PRIVACY POLICY/ PERSONAL DATA PROTECTION POLICY

This policy is posted on our website in order to inform the user of our website and online store (e-shop) about the processing of their personal data, in a brief, understandable, clear and easily accessible way.

In the sole proprietorship “KOUKERI SOTIRIA” with a business address in Greece, in the Municipality of Athens with the address Zinni no 18 -20, P.C 11741, Koukaki (TIN 037611851, A’ Athens tax office (henceforth “The Company” ) we fully respect our clients and make the protection of your data our priority. 

This Personal Data Protection Policy (henceforth the “Data Policy” or “PDPP”) has been established by us as “Controllers” with a view to your personal data regarding the company’s data management policy. 

  1. What personal data do we process? 

The Company collects, saves, and uses the following data:

  • Information about your computer including the IP address, the geographical location, the type – the version of the browser and your operating system,
  • Information about your visits and the use of the website, including the external source, the duration of your visit, the page views and the navigation path to the website.
  • Information that you enter when signing up on our website, such as your email address.
  • Information that you enter when creating your profile on our website, such as first name, last name, address, and phone number.
  • Information that you enter when setting up your subscriptions and for the sending emails/ newsletter, such as first name and your email address.
  • Information about the time, the manner, and the frequency of the use of the website. 
  • Information about the purchases, the services you use and the transactions you make on the website/ e-shop, that include your name, your address, your phone number, and your email address.
  • Information about your wish – list, your preferences in a product category and your size.
  • Information that is included in any form of communication with us via email or through the website, including the communication content and the metadata.
  • Information that you include in your CV such as first name, last name, date of birth, your studies, professional experience, interests etc.
  • Information collected from the use of Cookies in your browser.
  • Your social media username if you interact with us through these channels.
  • Any other personal information disclosed to us by you.

According to the PDPP, for any personal information of a third person disclosed to us, you must have obtained their consent about the processing and the sharing of.

The disclosure of personal data by the users of the website and our online store, as described above, recommends the acceptance of terms of use of this data in accordance with this PDPP.

  1. How do we collect your personal data?

The Company collects your personal data with the following ways:

  • When you log in to our website
  • When you browse in our website
  • When you fill in the online form either on our website or on our e-shop to proceed with your order and purchase of a product
  • When you fill in the online form in order for us to contact you
  • When you contact us (by phone, email, fax or social media) to proceed with your order and purchase of a product.
  • When you subscribe to our website
  • When you create your profile on our website
  • When you contact us (by phone, email, fax or social media) in order to create or manage the subscription or your profile on our website.
  • When you send us your CV
  • When you send us a message through any social media
  • When you contact us (by phone, email, fax or social media) for any reason and you notify us of any kind of personal data. 
  1. For what purposes do we process your personal data?

The Company processes your personal data for the following reasons:

  • Shipping – receipt of the goods you purchase from us / error prevention, monitoring, update – execution of the order, mediation for concluding a main contract.
  • Issuance and shipping of purchase invoices for the goods you buy from us.
  • Issuance of guarantees for the products and the services you buy from us.
  • Compliance in general with our contractual obligations to you or in application of provisions of law or in execution of court decisions.
  • Providing information about our new products and services
  • Assignment of search for any changes, cancellations or returns in case of abnormal development of the transaction.
  • Improving the management of the website and our company.
  • Custom modulation of the website for the customers’ needs
  • Improving the management of our online store (eshop)
  • Sending non-advertising messages
  • Sending notifications via emails in accordance with your applications.
  • Sending newsletters via email in case you request it ( with a simple capability of revocation at any time).
  • Providing statistical data of our users to third parties (that will not be able to identify any user from this information)
  • Handling requests and complaints you submit to us
  • Site security precautions/ fraud prevention
  • Evaluation of CVs for employment reasons.

With this PDPP, we assure you that we will not pass on your personal data without consent neither for the reasons stated in the following paragraph nor for the cases a-d of the third dot of article number 5, to any third party

  1. What is the legal base for the processing of your personal data?

The company legally processes your personal data under the following provisions: 

  • Your consent, as defined in Article 6 (1a), in accordance with Article 7 of GDPR (Regulation 2016/679).
  • The processing required for the performance of the contract, the data subject of which is a contracting party, as defined in Article 6 (1b) of GDPR (Regulation 2016/679)
  •  The processing required for the compliance of the Controller with legal obligation, as defined in Article 6 (1c) of GDPR (Regulation 2016/679)
  • The processing required for the purposes of the legitimate interests pursued by the Controller, as defined in Article 6 (1f) of GDPR (Regulation 2016/679)

 

  1. Who are the recipients/ To whom is your personal data transferred/ Where is your personal data transferred?

Access to your personal data has the absolute necessary staff of the Company.

The Company shares your personal data with:

  • Companies that cooperate with us to complete your order and successfully fulfill our transaction.
  •  Other third parties, to the extent required for the following purposes: (a) compliance at the request of a body of the Greek state, court decision or applicable law, (b) prevention of illegal uses of websites or violations of the terms of use of our websites and policies, c) our protection from the claims of others, and (d) contribution to prevention or investigation of fraud cases.
  • Our special or universal successors in case of sale, merger, and liquidation of our business.
  • Other third parties to whom you have given your consent. 

Your personal data collected (or processed) by us within the website/e-shop will be stored within the European Union. However, some of the recipients of the data being processed may be in countries other than the one where your personal data was originally collected, including other countries ( e.g. USA), where european legislation does not apply. 

