Privacy Policy & Personal Data Protection
The Company’s Security Policy is based on:
the relevant provisions of the National Law on the Protection of Personal Data and on ensuring the Privacy of Communications (indicatively we mention Law 2472/1997 on the protection of personal data, Law 3471/2006 on the protection of privacy in the field of electronic communications , as currently in force, the Regulations for Ensuring the Confidentiality of Communications of A.D.A.E. as published in Official Gazettes 87 & 88/26-1-2005 and in force (P.D. 47/2005), the relevant provisions of Community Law (European General Data Protection Regulation/GDPR – 2016/679).
The relevant texts are also publicly available on the respective websites of the competent supervisory/auditing Authorities, namely the Data Protection Authority (DPA, www.dpa.gr), the Communications Privacy Authority (A.D.A.E., www .adae.gr) and the National Telecommunications & Posts Commission (E.E.T.T., www.eett.gr). In any case, the privacy policy of our company’s communications is formulated based on the above provisions, and is updated on a periodic basis, depending on developments in technology and applicable legislation.
Visitors as well as registered members to the services of the website eshop.konoshill.com subject to the provisions:
of Greek law (Law 2472/1999 “on the protection of personal data” as applicable, Law 2774/1999 “on the protection of personal data in the telecommunications sector”, Law 2472/1997 as supplemented by the decisions of the President of Personal Data Protection Commission, Presidential Decrees 207/1998 and 79/2000 and art. 8 of Law 2819/2000) and European law: directives 95/46/EC – 97/66/EC and European General Regulation Data Protection/GDPR: EU 2016/679), agree and accept the processing of personal data in accordance with what is described in this statement.
What is Personal Data?
The term “personal data” refers to information of natural persons, such as name, postal address, e-mail address, contact telephone number, etc., which identify or can identify you, hereinafter “Personal Data or Data”.
What is Personal Data Processing?
Any act or series of acts carried out with or without the use of automated means, on personal data or sets of personal data, such as the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, information retrieval, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
How do we use your Personal Data?
Where applicable, we use your Data:
To complete orders for products and services: The Company processes your Data in order to fulfill its contractual relationship, process the order for products and/or services, provide customer service, comply with legal obligations, refute, raise or exercise legal requirements. If we do not collect your Data at the time of order completion (through our brick-and-mortar store, live or sales phone service, or through our online store), we will not be able to process your order and comply with legal obligations to us.
In addition, we may retain your Data for a reasonable period of time in order to fulfill our contractual obligations, such as product returns, as required by relevant law.
To Create a User Account: The Company processes your Data in order to provide you with account functions and to facilitate the purchase of products and/or services in the future.
For Communication: The Company uses your Data to respond to your requests/questions, refund requests and/or any complaints. The information you share with us enables us to manage your requests and respond to you in the best possible way. We may also keep a record of your queries/requests to us to better respond to any future communications. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests to provide you with the best possible service and to be able to improve our services based on your own personal experience.
To Send a newsletter/offers: With your consent, we will use your Personal Data, preferences and transaction data to inform you via e-mail, internet, phone and/or social media for relevant products and services, including personalized / personalized offers etc. Of course you have the possibility to withdraw this consent at any time.
For Web push notifications: Depending on your navigation, you may receive, with your prior consent, notifications about our offers, news, your wish list and your shopping cart. Of course you have the possibility to withdraw this consent at any time.
Ποια είναι η νόμιμη βάση επεξεργασίας των Δεδομένων σας από την Εταιρία;
Η νομοθεσία για την προστασία των δεδομένων που καθορίζει διάφορους λόγους για τους οποίους μια εταιρία μπορεί να συλλέξει και να επεξεργαστεί τα προσωπικά σας δεδομένα, μεταξύ των οποίων και τους όρους της συμβατικής μας σχέσης είναι η συγκατάθεση σας, όπου απαιτείται. Για παράδειγμα όταν επιλέγετε να λαμβάνετε newsletter. Κατά τη συλλογή των προσωπικών σας δεδομένων, θα σας ενημερώνουμε πάντα ποια δεδομένα είναι απαραίτητα σε σχέση με μια συγκεκριμένη υπηρεσία.
What is the legal basis for processing your Data by the Company?
We retain your Personal Data for as long as necessary to fulfill the purposes set out in this Privacy Policy (unless a longer retention period is required by applicable law). Generally this means that we will keep your Personal Data for as long as you have an account with our Company. In relation to your Personal Data relating to product purchases, we retain this data for a longer period in order to comply with our legal obligations (such as tax and commercial law and for warranty purposes where applicable). At the end of this retention period, your data will be completely deleted or anonymized, for example by aggregating with other data, so that it can be used in a de-identified way for statistical analysis and business planning.
