Athens Heritage Compass

Introduction and Scope

This Privacy Policy explains how Athens Heritage Compass collects, uses, stores, and protects information from users of our educational platform. We are committed to protecting user privacy and maintaining transparent data practices. This policy applies to all users accessing Athens Heritage Compass through any means, including website browsers, mobile devices, and other digital interfaces. By using Athens Heritage Compass, users acknowledge that they have read, understood, and agreed to the practices described in this Privacy Policy.

Athens Heritage Compass operates as an informational and educational platform focused on cultural heritage. We collect minimal personal information necessary for platform functionality and improvement. We do not sell user data to third parties. We employ industry-standard security measures to protect information in our systems. We respect user preferences regarding cookies and tracking technologies. We comply with applicable privacy regulations including the General Data Protection Regulation (GDPR) for European users and other relevant privacy frameworks.

Information We Collect

Athens Heritage Compass collects several categories of information necessary for platform operation, service improvement, and user support. Technical information is collected automatically when users access our platform, including IP addresses, browser types, device identifiers, operating systems, referring URLs, pages viewed, and timestamps of access. This technical data helps us understand platform usage patterns, identify technical issues, optimize performance, and ensure security. Collection of this information occurs through standard web server logs and analytics tools.

When users voluntarily contact us through forms or email, we collect information they choose to provide, including names, email addresses, message content, and any other information included in communications. This contact information enables us to respond to inquiries, address reported issues, and maintain records of communications. We collect only information users explicitly provide and do not request sensitive personal information beyond what is necessary for communication purposes.

Cookie data represents another category of information collected. Cookies are small text files stored on user devices that help websites remember preferences and track usage. Athens Heritage Compass uses cookies for essential platform functionality, user preference storage, and analytics purposes. Users can control cookie settings through browser configurations, though disabling certain cookies may affect platform functionality. Detailed information about our cookie usage appears in the Cookie Policy section below.

How We Use Information

Information collected by Athens Heritage Compass serves specific purposes related to platform operation and improvement. Technical data enables us to provide reliable service, maintain platform security, identify and resolve technical issues, analyze usage patterns, and optimize user experience. We use aggregated, anonymized data to understand how users navigate the platform, which content proves most valuable, and where improvements might enhance educational effectiveness. This analysis informs content development priorities and platform enhancement decisions.

Contact information provided through inquiry forms serves communication purposes exclusively. We use this information to respond to questions, address reported issues, provide requested information, and maintain records of communications for quality assurance and continuity. We do not use contact information for marketing purposes, do not share it with third parties for their marketing purposes, and retain it only as long as necessary for communication purposes and reasonable record-keeping requirements.

We may use information in aggregated, anonymized forms for research purposes related to educational effectiveness, user behavior patterns, and platform performance. Such aggregated data contains no personally identifiable information and cannot be linked back to individual users. This research supports our mission of providing effective cultural heritage education and contributes to broader understanding of digital educational platforms.

Information Sharing and Disclosure

Athens Heritage Compass maintains strict policies regarding information sharing. We do not sell personal information to third parties under any circumstances. We do not share personal information for marketing purposes. We do not disclose individual user data except in specific circumstances described in this section. Our commitment to user privacy extends to all aspects of data handling and third-party relationships.

We may share information with service providers who assist with platform operation, including web hosting services, analytics providers, and technical support contractors. These service providers access user information only to perform specific functions on our behalf and are bound by contractual obligations to maintain confidentiality and use information only for designated purposes. We carefully vet service providers for security practices and privacy commitments before engaging their services.

We may disclose information when legally required to do so, including in response to valid legal processes such as subpoenas, court orders, or other governmental requests. We may also disclose information when necessary to protect our rights, property, or safety, or the rights, property, or safety of users or others. In such cases, we limit disclosure to information specifically required by the legal obligation or protective purpose and notify affected users when legally permitted to do so.

Data Storage and Security

Athens Heritage Compass employs industry-standard security measures to protect information from unauthorized access, disclosure, alteration, or destruction. Security measures include secure server configurations, encrypted data transmission, access controls limiting who can view or modify data, regular security audits and updates, and employee training on data protection practices. While we implement robust security measures, no system can guarantee absolute security, and users acknowledge inherent risks in internet-based data transmission and storage.

We store information on secure servers located in facilities with appropriate physical and digital security protections. Access to user information is restricted to personnel with legitimate need for such access to perform their job functions. All personnel with data access are trained on privacy obligations and bound by confidentiality commitments. We maintain backup systems to protect against data loss while ensuring that backup data receives security protections equivalent to active systems.

