PERSONAL DATA PROTECTION POLICY
“menero.gr” is the “website” and “online store” for Internet product exhibition and sale, managed and maintained by the legal entity “SOFIA SOTIROPOULOU”, situated in Rafina Attica, 41 Fleming Avenue, Greece (VAT:046668668, Tax Off. Pallini, Tel. 2294115684 / 69424 70 288, email: firstname.lastname@example.org hereinafter referred to as “Company”.
Any natural or legal person who visits the website menero.gr or uses the services of our Company’s online store is, called hereinafter as “visitor”.
The below-mentioned policy in combination with the relevant provisions of Greek, EU and international law regarding protection of individuals from the processing of personal data, as well as the Decisions of the Personal Data Protection Authority will govern the management and protection visitors’ personal data in our website and online store. Any possible future change of the above regulatory framework will automatically be the subject of this.
The purpose of Personal Data Protection Policy is to inform the visitor about our Company’s policy regarding his personal data, which he himself provides us with, so that he is aware of its processing purpose, recipients list, and the procedures that he may follow to exercise legal rights.
In any case, as long as the visitor continues to use the website of our company and the services of our online store after modifications have been made in accordance with the above, it will be considered that the visitor accepts all modifications unconditionally. If for any reason the visitor does not agree with the terms of this Policy, as it applies each time following modifications, they must stop using the website and our online store.
The Company considers that the privacy of the visitor and the security and protection of his personal data are very important and for this reason we collect and manage personal data with the utmost care, responsibly and adopt special measures to safeguard them safely. The Personal Data Protection Policy is listed below so that the visitor has a clear picture and information about how our Company collects, processes and manages personal data.
WHAT IS PERSONAL DATA
Personal Data means any information that refers to the subject of the data, i.e. any information that refers to any natural person to whom the data refers and whose identity is known or can be ascertained. Such data, as defined by the Law and the relevant European provisions, are for example the member’s name, address, date of birth and gender, mobile phone number, email address as well as usage data, such as for example username, password and IP address.
COLLECTION AND PROCESSING PERSONAL DATA – SECURITY
The Company will not ask you for any personal information for purposes of visitor’s browsing our website and our online store. However, while the visitor browses or uses the services offered by our website, the Company collects and processes browsing data through cookies that relate exclusively to the visitor’s purchasing habits, which are described in the Cookies Policy and recommend that you read them.
The categories of personal data that the Company collects and processes during the visitor’s visit at the Website and Online Store are the following:
- b) we collect your Email address when you subscribe to our Newsletters service, in order to send you newsletters about the Company, its products and services, any offers, etc. The above information that you communicate to our Company as well as your e-mail address will also remain in our database for another ten (10) years until you explicitly request to be removed from the list. You can do this by using the unsubscribe links contained in any email newsletters we send you.
- c) we collect and process Personal Data, such as your First Name, Last Name, Email, Telephone and Order Code, which you provide when you contact our Customer Service, in order to ensure the possibility of contacting you, to assist you with your current orders and to inform you of new products and services.
- d) we collect your E-mail Address and Personal Access Code (Password), when you register as Member on our website and open an Account, so that you can complete your purchases from our online store.
Each visitor guarantees the accuracy and authenticity of the personal data concerning him and which he submits willingly on the website of our company as well as his right to submit such data.
To complete any sale, apart from cash on delivery and cash deposit at company’s bank account, the visitor has the option to pay the price either by debiting a Visa / Mastercard card or via the PayPal or Viva Wallet service. The card details are entered directly on the website of Peiraios Bank and to use the PayPal service, the visitor is transferred to the website of the service and our company does not keep any information of the user/visitor’s card (credit/debit card number, CCV2, expiry date, etc.) in the database.
The transfer of Personal data between the menero.gr website and your browser is done with 256-bit SSL encryption and is delivered via HTTPS. Your data is stored on our servers located in a secure location.
COLLECTION AND PROCESSING PERSONAL DATA PURPOSE
The personal data you declare during your visit to the pages and services of the menero.gr website are collected and processed exclusively for the following purposes:
– for the completion and execution of the purchase contract regarding products offered by our company through the website menero.gr. In order to make your purchase, you will be asked for the necessary Personal Data that will ensure the execution of the contract, such as payment, fraud control for the use of electronic means of payment, billing, shipment of the product,
– to send company newsletters, for commercial communication about our products and services, so that you are informed about innovations, new arrivals, exclusive products, and offers,
– for the communication between us, and the management of your requests through the Customer Service Department,
– to improve the services provided,
– for the purposes of statistical research and analysis with data in aggregate form in order to understand how users interact and use our company’s website, improving our products and services.
In the above cases, the processing of your Personal Data is considered legal as it aims to perform a contract between us or to provide a specific service that you have requested.
The company does not carry out automated decision-making, nor profiling, based on automated processing of user data.
The company does not in any way collect or gain access through its website to special categories of (“sensitive”) personal data. The visitor has the obligation to refrain from providing such data, concerning himself or third parties. Otherwise, the data will be deleted as soon as it comes to the company’s attention. The company bears no responsibility towards visitors or third parties for any provision and/or processing of such data, due to their actions or omissions in violation of the above obligation.
TIME PERIOD OF PERSONAL DATA RETENTION
The Company processes your personal data throughout the validity period of the respective contract and after its termination or expiration for a period of at least ten (10) years. At the end of this period, the data is kept in accordance with the current institutional framework for the period of time provided for by the termination of the business relationship or for as long as is required to defend the rights of the Company before a Court or other competent Authority.