Some examples of Customer Data retention periods:
Orders
When you place an order, we will keep the personal data you give us for 10 years so that we can comply with our legal and contractual obligations.
Newsletter
Your declaration of consent for the sending of a newsletter is kept for as long as the newsletter is sent to you by the Company, and in any case no longer than six months from the cessation of its sending.
Is Your Data Safe?
We are committed to safeguarding your Personal Data.
Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to secure and protect your Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.
In addition, the information used to identify you as an account user is two: the Login Code (Username) and the Personal Secret Security Code (Password). Each time you register your details, you are given access to your personal account. This particular process is achieved securely through encryption during their transfer over the internet. By the same standards, you are given the possibility to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired code, the new code is coded and stored in the Company’s systems. For this reason, you are the only one who knows your password and you are solely responsible for keeping the password confidential from third parties.
These measures are reviewed and amended when deemed necessary.
Dealing with a personal data breach
According to art. 33 of Regulation (EU) 2016/679, the Company, in the event of an incident of personal data breach that may cause a risk to the rights and freedoms of the persons concerned by the incident, will notify the said incident to the Protection Authority Personal data.
This notification must be made without delay within 72 hours from the moment the Company is informed of the incident. The notification will contain all relevant information (nature/extent of the incident, categories of persons affected, its cause and consequences, actions taken to deal with it, etc.). Even if this relevant information is not all available when the notification is submitted, it will be submitted as an initial one and will be followed in the future, without undue delay, by its update (by submitting a supplementary notification).
You have the right to access your Personal Data.
This means that you have the right to be informed by us if we are processing your data.
You have a right to erasure/right to be forgotten.
You can ask us to delete your data if it is no longer necessary for the aforementioned processing purposes or you wish to revoke, which in this case is the only legal basis.
You have the right to object and withdraw consent to the processing of your Data.
You can object to the processing of your data and we will stop processing it, unless there are other compelling and legitimate reasons that override your right. If you have given your consent to the collection, processing and use of your personal data, you can withdraw your consent at any time.
Opting Out of Receiving Marketing Communications.
You can opt out of receiving marketing communications by changing your email and sms registrations by emailing us at: info@konoshill.com
What is the applicable law when we process your Data?
Applicable Law is Greek Law, as formulated in accordance with the General Regulation for the Protection of Personal Data 2016/679/EU, and in general the current national and European legislative and regulatory framework for the protection of personal data.
For all actions or legal proceedings arising from or related to this Policy, its validity, application, fulfillment or violation or the content of this Policy, the Greek Courts of the place of our company’s headquarters are competent, whose jurisdiction you irrevocably acknowledge. Notwithstanding the above, the Company reserves the right to exercise its legal rights before the courts of the place of violation of this policy.
Where can you go if we breach the applicable law to protect your Personal Data?
You have the right to submit a complaint to the Personal Data Protection Authority (postal address Kifisias 1-3, P.K. 115 23, Athens, tel. 210. 6475600, e-mail address (e-mail) contact@dpa.gr ), if you consider that the processing of your Personal Data violates the applicable national and regulatory legal framework for the protection of personal data.
Use of the Website by Minors
According to the specific provisions of article 8 par. 1 sec. a) of the Regulation in conjunction with article 21 of Law 4624/2019, minors under fifteen (15) years of age are prohibited from communicating their personal data to us through the Website, without the prior consent of their guardian. We ask these persons not to submit information to us.
Cookies Policy
What are cookies?
Cookies are small text files that a website stores on your computer or mobile device when you visit it.
Use of cookies
The company uses cookies to analyze visitor behavior, manage the Website, track user preferences and gather information about the user. This is done in order to personalize your experience with us. We use cookies on our Website to manage sessions, to provide personalized web pages to reflect your particular needs and interests. In this way, the Website remembers your actions and preferences (such as display preferences, language, etc.) for a period of time, so that you do not have to enter these preferences every time you visit the Website or browse its pages.
How will you be notified of any changes to this Policy?
We update this Privacy Policy whenever necessary. If there are significant changes to the Privacy Policy or the way we use your Personal Data, we will post an update to this on our website before the changes take effect and we will notify you as soon as possible.
We encourage you to read this Policy periodically to know how your Data is protected. This privacy policy was last modified on August 28, 2019.