The protection of your personal data is important to us!

With this policy the individual enterprise KALOUSIDOU ELENI (ARGEMI:118692948000)

 (hereinafter the "Company" or "we" or "us" or "our"), which is located in Katerini, (10 K.Varnali 10, P.C. 60133, Pieria, South Pieria, TIN: 102079996), determines and discloses the terms under which, acting as the "Data Controller" as defined by law, it collects, stores, uses and generally processes your personal data, which it collects when you visit, register or use the Company's websites (hereinafter the "Websites") and when you interact with its physical stores.

This Privacy Policy also describes how we use, share and protect your personal data, the choices you have regarding your personal data, and how you can contact us. This Privacy Policy complies with the terms under European Regulation 679/2016 and any other relevant applicable legislation.

If you have any questions regarding this Privacy Policy, but also any issue related to the processing of your Data and the exercise of your rights, you can contact us at the following email address (email) info@magikoravdi.gr

1.A few words about the Company's Websites

The site magikoravdi.gr is the Company's website, where the online store for the presentation and sale of the Company's products and services is located.

2.What is Personal Data?

The term "personal data" refers to information of natural persons, such as name, postal address, e-mail address, contact telephone number, etc., which identifies or can identify you, hereinafter referred to as "Personal Data or Data".

3.What is the Processing of Personal Data?

Κάθε πράξη ή σειρά πράξεων που πραγματοποιείται με ή χωρίς τη χρήση αυτοματοποιημένων μέσων, σε δεδομένα προσωπικού χαρακτήρα ή σε σύνολα δεδομένων προσωπικού χαρακτήρα, όπως η συλλογή,  καταχώριση, οργάνωση, διάρθρωση, αποθήκευση, προσαρμογή ή μεταβολή, ανάκτηση, αναζήτηση πληροφοριών, χρήση, κοινολόγηση με διαβίβαση, cheapest hotel in Bournemouth διάδοση ή κάθε άλλη μορφή διάθεσης, συσχέτιση ή συνδυασμός, περιορισμός, διαγραφή ή καταστροφή.

4.Is the provision of your Personal Data mandatory?

The provision of the Data to the Company may be necessary to achieve the purposes specified in this Privacy Policy or may be optional.

The mandatory or optional nature of the Data assignment is indicated by an asterisk (*) next to personal data of mandatory nature.

If you refuse to provide the data marked as mandatory on the Sites, it will be impossible to achieve the main purpose for which the data is collected, and it may, for example, make it impossible for the Company to fulfill the sales contract or provide the other services available on its Sites.

The provision of additional Data to the Company, in addition to those marked as mandatory, is optional and does not entail any consequences in relation to the main purposes of Data collection, since their provision serves exclusively to optimize the quality of the services provided by us.

5.What Personal Data do we collect?

We take care to collect only the strictly necessary Personal Data that is appropriate and clear for the purpose for which it is intended. This Data includes the following:

α. Data that you provide us when you register and create a user account on the Site, via the Internet or your mobile phone or through your personal contact with our stores or our sellers and specific data such as e-mail address (e-mail)* and password/login password (as mandatory) and name, surname, postal address, telephone number (as optional):

β. Data and information that you provide to us through transactions between us (purchases, orders, etc.) and communication between us (through our physical stores, our online store, our salespeople, telephone, email or any other means). For example, we collect notes of our conversations with you, details of any complaints or comments you make, details of purchases you have made, products added to or removed from your basket, a list of products you wish to purchase (wish list), voucher redemptions, which of our websites you visit and how and when you contact us.

c. Data relating to the payment method for the transactions you make with us.

δ. Data you provide us when you subscribe to our newsletter.

ε. Data on the products and services that you usually prefer to choose. In order to recommend products or services of your interest and to further improve your shopping experience with us. Of course, you always have the option not to share such data with us.

f. Traffic data of our website.

ζ. Information collected from the use of cookies in your browser. Learn more about how we use cookies here.

η. To provide the best possible website experience, we collect technical information about your internet connection and browser, as well as the country and phone code where your computer is located, the web pages that appear during your visit, the ads you click on and any search terms you enter.

θ. Your social media username, if you interact with us through these channels to help us respond to your comments, questions or feedback.

ι. Contact details such as telephone number, home address for individuals, as well as VAT number, tax office and company name, for the issuance of an invoice.

6.How do we use your Personal Data?

