Privacy Policy

Platform privacy policy

The company ADACOM ADVANCED INTERNET APPLICATIONS S.A. with the distinctive title “ADACOM S.A.” located at 25 Kreontos Street, Athens, P.C. 10442 (hereinafter “ADACOM”, “Company” or “We”) has as its main priority the protection of the personal data it processes. The Company collects, maintains and processes personal data in accordance with the Regulation (EU) 2016/679 (hereinafter "General Data Protection Regulation - GDPR") and the Greek legislation on personal data protection. The present Privacy Statement describes how personal data is processed, the purpose of the processing and its use, as well as your relevant rights under applicable law.

The Controller of your personal data, within the meaning of the GDPR, is ADACOM.

1. Definitions

The following definitions are provided for the convenience of the user and are derived from the text of the GDPR on the processing of personal data:

  1. “controller”: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data
  2. “processor”: the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller
  3. “personal data”: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
  4. “processing”: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction

2. Categories of personal data

At ADACOM we collect only the absolutely necessary data, which are appropriate and clear for the purpose for which they are intended. The data include the following:

Customer data

If you are either a customer of any of our products or services or simply a visitor to our website, we assure you that we do not collect your personal information unless you provide it to us on your own initiative by filling out the relevant form. This information may include: contact information, such as first name, last name, postal address, email address, telephone number, etc.; shipping and billing information, such as credit/debit card and payment information and information you provide to us to obtain technical assistance.

Data of our customers' executives, suppliers and partners and data processing in the context of implementing projects and providing services:

In the context of our cooperation with our customers and suppliers, we may be provided by them with information about their executives, such as their full names, contact details and position or role of their executives, for the purpose of executing the contract between us, managing projects or the provision of services that we jointly implement. In addition, in the context of project execution, the Company may process personal data to the extent required for the provision of services, as agreed and described in the Personal Data Processing Agreements with the client.

Data when creating a user account on the platform

If you choose to create a user account on this platform, we collect your full name, email and telephone number. Moreover, depending on the service you use, we collect:

  • CyberGame (Training Platform): prrogress data (scores, completed labs, performance metrics) and technical data (IP address, system logs, session data);
  • CyberHygiene (Awareness Questionnaires): questionnaire responses (stored in anonymized form, without linkage to identifiable individuals)

3. Purpose of processing of personal data

The collection and processing of personal data is carried out exclusively to the extent and degree necessary for the performance of the following processing purposes, as the case may be:

  • To provide access to the CyberGame platform and manage user accounts
  • To deliver and evaluate training activities, including tracking progress and performance
  • To provide access to CyberHygiene questionnaires and analyze results in anonymized form
  • To improve the quality and effectiveness of training services
  • To ensure platform security, prevent misuse, and detect unauthorized access
  • To provide technical support and respond to user requests
  • To comply with legal obligations and enforce our legal rights

4. Recipients of the data

Access to the personal data processed by ADACOM is granted to the Company's personnel, that are bound to confidentiality obligations, as well as, where applicable, to the personnel belonging to the same group of companies, depending on the type and purpose of the processing. In addition, ADACOM may use external partners to carry out the processing on its behalf ("processors"), always in the manner required by the applicable personal data protection legislation. The external partners we use are bound by a contract for the protection of personal data and they further undertake confidentiality obligations, as defined by the relevant legislation.

In principle, we do not transfer any personal data outside the European Economic Area (EEA). If, for any exceptional reason, we need to transfer your personal data outside the EEA, we will do so only in accordance with appropriate requirements and safeguards and only to recipients that ensure an adequate level of protection of personal data and in any event in accordance with the provisions of Articles 44-49 of the General Data Protection Regulation [Regulation (EU) 2016/679 (GDPR)].

5. Lawfulness of processing

The Company processes your personal data as described above by virtue of:

  • your consent to the processing of your data for one or more specific purposes (Art. 1 (a) GDPR).
  • a contract and/or agreement you have entered into with the Company to serve the purposes of that contract/agreement (Art. 6 para. 1 (b) GDPR).
  • safeguarding ADACOM's legitimate interests (Article 6(1)(b) of the GDPR).
  • the purposes of complying with its legal obligations (e.g. in case of compliance with warrants issued by courts or public authorities, etc.) (Art. 1 (c) GDPR).

6. Cookies

ADACOM may also automatically collect information about you when you visit our websites using cookies. Cookies are small text files that are stored by the browser on your computer or mobile device when you visit a website. Cookies allow web applications to tailor their functions to your needs by collecting and remembering information about your preferences.

What are cookies?

Cookies are small text files that are stored by your browser on your computer or mobile device when you visit a website. The information stored on your computer may contain information about your use of the websites you visit, the date and time of your visit, the type of your browser, a random and unique user identification number etc.

Cookies are widely used to make websites work better and more efficiently. The latter is achieved because websites can store and read useful information so as to provide each user with the best possible browsing experience. In addition, through cookies we can see the performance and traffic of our website, improving its presentation and content according to the preferences of our visitors.

Which Cookies we use?

Our website uses cookies to manage login sessions, session integrity, to tailor the content displayed to users in order to meet the interests of each user, and to compile anonymous, aggregated statistics that allow us to understand how the public uses our website in order to improve its structure and content. Below you can find a more detailed overview of the categories of cookies we use and for what purposes:

  • Strictly necessary cookies which are essential for the optimal operation of the website, allow you to browse the website and use its features, such as accessing secure areas. Without these cookies, we cannot offer effective operation of our website, so they must be pre-selected. Necessary cookies do not recognize individual identification.
  • Preference cookies which enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in and allow you to create a list with everything you desire. Such cookies are saved for as long as your browsing lasts.
  • Statistics cookies that help the website owners understand how visitors interact with the web pages collecting information and reporting it anonymously with the sole purpose of improving website functions. Such cookies are used by us or by third parties on our behalf.
  • Marketing cookies which aim to offer you content that would match your interests. The cookies track your preferences to provide you with the most relevant advertising or entries beyond our websites. Such cookies are used by us or by third parties on our behalf.

