In addition, it is expressly stated that the services of the Company’s e-shop are addressed to the general public, however they are not addressed to children and do not knowingly collect personal data from children under 16 years of age, unless there is the express consent of their parents or guardians.
2. PERSONAL DATA COLLECTED BY THE COMPANY
In accordance with all that is expressly defined in article 6, paragraph 1, paragraph (a) and (b) of the General Data Protection Regulation (GDPR), the Company collects data, during the visit of user-visitors to its website, when registering in the its contact form, when registering to receive our newsletter and finally, when ordering products with or without opening a customer account. The above personal data collected are the minimum required to complete the aforementioned actions.
In addition, the Company may use “cookies” in order to collect and store information regarding the use of the Company’s Services by user-visitors. “Cookies” are small text files, which are stored on the hard drive of each user-visitor without being able to access documents or files from the user’s computer. They are used to facilitate access when using specific services and pages of the website.
The Company does NOT under any circumstances collect financial information from a payment service provider: in some cases, an unrelated payment service may be used by the Company in order to enable users-visitors of its page to purchase a product or to make payments through the Payment Services.
The Company’s standing policy is to recommend to users-visitors of its website to avoid any sending and disclosure of sensitive personal data (such as social security numbers, information about racial or ethnic origin, political opinions, religion or other beliefs, the health, criminal background or your membership in trade unions) on or through the Company Services.
In addition, it is pointed out that all of your personal data collected through the company’s electronic form is subject to the full and unconditional consent and consent of the visitors/users, which is provided by sending their personal data to the Company. The right of immediate revocation on the part of the user-visitors of the consent of the provided data is preserved at any time, while not only the possibility of easy access to this data is provided, but also the possibility of applying for the immediate deletion of the user data and of the users themselves.
The Company expressly undertakes: a) that all the data of users who visit its website are protected and managed in accordance with the terms and rules of Greek legislation, b) that it strictly follows all the rules established by the relevant legislation frame. In the context of the current legislation, the data stored by the Company’s website may be disclosed to third parties, the competent authorities, prosecutors or other administrative services only in accordance with the rules and provisions provided for in the respective regulatory framework.
The use of the Company’s website presupposes and confirms that the user-visitor has fully understood what is mentioned above, as well as that he fully agrees with these terms.
3. HOW THEIR PERSONAL DATA IS USED USERS-VISITORS OF THE WEBSITE
The Company uses the personal data it collects from the users-visitors of its website in order to: a) provide Services and Operations of the Company, b) optimize the user experience through Company Services), c) for compliance purposes with applicable laws or legal procedures, d) sending (via email, SMS, phone, chat and social media), with the prior consent of users, offers, etc.
4. POSSIBILITY OF TRANSFERRING PERSONAL DATA TO THIRD PARTIES
The transfer of your data to third parties is generally prohibited.
Exceptionally, the data is processed by Processors at the behest of the Company and contractually bound in accordance with Article 28 GDPR, such as, for example, Electronic Crime Prosecution, Consumer Protection services, and electronic fraud prevention services, for malicious use, social media if you choose to link your account on them with our website. If the transmission of users’ personal data is required in an individual case, the Company undertakes to inform about it in order to obtain the users’ consent. The personal data of user-visitors are NOT transferred to recipients outside the European Union.
5. RIGHTS OF USERS REGARDING PERSONAL DATA AND CONSUMER PROTECTION (L.2251/94)
Visitors have the right to receive confirmation as to whether their personal data exists and to verify its accuracy. To also request, by sending an e-mail or after contacting the Data Controller by telephone, the correction, updating or modification, deletion, anonymization or restriction of the processing of their personal data that were processed in violation of applicable law.
In addition, the right to request the cessation of processing by the Company of the personal data of user-visitors is given and the Company, for its part, will proceed with the immediate cessation of processing thereof.
Users-visitors have the right to request the limitation of the processing by the Company of personal data and the Company will proceed with the immediate limitation of their processing.
Finally, there is the right to transfer the users’ personal data to another body/organization (right of portability) and the Company will proceed with the immediate transfer of this data. However, in some cases due to documented obligations of the Company, the specific request may not be accepted. In the event that it is proven that there was a leak of personal data by the Company resulting in the users suffering material or non-material damage, there is the right to complain to the competent supervisory authority (Personal Data Protection Authority).
As far as the part of the transactions is concerned, the Company expressly undertakes to faithfully apply what is defined in Law 2251/1994 on Consumer Protection and especially what is clearly stated in Article 3 and 8 of the aforementioned Law.
6. RETENTION PERIODS OF THE PERSONAL DATA OF USERS
- Regarding the contact form, the data will be deleted within 3 months after the final processing of our communication. This will happen if it can be inferred from the circumstances that the communication has been completed, provided that there are no legal claims to store such data
- Regarding orders, when an order is placed, personal data will be kept for five years, due to mandatory compliance with the Company’s legal and contractual obligations.
- Finally, the declaration of consent for sending a newsletter (newsletter) is kept for as long as the newsletter is sent to the users by the Company and in any case no more than six months from the cessation of its sending. Of course, the right of the user-visitors to terminate the sending of the newsletter is preserved, either by using the corresponding deletion link at the end of the newsletter, or by sending an e-mail to www.Holigreen.gr, in which case the data will be deleted.