Privacy Policy (GDPR)

Privacy Policy & GDPR compliance

With its current policy, the sole proprietorship “Ioannis Karantonis” (hereinafter the “enterprise”), which is based in Ancient Olympia, at 55 Praxiteli Kondili Street, PC. 27065 TEL. 0030 26240 23411, with TIN: 041695590 of the Tax Office of Pyrgos, determines and notifies the terms under which, acting as defined by law as “Responsible Processor”, collects, stores, uses and generally processes your personal data, which it collects when you visit, register or use the business websites (hereinafter referred to as the “Websites”) and its mobile applications as well as when trading with its store.

This Privacy Policy also describes how you use, disclose and protect your personal data, the options you have regarding your personal data, and how you can contact us. This Protection Policy is in accordance with the terms arising from European Regulation 679/2016 and any other relevant applicable legislation.

For any questions regarding this Privacy Policy, but also any issues related to the processing of your Data and the exercise of your rights, you can contact the e-mail address (email) [email protected].

Personal data

The term refers to information of individuals, such as name, postal address, e-mail address, contact telephone number, etc., which identify or may identify you.

The Privacy Policy Code (GDPR) protects personal data regardless of the technology used to process it. It is technologically neutral and applies to both automated and manual processing, provided that the data is organized according to predefined criteria (eg alphabetical order). It also does not matter how the data is stored – in an information technology system, via video surveillance or in print. In all cases, personal data are subject to the protection requirements set out in the GDPR.

Personal data that we process and collect

By registering to open an account, place an order, or send a request, we collect specific personal information from you, for example your name, your postal address, your telephone numbers, your e-mail address, etc.

We use this information to identify you as a customer, to process your order, to deliver your products, to manage payments, to update your profile information in our archive and generally your account with us. More specifically, we can send you information via mail, email, messages on your mobile phone, or through any other electronic media, including social networks, for information about our products, events, offers and services. We may also use this information to customize the way we communicate with you so that we can address you more personally.

We may also occasionally ask for other information, such as your size, your preferences in a product category, your age, or any special dates, such as your birthday, name day, which will be used for strengthening our services to you.

In addition, we may collect statistical information about website traffic, sales and other usage-related information that we may provide to third parties on a case-by-case basis and for specific purposes. These statistics do not include any information that can personally identify you.

We may also use your personal information for internal consumer behavior and product promotion studies, along with non-personal data for consumer profile analysis and monitoring, to continually improve our products and services and to understand what may be of interest for you and our other customers.

We constantly strive to comply with the requirements of the Data Protection Authority and any applicable laws and regulations, to ensure that your personal information is stored securely and processed in a fair and lawful manner. Your data is maintained and controlled by the sole proprietorship under the name “Ioannis Karantonis”, Ancient Olympia, at 55 Praxiteli Kondili Street, PC. 27065 which acts as the data controller for the purposes for which it is kept.

Please call the company for any information about your personal information at 0030 26240 23411. It is clarified that in relation to the described processing of personal data the company takes appropriate technical and organizational measures to ensure that every natural person acting under its supervision and which has access to such personal data is processed only by order of the company and always in the necessary context for the provision of services of this website.

The disclosure of personal data by the users of the website and the online store www.sandalon.gr in the above manner constitutes acceptance of the terms of use of this data in accordance with the present.

Use of personal data

We will use your personal data for the purposes described above. We do not collect or process more or any other type of personal data than is necessary to fulfill this purpose. We will only use personal data in accordance with the terms of this privacy policy, unless you have specifically provided your consent to another use of your personal data. If we intend to use your personal data which we process with your consent, for purposes other than those disclosed in this consent, we will notify you in advance and, in cases where the processing is done with your consent, we will use your personal data for a different purpose only with your permission.

Processing of children’s personal data

The company will not collect or process personal data of children under the age of 16 unless parental consent has been given in accordance with applicable local law. If we find that a child’s personal data has been collected by mistake, we will delete it without undue delay.

Data Security

We are committed to safeguarding your Personal Data. Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to secure and protect your Data from any form of accidental or improper processing. We use the most modern and advanced methods to ensure maximum safety.

All payments made on the website www.sandalon.gr using a card are processed through the electronic payment platform “Alpha e-Commerce” of Alpha Bank and uses TLS 1.2 encryption with 128-bit encryption protocol (Secure Sockets Layer – SSL). Encryption is a way of encrypting information until it reaches its intended recipient, who will be able to decrypt it using the appropriate key. This encrypts all the Data you provide, including your credit card number, name and address, so that it cannot be decrypted or changed when you transfer it over the Internet.

