We agree to comply with all relevant laws of the European Union and Greece regarding the protection of personal data for the protection of the rights and freedoms of persons whose information is collected or processed in accordance with Law 2472/1997, the General Data Protection Regulation (EU) 2016/679 (GDPR), Law 4624/2019 as well as Law 3471/2006 .
- Protection of personal data
The Site adheres to a policy that determines the way of processing and protection of your personal data. Respects your privacy and recognizes the importance of protecting your information. Whenever you give us your personal information, we use it in accordance with the General Data Protection Regulation (GDPR - Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016) and the applicable laws on personal data protection and for the purposes are set out in this policy, in the registration forms you have completed and in all relevant terms and conditions of use.
The Greek company “Efstathia Panagoula” is responsible for the processing of personal data you provide us and is responsible for the security of your data under the laws on personal data protection.
Company name: “Efstathia Panagoula”, Panoramatos Street 86, Panorama 55236, Thessaloniki, email:Hello@effiepanagoula.com, registered with the General Electronic Commercial Registry no. 121829006000 (GEMI).
The online store www.effiepanagoula.com uses your personal data for the following purposes:
- To manage your online market, i.e. to process your orders and returns through our online services and to send you notifications about the delivery status or in case of any problems during the delivery of your items.
- To process your payments.
- To manage complaints about our products.
- To offer you different alternative payments.
- To identify you and verify that you are over 16 years old.
- To improve your shopping experience and our services.
- To send promotional emails about new products, special offers, our news or other information that we think you may find useful, using the email addresses you have given us.
In order to carry out any transaction through the online store www.effiepanagoula.com and in order to place orders for the company's products, you will be required to disclose some of your personal contact details. When you place an order, we will ask you
-your full name, the address to which the products will be sent, your landline number (or any other telephone you want), your email address.
- Account information such as first name, last name, address, email address, phone number, zip code, date of birth, gender, city, country and username.
- Payment information and history
- Order information
- Purchase history
- Delivery history
- Activity recording information
- IP address
We process your personal data, because it is necessary for:
- the execution of the contract for the sale of goods
- our compliance with our legal obligations
- the pursuit of our legitimate interests
In general, we rely on your consent as the legal basis only for the processing associated with sending direct marketing emails. You have the right to withdraw your consent at any time. Where your consent is the only legal basis for processing, we will stop processing your data after it is withdrawn.
We do not retain your data for longer than is necessary for the purposes set out in this Policy. Different retention periods apply to different types of data; however the maximum length of time we hold your personal data is 10 years.
Confidentiality is taken for granted. The same basic principles that govern classic transactions apply in the case of our online store. All information transmitted by the user/member to www.effiepanagoula.com is confidential and www.effiepanagoula.com has taken all necessary measures to be used only to the extent that it is deemed necessary in the context of the services provided. Some of the measures that have been taken are the following:
Only authorized employees have access to your transaction information and only when necessary, e.g. to process your applications.
Our Site does not disclose the details of customers and their transactions, unless it has a written authorization from you or this is imposed by a court decision or decision of another public authority In any case the online store of www.effiepanagoula.com in any way does not disclose or disclose your personal data and information that you trust us. The personal data that you make available to us by registering as a member are used exclusively for the execution of your transactions. All information is encrypted and stored in complete security.
In order to provide you with certain services, we need to share your personal data with some of our partners. These include delivery, payment and marketing service providers. We will never transfer, sell, rent or exchange our customer data to other organizations for marketing purposes. We may share your data with government agencies, regulators, law enforcement agencies, courts, banks and insurers, in cases where we have to do so:
- to comply with our legal obligations.
- to exercise our legal rights.
- to prevent, detect, investigate crimes or prosecute offenders.
- to protect our employees and customers.
To deliver our products and services to you, it is sometimes necessary for us to share your data outside of the European Union. This will typically occur when service providers are located outside the European Union or if you are based outside the Union. These transfers are subject to special rules under data protection laws.
If this happens, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our standard practice is to use “standard data protection clauses” which have been approved by the European Commission for such transfers.
