Privacy Policy
Privacy Policy
INTRODUCTION
This Privacy Policy is addressed to you, the users of our online store (hereinafter referred to as "E-Shop") and our company's website (hereinafter referred to as the "Website"), located at the website: https:// eshop.eshop.pitenis.eu.
Through it, we inform you of the commitments undertaken by our Company for the protection of your personal data and the way of exercising your rights.
PROCESSING MANAGER
Our company with the name: "PITENIS Bros. A.PITENIS SA" and with the distinctive title "PITENIS" or "PITENIS", located in Kozani, 6th km Kozani Nea Nikopolis, tel. +30 24610-22726 and contact address eshop@eshop.pitenis.eu (hereinafter referred to as the "Company"), is the Data Controller of the Website and E-Shop.
As the Data Controller, the Company determines the purposes and manner of processing the personal data (hereinafter referred to as "Personal Data") that it collects, stores and generally processes when you visit, register or use its Website and E-Shop.
DESCRIPTION OF THE PROCESSING
Ι. PROCESSING OF PERSONAL DATA THROUGH THE E-SHOP
Our website, https:// eshop.eshop.pitenis.eu, hosts our online shop for the exhibition and sale of our products (E-Shop), through which we provide you with the possibility to purchase, through the online platform, our products.
FOR WHAT PURPOSE DO WE COLLECT YOUR DATA?
We collect and process your data, which you provide to us through the E-SHOP, for the management of the sale of the products and/or the provision of our services, the communication and information of you in relation to the products you have ordered, the status of the execution of your order, the availability of the products you have ordered, the shipment of the products, the management of your debts to the Company, the execution of returns and the provision of guarantees and our compliance with the obligations imposed by the applicable legislation, e.g.χ., tax legislation, e-commerce directive.
WHAT DATA DO WE COLLECT FROM YOU?
We ask you for the data absolutely necessary to carry out the sale of our products, i.e:
- Name (required)
- Name (obligatory)
- Company name (optional)
- Name (optional) Company name (optional) Company name (optional)
- (optional) Company name, company name, company name (optional)
- Telephone (mandatory)
- Email address (required)
- Username if you register on the E-shop (optional)Shop. (required)
- Password (login password), if you subscribe to our E-shopShop. (required)
- Choose payment method (required)
The above information is required for the invoicing of our products, based on the current tax legislation, their shipment through the partner courier company, as well as to be able to inform you about the progress of your order, the availability of the products you ordered and the expected delivery time.
Our Company does not process your credit card and payment details. To pay for your order, you go to the secure payment environment of our partner credit institution, which manages the processing and execution of credit card payments, securely and at its sole responsibility.
Our Company receives electronically, only confirmation of the payment of your order. For any refunds made to our credit/debit cards, the credit institution cooperating with us is solely and exclusively responsible for the processing of such data.
In the event of withdrawal and refund of money paid by cash on delivery, you must provide us with your consent to use the bank account details provided by you when submitting the refund request.
ON WHAT LEGAL BASIS WE BASE THE PROCESSING
Our company processes the personal data that you provide to it through the E-Shop, exclusively for the fulfilment of our contractual relationship (sale of products) and the fulfilment of our obligations arising from the law, e.g., tax legislation, e-commerce legislation, etc.
FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?
When you place an order for our products, our Company is obliged to keep your personal data for ten years, so that we can comply with our legal (tax) and contractual obligations.
If you do not place an order and simply register in our E-Shop, we will keep your personal data until you inform us of your wish to delete your account.
TO WHOM DO WE DISCLOSE YOUR PERSONAL DATA?
Our company may disclose your personal data, for the fulfilment of its contractual obligations, to third party service providers who process personal data on our behalf, such as partner Credit Institutions for processing card payments, partner transport companies for the transport and delivery of our products to you that you have ordered, hosting and Website management companies, companies providing secure storage of your personal data.
In addition, we may disclose personal data to third parties where such disclosure is necessary for us to comply with a legal obligation to which we are subject.
Disclosures of your personal data are protected by appropriate safeguards through specific agreements whereby we require our subcontractors, suppliers and third party service providers to implement appropriate technical and organisational measures to protect your personal data.
Your personal data that we process through our E-Shop is securely stored within the European Union (Greece and Germany) and we do not transfer your personal data outside the European Union.
HOW DO WE PROTECT YOUR PERSONAL DATA?
Our Company takes all appropriate organizational and technical measures to ensure the security and protection of your personal data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.
Our website and our E-Shop use the TLS protocol, for secure online commercial transactions. This encrypts all the Data you provide, including, your name, password and address, so that it cannot be decrypted or altered during transmission over the Internet.
In addition, the data used to identify you as an account user are two: your Username and your Personal Secret Security Code (Password). Each time you enter your details, you are granted access to your personal account. This process is achieved securely through encryption during their transfer to the Internet and the Company's servers. Following the same standards, you are given the opportunity to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired password, the new password is encrypted and stored in the Company's systems. For this reason, the only person who knows your password is you, and you are solely responsible for maintaining the secrecy of the password from third parties.
All payments made using a card are processed through the electronic payment platform "i-bank e-Commerce" of the National Bank of Greece and uses TLS 1.2 encryption with 128-bit encryption protocol (Secure Sockets Layer - SSL). Encryption is a way of encoding information until it reaches the intended recipient, who will be able to decode it using the appropriate key.
