PROTECTION OF PERSONAL DATA
PROTECTION OF PERSONAL DATA
The protection of your personal data is important to us.
In this Policy you can find all the information about the way the company “LIFE SCIENCE LAB COLLEGE ΜΟΝΟΠΡΟΣΩΠΗ Α.Ε.ΥΠΗΡΕΣΙΕΣ ΙΔΙΩΤΙΚΗΣ ΕΚΠΑΙΔΕΥΣΗΣ”, Mikras Asias 36 P.C. 50200, VAT: 800956210, TAX Office Ptolemaida, General Electronic Commercial Registry (G.E.MI.) 145704936000, email email@example.com , tel. 694 766 2211(hereinafter the "Company") processes your personal data.
The website https://strawbar.gr of the Company hosts the online store with the brand name STRAWBAR (hereinafter the "e-shop" or the "STRAWBAR" and / or "online store").
The Company respects Privacy; the confidentiality of communications and ensures the protection of personal data; strictly adhering to the applicable national and EU legal framework; including the EU General Data Protection Regulation 2016/679 (hereinafter "GDPR”) and the Greek Law 4624/2019; adapting the functions of its website https://strawbar.gr/; the software it uses and the way of providing its services through its online store in this relevant legislative frame.
- Sets the principles that guide the Company in the processing of personal data;
- Aims to inform visitors and users of STRAWBAR with transparency and
- for the data it collects
- the legal bases for the processing of personal data
- the rights of the data subjects; the options they have and the way they are exercised
Principles of Personal Data Processing
The Company respects the following fundamental principles for the processing of personal data; as provided in the GDPR:
- Processes personal data in a lawful; legitimate and transparent manner ("legality; objectivity; transparency").
- Processes personal data only for specified; explicit and legitimate purposes ("limitation of purpose").
- Processes only personal data that is appropriate; relevant and limited to what is necessary for the respective processing purpose ("data minimization").
- Ensures that the personal data it processes is always accurate and up to date ("accuracy").
- Keeps personal data only for the period of time required for the purposes of their processing ("limitation of the storage period").
- Processes personal data in a way that guarantees its appropriate security; such as their protection against unauthorized or illegal processing and accidental loss; destruction or deterioration; taking appropriate technical and organizational measures ("integrity and confidentiality").
Η Εταιρεία με την επωνυμία «LIFE SCIENCE LAB INSTITUTE ΜΟΝΟΠΡΟΣΩΠΗ Α.Ε. ΥΠΗΡΕΣΙΕΣ ΙΔΙΩΤΙΚΗΣ ΕΚΠΑΙΔΕΥΣΗΣ», ΜΙΚΡΑΣ ΑΣΙΑΣ 36 ΠΤΟΛΕΜΑΪΔΑ, Τ.Κ 50200, με ΑΦΜ 800956210, Δ.Ο.Υ ΠΤΟΛΕΜΑΪΔΑΣ, email firstname.lastname@example.org , tel. 694 766 2211 is the Data Controller for each processing of personal data that it performs exclusively for the purposes and with the means that the Company itself determines.
Personal data categories
The Company collects Personal Data that concerns you; either directly from you; or through cooperating companies and automated methods; as in the following cases:
The voluntary registration by the visitors-users of STRAWBAR of their personal data such as for e.g. in the contact form “Contact us” provides the right to the Company to process this data in order to satisfy the requests and to offer properly the services requested by the visitors / users.
When submitting your order electronically it is necessary to fill in your identity details; such as your name; family name and contact details; such as the postal address of mailing the products; email and contact phone number.
In order to complete the order; it is necessary to process the purchase data such as; type, description of market products; shopping cart; value; transaction code / name; place of delivery; time of purchase; history of purchases and orders; any comments or complaints.
Consumer Behavior Data during your browsing of STRAWBAR such as your shopping cart; Like, comments and interaction on social media; gift redemption; purchase frequency; way; time of purchase.
Financial data that you declare in the electronic transactions in STRAWBAR; such as payment; credit and return data; bank account (IBAN); transaction amount; money back; debit or credit card data; invoicing data (VAT; tax office; profession). The registration of the card details; their confirmation; the commitment of the amount and the final charge; are done in a secure environment (SSL) of Piraeus Bank; without being stored by STRAWBAR.
Also, personal data that you share during your visit on social media; on the pages of https://strawbar.gr on Facebook and Instagram; such as username; comments; messages and information; when you follow these accounts; when you contact us and when you use the services offered by the above sites to get in touch with us; to submit requests; reviews.
