A. PERSONAL DATA PROTECTION
THE COMPANY has created this website for the sole purpose of serving its customers. The website www.anastasaki.gr is simple and friendly to its users, while it is designed to meet the specific needs of each user / customer. To achieve your best service, it is important that our users / customers understand that it is necessary to provide us with specific information, concerning the processing of their order, which is safeguarded by us. The processing of personal data takes place, in compliance with the provisions of the General Data Protection Regulation (GDPR 2016/679), relative specific national and european legislation, for certain fields of applicable greek legislation, on the protection of personal data, as well as on the protection of personal data and privacy in the field of electronic communications (Law 3471/2006, as applicable) and the decisions of the Personal Data Protection Authority (PDPA).
The COMPANY, like its online store, has been fully aligned with the GDPR framework. Specifically, personal data are processed lawfully, fairly and transparently. Data shall be collected for specified, explicit and lawful purposes and shall not be processed incompatibly to the original purposes. Further processing may take place only for archiving or improving platform services or statistical purposes. The data processing shall be appropriate, relevant and limited to what is necessary for the purposes, for which they were originally collected. Measures shall be taken, to ensure that personal data are accurate, deleted or corrected, only by the user himself and without delay. The data shall be kept in a format, allowing the identification of individuals, only for the time required for each user’s account operation. The site does not store data that has been deleted by users (immediate deletion, even from backups). At the same time, users are always given the rights to: (a) information, (b) access, (c) correction, (d) deletion, (e) restriction, (f) portability, (g) opposition and (h) objection to an automated decision, as provided by the Regulation. To exercise their rights, each user will be able to communicate with the website, through the website’s contact form or the e-mail address firstname.lastname@example.org.
This Personal Data Protection Statement and the terms and conditions attached to it describe, in detail, the method of data collection, through the website www.anastasaki.gr, the use of this data by our COMPANY and the terms and conditions of use of this website. This Statement refers solely to your personal data, which you provide to us, during the process of your orders on this website.
B. PERSONAL DATA
Personal data is information that identifies you directly or indirectly. Indirectly means, in combination with other information, such as your name, postal address, email address and phone number, or a unique device identification number.
C. GENERAL INFORMATION
The information voluntarily provided by the users of the website shall be used by the website www.anastasaki.gr, for its users to have direct and substantial communication with the store, to provide them with answers to specific questions they ask and finally, to serve and execute their orders. The information collected through the website www.anastasaki.gr are intended to measure its number of visitation, determine customers’ requirements for more products and facilitate transactions with the COMPANY. The website www.anastasaki.gr does not distribute e-mail addresses, or any other information concerning its users and customers, to any other organization or partner that is not associated with anastasaki.gr, except to direct partners, during the order service process.
D. INFORMATION COLLECTION
The website www.anastasaki.gr was designed, so that its users can visit it, without having to reveal their identity, unless they wish otherwise. Visitors of our website are asked to provide us with their personal data, only in case they want to order products, register on our website and / or send an e-mail to email@example.com.
Information Use. The website www.anastasaki.gr collects four types of information about users: (1) information that the user provides us, when registering, as a customer, (2) data that the user provides us, so that his order is executed from anastasaki.gr, (3) information that the user provides us, for his participation in competitions, taking place occasionally, (4) data that the user provides us, for activations of telephony and Internet services, (5) data that the user provides us, when connecting via another platform (iOS, Android, Facebook, Google applications). When filling out any order form on our website, you will be asked for your name, address, postal code, e-mail address, phone number, order payment method and credit, debit or prepaid card details (in case of a relative payment). Additionally, you may be asked for more specific information, such as invoicing details, details of the order’s shipment – delivery, especially in case the customer wishes the order to be delivered, at a different address than the invoicing, as well as details of an offer requested by you. The website www.anastasaki.gr makes use of the information provided by you, during the electronic dispatch of the form, in order to contact you, regarding: a) the delivery of the order to the place of your choice, b) the confirmation and identification of the customer, in any necessary case, c) new or alternative products offered by anastasaki.gr, d) special offers of anastasaki.gr, e) activation of a telephony or Internet service, f) delivery of gifts, from competitions. You can choose whether you want to receive such communications from anastasaki.gr, or not, sending your request by e-mail, to the e-mail address firstname.lastname@example.org.
