1. of the types of data it collects or produces for you and,
2. of the purpose of collecting and processing your data and,
3. about how these data are processed and,
4. about their recipients and the purpose for which they are processed,
5. about your rights and choices on your personal data and,
6. about how to contact us concerning any matter you may be concerned about in relation to your personal data.
• information about your Personal Data Processing Officer as well as contact details of the Personal Data Protection Coordinator (DPC) for any issue that relates to your data;
• the types of data we collect for you and the collection methods used;
• the purpose of collecting and processing your personal data and the legitimate basis for processing them;
• the security measures we take to protect your personal data;
• the time period during which we keep your personal data;
• your rights and how you can access them, and your choices regarding the collection and processing of your data;
• protection and storage of your data.
II. CONTROLLER & PERSONAL DATA PROTECTION COORDINATOR
1. Who is the Controller?
The Controller of your personal data is the company “KOUTSOUBIDIS FOTIOS”, headquartered in Ptolemaida, Kozani (Ethinkis antistaseos 7), Greece (TIN: 149204477 / Tax Office Ptolemaida) with GEMI No 000139766136000, tel. 2463024398, fax 2463024398 (hereinafter referred to as the “Company”).
2. Contact details of the Company’s Data Protection Coordinator
You can contact the Company’s Data Protection Coordinator (DPC) on the email firstname.lastname@example.org and the telephone number 2463024398.
3. Questions and Feedback
You may contact us at the contact details listed above and provide us with your feedback, queries, comments or any complaints regarding this Policy and the collection and processing of your personal data, in general. You have the right to submit any complaint regarding your personal data that may arise from their processing by the Company to the Hellenic Data Protection Authority, which is the supervisory authority of Greece. For details, see the following link www.dpa.gr. However, we consider it our obligation and duty to handle any concerns you may have about your personal data we process, so please do not hesitate to contact us.
III. DATA COLLECTION AND PROCESSING
Personal data or personal information means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one whose identity can be identified, directly or indirectly. Such data do not include data that are anonymous.
1. WHAT types of data we collect for you and HOW we collect them
When you navigate to our Online Store or KOUTSOUBIDIS Social Media, submitting an order, open your Account, sign up for our Newsletters, you take part in promotional activities such as contests, social media interaction (e.g., comments, Likes, etc.) or otherwise, we collect various types of personal data for you, either directly from you or from third parties, or which we collect or create by our own means (including through automated means).
Indicatively, we collect the following personal data for you:
• Identity Data: (name, username, membership code, or other similar ID) that you provide to us when submitting your order or when registering as a KOUTSOUBIDIS Member with the opening of an Account, your participation in contests, etc.
• Contact Data: (fixed and/or mobile phone, e-mail address and other contact information) that you provide to us when submitting your order, opening an Account or as part of receiving a commercial communication from our Company or participating in various actions of our Company (e.g. contests, etc.).
• Delivery Details: Postal address (street, number, PO, city, country)
• Financial data: (bank account, transaction value, credit notes, refunds, debit or credit card information, billing address, etc.) that you provide to us when you pay by electronic means, in the case of refunds deducted from your purchases, etc. The card details, their confirmation, preapproval of payment and final charge are recorded in Piraeus Bank secure environment (SSL). The website www.koutsoubidis.gr is by no means aware and does not handle or store your card details.
• Transaction/Purchase Data: (type of purchase, transaction value, place of delivery, time of purchase, purchase history, complaints, payment method, details required in case of change or re-crediting of an account, such as a bank account, beneficiary name, IBAN, banking institution etc.) that we collect about your purchase and/or your Account.
• Consumer Behavior Data: Consumer preferences while browsing the e-shop, i.e. the items you view, your shopping cart, Wishlist, your social media activity (e.g. what products you like), gifts redeemed, the frequency, way, time of purchase, the type of purchase, etc., by type of products, comments, or any replies to surveys we make.
• Technical data such as for example channel – source of origin, Internet Protocol (IP) address, time zone and location, login details, browser type and version, operating system and platform, and other technology on the Devices that you use to access our Website, etc. For more details on the information we collect using cookies, please see our policy below.
• Login Data to connect to your Account or to the account of a member of the fidelity program, i.e. your username (which corresponds to your email or mobile phone number) and password.
• Demographic data: age, sex, place of residence, which are collected directly from the data subject, as the case may be, or deduced from the transactions of the subjects in our Online Store, etc.
• Data collected through Cookies: Browser, IP address, products you have placed in the shopping cart but not purchased yet, the country of origin of your order, the products you are looking at in the Online Store, Wishlist with your favorites, other websites from which you were directed to us.
We do not knowingly collect any information from anyone under the age of 15. Our services are aimed exclusively at people who are at least 15 years of age or older. In case you are under 1
Learn more…Your obligation to let us know about changes to your personal information.
It is important that personal information we keep for you is up-to-date and accurate. Please let us know as soon as possible about any changes to your personal information throughout our relationship with you.
We collect DIRECTLY BY YOU the following personal information:
• At the time of submission of the order whether electronically or by telephone, you must give us your full name, product shipping address, email address, mobile phone number and payment details (credit / debit card, etc.). The card details, their confirmation, preapproval of payment and final charge are recorded in Piraeus Bank secure environment (SSL). The website www.koutsoubidis.gr is by no means aware and does not handle or store your card details.
• When you open an Account, either through our website or through our stores, through the relevant form you fill out, you must provide us with your mobile phone number, your full name, date of birth, and a password. Optionally and if you wish, you can also provide to us your email, the date of your name day and your home address.
• To sign up to the list of recipients of our Company’s Newsletters, you must provide to us your email.
• To sign up for the contests which our Company organises from time to time, you must provide to us your personal information as determined on a case by case basis.
When communicating with us in the Company’s social media (Facebook, Instagram, etc.) and with the customer service department (except to place a telephone order), you must provide to us your personal information, such as ID, contact, or transaction details, which we will use on a case-by-case basis only to process your request.
We collect with AUTOMATIC MEANS the following data and information about you.
• By using cookies and other related technologies, we collect and/or generate data about your preferences, such as the products you view, the time and frequency of your views, the type of newsletters you open or not, their content and your communication with us after every newsletter, your Wishlist, the type of products you buy, the search terms you enter, or the links you click on in the Online Store, the products you place in the cart without completing their purchase, country of origin, language etc.
• From your Account we create the history of your orders and purchases, from which we infer your preferences, the frequency of your purchases by type, the value of the products you buy or are interested in, the time you buy, the area your stay etc.
• Data about the devices through which you visit our Website, for example the Internet Protocol (IP) address, login information, browser type and version, operating system and platform and other technology on the devices used to access our Website, etc.
• Data about the page from which you signed up and the page that you visited when you left,
We collect from third parties the following data and information about you:
• We may receive your personal information, such as your full name and e-mail address, from a friend of yours who entered your details for you to receive a voucher from us or for us to send you a gift that he has selected for you.
• If you sign up for our service through a social networking platform, we may collect the above personal data directly from the information you have provided to the platform (as long as the social networking platform is entitled to share your personal data with us).
Your personal data may be shared with us by third independent organizations when there is a legal basis for processing and they are entitled to do so. In such cases, you must be informed about the processing of your personal data from the relevant Data Protection Notice of these third parties. These organizations may include social media such as Facebook, Instagram, Viber, Twitter.
2. HOW do we use your personal information?
All of your above personal data, which as mentioned above, which are provided to us by you either on a mandatory or on a voluntary basis, or which we collect from third parties or are generated by automated means, are used for the following legitimate purposes. Please note that if Community or national law restricts or prohibits certain actions of the Company for which we use your data, we will discontinue the use of your information for these purposes.
In particular, your personal data are used by us for the following purposes:
• To receive your orders, process them, and ship products to you.
• To communicate with you about issues relating to the sale of our products to you.
• To manage, handle and process your payments, including the security of our financial transaction.
• To help you, as a KOUTSOUBIDIS member, in opening your Account with us.
• To create, keep and maintain a database with our client base and to analyse it.
• To send to you commercial communication via Newsletter, SMS, or other media (VIBER) regarding our Company’s news, products, promotions and offers.
• To analyze your behavior and identify your preferences.
• To understand and analyze the results of our ads and promotions.
• To handle your requests, such as withdrawal, product replacement, etc.,
• To satisfy your rights with respect to your personal data.
• To ensure security of transactions.