Κατά την επικοινωνία σας με το τμήμα εξυπηρέτησης πελατών μας χορηγείτε προσωπικά σας στοιχεία όπως δεδομένα ταυτότητας, επικοινωνίας, ή συναλλαγών, τα οποία και χρησιμοποιούμε κατά περίπτωση αποκλειστικά και μόνο για την εξυπηρέτηση του αιτήματός σας.
Δεδομένα τεχνικά όπως για παράδειγμα το κανάλι – πηγή προέλευσης, τη διεύθυνση πρωτοκόλλου διαδικτύου (IP), ζώνη ώρας και τοποθεσία, στοιχεία εισόδου, τύπο και έκδοση του προγράμματος περιήγησης, λειτουργικό σύστημα και πλατφόρμα και άλλη τεχνολογία στις συσκευές που χρησιμοποιείτε για τη σύνδεσή σας στο STRAWBAR
The Company; based on its statutory purposes; does not provide products directly to children; therefore, does not knowingly process personal data of children.
However, parents and guardians of children are advised to contact the Company immediately; if they find any unauthorized disclosure of data by the minors for whom they are responsible; in order to exercise the rights granted to them.
Purposes of Processing
The Company in the context of its statutory activities may collect and process personal data for the following purposes:
- To receive; evaluate; complete your orders and send the products to you
- For the processing of your payments
- To contact you for issues related to electronic transaction through STRAWBAR
- In order to respond to all kinds of requests (replacement; returns; right of withdrawal; etc.) to provide support and service for its products after the sale
- In order to meet legal obligations arising from legislation; such as tax; accounting
- In order to ensure the smooth operation and security of its website
- In order to legally conclude contracts, to investigate the possibility of concluding contracts on a pre-contractual basis and to comply with the legal obligations arising from them
- For promotional purposes; such as participation in Contests and lotteries; research purposes; marketing aimed at communicating and optimizing its products and services; observing the legal requirements
- To manage our clientele by creating a database
- To optimize your shopping experience and your service in our online store
For the legal processing of the data that concern you; we rely on the following bases; according to the GDPR:
The legal interest of the Company
- for the security of your account and your identification; where required; as well as the security of data; networks and the prevention of fraud and unauthorized access to them
- to optimize the services to its customers through its online store
- for the purpose of direct commercial communication; observing the conditions of the law; by providing the possibility of unsubscribing at any time
- for your communication with the Company by filling in the relevant form
Την εκτέλεση σύμβασης σχετικά με
- exploring the possibility of concluding pre-contractual contracts
- creating and managing your Account
- the sale of products regarding the receipt of the order; the acceptance; its processing; the payment; the transfer etc.
Τη συμμόρφωση με την έννομη υποχρέωση της
- to comply with tax; accounting and e-commerce legislation
- to satisfy the right of withdrawal; in accordance with the law
- to confirm the order by sending an email to a fixed medium
Data Protection and Security
Η Εταιρεία λαμβάνει τα κατάλληλα τεχνικά και οργανωτικά μέτρα για να αποτρέψει μη εξουσιοδοτημένη πρόσβαση, να εξασφαλίσει την ακεραιότητα και διαθεσιμότητα των δεδομένων, όπως τα αναγκαία μέτρα ψηφιακής ασφάλειας δεδομένων, τα κατάλληλα antivirus, firewall και το πιστοποιητικό SSL.
Personal Data Subject Rights
The Company provides complete and transparent information to the data Subjects regarding the provisions of the General Data Protection Regulation no. EU (2016/679) rights and ensures that they can exercise them easily.
Specifically; the Data Subject is entitled to:
- To be informed by the Company and to request access to his personal data; requesting to receive a copy of his personal data.
- To request the correction of his inaccurate personal data; as well as the completion of incomplete personal data.
- Να ζητήσει τη διαγραφή των προσωπικών του δεδομένων υπό τις προϋποθέσεις που ορίζονται στον άνω Κανονισμό. Μπορεί να αιτηθεί να διαγραφούν προσωπικά δεδομένα, εφόσον η διατήρηση αυτών δεν στηρίζεται σε οποιαδήποτε νόμιμη βάση ή έννομο συμφέρον, σε περίπτωση που τα δεδομένα προσωπικού χαρακτήρα δεν είναι πλέον απαραίτητα σε σχέση με τους σκοπούς της επεξεργασίας ή ανακαλεί τη συγκατάθεση επί της οποίας βασίζεται η επεξεργασία, αντιτίθεται στην επεξεργασία, ή τα δεδομένα προσωπικού χαρακτήρα υποβλήθηκαν σε παράνομη επεξεργασία.