Access to Information. Each order processing requires the collection of personal information, for delivery or reservation of an order. In addition, the use of a credit, debit, or prepaid card, for which supporting documents for the identification of a legal holder are required, is ensured in any case (see below PAYMENT METHODS). Any document certifying and stating the identity of the customer remains strictly confidential and is checked only by the competent responsible department of anastasaki.gr. The presentation of your personal data, from your part, means that you consent to this data being used by the employees of anastasaki.gr, for the aforementioned reasons. The website www.anastasaki.gr requires its employees and the maintainers of its website to provide its users / customers with the level of security, as mentioned in its Personal Data Protection Statement. In no other case may anastasaki.gr share your personal information with third parties, without your prior consent, unless required, by legal means. Please note that, under certain conditions, the collection, use and disclosure of your personal data, which were collected online, without your prior consent (f.e. in case of a court decision), is permitted or imposed by law.
E. USE OF PERSONAL DATA
Use of customer data for advertising purposes. For the continuous improvement and enhancement of our services, we may send you promotional / advertising messages, via e-mail, related to our business and may be of interest to you. You can choose the types of communications you want to receive, at any time, by updating your e-mail preferences. You can also unsubscribe at any time. We will text you, via SMS, to the mobile phone number, which you have registered, at the time of your order, in order to inform you about your order’s progress. Also, through the account, which you have created on our website, you can choose whether you want to receive promotional / promotional material, via SMS or e-mail, or not.
Consent. We will not use your data for advertising purposes, unless you have given your prior explicit and deliberate consent. – However, for existing customers, we may use the provided e-mail address, in the context of our existing customer relationship, in order to provide you with promotional material, related to similar products or services that you have previously requested, used or may be of interest to you. However, you may object to this use at the time of collection and whenever a message is sent to you. To stop receiving e-mail messages for marketing purposes, follow the instructions in the e-mail message that you receive.
Legal obligations and legal defence. We may need to use and retain personal data for legal and compliance purposes, such as preventing, detecting, or investigating a crime, preventing loss, fraud or any other misuse of our services and IT systems. We may also use your personal data for internal and external control requirements, information security purposes, or to protect or exercise our rights of privacy, security, property of ours or of others.
1. TYPES – CATEGORIES OF COOKIES
A) The basic types of Cookies that websites may use are described below, as follows:
These are temporary Cookies, which remain in the Cookies archive in your device’s browser, only during your visit and are deleted, once you close the browser.
These Cookies remain in the Cookies archive of your device’s browser, even after the browser is closed, sometimes for one year or more (the exact length of stay depends on the life-duration of each Cookie). Persistent Cookies are used, when the website administrator may need to know who you are, for more than one visit (f.e. to remember your username or preferences for the site’s setup).
These are Cookies, which are installed in the browser and / or on the hard drive of your device, from the website that you are visiting. They include assigning a unique identifier to you, in order to track your navigation on the website. Website administrators often use First Party Cookies to manage visits and for recognition purposes.
These are Cookies, which are used by third parties, such as social networks, to track your visits to the various websites, on which they are advertised. The website administrator has no control over these Cookies.
B) Furthermore, Cookies are divided into the following categories:
- They allow the execution of basic functions of the website, such as adding products to the cart, storing products in the wishlist and online payment. Without these necessary Cookies, the smooth operation of the e-shop is directly affected, your personal browsing experience is limited and basic e-commerce functions are under-functioning.
- They «remember» your preferences, when you browse our website, so that we can recommend the right products, based on your needs, facilitating you, in this way, in finding what you are looking for.
- Performance Cookies collect information on how visitors use our website. They allow us to track which pages they visit most often, let us know if they encounter problems while browsing, etc. These Cookies do not collect information identifying the visitor, as the information is collective and therefore, anonymous. These cookies are used only to improve the way the website www.anastasaki.gr works.
These Cookies are used to provide ads, related to you and your interests. They are also used to send ads or offers that best meet your needs, thus limiting unwanted and meaningless advertising messages. They also help us measure the effectiveness of our advertising campaigns.
They are a subset of Functionality Cookies and give us the possibility to evaluate the effectiveness of the various functions of our website, thus continuously improving the experience that we offer you.
