Πλατφόρμα Τηλεκπαίδευσης
Privacy Policy
The Privacy Policy governs the procedures by which "Athens University of Economics and Business)" collects, uses, manages (processes) information and personal data from Users who visit the Distance Learning Platform https://eclass.aueb.gr/
- Data Processor.
The personal data of the users (teachers, students) of the e-learning platform (eclass) are processed by Athens University of Economics and Business (AUEB)
Athens University of Economics and Business
Patision 76, 10434 Athens
Eclass Support Team
Email: eclass@aueb.gr, Telephone: 2108203900
- Purposes of processing.
The personal data of the users are processed in order to fulfil the purpose of providing users with access to the teaching materials and the asynchronous (non real time) distance learning services provided, through the distance learning platform, as well as for the management of the educational activities provided in general, both in undergraduate and in postgraduate courses.
- Legal basis for the processing of personal data.
The processing of users' personal data is necessary for the performance of a task carried out in the public interest and in the exercise of official authority vested in the University for the provision of university teaching, in accordance with Article 6 § 1 indent e) as defined in Regulation (EU) 2016 / 679 (hereinafter: GDPR) as well as in article 5 of law 4624/2019 ("Hellenic Data Protection Authority, implementing measures of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data”- Official Government Gazette 137 / Α / 29-08-2019).
- Personal Data categories.
The personal data processed are as follows:
Personal Data |
Purpose |
User Category |
Distance Learning System |
Institutional username in the Student Management System or in the Human Resources System or in the LDAP service of AUEB |
Authentication and authorization of the users |
All users |
Open Eclass distance learning platform |
IP addresses, domain names of the computers and terminal devices employed by the user, other parameters related to the operating system and devices of the user |
The information systems and software processes of the platform collect during their normal operation certain personal data, the transfer of which is an inherent feature of the operation of Internet communication protocols. Some of this data, necessary for access to Internet services, is processed anonymously and related to statistical purposes to the use of e-learning services (most often accessible training material, number of visitors per hour / day, geographical area of user, etc.), as well as to check the proper functioning of the services offered |
All users |
Open Eclass distance learning platform |
|
User identification |
All users |
Open Eclass distance learning platform |
1. Member since 2. Statistics a. Number and duration of views b. Participation time per class c. Class preferences |
Evaluation of the use of the platform |
All users |
Open Eclass distance learning platform |
|
Scheduling and attending classes |
All users |
Open Eclass distance learning platform |
Messages |
Communication between the attendees in a class |
All users |
Open Eclass distance learning platform |
Grades |
Assesment of students |
Students |
Open Eclass distance learning platform |
Assignments |
For the purposes of the class |
Students |
Open Eclass distance learning platform |
The provision of personal data characterised as "mandatory" is necessary for the user to access the platform and the provision of relevant services. In case of refusal to provide this data, the user is not allowed to participate in distance learning. Where appropriate, we may collect personal information provided to us voluntarily by the users.
- Data protection by design (by design) and by default (by default).
The overall management of the courses as well as the uploading of the teaching material is done through the website of each course in the asynchronous distance learning platform (https://eclass.aueb.gr/).
In addition to the suitability of the selected technologies in relation to the cognitive abilities of the students, the technologies used incorporate the necessary processing guarantees in such a way as to meet the requirements of the GDPR (Article 5) and to protect the personal data of their subjects (students and teachers).
By default, communication with the asynchronous e-learning system is encrypted using the https protocol with an encryption algorithm.
- Cookies and other detection systems.
During the use of the asynchronous distance learning system, no cookies are used for behaviour analysis or compilation of user profiles. Cookies are used every time the user connects to the platform (temporarily), limited to what is absolutely necessary for the safe and efficient operation of the platform. The storage of these cookies in the terminals or in the browser of the user is subject to his own control, while in the servers, after the end of the access to the platform, information about the cookies are kept recorded in the log files of the services, for a period of less than seven days (as long as all browsing information is retained) According to the recommendations of the Hellenic Data Protection Authority (DPA), functional and advertising cookies must be disabled by default in your browsers.
- Limitation of processing purpose.
Regarding the collection and processing of personal data of students from the e-learning platforms of the suppliers – performers of processing on behalf of the University, these are limited to what is necessary for the requested provision of services for educational purposes, without further processing for the suppliers' own purposes. Any further processing of user data by the respective platform administrator becoming practically the dta controller activates, among other things, the obligations of informing the subject and transparency of the processing according to article 13 of the GDPR. In addition, consent to the platform administrator does not constitute a legal ground of processing when requested as a prerequisite for concluding a contract with a student for the provision of further services to him / her, which are not necessary for the educational process, especially when this service does not require data processing, as this is attempted to become legal by the requested consent (Article 7 § 4 in conjunction with the rationale of paragraph 43 of the GDPR).
- Legality, accuracy and transparency of processing.
AUEB, in order to ensure the transparency of the processing, provides to interested parties (teachers - students) any information about the essential characteristics of the processing, which is limited to the implementation of e-learning, using clear and simple wording.
When processing the personal data of teachers, which are functionally necessary for the implementation of distance education, AUEB complies with the applicable legal requirements for the legal use of technologies in the context of employment relations (articles 5 and 88 § 2 GDPR and article 27 of law 4624 / 2019) and is limited to the use of what is absolutely necessary, without interfering in teachers’ privacy or in freedom of teaching.
- Limited storage period.
The data provided by the user is maintained throughout the provision of e-learning services, according to the annual curriculum and is then deleted by appropriate and secure means.
- Transfers
There is no transfer of personal data to third parties.
- Respect for the rights of subjects - Data Protection Officer.
Users have the right to access their personal data and information about their processing, the right to correct inaccurate or incomplete data, under certain conditions the right to delete their data and the right to restrict their processing, the right to object to the processing at any time and for reasons related to their particular situation.
Users can exercise their rights by submitting a request to the Data Protection Officer of the University, Mrs. Maria Antonopoulou.
Nevertheless if you consider that your issue has not been resolved, you can lodge a complaint to the Hellenic Data Protection Authority.