English (UK) 
Ελληνικά 
Privacy & Data Protection Policy
1. Introduction
1.1 louloudialefteris.gr pays particular attention to the protection of the privacy and personal data of its visitors/customers. To this end, we strive to be fully compliant with the new European regulation on the protection of personal data (GDPR), which comes into force on 25 May 2018.
1.2 This policy applies where we act as data controllers for the data we receive from our site visitors and customers.
1.3 We use cookies on our website. On your first visit to our website we will ask you for your consent to the use of cookies, which are not strictly necessary and critical to the operations of the site. From then on, you will be asked for new consent at regular intervals. There is also a special page on the site about the policy and use of cookies that you can visit.
1.4 Our site allows you to choose how we use and process your personal data. For example, you can request to unsubscribe from our newsletter so that you do not receive informative and/or promotional material from us by email.
1.5 In this privacy policy the words "we", "us", "our" refer to our company and in particular to louloudialefteris.gr and in the capacity of data controller.
2. How we use your personal data.
2.1 This section describes:
(a) The categories of your data that we may collect and process.
(b) Where your data was not obtained directly from us but from a third party, we clearly indicate the sources.
(c) The reasons for collecting and processing the data
(d) The legal basis for such processing.
2.2 Performance information - During your visit to our website we will probably process your data (data processing). The data processing may relate to IP address, geographic location, browser type, operating system, traffic source (where you arrived on our site from), duration of visit, page views, site browsing, as well as information about the time and frequency of your use of the site. This information is collected through Google's popular Google Analytics platform and is required solely for the purposes of improving the performance of our site and the services we offer to you. The legal basis for the collection and processing of the above data is defined as the user's consent during his/her first visit (by accepting cookies), as well as the legitimate interest of the company, which arises from the need to improve our performance and services and from the need to service orders by sending them to a person (customer) with a physical address (shipping address) and contact details for the best possible information of our customers.
2.3 Personal account information - When using our online store we collect, process and use your personal account data ("account data"). "Account Data" includes: full name, email, contact telephone number, shipping address and/or billing address. "Account Data" is obtained from you for the purposes of serving you and completing your purchase. "Account data" is processed for the purposes of completing our services, for the security of the site and/or its visitors, for backing up our business data, and for customer communication. In addition to the above legal bases, we also process data on the legal basis of the conclusion of a contract between us for the sale of goods, which is stated in the terms of use of the site.
2.4 Our business retains access to your information contained in your personal profile on our website ("profile data"). Profile data may include your name, address, telephone number, email address. Profile data may be processed for the purposes of completing orders and sending them to customers. The legal basis for this processing is consent, our legitimate interest, i.e. the proper administration of our website and business, the performance of a contract between us and/or taking steps, at your request, to enter into such a contract.
2.5 Our business maintains access to information about transactions, including purchases of goods and services, that you enter into with us through our website ("transaction data"). Transaction data may include your contact details, and the details of the transaction. Transaction Data may be processed for the purpose of supplying the goods and services purchased and maintaining appropriate records of those transactions. The legal basis for this processing is the performance of a contract between us and/or to take steps, at your request, to enter into such a contract by defending our legitimate interests, namely the proper management of our online store.
2.6 Our business retains access to the information you provide to us to subscribe to email notifications and/or newsletters ("notification data"). Notification Data may be processed to send you the relevant notifications and/or newsletters. The legal basis for this processing is your consent, but also the performance of a contract between us
2.7 Our business has access to any of your personal data identified in this policy where necessary to establish, exercise or defend legal claims, whether in legal proceedings or in administrative or extrajudicial proceedings. The legal basis for this processing is our legitimate interests, namely to protect and assert our legal rights, your legal rights and the legal rights of others.
2.8 In addition to the specific purposes for which we may process your personal data listed in this Section 3, we may also process any of your personal data where such processing is necessary to comply with a legal obligation, or in order to protect your vital interests or the vital interests of another natural person.
2.9 Please do not submit any third party personal information to us unless requested for specific reasons.
3. Transfer of your data to third parties
3.1 We reserve the right to forward your personal data to an insurance company with which we work and/or to our professional advisors, to the extent reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice or establishing, exercising or defending legal claims, whether in legal proceedings or in administrative or extrajudicial proceedings.
3.2 Financial transactions relating to our website and our services are carried out through our payment service providers, e.g. banks. We forward transaction data to our payment service providers only to the extent necessary for the purposes of processing your payments, refunding payments and dealing with complaints and queries about those payments and refunds.
3.3 We reserve the right to forward the data resulting from an enquiry you make to us to one or more of the selected third party suppliers of goods and services identified on our website in order to allow them to contact you so that they can provide you with goods and/or services. Each such third party will act as a data controller in relation to the survey data we provide to them and each time they contact you, each third party will inform you of their own privacy policy, which will govern the use of your personal data by third parties.
3.4 In addition to the above cases of personal data marketing (Section 3), we may market your personal data where the marketing is necessary to comply with a legal obligation to which the data is subject or to protect your vital interests or the vital interests of another natural person. We may also forward your personal data where such forwarding is necessary for the exercise or defence of legal claims, whether in legal proceedings or in administrative or extrajudicial proceedings.
