Last updated: 20.11.2025.
This Privacy Policy explains how your personal data is collected, processed and protected when you use this online learning platform (“Platform”). The Platform is fully committed to complying with the EU General Data Protection Regulation (GDPR) and all relevant EU data protection laws.
By creating an account, participating in courses or contacting us, you acknowledge that you have read and understood this Privacy Policy.
Data controller
The Data Controller for all processing activities on this Platform is:
Panteion University of Social and Political Sciences
136 Syngrou Avenue
176 71 Athens
Greece
Website: https://www.panteion.gr/en/
Project partners who contribute to the delivery, administration or evaluation of the CPD programme may act as Joint Controllers or Data Processors, strictly under GDPR-compliant agreements.
Personal data we collect
We collect only the data necessary for secure access, course participation and communication.
1. Data you provide directly
Sign-up data:
- Username
- Email address
- Password (encrypted)
Contact form data:
- Name
- Your message or inquiry
2. Technical data collected automatically
The following technical data may be collected automatically through server logs and Platform functionality:
- IP address
- Browser and device information
- Session identifiers
- Authentication cookies
- Login timestamps
No analytics, advertising or external tracking tools (such as Google Analytics, Meta Pixel or Hotjar) are used.
3. LMS and user activity data
Because the Platform includes a user dashboard and Learning Management System (LMS) features, we also process:
- Course enrolment information
- Learning progress and lesson completion
- Assignment, quiz and other submissions
- Certificates earned
- Login history and system notifications
4. Special category data (mental-health-related)
Some learning activities involve personal reflections on eco-anxiety, emotional responses to climate change and other wellbeing-related content. These activities may include:
- Emotional reflections related to climate issues
- Eco-anxiety or climate-related stress self-assessments
- Written responses in exercises about mental health and resilience
This information may relate to mental health and is classified as special category data under Article 9 GDPR. Such data is processed only when you voluntarily submit it and always on the basis of your explicit consent.
Legal basis for processing
Your personal data is processed on the following grounds:
- Contract performance (Art. 6(1)(b) GDPR) – to provide you with access to the Platform, courses and services.
- Explicit consent (Art. 6(1)(a) & Art. 9(2)(a) GDPR) – for emotional or mental-health-related submissions.
- Legitimate interest (Art. 6(1)(f) GDPR) – to maintain security and integrity of the Platform, prevent misuse and deliver quality service.
- Legal obligation (Art. 6(1)(c) GDPR) – to comply with EU-funded project reporting and audit obligations.
Cookies
The Platform uses only cookies that are necessary for its operation, including:
- Session cookies for login and authentication
- Cookies required for course access and LMS functionality
The Platform does not use:
- Analytics cookies
- Advertising or marketing cookies
- Third-party behavioural tracking tools
You may manage cookies through your browser settings. However, if you disable essential cookies, some parts of the Platform may not work properly.
How we use your data
Your data is used exclusively to:
- Create and manage your user account
- Provide access to modules, lessons and learning materials
- Track your progress and issue certificates
- Respond to your inquiries via contact form
- Ensure technical stability and security of the Platform
- Comply with reporting and audit obligations of the EU-funded project
Your data is not used for marketing, profiling or commercial purposes.
Who has access to your data
Access to your personal data is restricted to:
- Platform administrators responsible for technical and user management
- Authorized project partners involved in course delivery and evaluation
- The hosting provider (Hostinger), with servers located in the European Union (Lithuania, the Netherlands or Germany)
No other third parties have access to your data. It is not sold, rented or shared for external marketing.
Email communication
The Platform may send essential email notifications such as:
- Registration confirmation
- Password reset
- Course enrolment or progress notifications
- Important system updates
These emails are strictly functional and not used for marketing.
User rights under GDPR
You have the following rights:
- Right of access – to receive a copy of your personal data.
- Right to rectification – to correct inaccurate or incomplete data.
- Right to withdraw consent – at any time, without affecting prior lawful processing.
- Right to erasure – to request deletion of your data in certain circumstances.
- Right to restriction of processing – in specific cases.
- Right to data portability – to receive your data in a structured, commonly-used format.
- Right to object – to processing based on legitimate interest.
- Right to lodge a complaint – with a Data Protection Authority if you believe your rights are violated.
To exercise any of these rights, please contact: rectorate@panteion.gr
Account deletion
You may delete your account through your dashboard, or request deletion by reaching out to rectorate@panteion.gr.
After deletion, personal data and learning history are removed unless retention is required for legal or project purposes.
Data retention
We retain your data only as long as needed to:
- Provide you with access to the Platform and services
- Record your participation and completion of courses
- Meet legal, contractual and audit requirements under the EU-funded project
Special category data (emotional reflections) is processed only with consent and may be anonymised for research or reporting.
Data security
We implement strong technical and organisational measures to protect your data, including:
- SSL encryption
- Secure EU-based servers
- Encrypted password storage
- Role-based access control
- Regular security updates and monitoring
Changes to this privacy policy
This Privacy Policy may be updated periodically to reflect legal, technical or operational changes. The most recent version will always be accessible on the Platform.
Contact
For any queries about this Privacy Policy, please contact:
Panteion University of Social and Political Sciences
136 Syngrou Avenue
176 71 Athens
Greece
Email: rectorate@panteion.gr
Website:
Announcements