Use and protection of personal data
1.1. The Company processes only the personal data necessary for providing the website and the online store services. It concerns data provided by visitors whilst completing one of the forms on the website and they knowingly proceed with their submission. The necessary process for the webpage visitors’ personal data is a procedure that falls into the field of application of the article 7A paragraph 1 (b) Ν.2472/1997 and this data is not transferred or shared with third parties unless we follow the procedure for the lifting of secrecy as prescribed by law (N.2225/1994) or any other obligations which may arise from the national implementation of the Directive 24/2006. The processing of personal data for those who place an order, such as charging their credit card, is held under the agreement with EUROBANK as legally represented.
1.3. Any processing of personal data, is solely conducted by persons who are under the Company’s control. To perform the processing procedure, the company has chosen persons with the relevant professional qualifications who provide sufficient guarantees in terms of technical knowledge and personal integrity for maintaining confidentiality. The company has taken appropriate organizational and technical measures in order to secure personal data which is protected from accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access and any other form of unlawful processing. These measures ensure a level of security appropriate to the risks of treatment and the nature of data to be processed. During your online purchases the website doesn’t record or store in any way any information concerning your credit card except, for reasons of security, your transaction, Debit or Credit and whether it is a Visa or a Master Card. When paying with PayPal the e-mail for the PayPal account is stored. The SSL is the most reliable international medium for safe transactions over the internet. All transactions made through the website are governed by the relevant provisions of the Law on Consumer Protection (L. 2251/1994), that regulates issues concerning distance sales as well as by the provisions of the European and International Law.
1.4. Everyone has the right to know about personal data that concerns him are or have been processed by the company. It is for this reason that the company has the obligation to reply in writing. The subject regarding the data has the right to ask and receive from the person in charge of processing, without any delay and in an understandable and clear manner, the following information:
a) All personal data that concerns him as well as their source.
b) The purposes of processing, the recipients or the categories of recipients.
c) The way processing has been developing since the last update or information.
d) The automated processing mechanism.
e) Depending on the situation, the correction, deletion or blocking of data whose processing is not in line with the provisions of Law 2472/1997, especially due to incomplete or inaccurate data, and
f) The disclosure of information resulting from any correction, deletion or blocking (lock) of personal data, depending in the situation, to third parties wherever this proves possible or doesn’t require any disproportionate effort. The right of access can be exercised by the subject of the data with the assistance of a specialist. The company responds to access requests within fifteen (15) days, according to the provisions stated in the article 12 of the Law 2472/1997.
1.5. The subject of the data has the right to raise any kind of objections on the processing of data that concern him. Those objections are addressed in writing to the company via e-mail and should include the applicant’s proof of identity as well as a request for specific actions, such as correction, temporary non-use, commitment, lack of transfer or deletion.
The company responds in writing to the objections within a deadline of fifteen (15) days. With this reply the subject is informed on the actions taken or the possible reasons that lead into not satisfying the request. In the case of rejecting the objections, the reply is communicated from the Company to the Authority for the Protection of Personal Data.
1.6. In order to exercise the right of the terms 3.3. and 3.4., the subject of the data or his legal representative, should submit to the Company via e-mail (firstname.lastname@example.org) a complaint stating:
(a) his identity, presenting relevant evidence from a public authority,
(b) the specific personal data upon which the complaint is based, with mention to the webplace these are posted,
(c) his contact details (telephone number, e-mail address, home address).
1.7. Observance of this procedure constitutes a binding contractual term that precedes any further action before a public authority or a court and is intended to any users who by entering the webpage, accept its binding nature.