How to manage Cookies

When visiting our website for the first time, a banner appears on the lower part of the screen which informs that our website uses cookies. The banner provides a link for further information. If the user chooses to ignore the notice and continues using the website, ADACOM will not store a cookie on the hard disk of the user’s computer to register the choice, and upon the following visit to the website, the approval to the use of cookies will be asked again. Only in case of acceptance the banner will not appear when visiting the website again, without prejudicing the possibility of deleting the cookies at any time, changing the settings of the browser.

Besides the technical necessary cookies which are mandatory, all other categories require your consent prior to use. Therefore, these categories are not pre-selected and you may freely choose any category you wish in any level of cookies analysis you opt for.

Also, you may change your browser’s setting to delete cookies that have already been stored and to not accept new cookies. To learn more how to do this, visit the help pages of your browser.

Links to sites provided by others

If you follow a link from our website to another website that is not owned by and not related to ADACOM, then ADACOM's Cookie Policy ceases to apply, as the corresponding policies of the new website you are visiting will apply. We encourage you to read these Policies, as we are not responsible for how cookies work on this new website that is not associated with ADACOM.

Changes to the Cookies Policy

Our policies and procedures are under continual review. We may, from time to time, update our cookies policy. Any such changes will be posted on this page.

7. Retention period of personal data

Your personal data is retained for the period of time provided for by the applicable legislation and for as long as there is a need to carry out actions necessary to achieve the purpose(s) of the processing. At the end of this period, your personal data will be securely deleted.

Data of ADACOM's customers and partners regarding the implementation of projects and the provision of services/products:

Personal data may be processed during the provision of our services, which will be deleted within a reasonable time after the completion of the delivery of services, unless otherwise contractually agreed or unless a longer retention period is required or permitted by law..

8. Your rights

ADACOM facilitates the management of your personal data and the exercise of your rights in accordance with the applicable national and European legislation. In particular, your rights are the following:

Right of Access: You have the right to be informed by our Company whether we process and maintain your personal data. If the answer you receive is affirmative, you may submit a request to obtain information about the processing, its purpose, the type of data, the recipients of your data, the period of retention, the existence of automated decision-making, as well as the possibility of exercising your other rights, such as rectification, erasure, restriction of processing, opposition to the processing carried out, lodging a complaint to the relevant Data Protection Authority and so on.

Right to Rectification: You have the right to request the rectification of inaccurate or incomplete personal data.

Right to erasure: Furthermore, in the event that the data we hold is no longer necessary for the purposes for which it was collected or in the event that your consent is withdrawn or, in general, if there are no longer legitimate reasons for maintaining them, you may request their erasure.

Right to restriction of processing: Where the cases of Article 18 of Regulation (EU) 679/2016 on the protection of personal data apply, you can request the restriction of processing.

Right to data portability: You may request to receive your data in a readable format or transfer your data to another controller in case this is feasible.

Right to object: You can object to the processing of your data and request its termination. Your request may be refused by the controller in the event that there are demonstrable legitimate grounds for processing that override your right to object.

Right to revoke your consent: In the event that your data is processed on the legal basis of your consent, you can revoke it at any time in order to stop the processing of data carried out on the basis of it.

You may submit your request by sending an email to dpo@adacom.com or by post to the address given below. ADACOM will respond to your request, depending on its merits, within 30 days. If for any reason we refuse to comply with your request, we will provide you with a detailed and reasoned response.

Finally, if you believe that your rights have been violated, you have the right to lodge a complaint to the relevant Data Protection Authority at the following details: Address: 1-3 Kifissias Avenue, Athens, P.C. 11523, Contact Phone: 210 6475600, Email: contact@dpa.gr

9. Data security

ADACOM implements all appropriate technical and organizational measures to ensure the protection of your personal information. We use sophisticated technologies and security procedures to protect your personal information from unauthorized access, use or disclosure. The personal information you provide is stored in a controlled, secure environment, protected from unauthorized access, use or disclosure, e.g. we encrypt all data you submit when ordering our products or services using the Secure Sockets Layer (SSL) protocol. Moreover, our information security procedures are audited annually by an internationally recognized auditing company.

10. Links to other websites

Our website may contain links to other websites of interest. However, when you use these links and leave our site, you should note that we have no control over other sites you visit. Therefore, we cannot be responsible for the protection and privacy of the information you provide when you visit them as these sites are not governed by this Privacy Statement and are outside the sphere of ADACOM's responsibility. You should be careful and read the privacy statement for the protection of personal data applicable to that site.

11. Protection of minors

ADACOM is committed to protecting the privacy of children. Our website does not address or knowingly collect information from children under the age of 18. In the event that we determine that we have collected personal information from a child without verified parental consent, we will delete that information as soon as possible.

12. Changes to this Privacy Policy

ADACOM may modify this Privacy Policy and its related practices at any time. We encourage you to periodically check this page for the most current information about our privacy practices. This Privacy Policy was updated on 13th January 2025.

13. Contact Information

There are the following options if you wish to contact us, make a complaint or manage your account details:

  • You can send us your request in writing to the following postal address: Kreontos Street 25, P.C. 10442 Athens, Greece.
  • You can call us at: + 30 2105193700
  • You can send an e-mail to: dpo@adacom.com