Version 1.2

Who we are

Our website address is: https://omcentre.gr/.

Comments

Only logged in users may leave comments. When users leave comments on the site we collect the data shown in the comments form, and also the user’s IP address and browser user agent string to help spam detection.

An anonymous string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture may visible to the public in the context of your comment.

Media

Visitors to the website can download and extract data from images on the website.

Users that logon to the website via “social media login” may find that their profile pictures are accessible to robots and other download agents.

Cookie Policy

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, login cookies will be removed.

If you login using Social Login via Google or Facebook, a cookie will be created to use the social login authorization flow. This cookie is required for every provider to secure communication and to redirect the user back to the last location.

Only logged in users can edit or publish a comment, and an additional cookie will be saved in the visitors browser. This cookie includes no personal data and simply indicates the post ID of the article just edited. It expires after 1 day.

We use anonymous cookies to prevent visitors from seeing page popups on each page visit in an attempt to make our users experience more pleasant while still delivering time sensitive messaging.

Embedded content from other websites

Pages and articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Our social login plugin collects data when a visitor logs in or links an account with any of the enabled social providers. It collects the following data: email address, name, social provider identifier and access token. Also it can collect profile picture.

We may contact our users through Mailchimp. The Mailchimp privacy policy applies when campaigns are sent to users.

To prevent unauthorized logins and denial of service attacks, this site is protected by reCAPTCHA. Google Privacy Policy and Terms of Service for reCAPTCHA v3.0 apply.

What personal data we collect and why we collect it

This is a mixed private (also known as private mode) and public site (also known as public mode). Access to the private mode of the site is by invitation only. There is no public registration. Therefore, there are two types of consumers of the site’s content, users, who use the private mode of the site, and visitors, who use the public mode of the site. For visitors, the site collects no personal data excepting cookies used to improve functioning of the site as stated above, see section “Cookie Policy”. When a visitor navigates to the site, the site is considered to be entirely in public mode.

Registered users have access to the private mode of the site and have agreed to our Terms of Service. When a user logs on using their credentials, the site is considered to be in private mode. During the private, invitation only, signup process, we collect an email address, first and last names and other optional personal details that are used for site operation and marketing purposes.

Our login screen includes standard user name and password login, and a social login option that replaces the login process. The social login process automation collects email address, first and last names, locale, profile URL, and a profile picture from the identity returned by the social login provider. Email address, first and last names are used for site operation and marketing purposes. Profile picture is only used to present the logged in user with a profile photo when they view their dashboard, or when submitting comments, see section “Comments”. Locale and profile URL are not used or retained.

When registered users log in, the system will collect their IP address and anonymize it before storing it to the database. Additional data such as login time and number of logins will be stored for analytical and security reasons.

See section “What rights you have over your data” below for how a registered user can manage or request deletion of their personal data.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

Our social login workflow stores personal data on our site and does not share it with anyone except for access tokens which are used for authenticated communication with social providers.

Registered users’ email addresses and full names are shared with Mailchimp in order to provide access to our newsletter.

How long we retain your data

Only registered, logged in users may leave comments. If they do so, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

We store personal information provided in user profiles indefinitely. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. Subscriber information is retained in the local database indefinitely for analytic purposes and for future export. Data is retained until requested or user has been deleted.

Our social login workflow removes collected personal data when the user is deleted from our system.

What rights you have over your data

If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Please send an email to admin@omcentre.gr with your username, and what action you would like to be performed. We will review your request and contact you to confirm your rights to complete the action.

Where we send your data

Logged in user comments may be checked through an automated spam detection service.