4. Transfer of your data to third countries
4.1 In section 4, we provide information about the circumstances in which your personal data may be transferred to countries outside the EU.
4.2 Our company and our online store has offices and headquarters in Greece. The European Commission has taken an "adequacy decision" regarding the data protection laws of each country. Data transfers to each of these countries will be protected by appropriate safeguards, i.e. clauses adopted or approved by the European Commission.
4.3 Our hosting facilities are located within the EU. The web hosting service providers we work with meet all the requirements of the new European regulation (GPDR). The European Commission has made an "adequacy decision" regarding the data protection laws of each country. Transfers to each of them will be protected by appropriate safeguards, in particular the use of standard data protection clauses adopted or approved by the European Commission.
5. Retention and deletion of personal data
5.1 Section 5 sets out our data retention policies and procedure, which are designed to ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
5.2 Personal data that we process for any purpose or purposes will not be kept for longer than necessary for the purpose of processing.
5.3 We keep your personal data for a period of time:
(a) reasonable, to make available and ship our products to you.
(b) for user/customer accounts, for as long as the customer needs, until the customer decides to proceed and request deletion from our records.
5.4 In some cases, it is not possible for us to determine in advance the periods for which your personal data will be retained.
5.5 Notwithstanding the other provisions of this section, we may retain your personal data where such retention is necessary to comply with a legal obligation to which you are subject or to protect your vital interests or the vital interests of another natural person.
6. Obligations
6.1 Our company may change/update these terms at its discretion.
6.2 You should check this page regularly to keep up to date with any changes to these terms.
6.3 Our company will inform you of any changes to these terms by email or personal message or other means of communication you have chosen.
7. Your rights
7.1 In this section, we describe and inform you of your consumer rights (your rights) as outlined in the new General Data Protection Regulation (GDPR). Some of these rights are described by complex legal terms and therefore have not been included in full detail in this document. You can contact the relevant authorities for a full explanation of the terms and your rights.
7.2 Your basic rights as a consumer under the new regulation are:
(a) the right to access your data;
(b) the right to rectification of data;
(c) the right of erasure
(d) the right to restriction of processing
(e) the right to object to processing
(f) the right to portability
(g) the right to report to a competent authority
(h) the right to withdraw consent
7.3 You have the right to confirm whether you want us to process your data and when we process it, you have the right of access to the data at any time, as well as to extra information about it. The extra information relates to the purpose of the processing, the categories of data we collect and the recipients of the data. As long as the rights and freedoms of third parties are not affected, we may provide you with a copy of all your personal data. Your personal data can be viewed and processed by logging into your personal account in our store if you have created one.
7.4 You have the right to edit and correct data that you consider inaccurate, as well as to complete personal data when required for your convenience.
7.5 In some cases you have the right to delete your data completely without any delay. These cases include. Withdrawal of your consent to the processing of your data. c. you object to the processing on the basis of specific articles of the applicable legislation. d. the processing only concerns direct marketing activities. e. the data are processed unlawfully. However, there are exceptions to the right to erasure, which apply when the processing of the data is strictly necessary: to ensure freedom of expression and access to information, to ensure compliance with legal obligations and to exercise legal rights and remedies.
7.6 There are situations where you can restrict the processing of your data. These are: you do not agree with the accuracy of the data; you consider the processing unlawful but do not wish to have it deleted; your data is no longer necessary for us to process but you need it for the purposes of exercising legal rights and appeals; and where you have objected to the processing and are awaiting the outcome of that action. Where data processing is restricted on the basis of the above, we may continue to collect and store your data, but we will only use it: with your explicit consent, for legal actions, to protect the rights of other legal or natural persons, or for important reasons of public interest.
7.7 You have the right to object to the processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any public authority vested in us or the purposes of legitimate interests pursued by us or a third party. If you make such an objection, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing is for the exercise or defence of legal claims.
7.8 You have the right to object to the processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will stop processing your personal data for this purpose.
7.9 You have the right to object to the processing of your personal data for scientific or historical purposes or for statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out in the public interest.
7.10 To the extent that the legal basis for the processing of your personal data is a) consent or b) that the processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract, and such processing is carried out by automated means: you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply if it adversely affects the rights and freedoms of others.
7.11 If you believe that the processing of your personal data violates data protection laws, you have the legal right to lodge a complaint with a supervisory authority responsible for data protection. You can do so in the EU Member State of your habitual residence, your place of work or the place of the alleged breach.
7.12 To the extent that the legal basis for processing your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of the processing prior to withdrawal.
7.13 You may exercise any of your rights in relation to your personal data by notifying us in writing or in some cases by directly interfering with your account data.
7.14 louloudialefteris.gr undertakes to inform its subscribers (members on whose account personal data are stored) within 72 hours, via email or any other available way, in case of malicious action (hacking) or any other loss/leakage of their personal data.
8. Data Protection Officer
8.1 The louloudialefteris.gr has appointed Mr. Eleftherios Mitsopoulos as data protection officer. For any issue, related to the GDPR regulation and for your personal data, you can contact us at email: info@louloudialefteris.gr