Personal Data Protection and Privacy Statement
To our business, Personal Data protection is a self-evident commitment we undertake towards our users and clients to protect an individual’s private and business life online. Therefore, we take all necessary measures (organisational and technical) to ensure the safety, availability, and reliability of the data of our clients and users.
Through this “Personal Data Protection and Privacy Statement” we wish to describe the type of personal data collected by us, how we manage them, and where they may be used.
Through its e-shop, our business displays and markets/sells household linen, curtains (folded, voile, flounce, etc.), furniture, light fittings, and other household items, textiles, and fabrics for women’s clothing to businesses and private individuals. This statement refers to all products marketed/sold through our e-shop.
1. Copyright/ Intellectual Property
Except where expressly provided otherwise, the copyright and contents of the website, including the author’s rights, trademarks, logos, trade names, and other brands, as well as all kinds of materials or information included therein, shall be the sole property of our business or the property of third parties contracted with our business and protected by the relevant provisions of Greek Law, European Law, or International Treaties.
Copy, use, reproduction, modification, change, editing, sharing, distribution, sale, or transfer of the material of this Website, in whole or in part, and, in general, any exploitation of any part of its contents, is prohibited, without express prior written permission by our business.
2. Links to Other Websites
3. Personal Data Collection
The sale of products made available by our business requires that the ability to communicate with the client or user of our website is ensured. Therefore, it is necessary that, upon the client or user’s registration or expression of interest in a product displayed on the website https://www.romaiou.gr/, the true personal data requested are stated, as further specified below.
Once the user and/or client registers with the services provided by our business, their consent shall also be given to store and use their personal data, in accordance with this Statement. The personal data of users and clients shall not be used for purposes other than those described herein, unless otherwise provided for by law or a new express and clear authorisation is obtained by the subject.
Our business collects data solely for the purposes of the lawful and correct operation of its online store and to offer its clients the requested services such as the sale and delivery of products. Personal data shall be collected either directly or indirectly.
Direct Data Collection
These are data directly provided by our clients, as is the case with a user’s registration with our website.
Indirect Data Collection
These are data collected through the use of our website and are directly related to how a client navigates thereon. Such collection is made by using technologies such as (including but not limited to) cookies.
In all cases where data are collected or sent, there shall be a clear and express prior notice by our business, where the user’s previous acceptance through an appropriate user interface is required.
The following are among the data collected by us:
Upon registration of natural persons (members) and when interest in a product is expressed (without registration)
We collect the name and last name of our users, their e-mail address, their phone number, and postal address.
Upon registration of a business
We collect the name of the business, its field of activities, VAT Reg. No, the Tax Office to which it is subject and its postal address, as well as the name, last name, e-mail, and phone number of the person to be contacted on behalf of the business.
Upon registration of either a business or a natural person, we shall also collect the username and passwords, and other similar security information used to verify the user’s identity and access our website. (Credentials)
4. Use of Personal Data
Our company shall use data collected exclusively for the following purposes:
– To pursue its business activity and promote products offered by it;
– To improve and customise its services offered through its e-shop;
– To manage the sale of its products, as well as communicate with and inform you about the availability of products, the progress and execution of an order, the receipt of your order from our shop, the delivery of products to your address, the management of your debts, and the return of products; and
– To communicate with its users and clients so as to commercially promote products, inform them about offers, and, in general, to promote its products; advertising material is also considered as part of such communication (the list of aforementioned purposes is indicative, not exhaustive). This communication shall take place via e-mail or by phone.
Transfer of Personal Data
Our business makes its products available through its online store (e-shop) and, for this purpose, data are collected by our employees for the execution of your order and receipt of products from our shop or the delivery of products to the address indicated by you.
Therefore, the data collected shall only be shared with employees who are necessary to perform our order, as well as third parties with whom we cooperate, such as the courier company delivering your orders.
In any case, your personal data may only be accessed by authorised persons who are required to access them so as to complete the purposes of collection, use, and processing, as such are notified herein. Individuals who have access to data are obliged to keep them confidential.
In some cases, our business may share your personal data, with your previous consent, with different companies or service providers cooperating with it, either natural or legal persons, so as to meet your requests for completion of a transaction or provision of a service, such as the delivery address for products sent to the cooperating courier company.
Our business uses the appropriate organisational and conventional measures to protect your personal data and it includes the same requirements, as those stated herein, in third-party service providers that cooperate with it.
Our business may access, transfer, or disclose, and store personal data of clients where such is necessary, such as to comply with applicable law or in the context of legal proceedings.
