Privacy Policy
Privacy Policy
Personal Data Protection Policy
Our company complies with the European Data Protection Regulation for the protection of your privacy and personal data while browsing our website.
“Personal Data” is any information that can be used to identify a natural person. We collect such information when you use or interact with it through our website.
We have therefore established this Data Protection Policy in order to inform you who visit or purchase from leatheraki.com. (hereinafter eshop) regarding the type of data that concern you and are processed by us, the purpose of their collection and general processing, the way we process them and any recipients. We further inform you of your rights and choices and how you can contact us on any matter relating to your personal data.
More specifically, this Policy includes:
- Information about the Data Controller of your personal data;
- The type of data we collect about you;
- The purpose for collecting and processing your personal data and the lawful basis for processing it;
- The security measures we take to protect your personal data;
- The length of time we keep your personal data;
- Information about your rights and how to exercise them.**
Who is the Data Processor:
[Sofia Lantzanaki, Chatzidaki street n. 14, Rethymno, Crete, Greece, tel. n. 6976709919, info@tastethelocalcrete.gr]
What information – Personal data we collect:
When you browse our e-shop we process (collect, store and possibly transmit) some of your personal data depending on the extent to which you “engage” with our website.
More specifically:
If you are simply a visitor to our online store website and official social media accounts and use:
1/ the contact form of our company, in order to serve any requests or clarifying questions about our products and the general operation of the e-shop, we will ask you to enter your name and email address.
Also, when you communicate with us on our company’s social media (Facebook, Instagram, etc.), you provide us with your identification and contact data, which we process on a case-by-case basis solely to serve your request.
2/ the registration form for promotional communication (newsletter) and news about our activity, you will be asked to submit your personal information (e.g. full name, email address, contact phone number, etc.) in order to take advantage of some of our benefits.
3/ the form for sending free recipe material from our e-book or for preview self-guided, you will be asked to submit your personal information (e.g. full name, email address, contact phone number, etc.),
4/ the option to create a personal account via our website, it is necessary to enter your full name, your e-mail address, a contact phone number, your Username and your Password.
If you are a customer or prospective customer:
If you decide to become one of our customers, a prerequisite for the start of the transaction between us is the disclosure of your personal data. When placing your online order, you provide us with your full name, the address to which the products sold will be shipped, your landline telephone number (or any other telephone number you wish, which will be used for your convenience), your email address.
The Company collects the above data when you use our online store (e-shop) to make your purchases and conclude a contract between us for sale of products/goods. The Company implements appropriate technical and organizational measures to ensure a level of security appropriate to the risks of accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access and any other form of unfair processing.
Special arrangements & remarks:
1/ Specifically regarding the collection of health data, allergies for the provision of our service, tailor made food experience, we may ask you to inform us of any allergies you may have to materials or other peculiarities of your health that may be affected by foods and liquids consumed.
2/ Our online store exclusively accepts Mastercard, American Express, Visa & Maestro credit/debit cards from any bank. All communications between Stripe’s servers and their customers are encrypted using SSL/TLS, ensuring that the data is protected during transfer, verified through the 3D Secure Network system of VISA and MASTERCARD.
The Company has taken all necessary measures for the security of your transactions via your credit card. All payments made using a card are processed through the Stripe electronic payment platform, using TLS 1.1 encryption with a 128-bit encryption protocol (Secure Sockets Layer – SSL). Encryption is a way of encoding information until it reaches the designated recipient, who will be able to decode it using the appropriate key. Stripe is certified as a PCI Level 1 Service Provider, the highest level of certification for payment data security. It uses tokenization to convert sensitive payment data into tokens, reducing the risk of data breaches. It provides support for two-factor authentication (2FA), using SMS, TOTP, and U2F for additional security on user accounts.
Our online store does not collect or store your credit card details in any way, and for this reason, you need to re-enter them each time you use your credit card for transactions through it.
– Service of promotional mail and commercial purposes:
The Company provides you with the opportunity, if you wish, to receive promotional and/or informative messages to your e-mail address. In this case, after being informed about the purpose of the processing and before collecting your data, your explicit consent will be requested.
This can happen either by subscribing to the Company’s newsletter, which is available on our website or in case you become our customer, the Company informs you that it wishes to process the data of its customers provided to us in the context of a purchase or other transaction with us for the purpose of direct commercial communication for related products or purposes. In particular, we will process your email and mobile phone to send you email, SMS, Viber or other multimedia related to our promotions, provided that you do not object to the sending of such commercial communication. In this case, you may request to opt-out by pressing the unsubscribe button in the email or via the website or in any case by contacting us.
Information relating to minors
Our website and services are not intended for use by minors under the age of 16. We do not collect Personal Data from minors under the age of 15 without the consent of a parent or guardian. In any case, we delete any Personal Data of a minor under the age of 13. If you are a parent or guardian of a child under the age of 13 and you are concerned that your child may have provided us with Personal Data, please contact us by e-mail: info@tastethelocalcrete.gr
Why do we use your Personal Data?
We use your data:
- – To communicate with you on matters relating to the sale of our products to you.
- – To receive your orders, process them, and ship the products to you.
- – To manage, process and process your payments, including the security of our financial transaction and invoicing.Για να διεκπεραιώσουμε τυχόν παράπονα σας.
- – For your convenience as a Member, by opening an account with us.
- – For the creation, storage and maintenance of a database of our clientele and its analysis.
- – To send you commercial messages via Newsletter, SMS, or other multimedia (VIBER) regarding news of our Company, products, offers and promotions.
