English (Ireland) 
Italiano 
Ελληνικά 
Nederlands 
Suomi Privacy Policy
Privacy Policy – University of Patras
Last updated: July 20, 2025
1. Data Controller – Contact Information
The University of Patras is the Data Controller for all personal data processed in the context of its official mission as defined by the Greek Constitution, higher education law, and the University's internal regulations.
Address: University Campus, Rio, Patras, GR-26504
Phone: +30 2610 962855
Email:
The appointed Data Protection Officer (DPO) is Ms. Niki Georgiadou, with a three-year term starting from 19 September 2024.
The processing of personal data is conducted lawfully, fairly, and transparently, with specific and legitimate purposes, minimal data collection, data accuracy, secure storage, and accountability.
2. Purpose and Legal Basis for Data Processing
The University processes personal data without the subject’s prior consent only when it is:
- Necessary for the performance of tasks carried out in the public interest
- Executed in the exercise of official authority vested in the University
- Covered by a specific legal basis
Personal data includes any information—whether in paper or electronic form—that can directly or indirectly identify a natural person. Examples include:
- Identity data and online identifiers
- Contact information and location data
- Demographic and health data
- CVs and academic records
- Data related to university community members
- Data collected through e-learning, training, research, or administrative systems
Additionally, personal data is collected and processed:
- For fulfilling contractual or pre-contractual obligations
- Upon explicit and specific consent from the data subject, particularly when using University services, administrative platforms, or participating in communications, surveys, and program evaluations
3. Data Collection Scenarios
Personal data may be collected in the following contexts:
- Contacting us via phone, email, or contact forms
- Participation in educational and research programs
- Submission of postal addresses or billing details for invoicing
- Subscription to mailing lists, newsletters, or SMS services
- Use of the University’s websites, where cookies are used to collect browser and device data
Data processing is performed either manually or through automated means, including profiling, where applicable.
4. Cookies
The University of Patras uses cookies to:
- Recognize returning visitors
- Maintain language preferences and session data
- Support access to specific pages
- Collect anonymized usage statistics
Cookies are small text files stored on the user’s device and do not access other files. Use of cookies complies with European cookie legislation. Visitors can manage cookies via browser settings.
5. Data Recipients
Recipients of personal data include only authorized University staff acting under strict confidentiality obligations and within the scope of their official responsibilities.
In cases of data breaches, the University will notify affected individuals and relevant supervisory authorities in accordance with applicable law.
6. Data Transfers to Public Authorities
The University may transfer personal data to other public bodies when:
- Required for the execution of public duties
- The third party receiving the data has a lawful basis for processing it
Data transferred for one specific purpose must not be processed for a different one, unless allowed by law.
7. Security Measures
The University implements appropriate technical and organizational safeguards to prevent:
- Accidental loss or alteration of data
- Unauthorized disclosure or access
- Unlawful processing of personal data
These measures include secure servers, access controls, encryption, and regular assessments of risk and security.
8. Data Retention
The University retains personal data only for as long as necessary to achieve the purpose for which it was collected, in compliance with:
- Relevant legal provisions
- Institutional regulations
- Sector-specific retention guidelines
9. Your Rights
As a data subject, you have the following rights under the GDPR:
- Right of Access – to view your personal data
- Right to Rectification – to correct inaccuracies
- Right to Erasure (“Right to be Forgotten”)
- Right to Restrict Processing
- Right to Data Portability
- Right to Object – including withdrawal of previously given consent
You may submit your request via email to:
You may also lodge a complaint with the Hellenic Data Protection Authority if you believe your data is being unlawfully processed.
Website: https://www.dpa.gr
Email:
10. Response to Data Subject Requests
The University will make every effort to respond to your request without undue delay, and in any case within one (1) month. This period may be extended by up to two (2) additional months for complex or multiple requests, with prior notification.
If your request is submitted electronically, you will also receive the response electronically unless otherwise requested.
If your request for restriction, objection, or deletion relates to data required for a service or contract, the University may be unable to continue providing that service or may terminate the related agreement.
The University retains the right to deny such requests if the data is essential for:
- The establishment, exercise, or defense of legal claims
- Fulfillment of a legal obligation
11. Contact Information
For any inquiries or to exercise your data rights, please contact:
University of Patras
Campus Rio, 26504 Patras, Greece
Phone: +30 2610 962855
Email: