This Privacy Policy is addressed to you, the users of the online store oikorama-paros.gr located on the website: https://oikorama-paros.gr

Through it, we inform you about the commitments that our Company has undertaken to protect your personal data and how to exercise your rights.

 

Our company with the name: "DAFERERAS EYTH KE SIA EE" and with the distinctive title OIKORAMA based in Paros, Parikia Paros, tel. +30 22840 23664 and e-mail address oikorama_paros@yahoo.gr, is the data controller of the website and the e-shop.

As a data controller, our Company determines the purposes and manner of processing the personal data (hereinafter "Personal Data") that it collects, stores and generally processes, when you visit, register or use its website and E-Shop.

DESCRIPTION OF THE PROCESSING

I. PROCESSING OF PERSONAL DATA THROUGH THE E-SHOP

Our website, https://oikorama-paros.gr, hosts the electronic store for the exhibition and sale of our products (E-Shop), through which we provide you with the possibility to purchase, through the electronic platform, our products.

FOR WHAT PURPOSE DO WE COLLECT YOUR DATA?

We collect and process your data, which you provide to us through the E-SHOP, for the management of the sale of the products and/or the provision of our services, communication and information regarding the products you have ordered, the order execution stage you, the availability of the products you ordered, the shipment of the products, the management of your debts to the Company, the making of returns and the provision of guarantees and our compliance with the obligations imposed by the applicable legislation, e.g. tax legislation, e-commerce directive.

WHAT DATA DO WE COLLECT ON YOU?

We ask you for the absolutely necessary information to carry out the sale of our products, namely:

• Name (required)

• Surname (required)

• Company Name (optional)

• Billing address (required)

• Shipping address, if different (required)

• Telephone (required)

• Email address (required)

• Member name (username) if you subscribe to our E-Shop. (mandatory)

• Access code (login password), if you register in our E-Shop. (mandatory)

• Choose a payment method (mandatory)

The above data are those imposed for the pricing of our products, based on the current tax legislation, their shipment through the cooperating courier company, as well as to be able to inform you about the progress of your order, the availability of the products you ordered and the expected delivery date thereof.

Our Company does not process your credit and payment card details. To pay for your order, you go to the secure payment environment of the credit institution cooperating with us, which manages the processing and execution of credit card payments, securely and under its sole responsibility .

Our Company receives electronically only confirmation of the payment of your order. For refunds made to our credit/debit cards, the credit institution cooperating with us is solely responsible for the relevant processing of this data.

In the event of a withdrawal and refund, which you have paid by cash on delivery, you will need to give us your consent to use the bank account details that you will provide us with when submitting your refund request.

ON WHAT LEGAL BASIS DO WE BASE THE PROCESSING

Our company processes the personal data, which you provide through the E-Shop, exclusively for the fulfillment of our contractual relationship (sale of products) and the fulfillment of our obligations arising from the law, e.g. tax legislation, legislation for e-commerce, etc.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

When you place an order for our products, our Company is required to retain your personal data for ten years so that we can comply with our legal (tax) and contractual obligations.

If you do not place an order and simply register in our E-Shop, we will retain your personal data until you inform us of your wish to delete your account.

WHO DO WE DISCLOSE YOUR PERSONAL DATA?

Our company may disclose your personal data, for the fulfillment of its contractual obligations, to third party service providers who process personal data on our behalf, such as cooperating Credit Institutions for the processing of card payments, cooperating transport companies for the transfer and the delivery of our products to you who ordered, website hosting and management companies, companies providing secure storage of your personal data.

In addition, we may disclose personal data to third parties when such disclosure is required to comply with a legal obligation to which we are subject.

Disclosures of your personal data are protected by appropriate protection measures by entering into special agreements, whereby we require our subcontractors, suppliers and third party service providers to implement appropriate technical and organizational measures to protect your personal data.

Your personal data that we process, through our E-Shop, are stored securely within the European Union (Greece and Germany) and we do not transmit your personal data outside the European Union.

HOW DO WE PROTECT YOUR PERSONAL DATA?

Our Company takes all appropriate organizational and technical measures for the security and protection of your personal data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.

Our website and our E-Shop use the TLS protocol, for secure online commercial transactions. This encrypts all Data you provide, including your name, password and address, so that it cannot be decrypted or changed in transit over the Internet.

In addition, the information used to identify you as an account user is two: the Login Code (Username) and the Personal Secret Security Code (Password). Each time you register your details, you are given access to your personal account. The specific process is achieved safely through encryption during their transfer to the internet and the servers of the Company. By the same standards, you are given the possibility to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired code, the new code is coded and stored in the Company's systems. For this reason, you are the only one who knows your password and you are solely responsible for keeping the password confidential from third parties.

All payments made using a card are processed through ALPHA BANK's electronic payment platform and uses TLS 1.2 encryption with a 128-bit encryption protocol (Secure Sockets Layer – SSL). Encryption is a way of encoding information until it reaches its intended recipient, who will be able to decode it using the appropriate key.

II. PROCESSING OF PERSONAL DATA THROUGH THE CONTACT FORM

At https://oikorama-paros.gr, there is a contact section with all the contact details of the company in order to facilitate communication with anyone interested.

FOR WHAT PURPOSE DO WE COLLECT YOUR DATA?

In order to manage and respond to your inquiries and requests, information is used strictly to satisfactorily respond to your inquiries or requests and will not be disclosed to third parties other than those listed in this policy or where disclosure is required or permitted by law.

ON WHAT LEGAL BASIS DO WE BASE THE PROCESSING

Our company processes the above data, based on your consent that you provide by contacting us.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

Our Company is obliged to keep your personal data for as long as is necessary to answer your question or request.

WHO DO WE DISCLOSE YOUR PERSONAL DATA?

Our company may disclose your personal data for the fulfillment of its contractual obligations, to third party service providers who process your personal data on our behalf, for example (indicatively mentioned), collaborating Credit Institutions (National Bank) for payment processing, partner transport companies for the transport and delivery to you of our products that you have ordered, hosting and Website management companies, companies providing secure storage of your personal data.

In addition, we may disclose personal data to third parties when such disclosure is required for our compliance with a legal obligation to which we are subject.

Disclosures of your personal data are protected by appropriate protection measures by entering into special agreements, whereby we require our subcontractors, suppliers and third party service providers to implement appropriate technical and organizational measures to protect your personal data.

HOW DO WE PROTECT YOUR PERSONAL DATA?

Our Company takes all appropriate organizational and technical measures for the security and protection of your personal data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.

NOTICE OF YOUR RIGHTS

You have the following rights in relation to your personal data

RIGHT OF ACCESS - CORRECTION:

You have the right to be informed and request access to any of your personal data that we may hold. If you find that they are inaccurate or incomplete, you can ask us to modify or update them.

RIGHT TO DATA PORTABILITY:

Under certain conditions, you have the right to request a copy of the personal data you have provided to us in electronic form and to transfer that personal data to the service of another controller.

RIGHT OF LIMITATION:

You have the right to ask us to temporarily or permanently stop processing all or some of your personal data, where:

a) we no longer need your personal data for the purposes of the processing, but you need the said data to establish, exercise or defend legal claims or

b) you have objected to processing justified on grounds of legitimate interest (see below), pending verification as to whether we have compelling legitimate grounds to continue the processing, or

c) the processing is unlawful, but you do not want us to delete your data.

d) dispute the accuracy of the personal data until we take the necessary steps to correct or verify its accuracy.

In the above cases, we will process your personal data exclusively upon your consent or for the establishment, exercise or defense of legal claims.

RIGHT OF DELETION:

You have the right to ask us to delete your personal data, unless we can either demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defense of legal claims.

RIGHT TO WITHDRAW CONSENT

Depending on the case, you have the right to withdraw your consent at any time, without prejudice to the lawfulness of the processing based on consent before its withdrawal. So if e.g. wish to opt out of receiving marketing messages, you can change your settings by deactivating the corresponding toggle.

RIGHT TO OBJECT:

Provided that the conditions set by law are met, you have the right to object at any time to our processing of your personal data, based on reasons related to your personal situation, as well as to object to the processing of your personal data for promotional purposes. If you object, we must stop processing, unless we can either demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or where we need to process the data for the establishment, exercise or defense of legal claims.

RIGHT NOT TO SUBJECT TO AUTOMATED DECISION MAKING

You have the right not to be subject to a decision based solely on an automated decision-making process, such as profiling, if the decision would have legal implications for you or other equally important implications.

RIGHT OF TERMINATION:

You also have the right to file a complaint with a supervisory authority if you believe that the processing of your personal data violates applicable law. You can exercise this right by contacting the Hellenic Personal Data Protection Authority, Kifisias Avenue 1-3, 115 23 Athens, Greece, Contact Phone: +30 210 6475600, Fax: +30 210 6475628, E-mail: contact@ dpa.gr

For more information about your rights, to exercise them or if you have any questions about the processing of your personal data, please contact us at +30 22840 23664 and email at oikorama_paros@yahoo.gr.

Please note that we may request verification of your identity and reserve the right to charge you a fee where permitted by law, for example if your request is manifestly unfounded or excessive. We will try to respond to your request within the time limits set by law.

This policy will be renewed and updated from time to time based on the applicable national and community legislation. This version was drawn up on 05/10/2022.