Personal data and transactions security:
In compliance with the applicable legislation, the BUSINESS has taken all necessary actions by implementing the appropriate technical and organizational measures from the aspect of legal and technical compliance but also from the aspect of the physical security of the personal data. The BUSINESS aims to ensure that the personal data that it receives are legally stored, processed and safely kept by undertaking the obligation to protect by any means the processing of your data against any loss or leakage, alteration, transmission or their unauthorized processing by any means. In this way it warrants that it fulfils all the legal requirements provided in the new General Data Protection Regulation (GDPR) and deals effectively with the operational risk and any potential risk of damage to the persons and their personal data that are being processed.
Which data we collect:
Our BUSINESS collects, processes and stores personal data of the users (such as but not limited to: name and surname, email address, home address, telephone number, IP address, etc.) according to the law by ensuring confidentiality and security thereof. These data are collected during the visit of the users to the website of the BUSINESS http://www.moraiti-bags.gr or upon the registration of the users to the e-shop of the BUSINESS or upon the login of the user to the e-shop or during the placement of a purchase order on the e-shop and may be processed by the BUSINESS which is the data collector in the context of the Law.
If you decide to contact us through our website, then you shall be asked to provide us with the specific personal data that are required for the supply of the product that you have ordered, handle your request or contact you with more information on our products. This takes place on a voluntary basis.
The information on the users and the other personal data thereof are processed strictly pursuant to the applicable legislation with total respect to the personality of the users and under the condition that they have consented to the collection and the processing thereof.
Why do we collect them:
We need to know your specific personal data in order to be able to carry out your order and dispatch the products that you bought on our e-shop. We use this information in order to identify you as a client, handle your order, deliver the products to you, process the payment, update your profile kept in our records and in general your account. In particular, send you notifications via mail, email, SMS texts or any other electronic means with information on our products, our events, discounts and services. We would also like to send you relevant advertisements in the future. We should state whether you would like or not to receive newsletters on our products as soon as you provide us with your email address. We may also use this information in order to customize the way we contact you in order to address you more personally.
We do not collect sensitive personal data which we do not need unless they are absolutely necessary in order to handle your request. We may choose to be deleted from our list at any time.
Who our partners are:
We made sure that the companies we work with are in compliance with the GDPR. Our partners in informatics are:
- Papaki.gr – The server where we receive all your correspondence and to which we send all our correspondence.
- Pireaus Bank – If you have selected to pay by card, our site shall transfer you to the secure environment of Pireaus Bank where you shall enter your card information. The BUSINESS does not have any access to the sensitive information of your card under any circumstances. We only have access to the last 3 digits of your card, your name and the date and time of the transaction only when you ask for a verification of the payment or we wish for a cash refund. Otherwise, when you pay by card, the only information we receive is whether the payment went through as well as the exact date and time of the transaction.
- Elta Courier – We have chosen for all our dispatches to be carried out by Elta Courier. The information we provide to Elta Courier in order to deliver the parcel to you is: Name and surname, full address, telephone number, cash-on-delivery amount, any comments that the client made and refer to the delivery of the parcel.
How long are your data retained:
We retain your data on our database for 10 years due to fiscal reasons and any potential audits. Moreover, we shall retain your data for 2 years in order to provide you with updates on our products and services (for marketing purposes). Upon the completion of the 2-year period, we shall ask again for your consent in order to continue providing you with information on our products and services. If you choose to be deleted from a service, it is possible that we might retain a “deletion list” that might contain your data in order to know that you have been deleted.
For more information on the collection, storage, use, maintenance and disclosure of your personal data, please contact us on +306973215439.
Your rights are:
Any person whose personal data are being processed by the BUSINESS has the following rights:
- Right of access: You have the right to be aware of and confirm the lawfulness of the processing. So you have the right to access the data and receive additional information on the processing thereof.
- Right to rectification: You have the right to review, rectify, update or amend your personal data.
- Right of deletion: You have the right to submit a deletion request of your personal data when we are processing them based on your consent or in order to protect your legal interests. In any other case (such as when there is a contract, an obligation to process personal data required by law, public interest) this right is subject to certain restrictions or does not apply depending on the circumstances.
- Right to consent withdrawal: The company informs you that when the processing is based on your consent, you have the right to withdraw it freely, however the lawfulness of the processing that has been based on your consent prior to its withdrawal shall not be affected. In order to withdraw your consent, you may contact us via the email address … as well as address the competent DPO.
- Right to address the Hellenic Data Protection Authority: You have the right to file a complaint with the Hellenic Data Protection Authority (www.dpa.gr): Call center: +30 210 6475600, Fax: +30 210 6475628, email address: email@example.com