In the event of a data breach affecting personal information, we will notify affected users in accordance with applicable legal requirements. Notification will include information about the nature of the breach, types of information affected, steps we are taking in response, and recommendations for users to protect themselves. We maintain incident response procedures designed to identify, contain, and remediate security incidents promptly while minimizing harm to affected individuals.

Data Retention

Athens Heritage Compass retains different categories of information for varying periods based on the purpose for which it was collected and legal retention requirements. Technical logs and analytics data are typically retained for limited periods sufficient for performance monitoring and security purposes, generally not exceeding 24 months unless longer retention serves legitimate technical or security needs. After retention periods expire, we delete or anonymize data such that it can no longer be associated with individual users.

Contact information and communication records are retained for reasonable periods to support continuity of communication, quality assurance, and dispute resolution. We typically retain contact information for the duration of ongoing communication plus a reasonable period thereafter, generally not exceeding three years from the last contact unless legal obligations require longer retention. Users may request deletion of contact information earlier, subject to our legitimate need to maintain records of communications.

Aggregate, anonymized data may be retained indefinitely for research and analytical purposes since such data cannot be linked to individual users and poses no privacy risk. This retained aggregate data supports long-term analysis of platform effectiveness and educational impact while respecting user privacy through irreversible anonymization.

User Rights and Control

Users of Athens Heritage Compass possess specific rights regarding their personal information, subject to applicable legal frameworks and reasonable limitations. Users may request access to personal information we hold about them, receiving confirmation of what information exists, its purposes, and how it is used. Users may request correction of inaccurate personal information or completion of incomplete information. Users may request deletion of personal information, subject to our legitimate needs to maintain certain records for legal compliance, dispute resolution, or contract performance.

Users may object to or restrict certain processing of their personal information, particularly for purposes beyond essential platform operation. Users may request data portability, receiving their personal information in structured, commonly used, machine-readable formats. Users may withdraw consent for processing based on consent, though this does not affect the lawfulness of processing prior to consent withdrawal and may affect ability to use certain platform features.

To exercise these rights, users should contact us through the contact information provided at the end of this policy. We will respond to rights requests within reasonable timeframes consistent with applicable legal requirements, typically within 30 days. We may require identity verification before fulfilling certain requests to protect against unauthorized access to user information. We will explain any limitations on fulfilling requests, such as when legal obligations require information retention despite user deletion requests.

Cookie Policy

Athens Heritage Compass uses cookies and similar technologies to enhance user experience, enable platform functionality, and gather usage information. Cookies are small text files placed on user devices by websites visited. They serve various functions including remembering user preferences, maintaining session continuity, and collecting analytics data. Our cookie usage falls into several categories with different purposes and characteristics.

Essential cookies are necessary for basic platform functionality. These cookies enable core features such as navigation, access to secure areas, and preference storage. Essential cookies do not track users across other websites and contain no personal information beyond what is necessary for platform operation. Users cannot disable essential cookies through our cookie consent tool as doing so would impair platform functionality, though users can block cookies through browser settings at the cost of reduced functionality.

Analytics cookies help us understand how users interact with Athens Heritage Compass. These cookies collect information about pages viewed, time spent on pages, navigation paths, and technical performance. Analytics data is generally aggregated and anonymized, providing insights into overall usage patterns rather than individual behavior tracking. We use analytics information to improve content organization, identify technical issues, and optimize educational effectiveness. Users can opt out of analytics cookies through our cookie consent banner without affecting essential platform functionality.

Preference cookies remember user choices regarding platform settings, display options, and other customizable features. These cookies enhance user experience by maintaining consistent settings across sessions without requiring repeated manual configuration. Preference cookies contain no sensitive information and serve solely to improve convenience and usability. Users who disable preference cookies will need to reconfigure settings each time they access the platform.

Third-Party Links and Services

Athens Heritage Compass may include links to external websites, resources, or services not operated by us. These third-party links are provided for informational purposes and user convenience. We do not control third-party websites or their privacy practices. This Privacy Policy applies only to Athens Heritage Compass and does not govern information collected by third-party websites, even when accessed through links from our platform.

Users should review privacy policies of any third-party websites they visit to understand how those sites collect, use, and protect information. We do not endorse third-party websites or assume responsibility for their content, practices, or policies. Providing links does not constitute endorsement, partnership, or affiliation unless explicitly stated. Users access third-party websites at their own discretion and risk.

Some platform functionality may involve third-party services such as web hosting, analytics tools, or content delivery networks. These service providers operate under contractual obligations to maintain confidentiality and use information only for specified purposes. We carefully select service providers based on their security practices and privacy commitments. However, users acknowledge that third-party service provision involves some information sharing necessary for technical operation, as described in the Information Sharing section above.