Where appropriate we use your Data:

  • To complete orders for products and services: The Company processes your Data in order to fulfil its contractual relationship, to process the order of products and/or services, to provide customer service, to comply with legal obligations, to oppose, raise or exercise legal claims. If we do not collect your Data when you complete the order (through our physical stores, face-to-face or telephone service from our sales staff or through our online store, we will not be able to process your order and comply with our legal obligations. Please note that it may be necessary to transfer your Data to third parties in order to deliver the product or service you have ordered (For information on how we make personal data available to third parties, see conditions 9, 10, 11 and 12 below).

In addition, we may retain your Data for a reasonable period of time in order to fulfil our contractual obligations, such as product returns, as required by relevant legislation.

  • To create a User Account: The Company processes your Data in order to provide you with account functions and to facilitate the purchase of products and/or services.
  • For the Communication: The Company uses your Data to respond to your requests/questions, refund requests and/or any complaints. The information you share with us enables us to manage your requests and respond to you in the best possible way. We may also keep a record of your queries/requests to us so that we can better respond to any future communication. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests to provide you with the best possible service and to be able to improve our services based on your personal experience.
  • For sending newsletter/offers: With your consent, we will use your Personal Data, preferences and transaction details to inform you by e-mail, internet, telephone and/or social media about relevant products and services, including personalised/personalised offers etc. Of course you have the possibility to withdraw this consent at any time.
  • For Web push notifications: depending on your browsing, you may receive, with your prior consent, notifications about our offers, news, your wish list and your shopping cart. Of course you have the possibility to withdraw this consent at any time.
  • For participation in a loyalty program: The Company may process your Data for the purposes of your participation in a loyalty program, i.e. both the processing of your participation application, the collection and redemption of points and the enjoyment of customer benefits in general, as detailed in the terms of participation of the loyalty program. This enables us to offer you personalised offers that are of interest to you. Of course, you are free to choose whether to take advantage of them.
  • To develop and improve the products and services we provide to you. We do this based on our legitimate business interests.
  • Because we want to offer you offers and proposals that are more relevant to your interests and needs.
  • To ensure that you are always shown the most interesting content on our Site, we will use the Data you have provided to us by giving us your consent to receive Apps notifications or - for our Sites - your consent to the placement of cookies on your device. For example, we may display a list of products you have recently looked at or offer you recommendations based on your shopping history and any other Data you have shared with us.
  • To send you research and evaluation requests so that we can improve our services. These messages will not include advertising content and will not require prior consent when sent by email or text message (SMS). We have a legitimate interest in doing so as this helps our products or services to be more relevant to you. Of course, you are free to opt-out of receiving these requests from us at any time by updating your preferences in your online account.
  • To protect your account from fraud and other illegal activities: This includes using your Data to maintain, update and protect your account. We also monitor your browsing activity with us to identify and quickly resolve any problems and to protect the integrity of our website. All of the above is part of our legitimate interest. For example, we check your password when you log in and use automated IP address tracking to detect possible false entries from unexpected sites.
  • To process payments and prevent fraudulent transactions: We do this based on our legitimate business interests. This also helps to protect our customers from fraud.
  • To comply with our contractual obligations to you or in order to comply with statutory provisions or to enforce court orders.
  • To send you communications required by law or necessary to inform you of changes to the services we provide to you. For example, updates to these privacy notices, product recall notices and legally required information about your orders. These service messages will not include promotional content and will not require prior consent when sent by email or text message (SMS). If we do not use your personal data for these purposes, we cannot comply with our legal obligations.

Finally, we inform you that the processing of your Data is carried out either by the Company's specially authorized personnel, or through computer systems and electronic devices by the Company and exceptionally by third parties, who, having been contractually bound to confidentiality and protection of your Data, carry out tasks necessary to achieve the purposes strictly related to the use of our Sites, its services and the sale of products through our Sites. You will find information on this below in terms 9 and 10 "Who are the recipients of your Data? How your Data is shared".

7.What is the legal basis for the processing of your Data by the Company?

  • data protection legislation which sets out various reasons why a company may collect and process your personal data, including the terms of our contractual relationship
  • your consent, where required. For example, when you choose to receive newsletters. When collecting your personal data, we will always inform you which data is necessary in relation to a particular service.
  • the Company's obligations arising from the law (e.g. tax legislation, legislation on e-commerce, etc.)
  • the legitimate interest of our Company. In certain cases, we collect your Data in a manner that is reasonably expected as part of the operation of our business and that does not substantially affect your rights, freedom or interests.

