ENGGR
icon_linkedin icon_fb

Terms of Use and Privacy Policy

Αρχική Σελίδα » Terms of Use and Privacy Policy

Privacy Notice
The Ministry of Labour and Social Security (hereinafter the “Ministry”), as the Data Controller, in the context of the operation of the mechanism for connecting talents/highly skilled professionals with highly specialized job positions via the digital platform REBRAIN GREECE (https://platform.rebraingreece.gr), collects and processes personal data.
This notice describes how the Ministry collects, uses, discloses, and protects the personal data of registered and unregistered users of the platform, in accordance with the General Data Protection Regulation (GDPR) and applicable national legislation.

Data Controller and Contact Information
Data Controller: MINISTRY OF LABOUR AND SOCIAL SECURITY
Address: 29 Stadiou Street, Athens – Postal Code 105 59
Legal Representative: Minister of Labour and Social Security

Data Protection Officer (DPO)
The Ministry has appointed a Data Protection Officer (DPO), whose contact details have been communicated to the Hellenic Data Protection Authority.
Data subjects may contact the DPO regarding any matter related to the processing of their personal data, as well as to exercise their rights.

Purpose and Legal Basis of Processing
The purpose of processing personal data is the development of a mechanism to enhance talents and connect scientific professionals, residing both in Greece and abroad, with job positions in highly skilled and specialized professions offered by private sector businesses operating in Greece.
The legal basis for data processing is:
Article 6(1)(c) of the GDPR, for compliance with the obligation to fulfill the Ministry’s responsibilities as defined in Article 20 of Law 5053/2023.

Categories of Personal Data
The personal data collected and processed are:

Network-related user data:

  • IP address
  • Browser type
  • Device identifier, provider, language, memory, installed applications, battery level

Registration form data:

  • First and last name
  • Profession
  • Tax office
  • ID card/Passport number
  • Email
  • Username
  • CV (as a file)
  • Preferences
  • Recommendations

Article 6(1)(e) of the GDPR, for the performance of a task carried out in the public interest through supporting the work of the Minister of Labour and Social Security in planning and exercising the Ministry’s responsibilities.

Data Collection Method
Personal data are collected directly from the individual when the user registers on the REBRAIN GREECE platform and completes the required information and/or uploads their CV. Users may also choose to share their profile or posts. User information, including display name and username, is always public.

1st method of data collection: User information is collected to improve the platform’s effectiveness according to its design.
2nd method of data collection: User information is collected to provide security for users regarding identity verification, account certification, protection against fraud, unauthorized use, and illegal activity.
3rd method of data collection: User information is collected to measure and analyze it for improving the platform’s effectiveness according to its design.

Data Sharing
Users’ personal data may be transferred to the following recipients:

  • Data Processors: Project contractors, as applicable
  • Third parties: Independent Authority for Public Revenue – IAPR
  • Recipients (anonymized data): Interoperability Center of the General Secretariat for Information Systems and Digital Governance, Public Employment Service (DYPA),
  • Other private entities/potential employers, as applicable

Data Transfer Outside the EU
No data transfers outside the European Union are performed.

Data Retention Period
After processing is completed, anonymized data are not deleted but archived for the public interest, in accordance with Article 89 of the GDPR.

Security Measures
The Ministry takes appropriate technical and organizational measures to ensure the security of personal data and protect it from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, including control of physical access and hardware security, limiting physical access only to duly authorized personnel.
Organizational measures include role and information management systems, employee access control, policies and procedures to ensure personal data protection, business continuity plans, data recovery procedures, incident and breach management policies and procedures, data protection policies and procedures, regular staff training, and a detailed Personal Data Protection Policy available on the Ministry’s website.

Data Subject Rights
Data subjects have the following rights:

  • Right of access
  • Right of rectification
  • Right of erasure (may not be fully enforceable)
  • Right to restrict processing
  • Right to object

Data subjects may exercise these rights by contacting the Ministry’s Data Protection Officer (DPO).

Privacy Policy Updates
This Privacy Policy has been drafted in the Greek language. It may be modified or revised periodically to reflect changes in legislation and the Ministry’s practices regarding data protection. Updated versions of the Privacy Policy will be published on this website with an indication of the modification date.