  1. For how long do we keep your personal data?

We retain your personal data for as long as necessary to fulfill the purposes set forth in this PPPD ( unless it is required by the applicable law a longer retention period).

In general this means we retain your personal information for as long as you have an account in our Company.

Subject to the above, our Company retains your personal information for as long as provided for, in case by case basis, by the applicable legal and regulatory framework and in every case for a period of twenty (20) years from the last calendar day of the year of termination of your respective transaction with “KOUKERI SOTIRIA”. In case any request for your cooperation/ transaction with our Company is not accepted and the transaction is not completed, the data will be kept for a period of five (5) years. In case of a court dispute, the personal data concerning you, will be kept until the end of the pending trial, even in the case of exceeding the above period of twenty (20) years. 

Some other examples of customer data retention periods: 

Guarantees 

If your order includes a guarantee, the relevant personal data will be retained until the end of the guarantee period.

Newsletter 

Your statement of consent for sending a newsletter is kept for as long as a newsletter is sent to you by the Company and in any case not more than six months from the cessation of sending a newsletter.

  1. What are your rights?

The Company informs you for your following rights, as defined by the applicable law: 

 

  • Right of access to your personal data.

This means that you have the right to get informed by us whether we process your data. If we process your information you can ask to get informed for the purpose of the process, the kind of data that we keep, to whom we give them, for how long we save them, if automated decision making, but also for your other rights such as correcting, deleting  data, restricting the process and lodging a complaint to the PDPP. 

 

  • Right to correct inaccurate personal data. 

If you find that there is something wrong with your data you can ask us to correct it ( e.g. correction of a name or change or address update).

 

  • Right of deletion/ Right to oblivion. 

You can ask us to delete your personal data if they are not necessary anymore for the above stated purposes of process or you wish to revoke your consent in the event that this is the only legal basis. 

  • Right of portability of your data. 

You can ask us to receive the data you have provided in a readable form or ask us to pass them to another Controller. 

  • Right of restriction of the process.

You can ask us to restrict the process of your data for as long as your processing objections are pending. 

  • Right to object and revoke consent to the processing of your data. 

You can object to the processing of your data and we will stop processing your information unless there are other compelling and legitimate reasons that prevail over your right. If you have given consent to the collection, processing and use of your personal data, you may revoke your consent at any time with future validity. 

  • Choosing not to get Marketing Communications. 

You can choose not to receive Marketing Communications notifying us with any kind of communication or by unsubscribing using the corresponding option at the end of each informative email. 

In case we rely on our legitimate interest: 

In cases where we process your personal data according to our legitimate interest, you can ask us to stop for reasons related to your personal situation. In that case we should comply if we do not believe we have a legitimate reason to continue processing your personal data. 

  1. How are your rights exercised? 

In order to exercise your rights, please contact us with one of the following ways: 

  • By phone at the number (0030) 210  9246479
  • By email at the address info@sissykoukeri.com
  • Via mail in the address stated at the start of this policy. 

In order to protect the confidentiality of your data, we will ask you to verify your identity before proceeding with any request you make under this PDPP. If you have authorized a third party to submit a request on your behalf, we will ask them to prove that they have your permission to act for this purpose. 

We respond to your requests with no delay and in any case within (1) one month from the time we receive your request. However, if your request is complex or there is a large number of requests, we will inform you within the month if we need to receive an extension of another (2) months within which we will respond to you. 

  1. Is your personal data secure? 

The Company guarantees to protect your personal data, committing itself to take all appropriate organizational and technical measures for the security and the protection of your data from any form of accidental or improper processing.

  1. What is the applicable law at the processing of your data by us?

Applicable Law is the Greek Law, as formulated according to the General Regulation for the Protection of Personal Data 2016/679/EU, and in general the current national and European legislation and regulatory framework for the protection of personal data. 

  1. Where can you appeal in case of violation of the applicable law for the protection of your personal data? 

You have the right to submit a complaint to the Personal Data Protection Authority (postal address 1-3 Kifissias, PC 115 23,Athens, tel. 2106475600, email address contact@dpa.gr), if you consider that the processing of your Personal Data violates the applicable national and regulatory framework law for the protection of personal data. 

  1. How will you be informed about any changes to this privacy policy?

We update this Privacy Policy when necessary. If there are important changes in the Privacy Policy or in the way we use your personal data, we will post on our website this update, before the changes take effect and we will notify you in any appropriate way. 

We encourage you to read, in regular intervals, this Policy to know how your data are protected. 

  1. Cookies

Cookies are pieces of data stored on your hard drive about current or past web experiences such as a username/password combination used to access certain areas of the website or other services. We may use a cookie to record predefined interests and preferences (through data submitted to us) to improve the experience of using our website. Because the cookie is on the client side, i.e. on your hard drive, your privacy is not compromised.

You can disable cookies in your web browser or discard the creation of a cookie according to your personal preferences. If you do this, then the operation of our website may be compromised and some services may not be available.

IP address information 

Each time you get access to the information, we record what you have access to and the IP address you use to access the data. An IP address is a unique identifier given to you by your ISP when connected to the Internet. This may vary each time you log in or be set permanently depending on your settings.

We use these addresses to track your movements, analyse the general trends of such a geographical location and thus improve the quality of our services. 

 IP addresses are not associated with personally identifiable information. We will also save your browser version to track trends in which browsers users prefer. We may from time to time exchange information with these partners. This information is not linked to personal information that can be found by any individual.