EpicoBracelets.com.gr (“Epico Bracelets”,” “we,” “us” or “our”) will process your personal data when you are visiting and using the services provided at our website/e-shop or purchase products in our physical store. We are committed to transparency and we respect our visitors’ and customers’ personal data. Therefore, we have adopted this Privacy Notice. Below, you will find all the relevant information on:
- What kind of personal data we collect- Data mapping;
- How we collect your personal data;
- Why we collect your personal data;
- How long do we keep your data;
- Your privacy rights;
WHO WE ARE
We are a jewelry shop, owned and managed by the business name “Chrysochos V. Pantelis” located in Socrates Str. No. 13, Old Town, Rhodes, P.C. 85100, with telephone number +30 2241024946, and Email: email@example.com
HOW TO CONTACT US
If you have any questions about this policy, please contact our legal department at:
Address: Socrates Str. No.13, Old Town, Rhodes, P.C. 85100, Greece
Telephone: +30 2241024946
Please include your name and the reason for contacting us. This information is not necessary to address or reply to your request.
WHAT TYPES OF PERSONAL DATA DO WE PROCESS AND HOW? – DATA MAPPING
Types of personal information we collect:
- In order to complete your order you need to provide us with your name, surname, email address, your full address, your postal code and your telephone number. You also need to provide a display name for your personal account (it can be your real name or a nickname) that would appear in your account section and reviews.
- You may create an account by providing any username, your email address, and a password. If you already have a personal account you can simply enter your email address or your selected username and password and log in to your account. No password is visible to us. All passwords are used in an encrypted format.
- Once you create an account and proceed to a purchase, an order history tab will be available to your personal account. You may also select to save your billing or delivery address (if different) on your account to enable a fast checkout process for any future orders. You may also save your preferred items in the favourites list displayed with a “heart”.
- In case you want to communicate with us via email you have to provide us with your name, your email and your message.
- We may also collect your email address in case you subscribe to our newsletter. You may unsubscribe from our newsletter at any time, by clicking on the unsubscribe link at the end of each email or by contacting us in our email.
Please note that Epico does not store or otherwise process your credit card details. To finalise your payment, you are automatically transferred to a safe environment of the Bank or the payment provider (paypal etc).
HOW DO WE COLLECT YOUR PERSONAL DATA?
We collect your data directly provided by you or by the cookies stored to your browser every time you visit our eshop.
WHY DO WE COLLECT YOUR DATA AND FOR HOW LONG?
We will only process your personal data for the purposes and for the period, as set out below. We will not use your personal data for any purpose that is incompatible with the below mentioned purposes.
Purpose of processing : When you purchase bracelets, watches, accessories, or any other product of Epico, we will process your personal data to fulfil our contractual obligations towards you. Our order form identifies what information you must provide to us, in order for us to complete your purchase and dispatch the ordered products.
Legal grounds: to perform our contract with you or to take steps at your request prior to entering into a contract with you
Data Retention: We will process your personal data as long as we have a valid contract and for the period that it is necessary to execute the responsibilities we have undertaken by this contract (delivery, product returns, refund etc). We will also maintain all the relevant information that are necessary based on the tax, employment and insurance obligations we have (invoicing, billing etc). After the expiration of the above mentioned periods all data will be deleted. Invoices and other financial data will be retained for 12 years as obliged by tax law.
When engaging in promotional and marketing activities, namely:
- the sending of email notifications for special promotions / offers;
- the sending of emails about a promotional code or a gift to you;
- the management and update of our customers database
Legal Grounds: Direct marketing processing activities for example any commercial message from us aiming at promoting our products / services, are subject to your explicit, clear, freely given consent. This is given on a voluntary basis when for example you subscribe to our newsletter.
By exception, if you are already our customer the received message concerns products / services similar to those you have already purchased, the underlying processing aiming at promoting these products / services will not be based on your consent but on our business’s “legitimate interest”.
