PRIVACY & DATA PROTECTION POLICY
Website: www.zp4all.com
Last Updated: 28 January 2026
1. Introduction
Within the framework of the Zero Plastic For All (ZP4All) project, we deeply respect your privacy. This Policy explains how we collect, use, store, and protect your personal data when you visit our website (www.zp4all.com) and use its services (e.g., uploading reports, completing questionnaires, registering).
The processing of your data is governed by the General Data Protection Regulation (GDPR) and relevant Greek laws.
2. Data Controller
The controller responsible for processing your data is the entity coordinating the ZP4All project:
RTIS Network
11, K. Varnali Street, 15233 Chalandri
+30 210 220 8806
Email for data protection matters: info@rtisnetwork.org
3. What Information We Collect and Why
We collect only the data necessary for the specific purposes of the project.
| Data Category | Examples | Legal Basis & Purpose |
| Contact & Identification Data | First name, last name, email, institution/organization. | Basis: Legitimate interest (project execution) and contractual relationship. Purpose: Communication, account creation, providing access to services (e.g., for participants, educators). |
| Participation & Content Data | Questionnaire responses, comments, uploaded files (e.g., photos, reports). | Basis: Consent provided upon submission. Purpose: Research, analysis and management of project results, publication of anonymous statistics. |
| Automatically Collected Data | IP address, browser type, pages visited, timestamp. | Basis: Legitimate interest. Purpose: Website operation and security, analysis of traffic (using anonymous statistics), fraud prevention. |
Note on Uploads: The use of your device’s camera or photo library (via the website or mobile app) is permitted solely and exclusively for uploading photos/files. Files are not stored locally on your device by our service and are transmitted directly and securely to our servers.
4. Cookies
Our website uses essential cookies for its operation (e.g., keeping you logged in) and analytics cookies (e.g., Google Analytics) for anonymous traffic measurement. Analytics cookies are not used to track individuals. You can manage your cookie preferences via the banner displayed on your first visit or through your browser settings.
5. Who Do We Share Your Data With?
Your data is not sold or disclosed to third parties for commercial purposes. Disclosure may occur to the following entities, always with necessary safeguards:
- ZP4All Project Partners: For the proper implementation of the project, data may be shared with the official project partners in Greece, Italy, and Portugal.
- National Authorities & the European Commission: Only within the framework of submitting necessary statistics and reports for the Erasmus+ program, in accordance with funding rules.
- Service Providers (Processors): IT service providers who support us (e.g., hosting). They operate under contracts obliging them to comply with the GDPR.
6. Your Rights
You have the following rights, subject to legal conditions:
- Right of Access and to be informed.
- Right to Rectification of inaccurate data.
- Right to Erasure (“Right to be Forgotten”).
- Right to Restriction of Processing.
- Right to Data Portability (machine-readable format).
- Right to Object to processing.
- Right to Withdraw Your Consent at any time.
To exercise any of these rights, please contact us at the controller’s email (see §2).
7. Data Retention Period
We retain your personal data only for the period required to fulfil the project’s purposes and to comply with legal obligations (e.g., accounting, reports to the EU). After this period, data will be deleted or anonymized for statistical purposes.
8. Security
We implement appropriate technical and organizational measures (e.g., encryption, access restriction, regular backups) to protect your data from unauthorized access, loss, or destruction.
9. Changes to This Policy
This Policy may be updated to reflect new practices or legal changes. Any significant changes will be posted here, with a clear indication of the update date.
10. Contact & Supervisory Authority
You have the right to lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr) if you believe the processing of your data violates the law.
This Policy applies to the website www.zp4all.com. For the Privacy Policy of the ZP4All mobile app, please refer to the corresponding document.