II. PROCESSING OF PERSONAL DATA THROUGH THE FORM OF COMMUNICATION
At https:// eshop.eshop.pitenis.eu, there is a standardised contact form entitled "SEND US A MESSAGE" in order to facilitate communication with any interested party. This form is used for any queries or requests and directs them to the appropriate department or member of our staff.
FOR WHAT PURPOSE DO WE COLLECT YOUR DATA?
In order to administer and respond to your queries and requests, this information is used strictly to respond satisfactorily to your queries or requests and will not be disclosed to third parties except as set out in this policy or where disclosure is required or permitted by law.
WHAT DATA DO WE COLLECT FROM YOU?
We ask you for the information strictly necessary to respond to your question or request, namely:
- Your name (required)
- Email (required)
- Your email address (required)
- Your message
WHAT IS THE LEGAL BASIS FOR THE PROCESSING?
Our company processes the above data on the basis of the consent you provide by sending us your query or request.
FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?
Our Company is obliged to keep your personal data for as long as necessary to respond to your query or request.
TO WHOM DO WE DISCLOSE YOUR PERSONAL DATA?
Η εταιρεία μας μπορεί να γνωστοποιήσει τα προσωπικά δεδομένα σας για την εκπλήρωση των συμβατικών υποχρεώσεών της, σε τρίτους παρόχους υπηρεσιών που επεξεργάζονται προσωπικά δεδομένα σας για λογαριασμό μας, για παράδειγμα (ενδεικτικά αναφέρονται), συνεργαζόμενα Πιστωτικά Ιδρύματα (Εθνική τράπεζα) για την επεξεργασία πληρωμών, συνεργαζόμενες μεταφορικές εταιρείες για την μεταφορά και την παράδοση σε εσάς των προϊόντων μας που παραγγείλατε, εταιρείες φιλοξενίας και διαχείρισης Ιστοσελίδας, εταιρείες παροχής ασφαλούς αποθήκευσης των προσωπικών δεδο
In addition, we may disclose personal data to third parties where such disclosure is necessary for us to comply with a legal obligation to which we are subject.
Disclosures of your personal data are protected by appropriate safeguards through specific agreements whereby we require our subcontractors, suppliers and third party service providers to implement appropriate technical and organisational measures to protect your personal data.
HOW DO WE PROTECT YOUR PERSONAL DATA?
Our Company takes all appropriate organizational and technical measures to ensure the security and protection of your personal data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.
INFORMATION ABOUT YOUR RIGHTS
You have the following rights in relation to your personal data:
RIGHT OF ACCESS - RIGHT TO RECTIFICATION:
You have the right to be informed and to request access to any of your personal data that we may hold. If you find that it is inaccurate or incomplete, you may request that we amend or update it.
RIGHT TO DATA PORTABILITY:
Under certain circumstances, you have the right to request a copy of the personal data you have provided to us in electronic form and to transfer that personal data to the service of another controller.
RIGHT OF RESTRICTION:
You have the right to ask us to temporarily or permanently stop processing all or some of your personal data where:
(a) we no longer need your personal data for the purposes of the processing, but you need that data for the establishment, exercise or defence of legal claims; or
(b) you have objected to processing that is justified on legitimate interest grounds (see below), pending verification as to whether we have compelling legitimate grounds to continue processing; or
(c) the processing is unlawful, but you do not want us to delete your data.
(d) you dispute the accuracy of the personal data until we take the necessary steps to correct or verify its accuracy.
In the above cases, we will only process your personal data with your consent or for the establishment, exercise or defence of legal claims.
RIGHT OF ERASURE:
You have the right to ask us to erase your personal data unless we can either demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms or where we need to process the data to establish, exercise or defend legal claims.
RIGHT TO WITHDRAW CONSENT
Depending on the case, you have the right to withdraw your consent at any time, without prejudice to the lawfulness of the consent-based processing prior to its withdrawal. So if, for example, you wish to opt out of receiving marketing messages, you can change your settings by deactivating the corresponding toggle.
RIGHT TO OBJECT:
Provided that the conditions set by law are met, you have the right to object at any time to our processing of your personal data on the basis of grounds relating to your personal situation and to object to the processing of your personal data for marketing purposes. If you object, we must stop processing unless we can either demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms or where we need to process the data to establish, exercise or defend legal claims.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING
You have the right not to be subject to a decision based solely on automated decision-making, such as profiling, where the decision would have legal consequences for you or other equally important consequences.
RIGHT TO TERMINATE:
You also have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates applicable law. You can exercise this right by contacting the Hellenic Data Protection Authority, 1-3 Kifissias Avenue, 115 23 Athens, Greece, Contact phone: +30 210 6475600, Fax: +30 210 6475628, E-mail: contact@dpa.gr.
For more information about your rights, to exercise them or if you have any questions regarding the processing of your personal data, please contact us at tel. +30 24610 22726 and e-mail eshop@eshop.pitenis.eu.
Please note that we may ask for verification of your identity and we reserve the right to charge you a fee where permitted by law, for example if your request is manifestly unfounded or excessive. We will endeavour to respond to your request within the time limits set by law.
This policy will be renewed and updated from time to time in accordance with applicable national and EU law. This publication, was written on 29/10/2018.