• For business analyzes and enhancements, such as placing our products on the market and optimizing our products, optimizing your experience and service from us within our Online Store, managing Loyalty programs, as well as adapting your experiences to our Online Store.
• For other purposes for which we will notify you or will be identified on a case-by-case basis at the place where your information is originally collected
3. ON WHAT LEGAL BASIS do we use your personal data?
The Legal basis on which we make use of your information is either one of the following (for more detailed explanations, please see section “Learn more”):
• Performance of a contract to which you are a party.
In order to fulfill our obligations under the Sales Agreement, such as our payment, issue of documents, proper delivery of the products to you, etc., the Company may process your personal data, such as your address and contact details.
To participate in a contest or draw as part of our promotions, provided that you accept the terms of participation.
In particular, the Company may process your personal data such as your email and password in order to secure your transactions (e.g. to identify you when you log in to your Account), your email or your phone number, so that we can communicate with you in case of a problem with your Account, your phone number, so that we can communicate with you in case of a problem when executing your order.
• Any legitimate business interest against which your data protection interests do not prevail.
To manage and protect our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and data retention)
To prevent and deal with cases of fraud and other illegal activities for the purpose of protecting the public and the safety of personnel, including the video surveillance system.
To provide you access to your personalized account, where you can track your transactions (your past and pending purchases with us), products you are interested in, wish lists you have created, and for you to complete your purchases faster, etc. The details and content of the user profile are visible to you at any time.
We offer you services that are useful, easy to use and enjoyable, including personalized communication with you as you wish and have declared, and products of your interest and benefit to you, according to your preferences.
To better understand your buying habits in order to develop and improve our products and services and tailor the content of the site to your needs and preferences.
To measure the effectiveness of the Company’s presentation and display on third-party websites.
To analyze the effectiveness of our sales promotion and to help promote the most appropriate messages, information and offers to you and other customers.
To perform market research, evaluation and analysis of your opinion on our products and for our commercial policy, reputation, visibility of our trademarks and other distinctive features.
To collect and recover any financial debts to us.
To use data analysis tools to improve the site, our products/services, our relationships with customers.
When we rely on the legitimate interests of the Company as a legitimate basis for processing your personal data (including automated decision-making and profiling), we must assess whether such processing overrides your interests, fundamental rights or freedoms that require the protection of your personal data.
We have taken these issues into consideration, and where we believe that there is a risk that one of your interests, fundamental rights or freedoms may be affected, we will not process your personal data unless we rely on another legitimate processing ground.
• To comply with a legal obligation with which we our bound,
In the context of its activities, the Company is required to process your personal data in order to comply with its obligations under the law, such as for example the maintenance of financial data of transactions for tax purposes, the use of your email for sending a confirmation of your order execution, and so on.
• If none of the above apply, your consent (which you will always be requested to provide before we process any information).
Your free and informed consent is the legal basis for using your email and/or mobile phone for us to send you direct mail in the Newsletter form to your emails, or for you to receive updates on KOUTSOUBIDIS news and offers through SMS/VIBER on your mobile phone, when you are not for example our client or as appropriate.
Your e-mail or mobile phone for the purpose of commercial communication via information email, SMS, VIBER etc. within the framework of our customer relationship, if you buy from us, for the development of our business activity, the optimization of commercial and technical systems, statistical analysis to improve products, optimized customer service,
To inform you of offers or promotions of third parties working with us, provided you have given us your consent, using any means of communication you have stated.
To advertise our company and products in the social media to you and other people who may also be interested in what we offer.
4. WHO are NOTIFIED of your personal data and WHY
In the context of the operation of our e-shop, the fulfillment of our contractual obligations and your best service, our Company reserves the right to cooperate with third-party service providers that provide us with support and access only to your data that are absolutely needed by us (e.g. for registering you in the e-shop and managing your account, for executing the contract between us and providing any of our services to you, in general, for the functional and IT handling of our website www.koutsoubidis.gr, for optimizing our products and services, etc.). These third service providers are contractually bound not to use your information in any way other than to help us provide you with the products and services we agree to.
In particular, our Company cooperates:
(a) With a third company which shall perform the processing on behalf of our Company, and shall host and manage our e-shop.
(b) With a third Call Center company acting on behalf of the Company for customer service, which will handle all your telephone orders and manage our communications for reasons relating to your activity in our e-shop.
