Information regarding personal data processing

Who this privacy statement applies to

Deloitte Business Solutions Société Anonyme of Business Consultants”, with the distinctive title “DELOITTE BUSINESS SOLUTIONS S.A.” (hereinafter “Deloitte”, “we”, “us” or “our”), herein informs you that it will proceed to the processing of your personal data for the purposes of your participation in the “Financial Crime Symposium” (hereinafter the “event”) that will take place during September 2023 at Athens Conservatoire (hereinafter the “host”).

Purposes regarding the processing of your personal data:

For the purposes of your participation in the “event”, Deloitte will process personal data that may contain your general identification information (name, surname), contact information (phone number, email address), as well as your image and a footage of you taken during the “event”.

If you do not wish to be photographed and/or video recorded, you are kindly requested to inform, upon your arrival, our personnel at the entrance of the event.

Deloitte may use the aforementioned photographic material for posts in our Social Media Accounts (Facebook, Instagram, LinkedIn, YouTube) and/ or Deloitte’s intranet site. In addition, we will also provide the photographic material to the host for educational and archival purposes.

We will use your personal data strictly based on the consent you provide to us for the purpose described above.

Legal basis for the processing:

The legal basis for the processing is your consent (art. 6 par.1a GDPR) for the specific purpose of your participation in the “event”. In such case, you may revoke your consent at any time by sending an email to the Firm’s DPO at DataPrivacyOfficer@deloitte.gr as it is clearly stated in the present privacy notice. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Who we disclose your information to?

When it is necessary to perform the purpose outlined above by use of appropriate partners, we may disclose your personal data to:

  • “Awapai Ltd”, the provider of “Eventora” platform which will be used for your registration in the event may process personal data containing your general identification information (name, surname) and contact information (phone number, email address).
  • Authorized personnel of Deloitte may also process personal data containing your image (i.e., photographs and a footage of you taken during the event) through our Social Media Accounts (Facebook, Instagram, LinkedIn, YouTube) and/ or our Intranet site.
  • Other members of the Deloitte Network and entities that provide services to us and/or the Deloitte Network.
  • The Athens Conservatoire, the host of the “event”, for educational and archival purposes. As the Athens Conservatoire acts as an independent controller, for more information regarding its processing of your personal data, you are kindly requested to contact the host directly through the communication channels found on its official website.

 Further details of the transfers described above and the applied safeguards are also available from us by contacting DataPrivacyOfficer@deloitte.gr.

Please note that some of the recipients of your personal data mentioned above may be based in countries outside the European Economic Area. In such cases, we will ensure that there are adequate safeguards in place to protect your personal data, which comply with our legal obligations and applicable legislation, and we also commit to inform you before any data transfer outside the EU.

In all cases, we may be requested to disclose your personal data if required to do so by law, a regulator or during legal proceedings.

Protection of your personal information

We have in place reasonable commercial standards of technology and operational security to protect all personal information processed for the purpose of conducting the “event” from unauthorized access, disclosure, alteration or destruction. Only authorized personnel, who has been made appropriately aware of our privacy obligations, is provided access to personal information.

How long we keep your information for?

We will store your personal data in our systems for two (2) years after the
completion of “the event” and shall thereafter proceed to their final erasure,
without retaining any copies. You herein declare that Deloitte shall not be
liable for any claims for any cause, after the erasure of your personal data
following the lapse of the abovementioned period. 

Your rights

To exercise your rights of access, rectification and erasure of personal data or restrict the way we process them, as well as to withdraw your consent to our processing of your personal data or make a complaint to us relating to your privacy or if you have any other questions about our use of your personal data, please send an email to the Firm’s DPO to the following email address: DataPrivacyOfficer@deloitte.gr. We will make every possible effort to respond as soon as possible and in any case within the 30 day time limit or as set out in law.

You always have the right to file a complaint before the competent supervisory authority, which in Greece is the Hellenic Data Protection Authority (HDPA), by following the instructions found on the HDPA’s website.

However, should you have a complaint or question, it is advisable to contact the Firm first, in order to try and solve the matter amicably. 

Did you find this useful?