Of course, you can unsubscribe from these communications at any time either by following the hyperlink at the end of any email communication or by sending us an email at firstname.lastname@example.org
Data Retention: If you opt-out or unsubscribe from our marketing, we will no longer process your personal data for this purpose. We will also erase your personal data, unless there is another legal ground for keeping your data (for example a valid purchase contract or a legal obligation etc).
Queries and Support Purpose of processing : When you send us your questions or request support through via email, by phone or our other channels (social media chat), we may process your personal data to be able to assist you with the relevant matter.
Legal grounds: to perform our contract with you or to take steps at your request prior to entering into a contract with you or our business’s legitimate interest to reply to customer questions and requests for our products and services.
Data Retention: We will erase your data, within six (6) months after the relevant matter has been finally resolved.
Purpose of processing : When browsing our website, we will process your personal data to improve our website and enhance your experience with us.
Legal grounds: The processing is necessary for our legitimate interests to improve our website and enhance the customer experience. Please see more in our “Cookies Policy”.
We may also process your personal data if such processing is necessary:
- to comply with the law or in response to a subpoena, court order, law enforcement request, or other legal process;
Legal grounds: where it is necessary for compliance with a legal obligation to which we are subject
- to protect the interests, rights, safety, or property of us or others.
Legal grounds:where necessary for our legitimate interests, which are to protect our business interests, property, rights and safety;
- to enforce our terms and conditions of service on our website in relation to any purchase, or utilization
Legal grounds: for our legitimate interests, which are to protect us and enforce such terms of service and terms and conditions.
WHO DO WE SHARE YOUR PERSONAL DATA WITH
We do not share your personal information with others. However, we may share your personal information with third parties in order to provide services to you, to complete and deliver your orders, to provide you with any extra services you requested (i.e. fast track dispatch etc) and satisfy your needs, requests and expectations. Ιn case you pay via PayPal, the company is based in Luxembourg, S.à.r.l. &Cie. S.C.A., 22-24 BoulevardRoyal, 2449. For the completion of your order you will be redirected to a secure environment of PayPal and our business has no access to this data.
We do not transfer your data to any third countries. Where our transfer of your data is necessary to provide the services requested by you (dispatch of an order in any third country etc), the legal basis for the transfer is the execution of the contractual obligations. Your Personal Data will be processed by the provider/company providing the services you requested in line with all applicable local laws and the relevant bilateral country agreements.
TECHNICAL AND ORGANISATIONAL MEASURES
We use reasonable administrative, technical, personnel, and physical measures (a) to safeguard Personal Data against loss, theft, unauthorized use, disclosure, or modification; and (b) to ensure the integrity of your Personal Data. We have also taken all necessary steps to ensure business continuity and disaster recovery via secure back-up of data.To help us protect your privacy, you should maintain the secrecy of any logon IDs and passwords, or other identifiers or credentials you may have set up or were provided with in connection to your participation in or use of our products, services, or website.
We use a secure online transmission procedure, the so-called “Secure Socket Layer” (SSL) transmission, to protect the personal data of our users. You can see this from the fact that an “s” (https://) is added to the address component http://. The SSL encryption guarantees that your data is transmitted in an encrypted and complete way.
Your personal data will be stored on our servers which are located in the European Economic Area. We do not transfer your data to any third party outside the EEA. However, in case we transfer your personal data outside the EEA, we ensure a similar degree of protection is afforded to it, by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EU/EEA.
COMMUNICATION WITH YOU
As you may be aware, there is no absolutely secure method of transmitting or storing data online. Although their physical characteristics are different, postal mail, telephone calls, text messages, faxes and transmissions over the Internet or wireless networks all present possibilities of loss, misrouting, interception and misuse of the data that is transmitted. If you have reason to believe that your account is no longer secure, you must immediately contact Epico.