(c) With third party courier companies which shall perform the processing on behalf of our Company, and manage and process the shipment of your orders and collect the money on our behalf in case you pay by cash on delivery. They shall also perform the receipt and delivery to you of products that you return due to withdrawal or return.
(d) With third-party email marketing companies acting in the name of and on behalf of us to send you our newsletters.
(e) With advertising and marketing companies
Your retained data may be communicated to the competent judicial, police and other administrative authorities upon their request and in accordance with the applicable laws. Furthermore, in the case of a statutory provision, a service order or a formal preliminary examination, the Company has the right to place the relevant information at the disposal of the respective service.
5. SAFETY of your personal data
We apply appropriate technical and organizational measures to protect the personal information we keep from unauthorized disclosure, use, conversion or destruction. Where appropriate, we use encryption and other technologies that can help safeguard the information you provide. We also ask our service providers to comply with stringent privacy and data protection requirements.
In particular, the data you submit to the Company is treated exclusively by specifically authorized personnel of the Company that is under our control, respectively, only upon our request. In order to conduct the processing, the Company selects individuals or third parties with corresponding professional qualifications that provide sufficient guarantees in terms of technical knowledge and personal integrity to ensure confidentiality. The Company, through its respective contractual commitments and its affiliates, shall take all necessary security measures to protect and ensure the confidentiality, privacy and integrity of personal data. In any case, their security in the platform environment is subject to reasons beyond its sphere of influence, as well as reasons resulting from technical or other weaknesses of the network that are not controlled by the Company, or reasons of force majeure.
You must not disclose the data/codes you have entered to open your Account, which are personal and non-transferable. Our Company performs regular quality and security checks on the systems and algorithms it uses to correct the factors that lead to inaccuracies in the data.
6. TIME OF RETENTION of your personal data
We will retain your personal data for as long as you continue to interact with us (e.g. you maintain an account with KOUTSOUBIDIS, you are registered to receive commercial communication from us, make a purchase from our online store, contact our customer service points, take part in a contest, etc.). At the same time, we shall keep your personal data for purposes of our legitimate interests in the event of a dispute regarding the sale contract, the maintenance of your Account, our trade policy or any other transaction between us, for the time period during which that processing could arise, in accordance with applicable law. Your financial data may be kept by our Company as part of its tax obligations. We may keep any other data until you ask us to delete them or those we maintain and process as part of your consent until you withdraw it or until you oppose to their processing by us on which we rely on our legitimate interest.
To determine the retention time of your personal data, we take into account the nature of your data, their quantity, purpose, security, etc. You have the right to ask us to delete your data. To exercise your right, please visit the relevant section in this Policy.
We reserve the right in some cases, to anonymize your data for research or statistical purposes, so that they will be no longer associated with an identifiable person, therefore we reserve the right to use this information for an indefinite period of time. In any case, your data will be stored securely.
With respect to your personal data we have and process, you have the following rights:
• to request us to access them to confirm that we process them in accordance with law and/or your request and preferences,
• to request us to correct any incomplete or inaccurate data we keep about you. We also have the right to request you to update your information at regular intervals.
• to request us to delete them, as long as the law does not oblige us to the contrary.
• to request us to limit their use, under certain circumstances,
• to oppose to their use, under certain circumstances,
• to withdraw your consent with respect to their use,
• you have the right to data portability, under certain circumstances,
• to submit a complaint to the country’s supervisory authority.
• not to be bound by a decision made solely on the basis of automated processing, including profiling, under certain circumstances.
We offer you easy ways to exercise these rights, such as “unsubscribe” links, or through the customer support telephone line at 246302498 (low-call help line Monday, Tuesday, Friday 09:00-14:00, 18:00-21:00 and Saturday 09:00-15:00, excluding public holidays), by sending an email to email@example.com, by sending a mail to the address: Ethinikis anstistaseos 7, 50200, Ptolemaida, Kozani, Greece Personal Data Protection Coordinator.
For your information security, we may ask you for certain information about your identification. Your right is exercised free of charge, however, when your right is used abusively, we may claim a fee, in accordance with the conditions laid down by law. In any case, we shall respond to your requests within one month of the date of receipt of the request, except in exceptional cases where our response time to a request may be longer.
Changes to the Data Protection Policy
Any changes to this Policy will be immediately posted here.