Terms & Policies



This policy document in English has been translated from the original, written in Greek. Should there be any discrepancies between the documents, or queries about the content, individuals’ rights or the use of their data, the Greek language document will take precedence over the English one for all legal purposes.

Translation Note: Although the direct translation of ‘ΑΣΤΙΚΗ ΜΗ ΚΕΡΔΟΣΚΟΠΙΚΗ ΕΤΑΙΡΙΑ’ is ‘Civil Non-profit Company’, in order to avoid confusion in the English translation, this legal form of association (which ‘incommon’ is constituted as) is referred to as ‘The Organisation’ in English rather than ‘The Company’, when written as such in Greek. This is done to ensure the understanding that it is a non-profit entity. The entity of ‘InCommOn’, in Greek law, is a company that has the right to sell products or services and generate income, but not profit. It has no shareholders, no stakes, is not publicly traded and the entire income from any products / services are used for the organisation’s projects and operations.

The Civil Non-Profit Company (henceforth ‘The Organisation’) with the name ‘incommon’ based in Thessaloniki (105 Agia Sofia Street, 54633), is a legal entity which has the right to hold and process personal data, as set out in the framework of the General Data Protection Regulation (EU 2018/679), which entered into force on 25/05/2018 and is hereinafter referred to as the ‘GDPR’. incommon is additionally subject to, and upholds, the law 4624/2019 of the ‘Personal Data Protection Authority’ which comprises measures implementing Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data. This also allows for the transposition into national law of Directive EU 2016/680 of the European Parliament and of the Council of 27 April 2016 and other provisions. These acts and legislation provides the public with the following information about the gathering, storing, processing and use of your personal data and your rights as the subject of these processes.
The purpose of our Organisation is to carry out initiatives and projects in Greece and abroad, related to sustainable urban development, focussing equally on the human and the ecological factors of the urban environment. We seek to propose solutions to the problems facing Greek cities – such as environmental degradation, the effects of climate change, the various crises that occur or affect urban areas, social inequalities in the urban context, etc. – giving equal emphasis to both the issues of the environment and society, while working to empower citizens to engage with these issues as self-organised groups. To this end, we develop environmental, educational, cultural and social projects with, by and for the community, in cooperation with the community itself and utilising tools such as
participatory planning, participatory decision-making and the implementation of bottom-up approaches, as well as community building. We develop our actions and ideas in the ‘field’ – small-scale urban projects with simultaneous social, scientific and technical research, prioritising education and raising public awareness, both individually and as members of the community, in order to solve specific problems of urban reality.
The information presented here, is addressed to individuals, who either take an active part in the projects, actions and activities of the Organisation, are simply informed about our work through a newsletter, interaction with staff, or any other kind of communication with the Organisation. This information is intended to inform you about the personal data we collect and process in the context of the aforementioned described purposes and actions of the Organisation, as well as the manner and purposes of collection, storage, use and transmission of such information on a case- by-case basis. It also aims to inform you about your rights in accordance with EU legislation on privacy .

Legal Framework
According to Article 4 (1) of the GDPR, ‘personal data’ denotes any information relating to an identified or identifiable natural person (that is, a private citizen, rather than an organisation, persona or representative of a group) and is referred to, in this context, as a ‘data subject’. An identifiable natural person is one whose identity can be verified immediately or indirectly, in particular with reference to an identity element such as name, passport / ID number, location data, online identity or one or more factors specific to his or her physical, physiological, genetic, psychological, economic, cultural or social identity as an existing, singular person.
Furthermore, in accordance with Article 4 (2) of the GDPR, ‘processing’ refers to any operation or series of operations carried out, with or without the use of automated means, to the personal data or within personal data sets-such as collection, registration, recording, organisation, structuring, storage, adaptation or alteration, retrieval of information, use,
transmission, dissemination and dispersal. In addition, ‘processing’ also includes, association or combining the data with other data sets as well as the deletion or destruction of the data.
Finally, according to article 4 par. 7 of the GDPR, the ‘person / organisation responsible for the collection and processing of data’ is the natural or legal person, public authority, service or other body that, either on its own, or jointly with others, determines the purposes and
manner of processing the data. The organisation responsible for this will undertake the data processing in full compliance with the purposes and manner of such processing, that have been determined by EU law or the law of the relevant Member State. The organisation responsible and the specific criteria for its designation as a legally responsible body, are identified as such (as legal entities with the right to do so) by EU law, or the law of the relevant Member State.

