Privacy Policy - GDPR

PERSONAL DATA PROTECTION POLICY

From the 25th of May 2018, the General Data Protection Regulation came into force [hereinafter GPA or Regulation]. The Regulation has a wide scope of application and, like the previous legislation (ie Law 2472/97 "on the protection of the individual from the processing of personal data") applies to our Company.

This website of the Company recognizes and respects the right to protection of personal data of internet users, in accordance with the Regulations. This policy text describes the collection and processing of user data when visiting or using the services provided on our Website. The visitor of our Website and / or user of our services must carefully read the terms and conditions of protection of his personal information listed here.

1.Conditions for the application of the GCC:

The Regulation applies to the fully or partially automated processing of personal data, ie to any information that refers to an identified or identifiable natural person.

Personal data is any information that concerns an identified or identifiable natural person ("data subject"), such as name, email address, VAT number, etc. Identifiable is defined as a natural person whose identity can be verified, directly or indirectly, in particular by reference to an identity identifier, such as name, identity number, location data, online identity (IP address, e-mail, etc.). .) or one or more factors specific to his physical, physiological, genetic, psychological, economic, cultural or social identity.

Processing means any operation or sequence of operations performed with or without the use of automated means, on personal data or on personal data sets, such as collection, registration, organization, structure, storage, adaptation or modification , the retrieval, search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.

The Regulation also applies to the non-automated processing of such data, which are included or will be included in an archiving system.

2. Obligation of confidentiality

The Company has obligations of confidentiality deriving from the principle of security, as specified in particular in article 32 of the Regulation.

3.Personal data in the Online Store

The Controller processes personal data, customer details, name, address, etc.

4. Conformity check for essential requirements:

4.1.The Online Store and the body of the company, like any Controller (ie the natural or legal person who defines the purpose and means of processing), must check its compliance with the requirements of the Regulation. These obligations relate in principle to the legal bases and principles of processing.

4.2.Foundations of legality:

a) The keeping and processing of the data serves exclusively the execution of the distance selling contract

b) For the observance of the personal data, consent has been obtained according to the provisions of the Regulation and it concerns purposes that are part of the fulfillment of the mutual obligations from the distance sale contract.

4.3. Principle of minimization: The collection and processing of personal data is absolutely necessary, necessary and appropriate for the purposes of the transaction.

4.4.Maintenance and deletion: Data are deleted / destroyed when it is no longer necessary for the fulfillment of the purposes for which they were collected and for the fulfillment of other legal purposes (eg tax audits)

4.5 Access control: The personal data of the customers of the Company is accessed only by the company of the Company and specially authorized employees-associates who are covered by a confidentiality clause.

5. Obligations of transparency - information

In accordance with the provisions of the GCC, the Company and this Website inform its customers (Data Subjects) regarding the collection and processing of their personal data that

a) Responsible for Processing is the administrator of the online store Dimitra Syrmakesi

b) The observance and processing is done only within the framework of the distance selling contract and for the service of its purposes within the framework of the Law.

c) The data remain at the disposal of the company for as long as is required for the completion of the above contract as well as for tax purposes and are then deleted

d) The data are not transmitted to third parties outside the above frameworks and are not used or even transferred to third parties for commercial and advertising purposes.

6. Rights of Processing Subjects

Customers / Users / Processing Subjects maintain:

a) Right of access: The Data Subject is entitled to know if the data is being processed, in what way and for what purpose.

b) Right of correction - update: The Data Subject is entitled to request the correction of inaccurate / incomplete data.

c) Right of deletion (right to be forgotten): The Data Subject is entitled to request the deletion after the end of the contract with the fulfillment of the obligations of both parties, as long as the data is not necessary and as long as compliance is not required by law. .

d) Right to restrict processing.

e) Right to object to the processing.

f) Information on how to exercise the rights and to formulate requests and complaints to the Company

i) Information on the right to withdraw consent, provided that the processing of personal data is based on consent.

ii) Information on the right to complain to the Personal Data Protection Authority, in writing (Kifissias 1-3, PC 115 23, Athens) or electronically (www.dpa.gr) after submitting a complaint to the Processor or the Head of Protection (DPO).

All relevant information is available on the company's website.

7. Concluding contracts with the Executors of the Processing

The Company may entrust the processing of personal data on our behalf to third parties, within the framework and with the limitations of this and the relevant national and European legislation.

Such cases can be various natural persons (except the Company staff) or companies that provide services: notaries, accountants, bailiffs, postal services, software maintenance / support services

etc. The Executors are obliged with the obligation to follow the instructions of the Company regarding the processing of personal data but also to observe the obligations from article 28 of the Regulation.

9. Safety measures

The Company and its Body as a Responsible Processor takes the necessary technical and organizational measures for the security of personal data that collects, maintains, uses, etc. to protect them, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure / access to or access by unauthorized persons (protection against malware, viruses, attacks on information systems, data corruption, etc.) .

To exercise your rights, you can contact the Company Data Protection Officer by sending an e-mail to info@sirmakesis.com or by mail to our address:

Sirmakesis Jewelry

Averof 8

Janina

T.K. 45221

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.