RECIPIENTS OF PERSONAL DATA AND PURPOSE OF THEIR TRANSFER
Your Personal Data is processed by the Company that bears the responsibility as Personal Data Controller. For organizational and operational requirements related to the products and services the company provides, the Company may transmit your personal information to its agents and/or subcontractors for purposes of supporting, promoting and executing your business relationship with it, but always under conditions that fully ensure that your personal information does not undergo any illegal processing, i.e. other than the purpose of transmission is in accordance with the above mentioned.
The Company reserves the right to transmit your Personal Data for in above-mentioned purposes:
– to the Courier companies that are in cooperation with the company, as mentioned in the conditions regarding Shipping Methods, in order to ensure the shipment of the products you have selected from our Online Store,
– to credit card providers to process the payment on their behalf,
– to third parties, natural or legal entities, who may provide promotion and marketing services of both the Company and its products or services on behalf of the Company,
– to our third-party partners who provide technical services, such as indicative hosting and technical support services for the website and our online store as well as monitoring all business accounting in order to comply with tax obligations.
– To fulfill a legal obligation of the Company, such as if required by a court order or requested by any other governmental or regulatory authority.
All partners, agents and/or subcontractors have been evaluated and selected by the Company for their proven reliability and competence and all comply with the legislation defined in the above paragraphs.
In the event that some of them are based in countries that do not belong to the European Union, transfer of your Personal Data takes place with the guarantees defined by the Law.
The Company will not make available for sale or transmit or disclose your personal data to third parties, other than those mentioned above, without your consent, except in the cases expressly provided by law. Specifically, the data kept in the file may be communicated to the Competent Judicial, Police and other Administrative Authorities upon their legal request and in accordance with the applicable legislative provisions.
SUBJECTS UPDATE AND DELETION RIGHTS
When registering to receive newsletters and/or as a member of our website, or when entering your personal data to complete your order, you agree that our Company will use this data for all necessary uses in order to successfully complete the transaction between us.
By registering to receive Newsletters (newsletter) from our online store, you consent that our company will process and use your personal data for advertising actions, such as e.g. sending emails with general information or advertising (newsletters) regarding the Company, its products and services. You can, at any time, send a relevant email to email@example.com or delete them by following the procedures defined in each informative type of email you receive from us.
We inform you that it is your choice whether or not to share your Personal Data with us, but you should be aware that in the event that you do not share it with us, it will not be possible to conclude or execute the Sales Contract and your requests from our Company without our responsibility.
In case of entering into a Products Contract of Sale from our company’s online store menero.gr, your data will be processed for the sole purpose of enabling the Company to fulfill its legal obligations and to be in compliance with tax provisions and all applicable legislation to which it is subject.
Notice on Visitors’ Rights and how to exercise these rights.
The company informs visitors that the necessary procedures required to enable the exercise of their rights based on EU Regulation 2016/679 are in place, as follows:
- Right of access and information: Upon the relevant request of the visitor, he will be provided with information about the categories of personal data kept by the company, the purposes of processing, the reasons that make their processing legitimate, the data retention period, the person who executes the processing.
- Right to correct and update personal data: The company provides visitors with the opportunity to correct/update their personal data by communicating their request to the company’s official means of communication mentioned at the beginning of this.
- Right to delete personal data: The company further provides visitors with the possibility to request at any time to delete personal data and information that were originally provided in order to connect to the services of the website and/or to request deletion of those categories of data that are collected automatically with technical methods, unless the company is to retain said data for a specific period of time based on company’s obligation to comply with legal obligations and formalities to which it may be subject.
- Right to portability. The visitor can receive or request the transfer of his data, in a machine-readable form, from the company to another data controller, if he so wishes.
- Right to withdraw consent: The visitor can at any time withdraw his consent to the processing of personal data in the future. The legality of data processing remains unaffected by this action until the point of withdrawal of consent.
- Right to restrict and display objections to the processing of the data: The visitor can exercise the above rights for the future, if the visitor considers that his data is inaccurate or subject to unauthorized processing or if despite the expiration of the reason that allows processing, the visitor objects to their deletion, to support his legal claim. He can also raise objections against the processing of personal data in the future, if the processing is based on one of the reasons provided for in article 6 (1e or 1f) of the Regulation, provided that there are no legitimate reasons for further processing.
At any time, you reserve the right to update or object to the further processing of your data in accordance with the current legislation Protection of Personal Data. For this purpose, any request you may have should be addressed to the Company in writing either by sending relevant electronic mail (email) to the address firstname.lastname@example.org or by telephone to the Customer Service Department by calling +30 2294115684 daily from 9 am to 5 pm (except holidays).
Our company, upon receiving your request regarding your personal data, responds free of charge as soon as possible, and in any case within (1) one month from receiving your request. However, if your Request is complex or there are a large number of Requests, we will inform you within the month if we need to obtain an extension of another (2) two months within which we will respond to you.
If your Requests are manifestly unfounded or excessive in particular due to their repetitive nature, the Company may impose a reasonable fee, taking into account the administrative costs of providing the information or carrying out the requested action, or refuse to proceed with the Request.
The visitor can contact the competent Supervisory Authority for information and filling complaint for any issue related to the above and if he considers that his rights are infringed in any way:
Personal Data Protection Authority
Postal Address: Kifisias 1-3, P.O. 115 23, Athens
Call Center: +30-210 6475600, Fax: +30-210 6475628