The general principle of Critical Path is that it does not record or use any sensitive personal data such as political or religious beliefs. In terms of personal data such as email, telephone, financial and professional data, Critical Path records and processes only what is legally required (eg to issue documents) and what is required for its effective operation (e.g. data of those who participated in training seminars and certification exams).
This GDPR policy is posted on the company's corporate website. Critical Path does not record users of its corporate site (www.criticalpath.gr). Anyone who communicates with the company through the corporate website, does so on his own, whether to enroll in a seminar or to request information. The communication is made with the corresponding form on which there is a link to this policy. The personal information required for communication is:
The above information is required to facilitate communication and information for stakeholders. These items are not automatically used to enter a newsletter unless they explicitly request communications. Critical Path uses the services of the online Google Analytics platform, which provide fully anonymous information for users of the corporate website. Data such as what are the most popular websites, how long users stay on the site, whether accessed by computer or mobile, but no personal data such as, for example, name, email, etc.
Critical Path records only those personal data that are necessary for the implementation of its services. These data are communicated to each participant, provided they are provided by the participant itself. These elements concern:
The above data concerning the issue of financial documents are kept (eg in the block of invoices) according to the requirements of the law. Participants in the seminars sign in the seminar attendance logs so that they have a record that they actually participated, so they can get the corresponding tracking certificate or pass certification exams.
From time to time, Critical Path can send emails and newsletters that are exclusively related to its professional activities. These messages may be addressed to those who have signed up for themselves in our newsletter (eg through some form of communication or interest), as well as other professionals who can benefit from the company's services.
In any case:
• The recipient of any message or newsletter knows the sender and can contact them for clarification or can be immediately deleted from any further communication
• The contact information used is effectively safeguarded by the company, it is not communicated to any third party and is not used for purposes other than professional information about the company's activities.
Personal data in physical form (eg, presentations, documents) are kept in a safe place within the company. This space is separate, locked, and only accessible to anyone. No participant has access to the information of other participants. Electronic data (e.g., participation requests) are stored on a specific computer, only accessible to those required. Both this computer and every computer is protected by a strong password.