The Site implements appropriate technical and organizational measures to ensure that your personal data is always protected and secure. Our security measures include data encryption, regular cyber security assessments by all service providers that can handle your personal data, security checks that protect our entire technology infrastructure from external attack and unauthorized access, and internal policies that define the how to ensure the protection of your data and the training of our employees.
Your rights are as follows:
- Right of access: you have the right to request information about the personal data we process at any time. You can contact us by making an access request in writing or verbally and we are happy to share your personal information via email (for more details see Article 15 of the GDPR).
- Right to rectification: You have the right to request correction of your personal data if your data is inaccurate and/or incomplete (for more details see Articles 16 & 19 of the GDPR).
- The right to erasure (‘right to be forgotten’): You have the right to request the deletion of personal data processed by our company at any time, unless an order is pending which has not yet been sent or you owe us something (for more details see Articles 17 & 19 of the GDPR).
- The right to restriction of processing: You have the right to ask us to restrict processing when there is a specific reason for this (e.g. if you have objections to our legitimate interest or if your personal data is incorrect or if you think processing is illegal or if we no longer need them (for more details see Articles 18 and 19 of the GDPR).
- The right to data portability: Every time our company processes your personal data, you have the right to get a copy of it in a structured, commonly used and machine-readable format, as well as to request that it be transferred elsewhere. This includes only the personal data you provided to us (for more information see Article 20 of the GDPR).
- The right to object: You have the right to object to the processing of your personal data based on our legitimate interest. We will not continue to process your personal data unless we can prove legitimate reasons for processing that override your interests and rights or our legitimate claims exist (for more details see Article 21 of the GDPR).
- Right to object to direct marketing: You have the right to object to direct marketing, including profiling for direct commercial purposes. You have the option to opt out of direct marketing.
- Right to human intervention: You have the right to object where a decision is based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you (for more details see Article 22 of the GDPR).
If you wish to exercise any of the above rights, contact us using our contact details. If you believe that our company is processing your personal data incorrectly, please contact us. You also have the right to file a complaint with a supervisory authority. If you have any questions about how we use your personal data that were not answered here please send us an e-mail at: Hello@effiepanagoula.com.
- Ensuring Privacy of Transfer of your Personal Data/data transfer security
We recognize the importance of the issue of security of your personal information and your online transactions and take all necessary measures with the most modern and advanced methods to ensure maximum safety problems. All information related to your personal information and your transactions are secure and confidential.
To ensure data transfer security during payment by credit, debit or prepaid card we use Stripe (https://stripe.com). Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, we use the best-in-class security tools and practices to maintain a high level of security at Stripe. All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons can obtain plaintext card numbers but can request that cards are sent to a service provider on a static allow list. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in a separate hosting environment, and doesn’t share any credentials with Stripe’s primary services (API, site, etc.). This API tracks a payment, from initial creation through the entire checkout process, and triggers additional authentication steps when required. For more information please visit https://stripe.com/docs/security/stripe.
- Controlled Access (firewall)
Access to the systems of www.effiepanagoula.com (servers) is controlled by a firewall, which allows the use of specific services to customers/users by prohibiting access to systems and databases with confidential information and
company information (for more information please visit https://www.shopify.com/security).
4.Transaction Privacy/ Trade secret
Confidentiality is a sine qua non. The same basic principles that apply to traditional trade are also used in the case of www.effiepanagoula.com e-shop. All information transmitted by the user/member in www.effiepanagoula.com is confidential, and our e-shop has taken all necessary measures in order to use them only to the extent necessary in the service. Some of the measures taken are as follows:
Only authorized employees have access to the information of your transaction and only when necessary, for example for the processing of your application.
We do not disclose details of customers and transactions, unless written authorization from you or by court order or decision of any public authority.
In any case the www.effiepanagoula.com with no way discloses or publishes your personal data and information entrusted to us. The personal data you share with us with your membership are used solely for the performance of your transactions. All information is encrypted and stored in complete safety.
- Cookies Policy
The Site of www.effiepanagoula.com uses cookie technology through the Shopify platform that complies with article 6 paragraph 1 item f of the General Data Protection Regulation (GDPR- Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016). Our interest in optimizing our Site should be considered legal within the meaning of the aforementioned provision. Electronic cookies (cookies) are small text folders that can be stored on the hard drive of site visitors. The information contained in the electronic traces makes the internet navigation easier and facilitates the correct presentation of the web pages.