2. THIRD - PARTY COOKIES
Google Analytics Cookies are performance analyzing / recording cookies, which allow us to collect anonymous information on how visitors use our website. These Cookies can inform us how many visitors use the website, the time and duration of access and also, provide information on how visitors navigate the different parts of the website. This information helps us improve the way our website works. The information is anonymous and does not contain personal data.
The website www.anastasaki.gr may use Google Analytics features for ads display (f.e. recurring remarketing, Google Display Network display reports etc.). Although Google Analytics records data, such as your geographic location, device, web browser and operating system, none of this information makes you personally known to us. Google Analytics also records your computer’s IP address, which could be used to identify you, but Google does not give us access to it.
By using Ads Settings, visitors can opt out of Google Analytics for ads display and customize Google Display Network ads.
You can disable tracking from Google Analytics by clicking on the available opt – out options. Please note that, if you disable these Cookies, your use of the site will not be accounted for or used in the statistics that we collect, in order to improve the services we provide through the website. The operation of the site will not be affected.
These providers may place Cookies on your device, if you watch videos on our website, which they provide to us, as an external service. If you disable these Cookies, you may not be able to see the embedded videos from our website.
Third-party social networks can place Cookies on your device if you choose to share material from our website with them, by clicking on one of the built-in «Share» icons.
If you would like more information on how certain types of cookies are managed, including how to check or delete them, please visit: www.aboutcookies.org.
We consider Google to be a third-party data processor, compatible with the requirements of european law.
We reserve the right to change this Cookies Policy at any time. Any changes to this Cookies policy will take effect as soon as the revised Cookies policy is available on our website. Third-party advertisers and other businesses, with whom we cooperate, may use their own Cookies to collect information, regarding activities on our website. We do not control these Cookies.
G. BUSINESS TRANSFERS
H. CHILDRENS’ PERSONAL DATA PROCESSING
The COMPANY will not collect or process personal data of children under the age of 16, unless explicit parental consent has been given, in accordance with applicable legislation. If we become aware that a child’s personal data was collected by mistake, we will delete that data, without undue delay.
I. SENSITIVE PERSONAL DATA PROCESSING
We may, in some cases, process specific categories of personal data about you («sensitive data»). Sensitive personal data are considered the data, revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, participation in trade unions, genetic data, biometric data, aiming at identifying a person, their health or sex life or sexual orientation. We may process sensitive data that you have made public. We may also process sensitive data, as appropriate, to support, pursue or defend legal claims. Finally, we may process your sensitive data, if you have freely given your prior explicit, unconditional and separate consent, in a specific context, for a specific purpose.
J. CORRECTION, AMENDMENT & DELETION OF INFORMATION
The website www.anastasaki.gr allows its users to correct, change, supplement or delete data and information, which have been presented to the website. If you choose to delete any piece of information, anastasaki.gr will take the appropriate steps to delete it from its files immediately and will try to make sure that the person attempting the changes is, in fact, the same person as the original user, themselves. To access, change or delete your personal data, to report problems, regarding the operation of the website or to ask any questions, contact our COMPANY, through its contact form on the website www.anastasaki.gr, or via e-mail, at email@example.com. Your personal data may also be changed or corrected, through the registration page of www.anastasaki.gr. Please note that we will do everything possible, to effectively protect your personal data, but the protection of your password on our website depends on you, to a large extent, as a user.
K. TRADE SECURITY
The website www.anastasaki.gr is committed, in terms of ensuring the security and integrity of the data it collects, regarding the users of its website. The website www.anastasaki.gr has adopted procedures, which protect the personal data that users provide on the website or by any other means (f.e. by telephone). These procedures protect user data from any unauthorized access or disclosure, loss or misuse, alteration, or destruction. They also help certify that these data are accurate and used correctly.
All online movement (file transfer), between this website and your browser is encrypted and transferred through HTTPS protocol, by using the Secure Sockets Layer (SSL). The Secure Sockets Layer (SSL) protocol is, currently, the global standard on the Internet, for certifying websites to web users and for encrypting data, between web users and web servers. An encrypted SSL communication requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the acceptance software, thus protecting personal information, during its transfer. In addition, all information sent with the SSL protocol is protected by a mechanism, which automatically verifies whether the data has been changed, during the transportation.
Your connection to the site is secure because it uses 256bit TLS technology. TLS technology relies on a key code, encrypting data before being sent over the (TLS) connection. The security check between the data and the Server is based on the unique key code, ensuring full communication. Browsers, such as Google Chrome, Microsoft Edge, Internet Explorer, Mozilla Firefox, Opera, Safari support the TLS protocol and it is recommended that they be used for connection to the website www.anastasaki.gr.
