


Transfer to Third Parties

The Ministry of Economy and Finance may transmit the above data to other public and/or private bodies in order to achieve its purposes and perform its duties and responsibilities, especially since this is provided for by Existing Legislation as its obligation or, alternatively, in accordance with the guarantees provided for in Existing Legislation. More specifically, in the context of achieving the processing purposes referred to above, data may be transmitted (i) to third, partner companies that provide the Ministry of Economy and Finance with relevant services (such as IT service providers, etc.). These companies are bound by contracts with the Ministry of Economy and Finance to ensure the obligation of confidentiality as well as all the obligations provided for in the GDPR; and (ii) public authorities and other independent authorities [e.g. General Secretariat for Information Systems, Police Departments, the General Commercial Registry (GEMI), Prosecuting authorities, etc.]. 
Transmission is not made to a state outside the European Economic Area or to an International Organisation. iSAMIS is hosted on the infrastructure of the Management Organisation Unit of Development Programmes SA, which is based within the European Union, and in which all data processed during the operation of iSAMIS is stored.


Data Protection and Security


To prevent unauthorised access, maintain data accuracy and ensure proper use of Data Subjects’ personal data, the Ministry of Economy and Finance has taken organisational, logical and physical measures to protect personal data. However, it should be stressed that no method of transmission via the internet or method of electronic storage is 100% secure. However, all necessary digital data security measures (antivirus, firewall) are taken.
Originals or copies of documents containing personal data of natural persons are kept in a physical file in a manner that ensures their security from both unauthorised access (e.g. lock, alarm system, transmission in sealed envelope, classification as confidential) and damage or destruction (e.g. fire protection system, storage in flood-proof lockers).


Rights of Personal Data Subjects


The Ministry of Economy and Finance ensures that Data Subjects can exercise the rights granted to them by EU and national legislation regarding the collection and processing of personal data. Please note that each Subject may at any time exercise their rights regarding the processing of their personal data as set out in the Existing Legislation. These rights are as follows:
I. The Right of access to data, so that subjects may be informed as to what personal data of theirs are being processed, why the data is processed, and any recipients thereof.
II.    The Right to rectify data in order to correct any errors, inaccuracies or deficiencies in subjects’ data.
III.    The Right to erasure of data (“right to be forgotten”), in order, under the conditions of the Regulation, to delete data subjects from the files that are kept.
IV.    The Right to restrict data processing if the accuracy of the data is contested, if the right of objection has been exercised and the decision is pending, and if the data is no longer necessary for the original purpose, but for legal reasons cannot be deleted yet.
The Ministry of Economy and Finance, as a data controller, may refuse to comply in whole or in part with a relevant request it receives from the data subject, only when this option is provided for by the Regulation or national law.
Requests relating to the exercise of the rights under points I, II, III and IV above shall be examined within a deadline of one (1) month from receipt of the request. This deadline may be extended by two (2) more months, if required, if the request is complex or there are a large number of requests. 
Data subjects may address their requests to the Personal Data Protection Officer of the Ministry of Economy and Finance at the email address dpo–minfin@minfin.gr.
For any complaint you have regarding this policy or privacy issues, if you consider that we have not met your request, you may address your complaint to the Hellenic Data Protection Authority, whose details are as follows:

  • Authority website: www.dpa.gr 
  • Address: 1-3 Kifissias Avenue, P.C. 115 23, Athens. 
  • Telephone: 210 6475600
  • E-mail: contact@dpa.gr

Period of Data Retention


The personal data collected are retained for a predetermined and limited period of time, depending on the purpose of processing, after which the data are deleted from our records, unless a different retention period is provided for or permitted under applicable law.
In particular, records regarding aid falling under the scope of Regulations (EU) 2013/1407, 2013/1408 and 717/2014 of the European Parliament and of the Council are required to be maintained for ten (10) fiscal years from the date on which either the aid was granted or the last individual aid instalment was provided.


Privacy Policy Updates


The Ministry of Economy and Finance may amend this Privacy Policy from time to time so that it complies with regulatory changes and/or to optimise its operations and services. Updated versions of this Privacy Policy will be posted on the website of the Ministry of Economy and Finance with the date of the update indicated in order to show which is the most recently updated version.

Last revised: January 2024