The non-profit organisation ‘incommon’
The non-profit Organisation ‘incommon’ is the organisation responsible for the collection and processing of the personal data- collected by the means and the ways described in detail in this Data Protection Policy, and are subject to processing within the framework of your interaction with the Organisation.

What personal data do we collect?
‘incommon’ collects only the personal data which you have disclosed to us, namely: Identification data: Name, Surname, Date of Birth, Occupation / Profession Contact Information: Home Address, Email Address, Phone Numbers
Individuals who simply wish to be informed of the Organisation’s goals and actions (rather than register for, and participate in, an activity) are asked to provide only their email address in order to receive the relevant newsletters, and are not asked to supply any of the other data outlined above. Individuals who wish to actively participate in our projects and actions are required to provide identification data, such as name, surname and date of birth, as well as contact details, such as home address, e-mail address, telephone numbers. In the latter instance, additional data is requested in order to ensure the smooth operation of projects and actions: for example- activities where there can only be a limited number of participants; activities that are only relevant/appropriate for particular age groups; activities that address thematic topics (in which specific knowledge might be required); activities that address issues of a specific area / community – where the criterion for participation is the home address.

Purpose of collection and processing of personal data
The Organisation is entitled by law, to collect and process the aforementioned personal data disclosed by you, for the fulfillment of its purposes only, as described in detail here.

Third party access to your personal data
The personal data collected by ‘incommon’ may be disclosed or transmitted to third parties, if this is required for the fulfillment of obligations by law or is necessary for the fulfillment of the purposes and functions of the Organisation’s operations and work,
subject to relevant legislation. Some of the Organisation’s functions-in particular, technical and communications functions with regard to our website- are outsourced. We may therefore entrust natural or legal persons (external to ‘incommon’) with certain services and functions of our website and other essential technical processes. In these instances, the Organisation only shares the minimum personal data with external service providers, that is necessary for the task to be fulfilled (e.g. when utilising a mass-mailing service to send out an electronic newsletter, only the name and e-mail addresses of individuals will be shared with the third party / service provider). These external service providers are bound by, and committed to, the same legal requirements of privacy and data protection as incommon.
The Organisation may share your personal data with funding agencies related to our actions and projects (e.g. The Green Fund, European Union agencies, etc.). ‘incommon is allowed by law to share presentations, reports and material from our specific events with such bodies, as these events take place within the framework of specific projects that these institutions have funded or sponsored. These materials function as evidence for the donor, of the realisation of the events and are essential to the reporting systems of the Organisation. However, these institutions/funding bodies are also committed to the privacy of use of personal data and will always respect your choices about who can access your data and will provide adequate guarantees regarding the protection of personal data. Those of the above who have access to your data are obliged to maintain their confidentiality. In any case, should the Organisation wish to utilise a photograph, video, quote or any other type of participation of an individual in our events to share with a donor/ any other body, we will always ask for the explicit consent of the data subjects.

Retention period of personal data
The data of the individuals who receive newsletters is held for one year after the individual’s request to no longer receive the newsletter. The data of the participants in our actions are kept for five years, from their last participation, but the Organisation is entitledto keep them for up to ten years for statistical reasons and in order to maintain an archive and long term record.

Rights of personal data subjects
In accordance with the GDPR, the rights enjoyed by every natural person in relation to the processing of their personal data by ‘incommon’ are the following:
Right to Information / Transparency (Articles 12 and 13 of the GDPR): You have the right to know the details of the organisation responsible for collecting and processing your data, the categories of personal data they collect, the purposes of collecting and processing this data, the recipients of your data, the retention time of this data, all of the rights described
in Articles 15 – 22 of the GDPR (and analysed below), as well as the right to lodge a complaint. You are informed of these rights as ‘data subjects’ by ‘incommon’ both through the relevant field of consent in the processing of personal data and through this text, which is posted on our website (www.incommon.gr).
Right of Access (Article 15 GDPR): As a data subject you have the right to request free access to your personal data held by ‘incommon’.
Right of Correction (Article 16 GCC): As a Data Subject you have the right to request the correction of your inaccurate personal data and the completion of incomplete information.
Right of Deletion / Right of Oblivion (Article 17 GIP): You have the right to request the deletion of your personal data.
Right to Restrict Processing (Article 18 GDPR): As data subjects you have the right to request a restriction on the processing of your personal data when: (a) the accuracy of the personal data is questioned, up until it is verified or corrected, (b) the processing is illegal and rather than requesting deletion from our records, you would prefer a restriction of the use of your personal data, (c) the personal data is not needed for the purposes of processing, but are necessary for the establishment, exercise, support of legal claims, and (d) you oppose the processing and there are legitimate reasons concerning ‘incommon’ ‘s use of your data.
Right to data transferability (Article 20 GDPR): You have the right to receive your personal data free of charge in a form that allows you to access, use and process it, as well as request it from us, or, if it is technically possible, request that we transfer your data directly to another organisation. This right applies to the data you have provided us with, and its processing is based on your consent and is done by automated means.
Right to withdraw consent (Article 7 (2) GDPR: You have the right to withdraw your consent for the Organisation to retain and process your data, at any time, by submitting a written statement to ‘incommon’.
Right of complaint to the National Authority for the Protection of Personal Data (of the relevant Member State) – (article 77 GDPR): You have the right to submit a complaint to the Personal Data Protection Authority (www.dpa.gr): Address 1-3 Kifissias, Ampelokipoi, 11523 Athens, tel. 210 6475600, fax: 210 6475628 , E-mail: complaints@dpa.gr.