We apply the appropriate level of security and have, therefore, implemented reasonable physical, electronic and administrative procedures, to safeguard the data we collect, from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed. Our information security policy procedures are closely aligned with widely accepted international standards, regularly reviewed and updated, where necessary, to meet our business needs, technology changes and regulatory requirements. Access to your personal data is granted only to the company’s staff or direct partners, who are required to have such information to serve orders. In case of data breach, involving personal data, the COMPANY will comply with the applicable legislation, regarding the notification of the breach.
L. CONTACT FORMS AND E-MAIL LINKS
In case you choose to contact us, using a contact form or an e-mail link, none of the data you provide us will be stored by this website or transferred or processed by any third-party data processor (see below «THIRD PARTY DATA PROCESSORS»). Instead, this data will be sent to us by e-mail, via the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by SSL/TLS security protocol, which means that e-mail content is encrypted, before it is sent over the Internet and then decrypted by our local computers and devices.
M. USER RIGHTS
As a data subject, you have specific legal rights, regarding the personal data we collect from you. The COMPANY respects your rights and will deal adequately with your concerns. The following list contains information about your legal rights, as they result from applicable data protection laws:
- Right to withdraw consent: When personal data is processed, based on your consent, you may withdraw that consent, at any moment.
- Right of correction: You can ask us to correct your personal data. We make reasonable efforts to maintain your personal data, which we hold or control and are used on an ongoing basis, accurate, complete, current and relevant, based on the latest information available to us. You can also check and correct your personal data, by signing into your personal account at www.anastasaki.gr.
- Right of restriction: You may ask us to restrict the processing of your personal data if: (a) you question the accuracy of your personal data, for the period, during which we will need to verify accuracy, b) processing is illegal and you request the restriction of processing, instead of deleting your personal data, c) we no longer need your personal data, but you need it, to support, exercise or defend legal claims, or d) you object to processing, for the period, during which we verify whether our legitimate interests take precedence over yours.
- Right to information – access: You may ask us for information about personal data we possess about you, including information about the categories of personal data we hold or control, for what purpose they are used, where they were collected, if not directly and to whom they have been disclosed, as appropriate. You can obtain from us a copy of the personal data we keep about you, free of charge. We reserve the right to charge a reasonable fee for any further copies you may request.
- Right of portability: At your request, we will transfer your data to another controller, where technically possible, providing that the processing is based on your consent or necessary for the execution of a contract. Instead of receiving a copy of your personal data, you can ask us to transfer the data directly to another controller, whom you will indicate to us.
- Right of deletion: You may ask us to delete your personal data when: (a) personal data is no longer necessary, relating to the purposes, for which it was collected or processed, (b) you have the right to object to further processing of your personal data and you exercise that right, (c) the processing is based on your consent, you withdraw your consent and there is no other legal basis for processing, (d) your personal data has been unlawfully processed, unless the processing is necessary, (e) to comply with a legal obligation, which requires processing by us, in particular for legal obligations to perform a duty and for the support, exercise or defense of legal claims.
- Right to opposition: You may object, at any time, to the processing of your personal data, due to your particular situation, provided that the processing is not based on your consent, but on the legitimate interest of our COMPANY or third parties. In this case, we will no longer process your personal data, unless we can demonstrate compelling legitimate reasons and a prevailing interest in processing or supporting, exercising, or defending legal claims. If you object to the processing, you are requested to specify whether you wish to delete your personal data or restrict the processing by us.
- Right to file a complaint: In case of an alleged breach of applicable privacy legislation, you may file a complaint with the data protection supervising authority, in the country where you live or where the alleged breach occurred. Please note:
N. THIRD PARTY DATA PROCESSORS
We use several third parties to process personal data for us. These parties have been carefully selected, in compliance with the abovementioned applicable legislation.
O. DATA BREACHES
For any personal information stored in our database, all necessary measures will be taken to ensure it. Any unlawful breach of this website’s database or the database of any third-party data processor shall be reported to anyone and to all interested parties, as well as to the competent Authorities, within seventy-two (72) hours since the breach, if it becomes apparent that personal data stored in identifiable form have been stolen.