Legal
Privacy Policy
Your trust is foundational to Odysseas. This document explains, in plain terms, what data we collect, how we use it, and what rights you have under the General Data Protection Regulation (GDPR).
Introduction
Odysseas is part of the PLATO programme, coordinated by the Bodossaki Foundation with the NGO Support Centre Cyprus as partner. These parties act as joint data controllers for any data collected via the app or this website.
We respect your privacy and commit to collecting only the data strictly necessary for the service to function, in line with the principles of minimisation and transparency.
Data we collect
On the website. This version of the website does not use analytics tools, third-party cookies, or tracking pixels. We do not record your visit.
In the app. The Odysseas app records, as part of photo certification, capture metadata (time, optional GPS, device model) and a cryptographic hash of the image. These items are stored locally on your device or on infrastructure you have authorised.
Contact. If you email us, we will have your name, address, and message content only for as long as needed to respond.
How we use the data
We use the minimal data we collect exclusively to: (a) correctly run the authenticity certification for your photos; (b) respond to contact requests; and (c) improve the security and stability of the service.
We do not sell, rent, or share your data with third parties for advertising purposes, under any circumstances.
Your rights
Under GDPR, you have the following rights regarding your personal data:
- Access: you can request a copy of the data we hold about you.
- Rectification: you can request correction of inaccurate details.
- Erasure: you can request deletion of your data ("right to be forgotten").
- Restriction: you can request that processing be restricted.
- Portability: you can receive your data in a structured, readable format.
- Objection: you can object to processing, in specific circumstances.
You also retain the right to lodge a complaint with your country's Data Protection Authority (in Greece: dpa.gr · in Cyprus: dataprotection.gov.cy).
Contact
For any matter regarding this privacy policy or your rights, reach out via the contact page. We respond to every request within thirty (30) days.