Security of personal data
‘incommon’ has implemented all appropriate technical and organisational measures, as well as all physical security measures to ensure the secure processing of personal data and the prevention of accidental loss or destruction and unauthorised and / or illegal access to it. In addition the Organisation ensures the legality of the collection, processing and secure storage of personal data, in accordance with the provisions of national, EU and international law concerning the protection of the individual in the processing of personal data, in particular taking into account the provisions of the General Regulation on Data Protection.
If you wish to contact us about any issue related to the collection, retention or processing of your personal data and your rights with regard to your data, you can contact us by phone at +30 2316009518, by mail at: 105 Agia Sofia Street, 54633, Thessaloniki, Greece, or by email at : office@incommon.gr.



incommon (Innovative Circular Open) is a non-governmental, non-profit organisation aimed at urban sustainability through the development of social and economic equity and environmental protection.
Our core principles and our manner of working include a commitment, in practice, to gender equality and non-discrimination based on gender in both our daily working processes, as well as the activities, events and research we undertake with the public.

A. Organisational culture
Work-life balance: All incommon staff and volunteers are offered flexible working packages within the framework of the labour laws of the country and the European Union. All staff are given a wide range of options to work from home and work diverse hours, but are required to attend specific meetings. Through regular discussion with immediate managers and open lines of communication, all staff members can adapt, change and re-organise working hours to fit with their other obligations and pursuits outside of work. All work-related ‘apps’ are advised to be turned off when an individual is not ‘online’ within their scheduled working hours. Holidays, sick leave and days off are arranged with managers in line with the labour laws of the country. Maternity leave is covered in line with the national laws and parental leave for partners is encouraged. All staff are encouraged to define and develop their jobs and work projects around their own interests, skills and personal growth (in-line with the aims and needs of the organisation). Monthly wellbeing sessions are offered to the entire team for free.
Gender balance in leadership: The initial and current General Director of the organisation is female, as are 70% of the staff, including team leaders and high-level programme coordinators. The Board of Directors is 100% female. All staff and volunteers are encouraged to develop their skills and work towards promotions and leadership positions, if they so desire. 
Gender equality in recruitment and career progression: incommon hires staff based on ability, experience, qualifications, potential and commitment to the principles of the organisation. We advertise for staff without reference to gender, but state that some of roles include physical work. The selection process for hiring is carried out by a committee of diverse staff members, who do not ask any candidates about marital status, relationships, family status or future plans for children. All staff are supported in pursuing their goals for personal development and career progression.
Measures against gender-based violence and sexual harassment: The founding principles and aims of the organisation include social equality and the equal (not ‘same’) treatment of all people. Therefore, the organisation has a zero-tolerance policy for any type of discrimination or harassment of any individual or group, including sexual harassment and gender-based violence.
The organisation has a system of confidential feedback among staff and managers should issues of sexual harassment or gender-based violence arise.
A designated Member of the Board of Directors (female) serves as a Gender Equality Officer and is obligated to investigate any reports of sexual harassment and take any legal and other appropriate measures.
All staff and volunteers are made aware that they should report any incidents to her or to their immediate managers, and they will be handled with discretion and within the regulations set out by law. The priority in any such case will be the protection and support of the person bringing the allegation, but an unbiased and fair process will be carried out, giving the accused person a just hearing before any decisions are taken.
Each team leader and project manager is obliged to report any incidents that they see or are told about, to the Gender Equality Officer. In cases of violence, they are also obliged to report this directly to the relevant authorities.