8.Who are the recipients of your Data?

Access to your Data is available to the Company's absolutely necessary personnel, who are bound by confidentiality obligations, as well as to our affiliated companies or third party service providers, who process your Data as Processors on our behalf and in accordance with our instructions.

9.Disclosure of Data by our Company

The Company shares your Data with:

  • Third party service providers that process personal data on behalf of the Company, for example (but not limited to) for credit card and payment processing, transfers and deliveries, hosting, management and maintenance of our data, email distribution, research and analysis, management of promotions, as well as management of certain services and data. When we use third-party service providers, we enter into agreements that require them to implement appropriate technical and organizational measures to protect your personal data.
  • Other third parties, to the extent required for the following purposes: (i) to comply with a request from a Greek government agency, a court order or applicable law; (ii) to prevent illegal uses of our Sites or violations of our Terms of Use and Apps and our policies; (iii) to protect ourselves from third party claims; and (iv) to assist in the prevention or investigation of fraud (e.g. counterfeiting).
  • other third parties to whom you yourself have given your consent.

Disclosure of Data by you

  • When you use certain social media elements on our Sites or Apps, you may create a public profile that includes information such as username, profile picture and city. You may also share content with your friends or the general public, including information about your interaction with the Company. We encourage you to use the tools we provide to manage sharing on Company's social media to control the information you make available through Company's social media elements.

10.What is the policy we apply with the third party Processors processing your Data in accordance with the above:

  • We only provide the information they need to perform their specific services.
  • They may only use your Data for the precise purposes we specify in our contract with them.
  • We work closely with them to ensure that your privacy is respected and protected at all times.
  • If we stop using their services, any of the data they hold will be deleted or made anonymous.

To improve your customer experience on our Sites and Apps, we use the following companies, who will process your Personal Data as part of their contracts with us:

  • Facebook
  • Instagram
  • General Postal
  • ACS Courier
  • DHL
  • TNT

If you wish to receive more information about the disclosure of your Data to third parties please contact us by email info@magikoravdi.gr

11.How do we ensure that Processors respect your Data?

The Processors processing on our behalf have agreed and contractually bound themselves to the Company:

  • maintain confidentiality,
  • not to send your Data to third parties without the Company's permission,
  • take appropriate security measures,
  • comply with the legal framework for the protection of personal data and in particular Regulation 979/2016/EU (also known as GDPR).

12.Data transfer

The personal data we collect (or process) within our Sites and Apps will be stored within the European Union. However, some of the recipients of the Data with whom the Company shares your Personal Data may be located in countries other than the country in which the original collection of your Personal Data took place. The laws in those countries may not provide the same level of data protection as the country that originally provided your Personal Data. However, when we transfer your Personal Data to recipients in other countries, including the United States, we are committed to protecting your Personal Data as described in this Privacy Policy and in accordance with applicable law.

We take steps to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside the European Economic Area or Switzerland that do not ensure an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries enjoys adequate protection under data protection rules. These include signing the Contractual Clauses, certifying that the recipient has adopted the European Binding Rules or complying with the EU-US and Switzerland-US Privacy Shield.

13.For how long do we keep your Data?

We retain your Personal Data for as long as necessary to fulfil the purposes set out in this Privacy Policy (unless a longer retention period is required by applicable law). Generally this means that we will retain your Personal Data for as long as you have an account with our Company. With respect to your Personal Data related to product purchases, we retain this data for a longer period in order to comply with our legal obligations (such as tax and trade law and for warranty purposes where applicable). At the end of this retention period, your data will be deleted completely or anonymised, for example by aggregation with other data, so that it can be used in an unidentifiable way for statistical analysis and business planning.

Some examples of customer data retention periods:

  • Orders

When you place an order, we will retain the personal data you provide for five years so that we can comply with our legal and contractual obligations.

  • Guarantees

If your order included a guarantee, the relevant Personal Data will be kept until the end of the guarantee period.

  • Newsletter

Your declaration of consent for sending a newsletter is kept for as long as you receive a newsletter from the Company and in any case not more than six months after its discontinuation.

14.Is your Data safe?

We are committed to safeguarding your Personal Data.

Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to ensure the security and protection of your Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.

The www.magikoravdi.gr website uses the TLS 1.2 protocol, for secure online commercial transactions. This encrypts all the Data you provide, including your credit card number, name and address, so that it cannot be decrypted or altered during transmission over the Internet.

