Data Protection Policy – GDPR
PERSONAL DATA PROCESSING AND PROTECTION POLICY
Privacy
During your visit to www.cityleather.gr in order to order products, but also to ensure the possibility of communicating with you in order to inform you about our new products, it is possible that you will be asked to declare information concerning you (name, profession, email address etc.).
Any personal data that you declare anywhere on the services of the www.cityleather.gr website are intended exclusively for ensuring the operation of the respective service and may not be used by any third party, without complying with the provisions of Law 2472/ 97 regarding the protection against processing of personal data, as it applies each time.
The online store www.cityleather.gr operates in accordance with the applicable Greek and Community legislation and keeps your personal data securely for as long as you are registered in any service of www.cityleather.gr which is deleted after the end of the transactional relationship. The personal data you declare in the online store www.cityleather.gr is used exclusively by it or companies collaborating with it, for the purpose of supporting, promoting and executing the business relationship.
The data kept in the file may be communicated to the competent judicial, police and other administrative authorities upon their legal request and in accordance with the applicable legislative provisions.
The customer has, within the framework of telecommunications privacy legislation, the rights of information and objection provided for in articles 11 to 13 of Law 2472/1997.
The information we request from you: Every visitor can browse the online store www.cityleather.gr without providing any personal information. We will only need personal information when you join and create a user account. At this stage you will only be asked for your email to which you can if you agree to receive our informative emails. If you proceed to order products then you will have to enter information regarding your transaction with us. Mandatory and necessary information for each transaction is your name, a landline, address (street, city, postal code), order shipping address and type of document (receipt, invoice). Optionally we ask you for information such as a mobile phone number (in case we need to contact you directly).
By completing and submitting the relevant form (either the registration form or the order form) with your details, you also provide us with your written consent to use the details contained therein for the purposes described in these terms in the context of this privacy policy.
New provisions for the protection of personal data (called GDPR)
This Privacy Statement describes the personal data the company collects about you, how we use and protect your personal data, the choices you have about how we use that data. We recognize that the protection of personal data is an ongoing responsibility and therefore, we will periodically update and modify this Statement.
The personal data we collect about you is: Name. We collect the names (first name, last name) for the needs of executing the order on our website. Postal address. We collect our customers home address for delivery and order fulfillment purposes. Email address. We collect our customers' email address for order confirmation and promotional purposes. Other contact information. We collect other contact information, such as the phone number of our customers or customer contact persons, to provide our services better and faster. Pricing details. We collect the information of our customers that is necessary for the invoicing of our services, such as for example the A.F.M., D.O.Y. etc.
We collect your personal data when you make purchases from our e-shop or from our stores. We do not sell your personal data to anyone and only share it with third parties who facilitate the provision of our services to you.
We use your personal data to fulfill your order, to bill you and to compile profiles for the purpose of personalizing services and products.
The processing of your personal data for the sale of our products and services is necessary for the overall management of your order by the company and its partners. This management also includes the detection of online fraud and fraud related to modern means of payment, the prevention and management of payment (non-payment) incidents and the maintenance of the company's rights regarding its commercial activity. In some cases the processing of your personal data is necessary for the purposes of our legitimate interests or for the purposes of our compliance with national and/or European legislation.
For the purpose of carrying out the order of our products, we will keep your personal data for a reasonable period of time from the completion of the order and for the fuller satisfaction of your requests in relation to each order.
When you give us your personal data, we take steps to ensure that it is kept secure. In order to protect your personal data, we take physical, technical and organizational measures to protect it. We update and review the security technology we use on an ongoing basis. We limit access to your personal data to only those who need to know that data in order to provide the services to you. In addition, we educate employees on the importance of confidentiality and maintaining the privacy and security of your personal data. Among other things, we have implemented the following technical and organizational measures and procedures to protect your personal data from any loss, alteration, illegal processing or change: Encryption, Detection and management of security breach incidents, Use of servers located in rooms with limited access and subject to regular audits, Use of information systems and programs for computers installed in a way that minimizes the use of personal data and/or user authentication data, Adoption of separate procedures for maintaining personal data and securely erasing/destructing it, Access on-premise systems and databases.
As part of our activities, we use third party providers who provide services on our behalf. Thus, we may need to share your personal data with them. However, we only share your personal data with them that is necessary to provide the services we ask them to and we require them to protect your data and not use it for other purposes. The personal data we collect from you is stored in one or more databases hosted by third party providers located within the European Union. These third parties do not use or access your personal data for any purpose other than cloud storage and retrieval.
You have the right to request access to your personal data, which we process. In addition, you have the following rights: Right to correct or delete (in certain cases) your personal data. Right to restrict the processing or object to the processing of your personal data. Right (subject to conditions) to obtain your personal data for use elsewhere. In cases where we process your personal data based on your consent, you also have the right to withdraw your consent at any time, without this affecting the lawfulness of the processing for the period before the withdrawal of your consent. Finally, you have the right to submit a complaint to the competent Greek independent authority, which is the Personal Data Protection Authority (http://www.dpa.gr/).
The personal data we collect from you is not transferred or processed outside the European Union.
You can contact us for any question regarding the processing of your personal data or the use of cookies by us or to exercise your rights, using the online contact form on our website or by sending an email to info@cityleather.gr.
This Statement was last updated on [23/05/2018]. We reserve the right to modify and update this Statement at any time, for any reason, without notice to you, other than posting the updated Statement on our website.