B. Interaction with the public (events, social research and community meetings)
Public events and meetings: incommon engages in a wide range of activities with the public, including participative discussions and events, community building, advocacy, ‘street-work’ and also social research.
Every event is open to the public as a whole (restricted only by issues of age
appropriateness – that is, some activities are for children, others are for adults-and numbers of participants dependent on venue) and people of all genders are welcomed and given equal time and space to participate. Facilitators moderate all discussions to ensure that no-one is excluded and that all voices are heard. Speakers and contributors to events are selected based on their experience, knowledge and relevance to the topic / activity, regardless of gender.
All of the activities and events (both for children and adults) are gender-neutral in nature, unless a specific group or meeting is requested by the community on a gender-sensitive issue.
The incommon headquarters is intended to be a community hub. Therefore, if the community decides that there is a need for a gender-specific group (e.g. women’s group or an LGBTQ+ support group or a teenage boys’ group) and wishes to use our physical space to meet, InCommOn would support this type of activity as it would provide a safe space for open discussion and solidarity. Due to inequalities in society, such activities (which by their nature are ‘gender exclusive’), are ways of redressing the balance and providing a means
to work towards greater Gender Equality in the community. In situations such as these, incommon will ensure that participants stipulate which InCommOn staff they wish to be
present and this will be respected. incommon staff will be on site and may facilitate such meetings but will not intervene in their content unless they are prone to exclusivity or hate-speech, rather than the provision of a supportive and safe space for marginalised groups.
Research with the public: incommon carries out a wide variety of social research in order to understand the needs, skills and issues of the community in which it works so as to offer relevant services, activities and support. To achieve this aim, it is important to gain a clear picture of the gender issues and numbers within the community. When undertaking such studies, researchers ask respondents if they are happy to state their gender and offer the options “Male, Female, Non-Binary, Other, Prefer not to say”.
Prior to any social questionnaires or interviews, the research team carefully considers the gender dimensions of the proposed work, to determine whether gender is of relevance to the particular set of issues being investigated. If it is not, no questions are asked, and no observations are recorded with regard to gender. If it is deemed relevant (as a demographic indicator, a means of identifying a problem, or an essential facet of delivering services) then the questions are phrased tactfully and answers are recorded as the respondent wishes to identify, rather than as the researcher determines.
incommon does not undertake any kind of research that involves interaction with the public which would require physical contact, the collection of biological materials or the dispensation of any substances (such as medical research), therefore issues of biological gender differences are irrelevant as they are not within the scope of our work.

C. Data collection and monitoring
Public events: The incommon team collects data on gender via participation at our events in order purely to assess whether our work is reaching all genders equally or whether some
types of activities seem to be of greater interest to one gender. The data is collated and utilised internally for the purposes of improving our events, but is not shared with any outside parties.
Research: The gender information gathered during research studies is utilised to analyse overall demographic data and results in order to improve services / resource distribution in
the community and to allow for all voices to be heard. Research reports are generated from the studies and are published (including gender data) but these are stated as overall figures and with no names or identifying features included in any comments or findings shared with the public.

D. Dedicated resources and Training
The aims and methods of the organisation include the core goals of working towards inclusivity, equality and fairness. Therefore, all of the organisation’s activities and manner of working (both internally and externally, with the public and other collaborators/organisations) uphold and promote gender equality as a central cross-cutting measure.
Each project considers and includes dimensions of gender equality from its initial stages of creation and monitors these throughout the project both in terms of staff involvement and with regard to the project participants and beneficiaries.
Gender equality is a built-in facet of all of our work. All project staff are trained in issues of gender equality and safeguarding against sexual harassment, through experiential learning; by working on inclusive and democratic projects and through the nature of the team meetings, working environment and organisational structure which train, support and demonstrate appropriate behaviours with regard to gender equality.
incommon teams hold weekly project meetings and all staff attend a monthly team-building session through which training is offered, including on gender equality, and equally importantly, demonstrated through the manner in which the meetings and activities are undertaken.
The organisation has a safeguarding policy which outlines our commitment procedures with regard to the protection of vulnerable individuals and children, with whom we work on a regualr basis through our projects – which also includes steps for guarding against sexual harassment and promoting gender equality.


Maintaining the safety of our team, our volunteers and the members of the communities we work with is a priority for InCommOn. Should you become aware of, or are the victim of, any manner of threat, inappropriate behaviour or insecurity while interacting with InCommOn, help us ensure that appropriate action is taken. Please contact us with your concerns at safety@incommon.gr. All communications are confidential.