We try to strike a balance between the security of your data and your convenience. As a result, we may sometimes use a method of communication that is more convenient for you without necessarily applying the highest standards of security online. For example, you might receive an e-mail or a text message in an unencrypted format (i.e. instantly readable) as many of our customers are unable to access encrypted (i.e. coded) e-mails or messages. This means that our message, if misrouted or intercepted, could be read more easily than an encrypted email or message. Such messages may contain personal data. We strongly advice you not to include confidential information, such as your credit card number or account passwords, in any e-mail or text you send to us or to any posts online, in social media or in other websites or while writing a review for us, as this information becomes publicly available to an indefinite number of users. For a more secure way to communicate with us over the Internet, please use on the contact form on our website.
OUR RULES FOR COLLECTING YOUR DATA
- We only use the data for the agreed lawful reason and for the time it’s needed;
- We collect and store only data necessary to provide our services to you and only for the time necessary to the intended purpose;
- We fully explain why we need the data and how we’ll use it (unless we have legitimate reason not to);
- We check and update privacy information on a regular basis (we might also cross-check the data against other database to make sure it’s correct);
- We do not share data with anyone unless we have a legal or legitimate reason, or we have permission from you;
LINKS TO OTHER WEBSITES
There is the possibility that our website may contain hyperlinks to other websites for which we do not have any control over. Please make sure to read the privacy notice of these websites before providing any personal information Our business is not responsible for the content, the policies or the terms applicable to these third-party websites.
You have the right to:
- be informed. The information that our business supplies about the processing of personal data will be concise, transparent, intelligible; written in clear and plain language; and easily accessible.
- Access all personal data you provide to us, in printed or in electronic form free of charge;
- Obtain rectification of any inaccurate or outdated data, or to complete any incomplete data;
- Receive your data or ask us to provide you or transmit your data in a commonly structured format (data portability right);
Delete your personal data, under certain circumstances; Please note that this right is not absolute. Therefore, an attempt to invoke the right might not lead to an action from us.
Ask for the restriction of any data processing activities; Please note that this right is not absolute. Therefore, an attempt to invoke the right might not lead to an action from us.
- Object to certain types of processing including direct marketing;
- Submit a complaint to the Greek Data Protection Authority. You can see further information on their webpage (www.dpa.gr);
All rights can be exercised by submitting a written request to the Reception or via email free of charge (e-mail: email@example.com)
Our designated officer will respond to your request within thirty (30) calendar days.
FACEBOOK: Our business has an official page on Facebook: https://www.facebook.com/epicobracelets/. You may send us a message on Facebook. In order to process your request we may process your name and surname as displayed on Facebook, as well as other information based on your privacy preferences you have selected for your account (public profile or not). In case you click on the “LIKE” button of our page, we consider this as providing your consent to be informed about our business and. Our products on Facebook. In case you do not agree to follow our news on Facebook, you may simply click on the “UNLIKE” button.
Facebook is established in 1601 S. California Avenue, Palo Alto, CA 94304, USA. Facebook Ireland Limited, is based in Hanover Reach, 5-7 Hanover Quay Ireland.
For more information on Fb’s policy visit this link and we do not exercise any control over the applicable terms.
Our business has an official page on Instagram: https://www.instagram.com/epico_bracelets/?hl=en
You may send us a message on Instagram. In order to process your request we may process your name and surname as displayed on Instagram, as well as other information based on your privacy preferences you have selected for your account (public profile or not). In case you click on the “FOLOW” button of our page, we consider this as providing your consent to be informed about our business and our products. In case you do not agree to follow our news on Instagram, you may simply click on the “UNFOLLOW” button.
Instagram belongs to Facebook and is established in 1601 S. California Avenue, Palo Alto, CA 94304, USA. Facebook Ireland Limited, is based in Hanover Reach, 5-7 Hanover Quay Ireland. For more information on Instagram’s policy visit this link we do not exercise any control over the applicable terms.
CHANGES TO YOUR PRIVACY NOTICE
From time to time we may make changes to this Notice. This might be in relation to changes in the law, best practice, changes to the services we provide or collection and use of your personal information. We will always display clearly when the Notice was last updated and where appropriate, notify you of any relevant changes.
Last updated: 30th July 2021