- – To understand and analyse the results of our advertisements and promotions.
- – For the processing of your requests such as your withdrawal, etc.
- – To satisfy your rights regarding your personal data.
- – For the security of transactions.
- – For business analysis and improvements, such as to market and optimize our products, to optimize your experience and your service within our Online Store, and to customize your experience in our Online Store.
- – For market research, statistical analysis, how to develop marketing strategies and manage marketing campaigns, and to inform you or our partners of potential opportunities to participate in its marketing or product promotion initiatives.
- – To detect, prevent and respond to fraud or other illegal activities.
- – To protect the rights and assets of ourselves or others.
If we are obliged by law or by the contract between us we will ask you to opt-in; you can withdraw consent at any time with an explicit statement.
To achieve all the above purposes, we will collect and generally process only those data compatible with the purpose of processing (strictly necessary data), as detailed above.
To whom do we transfer your personal data?
The personal data we collect may be transferred to third parties. More specifically:
- – To any competent supervisory, public or judicial authority, if this is required by the applicable legal framework or by a court decision or a public prosecutor’s order.
- – To other third external partners who carry out processing on our behalf and are committed to the same level of protection of your data as we are, such as law firms, financial advisors-accountants, providers of IT products and/or services and/or support for all kinds of information and electronic systems and networks, courier companies, etc.
We do not disclose your personal data to third parties outside the European Union in countries where there is no appropriate data protection regime. However, should such a data transfer need to take place, we will take every possible measure to ensure that your data is treated securely, for example by using Standard Contractual Clauses (SCCs) established by the Commission.
SPECIAL NOTE:
We ask you not to disclose to us via e-mail or social networks your banking data, as well as your sensitive personal data. The processing of this category of personal data does not serve the purposes of the processing as defined above.
Apart from the personal data mentioned in detail above, you will not be asked for information on any other types of data.
Legal bases for processing your personal data:
We rely on four (4) legal bases when processing your personal data, which are:
- Performance of a contract: when it is necessary to process your personal data to comply with our legal obligations arising from the contract (placement and execution of your order);
- Legal obligation: when we are required to process your personal data to comply with a legal obligation, such as to keep records for tax purposes or to provide information to a public body or law enforcement authority;
- Legitimate interest: we may process data about you when we have a legitimate interest in carrying out a lawful activity to ensure the continuation of that activity, as long as it does not override your interests;
Your consent
We may occasionally ask for your specific consent to process some of your personal data. We will only process your personal data if you agree to this. You may withdraw your consent at any time, and it will be effective upon your express revocation and not retroactively, by contacting us by e-mail: info@tastethelocalcrete.gr
Your rights
Your rights under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) are as follows:
- Right of access to your personal data we process (to find out what personal data we process)
- Right to correct incomplete or inaccurate data we hold about you.
- Right to delete your personal data.
- Right to restrict the processing of your data.
- Right to data portability to you or third parties. You may receive, in a structured, commonly used machine-readable format, personal data concerning you and transmit it, under the legal conditions, to another controller as long as this does not adversely affect the rights and freedoms of others (only for automated processing of the information you have provided to us with your consent or for the performance of the contract between us.)
- Right to object to the processing of your personal data at any time. We may refuse to meet this right if we demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms or the establishment, exercise or maintenance of legal claims.
- Right to lodge a complaint to the Hellenic Data Protection Authority (www.dpa.gr), if you consider that your rights are infringed in any way (the right to complain to the Authority). Postal address: Kifisias Avenue 1-3, GR-11523, Athens, call center: +30 210 6475600, electronic mail: contact@dpa.gr.
For any additional information, as well as for the exercise of the above rights, please contact in writing to the following e-mail address: info@tastethelocalcrete.gr
As a general rule, we respond to your request within one month of receipt. The information, any communication and all actions taken pursuant to Articles 15 to 22 and 34 GDPR are provided free of charge.
Retention period and security of your Personal Data:
We keep your personal data only for the time required for processing the data, i.e. for the duration of the contract between us, your consent, our legal obligations (such as for tax purposes) and our legitimate interest on a case-by-case basis.
The data shall be processed in a manner that ensures confidentiality. We apply technical and organisational measures to ensure a level of security of your data appropriate to the risks of accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access and any other form of unlawful processing.
The data you provide to us is protected by ΙΤ security techniques security techniques to ensure both secure data transfer over the internet and secure storage in Information Systems. For your safe navigation in our e-shop as well as for the security of your transactions, the Company takes every possible measure by adopting modern high-quality security standards in line with market trends, such as the high levels of encryption technology SSL (Secure Socket Layer) that are put into operation during the input of personal data offering 256-bit encrypted communication.
We require all third parties that may receive your personal data to have appropriate technical and operational security measures in place to protect your personal data, according to Greek and EU data protection legislation.
Links:
Our website contains links to other websites. This privacy statement does not apply to other websites. Please refer to the privacy policies of these websites for more information on how they handle your data.
The Controller is not responsible for the content and services of other third parties to which it refers through links, hyperlinks or banners. (including, without limitation, social networking sites such as Facebook, Twitter, Instagram, YouTube, Pinterest, Google+). The Controller does not guarantee and cannot control the availability, content and privacy policy of the linked website. Therefore, for any problem that may arise during your visit/use, you should contact the respective websites that are solely responsible for the provision of their services. Access to the website via links is the sole responsibility of the user.
Policy update
This policy was last updated on 14.06.2024