top of page

PRIVACY POLICY

Last updated: 20 NOVEMBER 2025

1. Introduction

 

This Privacy Policy explains how SYNTHESIS Center for Research and Education (“we”, “us”, “our”) collects, processes, stores, and protects personal data through our Website, projects, research, and activities.

 

We are fully committed to compliance with:

 

  • GDPR (EU 2016/679)

  • Cyprus data protection legislation

  • EU research ethics and data minimisation principles

 

This Policy applies to all data subjects interacting with us.

​​​

2. Lawful Basis for Processing (GDPR)

 

We process personal data under one or more lawful bases:

 

  • Consent — e.g., newsletters, photos, interviews, optional surveys

  • Contract — e.g., project participation, event registration

  • Legal obligations — e.g., EU funding requirements, accounting

  • Legitimate interests — e.g., website security, service improvement

  • Public interest / research — where applicable with safeguards

 

Special Categories of Data are processed only with explicit consent or lawful exemptions for research.

​​

3. Personal Data We Collect

 

Depending on the interaction, we may collect:

A. Identification & Contact Data

 

  • Name, surname

  • Email address

  • Phone number

  • Postal address

  • Organisation, role, or affiliation

 

 

B. Participation Data

 

  • Registration details for activities

  • Event attendance

  • Survey responses

  • Application forms

  • Certificates or participation records

 

 

C. Demographic Information

 

  • Age range

  • Gender (optional)

  • Nationality

  • Language preferences

 

 

D. Special Categories of Data (only where required)

 

Examples include:

 

  • health information,

  • vulnerability indicators,

  • socioeconomic data,

  • disability status.

    Collected under strict safeguards.

 

 

E. Digital Analytics Data

 

(Collected automatically)

 

  • IP address

  • Device and browser type

  • Pages visited

  • Referring links

  • Usage statistics

  • Cookies

 

 

F. Media (Audio/Visual)

 

  • Event photos

  • Video recordings

  • Testimonials (with consent)

 

 

4. How We Use Personal Data

 

We process personal data for purposes such as:

 

 

A. Project Implementation

 

  • Managing participation

  • Communicating with partners, participants, stakeholders

  • Fulfilling EU or national reporting obligations

 

 

B. Educational & Training Delivery

 

  • Coordinating events

  • Providing certificates

  • Collecting feedback

  • Improving training quality

 

 

C. Research & Evaluation

 

  • Analysing survey/interview data

  • Producing reports, deliverables, academic output

  • Ethical research with pseudonymisation/anonymisation

 

 

D. Communications

 

  • Answering inquiries

  • Providing updates or invitations (with consent)

 

 

E. Website & Operational Purposes

 

  • Ensuring security

  • Diagnosing performance issues

  • Improving user experience

 

We never sell personal data.

 

 

5. Data Sharing

 

We may share data with:

 

  • project partners (EU-funded or other collaborative projects),

  • funding bodies (e.g., European Commission, National Agencies),

  • contracted service providers (e.g., hosting, email platforms),

  • authorities when legally required.

 

All third parties operate under GDPR-compliant agreements.

 

 

6. International Data Transfers

 

If data is transferred outside the EU/EEA, we ensure:

 

  • Standard Contractual Clauses,

  • adequacy decisions,

  • encryption and minimisation,

  • proportionality and necessity reviews.

 

 

7. Data Retention

 

Personal data is retained only for:

 

  • the duration required by each project or activity;

  • statutory/accounting obligations;

  • ethical research standards.

 

Afterward, data is securely deleted or anonymised.

 

 

8. Security Measures

 

We implement GDPR-aligned security, including:

 

  • access controls and permissions

  • encrypted connections

  • secure servers and backups

  • pseudonymisation/anonymisation

  • staff training in data protection

 

No online system can guarantee total security, but we adopt industry-standard safeguards.

 

 

9. Your GDPR Rights

 

You may request:

 

  • access to your data,

  • correction of inaccuracies,

  • deletion (“right to be forgotten”),

  • restriction of processing,

  • data portability,

  • withdrawal of consent,

  • objection to certain processing.

 

Requests can be made at:

 

📧 info@synthesis-center.org

 

You may also lodge a complaint with the Office of the Commissioner for Personal Data Protection (Cyprus).

 

 

10. Children & Minors

 

We do not knowingly collect data from children under 16 without parental/guardian consent.

 

For youth programmes:

 

  • consent forms are required;

  • only minimal data is collected;

  • additional safeguards apply.

 

 

11. Cookies & Tracking

 

We may use:

 

  • essential cookies (website functionality),

  • analytics cookies (usage statistics),

  • session cookies.

 

You may disable cookies in your browser; certain features may be affected.

 

 

12. Updates to This Policy

 

We reserve the right to update this Policy to reflect:

 

  • legal changes,

  • operational changes,

  • technological updates.

 

The revised version will display a new “Last Updated” date.

 

 

13. Contact Information

 

SYNTHESIS Center for Research and Education

Address: Tagmatarchi Pouliou 33 Nicosia 1101 | Cyprus

Email: info@synthesis-center.org

 

bottom of page