I. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
The collection, use and general processing of personal data is carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), and in accordance with applicable law in general and only subject to the consent of the data subject or for the purposes of performance of a contract or for compliance with a legal obligation or when processing is necessary for other reasons. All principles governing the processing of personal data are upheld by us: legitimacy, objectivity and transparency, purpose limitation, data minimization, accuracy, storage time limitation, integrity and confidentiality, accountability. We protect personal data from design and by definition.
DEFINITIONS (according to the Regulation):
Personal data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one whose identity can be ascertained, directly or indirectly, in particular by reference to an identifying identifier such as a name, in identity number, location data, on-line identity card, or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity that natural person.Processing: any act or set of operations carried out with or without the use of automated means of personal data or personal data sets, such as collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, retrieval of information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, erasure or destruction.Violation of personal data: a breach of security that results in accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data transmitted, stored, or otherwise processed.
II. OUR ELECTRONIC SHOP
Our online store is fully committed to protecting the personal data of its visitors and customers. We will not disclose customer information to third parties unless it is strictly necessary to provide you with a service such as the sale and delivery of products, to perform the necessary credit and security controls and in the context of search and customer profiling procedures under the terms of this Policy and with your consent or where we are legally obliged to do so, for example, following a public prosecutor’s order, a court order, etc. .. Our website will treat the personal data that is made available to it by its users in accordance with applicable European Union (EU) and Greek legislation protection of personal data.Your data that we collect and process is always relevant and relevant to the fulfillment of our obligations to the users of our website.Our online store operates under the terms of this Policy.
III. DATA COLLECTION METHOD
Our online store collects personal data through cookies, order forms, forms of communication, newsletters forms, customer account creation form. This data is collected only if you choose it voluntarily, either by sending us an e-mail or in the Newsletter collection form, or if you have a phone contact with us. This is so that we can provide you with the information you need about the company’s services and products and to serve you in the best possible way.The personal data collected from the communication forms are sent encrypted and stored in the company’s e-mail or the special program available to our website to maintain the history of the communications that have been made through. They are processed only by members of the company and are not given or sold to third parties.We collect personal data, not only through our online store but also in other ways, via the internet, such as, but not limited to, when you visit our website and our social media pages and communicate with us through them or via e-mail , as well as offline, such as, but not limited to, when you participate in our company activities when you communicate or deal with us, or contact us to buy our products.
IV. WHAT DATA WE COLLECT
In particular, the data we collect is:A) IP Address, technically necessary for navigating our online store and / or for making purchases, as well as for security and protection of our e-shop against malicious actions.B) predefined data when registering as a member or in other fields within the online store (such as the order form, the contact form, the newsletter registration form, etc.). Such details include the following: name, surname, shipping and billing address, gender, telephone number, e-mail address, member’s name, membership code, payment details. From these data, what is optional is declared by you at your sole discretion in your free will.C) We may collect and process for statistical purposes or in order to improve your online store experience about your visits and the use of this Site (eg your IP address, your geographical location, your browser, how to update the Website, the length of the visit, and the number of views on the page). Our online store does not collect or store credit card data and data that is handled safely and under its sole responsibility by the payment service provider through the website where payment is processed and executed. The same applies to payment data used by online payment providers, such as PayPal.Corresponding data with the above, as the case may be, we also collect through our pages in social media, as well as when you communicate with us off the Internet, when you deal with us, and more generally whenever you contact us.
V. WHAT ARE THE COOKIES AND WHY WE USE THEM
We aim to continuously optimize the experience of all visitors to our site. Wanting to provide personalized service to each visitor, we use data to present to each one the services and products they are really interested in, depending on the preferences it shows when browsing our site.
VI. PURPOSE OF DATA PROCESSING
We collect and process your data solely for specified, explicit and legitimate purposes and only to the extent necessary for the fulfillment of these purposes.Specifically:
- For the fulfillment of our contractual obligations, in the event of the conclusion and execution of a contract.
- To identify and communicate with you.
- For information about products, services, promotions and promotions.
- For research and statistical purposes.
- To prevent and deal with any malicious use or other illegal behavior on our site.
- To fulfill our obligations towards the State and the competent authorities.
- To safeguard our rights and our demands.
- For cases that we may use before the Courts.
- Where processing is necessary under the applicable legislation.
By navigating our site or registering as a member of our website or by registering with our newsletter, you declare that you accept and consent to this Policy and provide us with your explicit consent to the collection and processing your personal data.When you deal with us when you contact us and when you contact us, on or off the Internet, you represent that you give us your consent to the collection and processing of your personal data, especially when you communicate to us.The consent of the data subject is for the sole purpose of the above-mentioned purposes.Your consent to the processing of your personal data is freely revocable at any time. For any relevant information you can send us an email at firstname.lastname@example.org
VIII. YOUR RIGHTS
Please be advised that you have the following rights, which you can exercise at any time by submitting the relevant requests:
- update and access to personal data: You are entitled to be informed about any matter concerning the processing of your data and to provide you with a copy thereof.