Additionally, the information used to identify you as an account user is twofold: the Username Password and the Personal Security Password. Each time you enter your details, you are given access to your personal account. This process is achieved securely through encryption when transported over the Internet and the company’s servers. By the same token, you are allowed to change your Personal Security Password as often as you wish. After entering the desired code, the new code is coded and stored in the Company’s systems. Therefore, you are the only one who knows your password and you are solely responsible for maintaining the confidentiality of the password by third parties. These measures shall be reviewed and amended as necessary.

Identity check

To protect the confidentiality of your information, we will ask you to verify your identity before making any request under this Privacy Policy. If you have authorized a third party to submit a request on your behalf, we will ask him to prove that he has your permission to act for this purpose.

Our online store

If you choose to order products through our online store, your name and email address as well as all other information you enter during your registration will be stored in the database of this website along with your computer’s IP address and time and date you placed the order. This information is used only when sending the products of your order and is not passed on to any of the processors.

Your rights

The company undertakes that in relation to the described processing of personal data applies the appropriate technical and organizational measures in order to ensure the appropriate level of security against the risks arising from their processing, in particular the risks of accidental or unlawful destruction, loss, deterioration, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed.

The processing of your personal data is also linked to your respective rights, which, subject to provisions that may restrict the exercise of these, are:

• Right to information: You have the right to receive clear, transparent and comprehensible information about how we use your personal data and what your rights are. For this purpose we provide you with the information in this Statement – Privacy Policy and we urge you to contact us for any clarification.
• The right of access: You can ask us to correct or supplement your data if it is incomplete or contains inaccuracies.
• The right to correct: You can request that we correct or supplement your data if it is incomplete or contains inaccuracies
• The right to your data portability: You may request that we provide or transfer to a third party provider in electronic form specific information that you have provided to us.
• The right to delete. In some cases, you can request the deletion of all or part of your data (if, for example, the data is no longer needed for the purposes for which it was collected, etc.).
• The right to restrict processing. You have the right to restrict the processing of your personal data.

• The right to withdraw consent. If you have given your consent to the processing of your personal data, you have the right to withdraw your consent at any time by contacting us at the information provided herein.
• The right to object: you may object to the processing of your data which is carried out in the pursuit of our legitimate interests, as mentioned above.

In case of exercise of any of the above rights, we will take every possible measure to satisfy your request within a reasonable time and no later than (1) month from the identification of your request, informing you in writing of the satisfaction of your request. , or the reasons that may prevent the exercise of the relevant right, or the satisfaction of one or more of your rights, in accordance with the General Regulation of Personal Data Protection. Please note that in some cases the satisfaction of your relevant requests may not be possible, such as when the satisfaction of the right is contrary to a legal obligation or conflicts with a contractual legal basis for the processing of your data.

Exercise your rights

To exercise your rights you can submit a relevant request to the email address [email protected] entitled “Exercise of Right” and we will examine it and answer you as soon as possible.

Exceptionally:
– if you wish to correct your Data in your user account, you can log in to it and make any correction / change without the need to submit a Request.

– if you wish to withdraw your consent to send a newsletter (newsletter) you can do so by selecting the link “To delete from the” newsletter mailing list “click here” located at the bottom of each newsletter.

– if you do not wish to receive web push notifications from the company you can disable the option from your browser setting.

Data Retention

The website www.sandalon.gr keeps the personal data of its registered users for as long as they keep their account. The personal data of the unregistered users that result from their interaction with the Services of www.sandalon.gr, are kept for a period of at most two (2) years after their last visit to the website.

An exception is the data that serve to prove the transaction of the company resulting from the use of its Services. These data are kept for a period of not more than five (5) years from the respective transaction.

After the expiration of the retention period or if a user requests the deletion of his account or data and there is no pending legal or other dispute or legal interest arising from the use of the Services of the company, his data will be deleted as soon as possible.

Data Violations

We will report any illegal data breach on this site within 72 hours of the breach if it is obvious that the personal data stored in an identifiable form has been stolen.

The applicable law when processing your Data

Applicable Law is the Greek Law, as formulated according to the General Regulation for the Protection of Personal Data 2016/679 / EU, and in general the current national and European legal and regulatory framework for the protection of personal data.

If you consider that any of your rights or legal obligations of our company regarding the protection of Personal Data are being violated and after you have previously addressed the relevant issue to our company and you have not received a response within a month (extended the deadline to two months in case of complex if you consider that the answer received from the company is unsatisfactory and your issue has not been resolved, you have the right to file a complaint to the competent supervisory authority, ie the Personal Data Protection Authority (PDPA), 1-3 Kifissias Ave. , PC 115 23 Athens, email: [email protected], fax 0030 210 6475628.

Update on any changes to this Policy

We update this Privacy Policy whenever necessary. If there are significant changes to the Privacy Policy or the way we use your Personal Data, we will post this update on our website before the changes take effect and we will notify you in any appropriate way.

We encourage you to read this Policy at regular intervals to know how your Data is protected. This Privacy Policy was last modified on August 1, 2020.