Privacy Policy and Personal Data Protection Policy of the Website
The Ministry of Climate Crisis and Civil Protection (hereinafter “MCCCP”) places great importance on the lawful collection, processing, use, security, and protection of your personal data. This Policy provides information in accordance with Articles 12–14 of the General Data Protection Regulation (EU) 2016/679 (hereinafter “GDPR”) regarding the processing of personal data. This applies regardless of the capacity in which you communicate or cooperate with us, for example as citizens, website visitors, public servants of Local Authorities (first and second level), civil protection volunteers, private individuals, or collaborating third parties.
The MCCCP acts as the Data Controller (hereinafter “Data Controller”) of the data processed during your browsing of the website https://edu.civilprotection.gov.gr and remains at your disposal for any clarification. Full contact details of the Data Controller are available on the official MCCCP website.
The processing of your personal data is carried out in accordance with the fundamental principles of personal data protection imposed by the GDPR and Law 4624/2019, namely lawfulness, fairness and transparency, data minimization, accuracy, purpose limitation, storage limitation, integrity and confidentiality, and accountability.
- The Website
The website https://edu.civilprotection.gov.gr provides asynchronous training on civil protection topics to personnel of ESKEDIK, employees of Local Authorities (first and second level), civil protection volunteers, and citizens, through login following identification and authentication to the digital training platform of the Civil Protection Academy (A.PO.P.). It also offers the possibility of electronic registration in the Register of Trainers of the Civil Protection Academy (A.PO.P.) and access to the Digital Repository of Training Programs. Access to certain services requires the creation of a user account and the provision of specific personal data, which are marked as mandatory or optional.
- What types of personal data do we process?
During the electronic completion and submission of the application for registration in the Register of Trainers, the personal data included in the application and its attached documents and supporting materials (full name, ID number, tax number, address, contact phone, email, degrees, employment details, etc.) will be processed by the Data Controller for the purpose of evaluating and approving the application, in order to include the applicant in the Register of Trainers. These data are indicatively categorized as identification data, contact data, professional and educational data, as well as platform usage data collected directly from the data subjects or through the platform systems during use.
Through the website, we may also collect non-personal identification information through the use of cookies. Cookies are small text files stored on your hard drive and may collect information such as IP address, device type, user preferences, and browsing data. Non-essential cookies are disabled by default. The use of non-strictly necessary cookies is carried out only after your prior consent through an appropriate mechanism, and you may withdraw or modify your consent at any time. During your visit, you may configure your browser to enable or disable cookies as you wish. If you do not wish cookies to be used for identification in certain services or pages, access to some services or features of the website may be limited.
You may find detailed information about the terms of use and the cookie policy by visiting the links:
Cookie Policy and
Terms of Use.
- Purpose of Processing Personal Data
The MCCCP, as Data Controller, as well as third parties acting on its behalf as processors, process your personal data exclusively either for your registration in the Register of Trainers or for your registration/login to the digital training platform of the Civil Protection Academy.
The purpose of processing your personal data for registration/login to the Digital Training Platform is your asynchronous training in civil protection topics and your evaluation in such training.
Your data are processed exclusively for the above purposes or, where applicable, for ensuring the security of MCCCP information systems through logging and monitoring potential incidents, compliance with legal obligations, or support of legal claims.
- Legal Basis for Processing
The MCCCP processes personal data collected directly from individuals during the application process in accordance with applicable data protection legislation (GDPR and Law 4624/2019).
Processing is based on Article 6(1)(c) GDPR (legal obligation), Article 6(1)(e) GDPR (task carried out in the public interest or exercise of official authority), and where required, Article 6(1)(a) GDPR (consent), particularly regarding cookies.
Where required, especially for non-essential cookies, processing is based on your consent under Article 6(1)(a) GDPR.
- Who has access to your personal data?
Access to your personal data is granted to authorized MCCCP personnel who have received proper training in secure data processing.
Additionally, access may be granted to cooperating companies, contractors, and partners acting on behalf of MCCCP (data processors), under contractual obligations in accordance with Article 28 GDPR.
Your personal data are not transferred or disclosed to third parties unless required by law or necessary for the proper functioning of the website.
Data may be disclosed to public and supervisory authorities where legally required.
- Transfer of Personal Data
Your personal data are processed exclusively within Greece. No transfers outside Greece are carried out.
- Automated Decision-Making / Profiling
We do not engage in automated decision-making or profiling based on your data (Article 22 GDPR).
- Data Retention Period
Personal data are retained only for the period necessary to fulfill processing purposes, in accordance with legal obligations and data minimization principles. After that period, data are deleted or anonymized securely.
- Links to Third-Party Websites
Links to third-party websites do not imply responsibility by MCCCP for their content, services, or data protection policies. Users are responsible for reviewing those policies independently.
- Data Security Measures
The Data Controller has implemented appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or alteration.
While no system can guarantee absolute security, MCCCP continuously updates its measures according to best practices and evolving threats.
- Your Rights as Data Subjects
Under GDPR (Articles 12–22), you have the following rights:
A. Right to information and transparency
You have the right to know how and why your data are processed and to request a copy.
B. Right of access
You may request confirmation and access to your data.
C. Right to rectification
You may request correction of inaccurate data.
D. Right to erasure (“right to be forgotten”)
You may request deletion under certain conditions.
E. Right to restriction of processing
You may request limitation of processing.
F. Right to object
You may object to processing under certain conditions.
You also have the right to data portability and to withdraw consent (e.g., for cookies) at any time.
- How to exercise your rights
You may contact the Data Protection Officer (DPO) at:
dpo@civilprotection.gr
or by mail:
Ministry of Climate Crisis and Civil Protection
37-39 Kifisias Ave., 15123 Marousi, Greece
(“For the attention of the Data Protection Officer”)
Responses are provided within one (1) month, extendable by two (2) months if necessary.
You may file a complaint with the Hellenic Data Protection Authority at:
https://eservices.dpa.gr/
- Changes to the Policy
This Policy may be updated as necessary and published at
https://civilprotection.gov.gr/.
Significant changes will be clearly communicated.
Last updated: April 6, 2026