PRIVACY POLICY

Date of last modification of terms: 25/11/2021

 

This Privacy Policy is intended to inform the users of the website about what personal data we collect, how we manage it and how we protect it.

 

The sole proprietorship ELLINAS I VASILEIOS, with the distinctive title “Kosima 60 A”, which head office is locatedat  the entrance of the New Market of Rhodes (VAT: 131021230, REG.NUM : 072976620000 , Tax Office: RHODES, PC: 85131, e-mail: , Contact phone:  +30 6946 391089  )is responsible for the management and the protection of your personal data when using the website and commits to you that it respects your privacy and ensures the proper observance and operation of its security systems, in order to protect your personal data.

When you are asked to provide personal information, you may decline. However, the provision of certain services requires some of your personal data, so that we can respond and provide you with the desired product. If you choose not to enter data that is necessary for the operation and provision of such a service, you will not be able to use this service. Similarly, in cases where we are required by law to collect personal data or for the purposes of concluding or executing a contract with you, and you do not provide your personal data, we will not be able to enter into and execute the contract.

  1. Collection of personal data and how we use them

We collect the personal data that you disclose to us yourself by filling in the respective registration forms on the website and ordering products. Such data are your name, surname, address, postal code, e-mail, telephone number, username and password (in case you create an account). This information is necessary so that we can contact you and send you the products you have purchased through our online store but also for the easier use of the website and the online store as well as the prevention of illegal actions.

While browsing our website, we collect the following personal data: the IP address of the device, the ID of the device, the date and time of access, the country in which you are located, the name and the web address (URL) of the file requested, the browser you are using, the operating system of your device, as well as the name of the access provider and if you have consented to the geolocation of your browser or the operating system (software), these functions are also recorded . All this information is also recorded for security reasons in a temporary file commonly called a log file.

When making purchases, the website will dem information from the credit or debit card with which you will pay, in case you choose this method of payment. We inform you that our company does not store or process your credit / debit card details. To pay for your order, you are automatically transferred to a secure environment of the banking institution we collaborate with. If you choose to pay via PayPal, the company is headquartered in Luxembourg, S.à.r.l. & Cie. S.C.A., 22-24 BoulevardRoyal, 2449. To complete the payment you are always redirected to a secure PayPal environment and our company has no access to the data you enter.

In addition, your personal data can be used for advertising purposes and to promote products through your subscription to our newsletter. You can revoke this consent at any time by sending us an email or by clicking on the “unsubscribe” link or the “unsubscribe from this email” which is usually at the end of any of our email communications.

We collect the above personal data either from you or from information we receive through cookies when someone visits our website.

 

  1. For how long do we keep your personal data

Your personal data will be kept for as long as necessary to comply with applicable laws (tax law, insurance law, etc.) or for as long as necessary for the purposes set out in this Privacy Policy or when there is a legitimate business reason.

You have the right to delete your account at any time, in which case your data will also be deleted, unless you have made a purchase (in which case your data will be retained for as long as is required for tax purposes). Also, this data may be retained if there are pending and / or legal disputes between us due to a sale or some other legal reason based on which we are obliged by law to maintain this data.

Tax data and documents will be kept by our company for a period of twelve (12) years, for tax audit purposes. Your personal data in case of their collection during a purchase will be deleted within six (6) months from our last contact.

There may be cases where we will not be able to delete the above information even if you ask us (eg due to legal obligation to maintain, etc.). Your information will be retained in the event of a legal or other obligation such as crime suppression and money laundering and the resolution of legal issues.

After the expiration of your data retention period, they will be destroyed as soon as possible, without your further identification being possible.

 

  1. Who has access to your personal data

In order to make our products available to you in the best possible way and to facilitate your purchases, we collect personal information and we assure you that we will not disclose customer information to third parties, except where necessary to complete the contract between us or where required by the law.

Only the employees or associates of our company have access on a case-by-case basis to your personal data needed to complete the transaction between us or some other legal procedure as described above. Your personal data will only be used for the purpose stated each time and the information will not be disclosed or sold to third parties for other non-related purposes.

For processing reasons we work with third parties, to whom we transmit some of your data or they have access to your data themselves through our website, such as with shipping companies to send products, to carry out the necessary banking / credit checks and security checks and in the context of search and profile procedures of customers under the terms of this Policy, as well as with your consent or where we are required by law to do so, for example following a prosecutor’s order or a court decision, etc.

We do not transfer your personal data to non-EU countries

 

  1. User rights

The General Data Protection Regulation (GDPR) provides a number of rights and options that we are committed to satisfying. Based on these you can request:

  • inform you about the data we hold about you and how we process them. If you wish, we will provide you with a copy at your own expense. (Right of access)
  • correct inaccuracies or errors, fill in gaps or update your data. (Right of correction)
  • delete data, if we do not keep it for a specific, legal and declared purpose. (Right to forget or Right to delete)
  • suspend processing a) while questioning the accuracy of the data, b) if you consider the processing illegal (but do not wish to delete it), c) when the data is not necessary for the purpose of processing and d) for as long as it is disputed if the reasons why we are processing your data outweigh the ones you invoke to stop.
  • oppose at any time for reasons relating to the processing of personal data which we carry out in particular for the purpose of direct marketing or profiling. The objection may, in particular, concern your compliance with a decision we have taken through automated means. In the latter case, you can ask us to allow you to intervene. (Right of objection – Automated individual decision making)
  • provide you with your data in a specific format (usually machine readable) or transfer it directly to another person in charge at your suggestion, if, of course, this is technically possible. (Right to portability).
  • not to process your data from now on, giving you the opportunity to freely revoke the consent (consent) you have given us.
  • Complain to the Personal Data Protection Authority. (postal address: 1-3 Kifissias, Athens, website: www.dpa.gr, tel. 2106475600)

You can send your requests via email in  chrysmastore@gmail.com

Our company will satisfy all your requests within one (1) month. In extremely rare cases, where the satisfaction of your rights is almost impossible for us, we will inform you immediately explaining the reasons for our relative weakness.

 

  1. Security of personal data

We maintain the appropriate administrative, technical and material means of protection in order to protect personal data from accidental or unlawful destruction, accidental loss, unauthorized conversion, dissemination or access, from misuse and any illegal form of processing of personal data in our possession. To facilitate this, you must keep your account passwords confidential and not disclose them to others.

 

 

This Protection Policy is updated in accordance with the applicable Laws and Regulations and in order to respond in the best possible way to the purpose for which it is applied. Whenever a change is made it will be declared with the change of the last modification date set at the beginning of this Policy. In the event of substantial changes to the statement, such as a change in the purposes of the processing of personal data other than for the purpose for which they were originally collected, you will be notified either by notification in a visible place on the website prior to the changes or via e mail.