How We Process Data
Our business processes the data you have provided us with, such as the details of a client-member, contact details, transaction, charging, and shipping details, only to perform the sales contract. Also, our business may process your data only upon the user’s request or with the user’s consent.
Details such as the VAT Reg. No or Tax Office shall be retained by our company in compliance with any applicable tax law.
How We Store Data and for How Long
Under Article 5(1)(c) of the GDPR, computers and programmes used by our company have been parametrised in such a way so as to limited to what is necessary the use of personal data and identification data. These data shall be subject to processing only to the extent necessary to achieve the purposes stated herein, and they shall be stored for the time period that is absolutely necessary to achieve the specified purposes sought. In all cases, the criterion used to determine the storage period shall be based on compliance with statutory deadlines and the principles of data minimisation, limited storage or rational management of our records.
5. Access to Personal Data
Through their declared e-mail address, the client or user may email us at firstname.lastname@example.org and request that they be informed about their personal data kept by us, their recipients, the purpose of their retention and processing, as well as their modification, correction or erasure. The client or user of our business should attach a copy of their ID or Passport to such e-mail.
Moreover, you have the right to review the personal data kept by us and, in general, exercise all rights provided for by legislation on personal data protection. The personal data you disclose to our business through https://www.romaiou.gr/ , either during your registration or at a later stage, shall be collected, used, and processed under applicable provisions on personal data protection and, more specifically, under the provisions of Law 2472/1997 and Law 3471/2006, as in force, as well as the new European General Data Protection Regulation (EU) 2016/679, as well as Directive 95/46/EC on personal data protection.
Rights of clients and users
You reserve the following rights specifically:
– Right to information about your personal data: Upon your relevant request, we will provide you with information about your personal data kept by us.
– Right to rectify and complete your personal data: At a time after your registration, you may send us a relevant notification so as to rectify your personal data that are stated inaccurately or erroneously.
– Right to erase your personal data: You may submit a request for your personal data kept by us to be erased. Despite your request, it is possible that some data may not be erased and deletion shall take place after a specified retention period. This may happen when we are obliged by law to keep this data or because data are required to perform our contractual obligations towards you.
– Right to reserve your personal data: Upon your relevant request and in the cases provided for by law, we shall reserve your data. Reserved data shall only be processed to a limited extent.
– Right to withdraw your consent: You may withdraw your consent for the processing of your personal data at any time in the future. The lawfulness of any processing of your data that has taken place until the withdrawal of your consent shall remain unaffected.
– Your right to object to the processing of your data: You may object to the processing of your personal data at any time in the future. If you raise objections, we shall stop processing your data on condition that there are no legal grounds for further processing thereof. Processing your data for advertising purposes does not constitute legal grounds.
6. Security of Personal Data
Our business shall take all necessary technical and organisational measures to ensure the protection of data in order to protect personal data from loss, change, misuse, destruction, or access by unauthorised individuals or unauthorised disclosure. Our security measures are constantly improving keeping up with technological advancements.
Our associates also have the obligation to comply with these provisions.
You may also register as subscribers to our Newsletter through our website. We shall email you a Newsletter only if you have previously proceeded to the following action, clicking a link-message whereby you will expressly confirm the activation of the Newsletter service. If you later decide not to receive the Newsletter of our business, you may terminate your subscription at any time, withdrawing your consent. The consent to receive the Newsletter via e-mail may be withdrawn through the link stated in the Newsletter.
You shall receive the above Newsletter for as long as our business has your consent, i.e. until you declare to us that you do not wish to receive newsletters.
8. Changes to this Policy
Our business may, at its absolute discretion, amend this Personal Data Protection Statement so that it always meets practices applicable to personal data protection.
In case where changes are made, our business shall notify you thereof by posting a notification at a visible area before changes take effect or in any other appropriate way. We encourage you to regularly study this Personal Data Protection Statement to be informed about how our business protects your data.
The sole proprietorship under the name ROMAIOS EVA. ARISTEIDIS has its registered office in Piraeus, at 141 Ypsilantou Str., Zip Code 18535, VAT Reg. No 121287011, Tax Office: 1st of Piraeus, tel. 210 4212288 and 210 4227625. Our business is the Data Controller.
The Data Protection Officer for our business shall be Mr Aristeidis Romaios and you may contact him with respect to the use of the e-mail at email@example.com
Our business has been committed to protecting your personal data online. Should you have any questions or comments about how we manage your personal data, please contact us using the e-mail address and contact details stated above.
In this website, the terms “we”, “us”, and “our” refer to our business.