The European Union has introduced new rules for the protection of personal data, with Regulation (EU) 2016/679, (General Data Protection Regulation – GDPR), which has been in force since 25 May 2018, in order to offer a higher level of protection of natural persons against the processing of personal data concerning them.
Data collection methods
According to Regulation (EU) no. 679/2016 (GDPR), personal data is the data that can be used for the identification of an individual. We collect your personal data that you provide to us exclusively yourself, when you create an account and register as a user on our online platform, when you place an order and purchase a product through the online platform of our website and when you submit requests and messages regarding your service as our customer.Furthermore, the users of our website are requested to provide us with their personal data and in cases they wish to send an e-mail to firstname.lastname@example.org, when they subscribe to the ‘Newsletter’ of our website in order to receive information from www. tsantesonline.gr and when they send CVs to find a job through our website. In all the above cases the provision of any kind of personal data is done by you voluntarily.
The personal data we process
Our company collects, maintains and processes your personal data only when you yourself voluntarily provide it to us, for the following purposes:
1. For your management as a registered customer and the offer of a personalized experience on our websites, in case you have created an Account.
2. For the completion of orders and contracts for the sale of products through our online store.
3. For Customer Service regarding orders.
4. For our communication with users and the resolution of any disputes.
5. For the provision of customer services, such as the provision of offers and informative e-mails and the information of users for promotions and new products, in case you subscribe to the newsletter of our company.
6. For the extraction of information regarding the use of our website by its visitors, in order to continuously improve it.
7. For research and statistical purposes concerning the operation of our website.
Legal processing bases
Legal processing bases for the data we collect and process are in the case of creating an Account the taking of measures at your request as a Data Subject before concluding a contract. In other words, in order to register as a User on our online platform and place an order as our customer, the processing of your requested personal data is required.We process the data you provide to us when you place a product order for the purpose of executing the sales contract and for fulfilling our legal obligations. We use the information you give us in order to contact you regarding the delivery of the order at your place and for the confirmation and identification of the customer in any necessary case.Finally, receiving data in the framework of customer service is part of the legitimate interests of our company. The continuous improvement of our website and the services provided is also part of the legitimate interests of our company. In other cases, we process your personal data only when you provide it to us voluntarily and only when we receive your free, explicit and fully informed consent. Your consent to the processing of your personal data may be revoked at any time.
Personal data security
Our company in the framework of personal data protection checks at regular intervals the necessity to maintain your personal data and deletes those that it deems useless and not absolutely necessary for processing purposes. Www.tsantesonline.gr is committed to ensuring the security and the integrity of the data it collects about the users of its website and for this reason takes the necessary measures to protect the personal data that you users provide in any way. These measures protect users’ data from any unauthorized access or disclosure, loss or misuse, and alteration or destruction. In particular, we protect the security of your information by using software that encrypts and anonymizes the information you enter. The website www.tsantesonline.gr uses the SSL protocol, with 128-bit encryption (the most powerful today), for secure online commercial transactions. This encrypts all of your personal information so that it cannot be read or modified as it is transmitted over the Internet. SSL (Secure Sockets Layer) protocol is currently the global standard on the Internet for the authentication of websites (websites) to network users and for the encryption of data between network users and network servers (web servers).
An encrypted SSL communication requires that all information sent between a client and a server is encrypted by the sending software and decrypted by the receiving software, thus protecting personal information during its transfer. In addition, all information sent with the SSL protocol is protected by a mechanism that automatically detects whether the data has been modified during the transfer. In addition, we restrict access to your personal data only to those employees who need to be aware of it in order to perform their professional duties. Your personal data will be processed solely in accordance with our instructions and we are committed to complying with the relevant terms of confidentiality.
Transmission of data to third parties
Our company undertakes not to sell, rent or in any way publish or disclose the personal data of its customers to any third party. We may transfer users’ personal data to legal third parties or natural persons only if:
- Explicit consent of customers for the transmission of personal data has been granted.
- The transfer of personal data to legal or natural persons who cooperate with our company becomes necessary for the implementation of the wishes and orders of customers within the framework of the contract between us. Legal and natural persons who cooperate with us have the right to process the personal data of users only to the extent that is absolutely necessary for the implementation of the contract.
- It is required due to compliance with the relevant provisions of the law and to the competent authorities only.
Data retention period
We will retain your personal information for as long as you are subscribed to our Website Newsletter and until our email communication is completed. We delete your personal data after the revocation of the given consent or after the lapse of one (1) year from the sending of the last informative or communication e-mail.