Children's Privacy

Athens Heritage Compass provides educational content suitable for audiences of all ages, including students and young learners. However, we do not knowingly collect personal information from children under the age of 13 without parental consent. Our contact forms and other information collection mechanisms are designed for use by adults, parents, educators, or students old enough to provide informed consent under applicable law. Children should seek parental permission before providing any personal information to Athens Heritage Compass.

If we become aware that we have collected personal information from a child under 13 without verified parental consent, we will take steps to delete such information promptly. Parents who believe their child has provided personal information to Athens Heritage Compass may contact us to request access to and deletion of such information. We cooperate fully with parents and guardians to protect children's privacy and ensure that data collection complies with children's privacy laws including the Children's Online Privacy Protection Act (COPPA).

Educational use of Athens Heritage Compass by schools and educational institutions may involve student access under institutional supervision. In such cases, the educational institution assumes responsibility for ensuring appropriate permissions, supervision, and compliance with applicable children's privacy laws. We recommend that educational institutions review this Privacy Policy and ensure their use of Athens Heritage Compass complies with their own privacy policies and applicable regulations.

International Users and Data Transfers

Athens Heritage Compass serves a global audience interested in Athenian cultural heritage. Users may access the platform from various countries with different privacy laws and regulations. While we endeavor to comply with applicable privacy regulations wherever users are located, our primary legal jurisdiction governs certain aspects of data handling. Users accessing Athens Heritage Compass from outside our primary jurisdiction consent to information transfer to and processing in that jurisdiction.

For users in the European Union and European Economic Area, we recognize rights established by the General Data Protection Regulation (GDPR). These rights include access, rectification, erasure, restriction of processing, data portability, and objection as described in the User Rights section above. EU users may also lodge complaints with supervisory authorities in their country of residence if they believe data processing violates GDPR requirements. We cooperate with supervisory authorities and comply with their determinations regarding data handling.

When information transfers occur across international boundaries, we ensure appropriate safeguards protect data in accordance with applicable law. These safeguards may include standard contractual clauses, adequacy decisions by competent authorities, or other legally recognized transfer mechanisms. We limit international transfers to those necessary for platform operation and service provision, and we require that any recipients of transferred data maintain protections substantially similar to those described in this Privacy Policy.

Changes to This Privacy Policy

Athens Heritage Compass reserves the right to modify this Privacy Policy to reflect changes in our practices, legal requirements, or platform functionality. When we make material changes to privacy practices, we will notify users through prominent notices on the platform, such as banner notifications or announcements on the homepage. For significant changes that substantially alter information collection or use practices, we may also provide notification through email to users who have provided contact information, when feasible and appropriate.

We encourage users to review this Privacy Policy periodically to stay informed about how we protect information. The "Last Updated" date at the top of this policy indicates when the most recent revisions were made. Continued use of Athens Heritage Compass after changes to this Privacy Policy constitutes acceptance of the updated practices. Users who disagree with modified practices should discontinue platform use and may contact us to request deletion of their information, subject to legitimate retention needs.

We maintain archived versions of previous Privacy Policy versions for reference purposes. Users may request access to historical versions to understand how practices have evolved over time. This commitment to transparency in policy evolution reflects our broader dedication to maintaining user trust through clear communication about privacy practices.

Legal Compliance and Regulatory Cooperation

Athens Heritage Compass commits to complying with applicable privacy and data protection laws in all jurisdictions where we operate or serve users. This commitment includes cooperation with regulatory authorities, implementation of required technical and organizational measures, maintenance of required documentation, and prompt notification of any data breaches as required by law. We monitor evolving privacy regulations and adapt our practices to maintain ongoing compliance.

In the event that regulatory authorities request information or conduct investigations related to our privacy practices, we cooperate fully while protecting user information to the maximum extent permitted by law. We maintain records of processing activities as required by data protection regulations and make these records available to competent authorities upon request. Our compliance efforts include regular review of privacy practices, assessment of risks to user information, and implementation of appropriate measures to mitigate identified risks.

Contact Information

Questions, concerns, or requests regarding this Privacy Policy or our data practices should be directed to Athens Heritage Compass through the contact form available on our Contact page. Users exercising privacy rights, reporting potential privacy issues, or seeking clarification about privacy practices should provide sufficient detail to enable us to understand and address the inquiry effectively. We respond to privacy-related inquiries promptly and work cooperatively with users to resolve concerns.

For formal rights requests or complaints, we may require identity verification to protect against unauthorized access to user information. We strive to resolve privacy concerns through direct communication, but users retain the right to escalate unresolved issues to applicable regulatory authorities or supervisory bodies. Contact information for relevant supervisory authorities in various jurisdictions is available through those authorities' websites.

Last Updated: January 2024