- To request a restriction on the processing of his personal data under the conditions set out in the above Regulation; when he/she disputes the accuracy of personal data or considers the processing illegal or to support legal claims or expresses objections to the processing.
- Request the transfer of his / her personal data to the Subject and / or to third parties; in a structured; widely used; mechanically readable form; in case the processing is automated and based on consent or contract.
- The right not to be subject to a decision taken solely on the basis of automated processing; including profiling; which produces legal effects that concern or significantly affect it in a similar way (right to human intervention).
- Withdraw his/her consent at any time; for the processing of his personal data; where it was required. In this case the Company reserves the right to terminate any service to the data Subject. The revocation of the consent does not affect the legality of any processing carried out before the revocation of the Subject's consent.
To exercise all the above rights, you can contact the Company free of charge by sending an email to the email address: email@example.com or by phone to the number 6947662211.
In the event that any of the above rights are exercised; the Company will immediately arrange for the satisfaction of your request within a reasonable time and no later than thirty (30) days from the identification of the submitted request; informing you in writing of the progress of its satisfaction and any legal reasons for its rejection; as in the case where they are manifestly unfounded or excessive; in particular due to their repetitive nature; in accordance with what is specifically provided for in the GDPR.
In the event that you are not satisfied with the Company's response to your request; as well as for any complaint regarding this Policy or personal data protection issues; you can contact the Independent Personal Data Protection Authority by submitting a complaint to the following details: www.dpa.gr, postal address: 1-3 Kifissias Ave.; PC 115 23; Athens; tel .: +30 210 6475600; fax: +30 2106475628; e-mail: firstname.lastname@example.org.
Transfer of personal data
The Company may cooperate with selected; based on quality criteria; advertising companies; suppliers and service providers; who process personal data on its behalf following orders given to them by it and ensuring compliance with the obligation of confidentiality and protection of personal data; acting as Executors (such as the Company that hosts and manages the e-shop; courier companies; credit cards and payments; email distribution; research and analysis; brand and product promotion; Google; Facebook; Instagram). In this case; only those personal data that are absolutely necessary and exclusively for the purposes of processing mentioned in this Policy are transmitted.
If the recipients are installed outside the EU and ΕΕΑ; or the data processing is to be done outside the EU the transfer of personal data shall take place provided that an adequate level of protection of personal data is ensured; as in the following cases: (i) where a decision of adequacy has been issued by the European Commission or (ii) provided appropriate guarantees and on condition that enforceable rights and effective legal remedies exist for data subjects or (iii) the existence of approved corporate binding rules; as well as in any other case provided for in the GDPR.
Data Retention Period
Personal data is kept for a specific and limited period of time; depending on the purpose of the processing; after which it is safely deleted; unless a different retention period is provided by applicable law.
- Product market data is retained until the end of the purchase and for a longer period in order to comply with our legal obligations (such as tax and commercial legislation or applicable alcoholic beverages legislation). The Company may keep the data anonymised; without the possibility of your identification for historical; research purposes.
- The data collected through the contact form "Contact us" on the website STRAWBAR as well as through any other way of communication with the Company; are maintained until your effective service and for maximum time within 3 months of the completion of the communication.
- The data through the accounts of https://strawbar.gr on social media; such as Facebook and Instagram; are kept for as long as you remain connected in any way to these accounts and in accordance with the respective terms contained in data protection policy of these media.
- Cookies are kept for a period of time depending on their nature; origin and purpose of use. For more information please refer to the Cookies Policy.
- Also; personal data are kept for the period determined by the current Legislation such as tax; accounting; confidentiality of communications and the corresponding provisions of the law for their maximum retention period.
- If there are legal claims / requirements of a civil nature; the Company may keep the personal data until the completion of the legal time limitation period of the claims.
Disclaimer for Third Party Websites
Applicable Law-Dispute Resolution
The parties mutually agree to make an attempt to resolve amicably any dispute arising out of this Policy in a spirit of mutual respect; by involving them in out-of-court procedures; such as Mediation.
In the event that an amicable settlement is not possible; any dispute or claim regarding this website will be governed by Greek law; while the Courts of Florina are designated as competent.
Updates on the Personal Data Protection Policy
The Company may; whenever it deems necessary at its discretion; modify this Policy; such as for reasons of compliance with legislative amendments; or optimization of its services. For this reason you are invited to check this page every time you visit the Company's website. Any changes will be posted on this website with an indication of the modification date.
Revision: February 2022