To our business, Personal Data protection is a self-evident commitment we undertake towards our users and clients to protect an individual’s private and business life online. Therefore, we take all necessary measures (organizational and technical) to ensure the safety, availability, and reliability of the data of our clients and users.
Through this “Personal Data Protection and Privacy Statement” we wish to describe the type of personal data collected by us, how we manage them, and where they may be used.
Through its e-shop, our business displays and markets/sells bags and other fashion accessories to businesses and private individuals. This statement refers to all products marketed/sold through our e-shop.
Links to Other Websites
Collection of Personal Data
The sale of products made available by our business requires that the ability to communicate with the client or user of our website is ensured. Therefore, it is necessary that, upon the client or user’s registration or expression of interest in a product displayed on the website https://www.petalooda.gr/, the true personal data requested are stated, as further specified below.
Our business collects data solely for the purposes of the lawful and correct operation of its online store and to offer its clients the requested services such as the sale and delivery of products. Personal data shall be collected either directly or indirectly.
Direct Data Collection
These are data directly provided by our clients, as is the case with an order placement by user with our website.
Indirect Data Collection
These are data collected using our website and are directly related to how a client navigates thereon.
Such collection is made by using technologies such as (including but not limited to) cookies.
The following are among the data collected by us:
a) Upon interest in a product is expressed
We collect the name and last name of our users, their e-mail address, their phone number, and postal address.
b) Upon website browsing
We collect data such as user behavior (pages visit, time spent, exit/entrance page), browser/technology used and demographics (age, gender, location).
Use of Personal Data
Our company shall use data collected exclusively for the following purposes:
– To pursue its business activity and promote products offered by it;
– To improve and customize its services offered through its e-shop;
– To manage the sale of its products, as well as communicate with and inform you about the availability of products, the progress and execution of an order, the receipt of your order from our shop, the delivery of products to your address, the management of your debts, and the return of products; and
– To communicate with its users and clients so as to commercially promote products, inform them about offers, and, in general, to promote its products; advertising material is also considered as part of such communication (the list of aforementioned purposes is indicative, not exhaustive). This communication shall take place via e-mail or by phone.
Transfer of Personal Data
Our business makes its products available through its online store (e-shop) and, for this purpose, data are collected by our employees for the execution of your order and receipt of products from our shop or the delivery of products to the address indicated by you.
Therefore, the data collected shall only be shared with employees who are necessary to perform our order, as well as third parties with whom we cooperate, such as the courier company delivering your orders.
In any case, your personal data may only be accessed by authorized persons who are required to access them so as to complete the purposes of collection, use, and processing, as such are notified herein. Individuals who have access to data are obliged to keep them confidential.
In some cases, our business may share your personal data, with your previous consent, with different companies or service providers cooperating with it, either natural or legal persons, so as to meet your requests for completion of a transaction or provision of a service, such as the delivery address for products sent to the cooperating courier company.
Our business uses the appropriate organizational and conventional measures to protect your personal data and it includes the same requirements, as those stated herein, in third-party service providers that cooperate with it.
Our business may access, transfer, or disclose, and store personal data of clients where such is necessary, such as to comply with applicable law or in the context of legal proceedings.
How We Process Data
Our business processes the data you have provided us with, such as the details of a client-member, contact details, transaction, charging, and shipping details, only to perform the sales contract. Also, our business may process your data only upon the user’s request or with the user’s consent.
Details such as the VAT Reg. No or Tax Office shall be retained by our company in compliance with any applicable tax law.
How We Store Data and for How Long
Under Article 5(1)(c) of the GDPR, computers and software used by our company have been parameterized in such a way so as to limited to what is necessary the use of personal data and identification data. These data shall be subject to processing only to the extent necessary to achieve the purposes stated herein, and they shall be stored for the time period that is absolutely necessary to achieve the specified purposes sought. In all cases, the criterion used to determine the storage period shall be based on compliance with statutory deadlines and the principles of data minimization, limited storage or rational management of our records.
Access to Personal Data
Through their declared e-mail address, the client or user may email us at firstname.lastname@example.org and request that they be informed about their personal data kept by us, their recipients, the purpose of their retention and processing, as well as their modification, correction or erasure. The client or user of our business should attach a copy of their ID or Passport to such e-mail.
Moreover, you have the right to review the personal data kept by us and, in general, exercise all rights provided for by legislation on personal data protection. The personal data you disclose to our business through https://www.petalooda.gr/ , either during your registration or at a later stage, shall be collected, used, and processed under applicable provisions on personal data protection and, more specifically, under the provisions of Law 2472/1997 and Law 3471/2006, as in force, as well as the new European General Data Protection Regulation (EU) 2016/679, as well as Directive 95/46/EC on personal data protection.
Security of Personal Data
Our business shall take all necessary technical and organizational measures to ensure the protection of data in order to protect personal data from loss, change, misuse, destruction, or access by unauthorized individuals or unauthorized disclosure. Our security measures are constantly improving keeping up with technological advancements.
Our associates also have the obligation to comply with these provisions.
RIGHTS OF CLIENTS AND USERS
You reserve the following rights specifically:
– Right to information about your personal data: Upon your relevant request, we will provide you with information about your personal data kept by us.
– Right to rectify and complete your personal data: At a time after your registration, you may send us a relevant notification so as to rectify your personal data that are stated inaccurately or erroneously.
– Right to erase your personal data: You may submit a request for your personal data kept by us to be erased. Despite your request, it is possible that some data may not be erased and deletion shall take place after a specified retention period. This may happen when we are obliged by law to keep this data or because data are required to perform our contractual obligations towards you.
– Right to reserve your personal data: Upon your relevant request and in the cases provided for by law, we shall reserve your data. Reserved data shall only be processed to a limited extent.
– Right to withdraw your consent: You may withdraw your consent for the processing of your personal data at any time in the future. The lawfulness of any processing of your data that has taken place until the withdrawal of your consent shall remain unaffected.
– Your right to object to the processing of your data: You may object to the processing of your personal data at any time in the future. If you raise objections, we shall stop processing your data on condition that there are no legal grounds for further processing thereof. Processing your data for advertising purposes does not constitute legal grounds.
You may also register as subscribers to our Newsletter through our website. We shall email you a Newsletter only if you have previously proceeded to the following action, clicking a link-message whereby you will expressly confirm the activation of the Newsletter service. If you later decide not to receive the Newsletter of our business, you may terminate your subscription at any time, withdrawing your consent. The consent to receive the Newsletter via e-mail may be withdrawn through the link stated in the Newsletter.
You shall receive the above Newsletter for as long as our business has your consent, i.e. until you declare to us that you do not wish to receive newsletters.
The sole proprietorship under the name ALEXIA V. STANIDI, which has its registered office in Piraeus, at 20 Iliou Str., Zip Code 18534, VAT Reg. No 150156835, Tax Office: 1st of Piraeus, tel. +30 6908889251. The business is the Data Controller.
The Data Protection Officer for our business shall be Mrs Alexia Stanidi and you may contact her with respect to the use of the e-mail at email@example.com.
Our business has been committed to protecting your personal data online. Should you have any questions or comments about how we manage your personal data, please contact us using the e-mail address and contact details stated above.
In this website, the terms “we”, “us”, and “our” refer to our business.