Our company in order to ensure your optimal navigation on our website uses the ‘cookies’ technology. Cookies are small text files that contain information stored on your computer’s hard drive while you browse our website and can be removed at any time. We use ‘cookies’ to be able to distinguish you from other visitors, to record your IP address and the way you use our website, as well as to facilitate your access to all the functions of our website.The use of ‘cookies’ allows us to collect information for statistical and advertising purposes, but mainly to personalize your browsing experience, storing your preferences. No cookies are placed on your devices, except for the necessary cookies, without or before you give us your consent. You can turn off cookies at any time, easily through the browser options but if you do, we will not be able to record your purchases or allow you to make a purchase from our site or we will not be able to provide you with optimal access to all the functions of our website. All statements of consent for the ‘cookies’ provided through our website are kept in parallel and in writing and are stored in a safe place. Finally, we would like to inform you that every 12 months from your last visit to our website, the validity of any consent given will expire and new ones will be requested.
Our company sends newsletters to the users of our website at regular intervals. By creating your profile on our website, you are automatically included in the list of recipients of newsletters to the e-mail you declare. In each newsletter you have the option to stop sending a newsletter to you if you wish, with a relevant link at the end of each e-mail. Finally, our company reserves the right to delete any recipient from the newsletter lists. For any issue that may arise as well as for any relevant information regarding the operation of the newsletters, please contact us. The update from www.tsantesonline.gr, is done only if you choose it and for as long as you wish. On the contrary, in case you have placed an order on www.tsantesonline.gr, we send automated informative messages (e-mail) about the progress of your order.
There is no way to deactivate these updates, the sending of which is a prerequisite for the proper progress of your order. These emails please ensure that they can reach you and keep them throughout the duration of our transaction. It is your obligation, in case you do not receive the relevant emails, in accordance with the general terms governing our transactions, to let us know without delay.
The company is not responsible if the newsletters are not delivered to their destination, although it makes every possible effort with ISP’s (Internet Service providers) for the delivery. Newsletters can end up in the spam folder, so please check regularly that they are not stored there.
Messages in contact form
By submitting your message in a contact form to our company and by clicking (“checking”) on the indication “I CONSENT”, you accept the terms regarding the use of your e-mail and your name by our company. We undertake not to use this information for commercial purposes by transferring it to third parties. In case you do not want us to preserve your personal information we have obtained through the use of the contact form, you can request their deletion.
You may opt to place an online order as a regular visitor-customer. In this case, your personal data will be kept in the file of our online store until the completion of your order, with the sole exception of the transaction data that will be kept for as long as the current tax legislation provides and for as long as it is required for the execution of the sales contract.
Links, Hyperlinks & Banners
We do not knowingly process any information from any person under the age of 15. Our site is aimed exclusively at people who are over 15 years old. If you are under 15, do not use or provide any information on this site. If we find that we have collected or received personal data from a child under the age of 15, we will delete this information unless express consent or authorization has been given by the child’s guardian.
We respect your right to access, correct, request deletion or request a restriction on the use of your personal information, as required by Regulation 679/2016 GDPR. Without prejudice to specific exceptions, conditions and restrictions provided in the Personal Data Legislation:
- You have the right to know what personal information we hold about you and to request the portability of your information. We will provide you with a copy of your personal information in a structured, widely used and readable format upon request.
- If your personal information is incorrect or incomplete, you have the right to request their modification or correction.
- You may request that we delete your personal information to the extent that it is not necessary for the purpose of processing or when we no longer have the right to process it.
- You may ask for the deletion of your personal data to the extent that it is not necessary for the purpose of processing or when we are no longer authorized to process it.
- You have the right to revoke your consent to the processing of your personal data, when it is based on your consent.
- You have the right to request a restriction on the processing of your personal data as well as to object to their processing, to the extent that the processing is not based on the fulfillment of a contractual or legal obligation on the part of our company.
In the event of the exercise of any of the above rights, the company will take all possible measures to satisfy your request in a timely manner, as specifically defined and under the terms of the Personal Data Legislation, informing you in writing about the satisfaction of your request, or about the reasons that prevent your exercise, or the satisfaction of one or more of the above mentioned rights in accordance with the Personal Data Legislation.
You can exercise your above rights by request at the e-mail address of our company email@example.com. The deadline for the completion of each request is 30 days and there may be an extension of it, upon your relevant information.
According to Regulation no. 679/2016, you have the right, if you consider that your rights regarding the protection of your personal data are violated, to submit a relevant complaint to the Personal Data Protection Authority.
If you have any questions regarding the protection of your personal data or want to exercise your legal rights, please contact the Data Protection Officer of the company, sending a relevant email to firstname.lastname@example.org.