In addition, the information used to identify you as an account user is twofold: the Username and the Personal Secret Security Code (Password). Each time you enter your details, you are given access to your personal account. This process is achieved securely through encryption during their transfer to the Internet and the Company's servers. Following the same standards, you are given the opportunity to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired password, the new password is encrypted and stored in the Company's systems. For this reason, the only person who knows your password is you and you are solely responsible for keeping the password secret from third parties.

These measures shall be reviewed and amended when necessary.

15.What are your rights?

You have the right to access your Personal Data.

This means that you have the right to be informed by us if we process your Data. If we process your Data, you can request to be informed about the purpose of the processing, the type of your Data we hold, who we give it to, how long we store it, whether automated decision-making is taking place, and your other rights, such as rectification, erasure, restriction of processing and lodging a complaint with the Data Protection Authority.

You have the right to correct inaccurate personal data.

If you find that there is an error in your Data, you can submit a request to us to correct it (e.g. correction of your name or update of a change of address).

You have the right to erasure/right to be forgotten.

You can ask us to delete your data if it is no longer necessary for the above mentioned processing purposes or you wish to withdraw your data in case this is the only legitimate basis.

You have the right to portability of your Data.

You may request to receive the Data you have provided in a readable form or request us to transfer it to another controller.

You have the right to restrict processing.

You can ask us to restrict the processing of your Data for as long as your objections to the processing are pending.

You have the right to object and withdraw consent to the processing of your Data.

You may object to the processing of your Data and we will stop processing your Data, unless there are other compelling and legitimate reasons that override your right. If you have consented to the collection, processing and use of your Personal Data, you may withdraw your consent at any time with future effect:

  • By selecting not to receive Marketing Communications.

You can opt out of receiving marketing communications by changing your email and sms subscriptions by clicking the unsubscribe link or by following the instructions included in the message.

  • Alternatively, you can contact us using the contact details provided in clause 17 below.

In case we rely on the our legitimate interest: In cases where we process your personal data on the basis of our legitimate interest, you can ask us to stop for reasons related to your personal situation. We must then do so if we do not believe we have a legitimate compelling reason to continue to process your Personal Data.

16.How can you exercise your rights?

To exercise your rights you can submit a request to us at the following email address info@magikoravdi.gr entitled "Exercise of Rights" and we will look into it and get back to you as soon as possible.

Exception:

  • if you wish to correct your Data in your user account, you can log in to it and make any correction/change without having to submit a Request.
  • if you wish to withdraw your consent for sending a newsletter you can do so by selecting the link "To unsubscribe from the "newsletter mailing list" click here" at the bottom of each newsletter.
  • if you do not wish to receive web push notifications from the Company you can disable the option from your browser setting.

Identity check

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Policy. If you have authorized a third party to make a request on your behalf, we will ask them to demonstrate that they have your permission to act for this purpose.

17.When do we respond to your Requests?

We will respond to your Requests free of charge without delay, and in any case within (1) one (1) month of receiving your request. However, if your Request is complex or there are a large number of Requests, we will let you know within the month if we need to obtain an extension of another (2) two months within which to respond to you.

18.What is the applicable law when we process your Data?

The applicable law is Greek law, as formulated in accordance with the General Data Protection Regulation 2016/679/EU, and in general the applicable national and European legislative and regulatory framework for the protection of personal data.

Any dispute arising from or relating to the protection of your Personal Data shall be subject to mediation in accordance with the Mediation Regulation of the European Organisation for Mediation and Arbitration (EMCDDA). In the event that the dispute or part thereof is not resolved through mediation, the dispute or the unresolved part thereof shall be resolved exclusively, finally and irrevocably by an arbitral tribunal, appointed and conducting the arbitration in accordance with the ECHR Arbitration Rules.

19.Where can you appeal if we violate the applicable law for the protection of your Personal Data?

You have the right to lodge a complaint with the Personal Data Protection Authority (postal address 1-3 Kifissia Street, P.K. 115 23, Athens, tel. 210. 6475600, e-mail address (e-mail) contact@dpa.gr), if you believe that the processing of your Personal Data violates the applicable national and regulatory framework for the protection of personal data.

20.How will you be notified of any amendments to this Policy?

We update this Privacy Policy whenever necessary. If there are significant changes to our Privacy Policy or the way we use your Personal Data, we will post an update to this Privacy Policy on our website before the changes take effect and will notify you by any appropriate means.

We encourage you to periodically read this Policy to know how your Data is protected.