- right to be corrected: You are entitled to ask us to correct inaccuraties or fill in incomplete data.
- right of remission (“right to forgiveness”): You are entitled to ask us to delete your data.
- right to restrict processing: you are entitled to ensure that your data is not processed
- right to data portability: You are entitled to receive your data in a structured, commonly used and machine-readable format and forward it to another processor.
- right of objection: You are entitled to oppose the processing of data concerning you.
Also, as we have already mentioned, you have the right to withdraw your consent.For the exercise of your rights, you can send us an email at email@example.com on “PERSONAL DATA”. Also, in the same email and at the same address, you may ask to inquire about the evolution of your requests, ask us for information about your rights and the exercise of your rights, or contact us for any other matter relating to the protection of personal data from our company. To exercise your rights regarding our online store, please also see the GDPR Tools section of our e-shop. We respond to requests and take action without delay, and in any case within one (1) month of receiving the request. However, if your request is complex or there are a large number of your requests, we will notify you within one month if we need to take another two (2) months extension within which we will respond to you.If the data subject’s claims are manifestly unfounded or excessive due in particular to their recurrence, we can either: (a) impose a reasonable fee, taking into account the administrative costs of providing information or executing the requested action; or (b) to refuse to follow up on the request. In the cases provided for in Regulation (EU) 2016/679 and the applicable legislation in general, we may not accept the request. Indicative and not limitative when data processing is necessary for the foundation, exercise or support of legal claims or for the fulfillment of a duty performed in the public interest. Please note that if there is any doubt as to the person making the request, we may ask for additional information to confirm your identity.In the event of a violation of your rights, we undertake to inform you without delay if required in accordance with Regulation (EU) 2016/679 and applicable law in general.
RIGHT TO SUBMIT A COMPLAINT
Please be advised that you have the right to file a complaint with the Personal Data Protection Authority as the competent supervisory authority if you believe that your rights are being violated and the relevant legislation concerning the processing of your personal data (Data Protection Authority, www.dpa.gr Offices: 1-3 Kifissias Str., PC 115 23, Athens, Call Center: +302106475600, Fax: +302106475628, email: firstname.lastname@example.org ).
IX. TIME OF DATA RETENTION
The retention time of personal data varies according to the purpose of the processing.For purposes of communication, product promotion, and statistical purposes, we retain personal data for up to two (2) years or until the data subject asks for their deletion. The interested party may exercise the right to delete a request at any time and for any reason with a written request (email) at email@example.com or through the unsubscribe option that accompanies our company newsletters. We may not accept your request in cases where data processing is required in accordance with Regulation (EU) 2016/679 and applicable law in general. In detail about your rights and how you can exercise them, please see the relevant section of this Policy. If a contract is entered into, we retain the personal data for up to twenty (20) years, ie until the legal limitation period of the claims is completed.All of the above intervals may be extended if necessary. Especially when we are bound by law, for tax purposes and for judicial use.
X. TRANSMISSION OF DATA TO THIRD PARTIES
For the sole purpose of implementing the aforementioned purposes (see Section VI), we may transmit your data to third parties within the European Union, including, but not limited to, natural or legal persons with which we cooperate, competent authorities and in any case, we are obliged by law to pass it on.
XI. SECURITY MEASURES
The security of the personal data we collect and process is a priority for us. We therefore take all necessary technical and organizational measures and take all necessary steps to ensure that personal data is safe and not compromised. Since the violation may lead to accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized or unauthorized processing, unauthorized access, damage or disclosure or misuse by third parties, we take care and act to protect the data. For the sake of the security of our personal data, we constantly update and apply every available tool provided by modern technology. We have implemented an integrated security program that includes continuous controls, ongoing software update, and malware and attack protection programs and ongoing reliability of processing systems.Only persons who have been informed about security issues and who reasonably need access to them in order to provide you with products or services have access to personal data. These individuals are committed to confidentiality.We cooperate with natural and legal persons who provide assurances that they are fully compliant with the Regulations and applicable legislation in general and that they take all necessary technical and organizational measures to ensure that your data is safe.We take all the measures we take to check them at regular intervals and, if necessary, we adjust them for as much security as possible.The most important thing is that we are constantly trying to ensure that our company culture, our actions, our orientation and our ethics are always connected with the protection of personal data.Please note that we are not responsible for websites of other companies and external sites in general that you have access to, or are being transported or visited by a link from our website. For this reason, please be informed on each site of another company separately and on each external site separately for personal data issues.
XII. MODIFICATION OF TERMS OF THIS POLICY