You can avoid storing electronic tracks on your hard drive by changing the settings in your browser accordingly. We use this data exclusively for the sending of our newsletters and for the answer to your questions. All data is stored on network servers, which operate under a high level of security and which are protected from improper use and are not accessible to unauthorized persons. Disabling cookies will make it impossible to easily browse the Site and therefore users accept this operation from the beginning. When you visit the Site for the first time, a permanent "cookie" (a small text file) will be set and stored on the user's hard drive. Cookies are used during your successive visits to the Site to "personalize" it. You can visit the Site without the permission of cookies, but you will not be able to use all the features of the Site or enjoy its specific features.
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device. See the section below on how to control cookies for more information on removing them before they expire.
According to article 4 par. 5 of Law 3471/2006 the storage of information or acquisition of access to stored information in the user terminal equipment is only permitted if the particular user has given his/her consent upon clear and extensive information. An exception to the obligation to obtain consent in accordance with that paragraph shall be the case of storage and access to information intended solely to ‘the transfer of a communication via an electronic communications network or which is necessary for the provision of an information society service expressly requested by the user or subscriber. Essentially, the user’s consent is not required for cookies that are technically necessary to make the connection to the Site or to provide the Internet service.
Cookies can be installed by the provider of the Site visited by the user (first party cookies) or by others through the provider of the Site (third party cookies).
Some cookies are necessary to allow you to browse our Site, use its features, and access secure areas. The use of these cookies is essential for the Site to work. For example, we use user-input cookies for the duration of a session to keep track of a user’s input when filling in forms that span several pages.
We also use functional cookies to remember choices you’ve made or information you’ve provided, such as your username, language, or the region you are in. This allows us to tailor your site experience specifically to your preferences. For example, authentication cookies are functional cookies that are used for the duration of a session (or persistent, if you agree to the “remember me” function) to allow users to authenticate themselves on subsequent visits or to gain access to authorized content across pages. The functional cookies we use include:
- User-centric security cookies to detect authentication abuses for a limited persistent duration, like repeated failed login attempts. These cookies are set for the specific task of increasing the security of the service.
- Multimedia content player session cookies (flash cookies) are used for the duration of a session to store technical data needed to play back video or audio content (e.g. image quality, network link speed, and buffering parameters).
- Load balancing session cookies are used for the duration of the session to identify the same server in the pool in order for the load balancer to redirect user requests appropriately.
- User interface customization persistent cookies are used to store a user’s preference regarding a service across web pages.
The Shopify platform that we use is dedicated to user experience and we use many tools to help us improve our Site and our commerce platform. To this end, we use reporting and analytics cookies to collect information about how you use our Site or our merchants’ storefronts, and how often. These cookies only gather information for statistical purposes and only use pseudonymous cookie identifiers that do not directly identify you. The performance cookies we use include:
- First party analytics cookies - We use these cookies to estimate the number of unique visitors, to improve our Sites and our merchants’ Sites, and to detect the most searched for words in search engines that lead to a webpage. These cookies are not used to target you with online marketing. We use these cookies to learn how our Sites and our merchants’ Sites are performing and make relevant improvements to improve your browsing experience.
- Third party analytics cookies - We also use Google Analytics and other third-party analytics providers to help measure how users interact with our Site content. These cookies “remember” what our users have done on previous pages and how they’ve interacted with the Site (for more information on Google Analytics, visit Google’s information page).
Finally, Social and Content cookies are placed by many social media plugins (for example the Facebook ’like’ button), and other tools meant to provide or improve the content on a site (for example services that allow the playing of video files, or that create comments sections). We integrate these modules into our platform to improve the experience of browsing and interacting with our Site. Please note that some of these third party services place cookies that are also used for things like behavioural advertising, analytics, and/or market research. For more information please visit https://www.shopify.com/legal/cookies.
You can also delete all cookies already on your device by deleting your browser’s history. This will delete all cookies from all sites you visited from this browser. Please note, however, that some stored data may also be lost (e.g. stored login details, site preferences).