PRIVACY POLICY
PRIVACY POLICY
For this reason, we take appropriate measures to protect the personal data we process and to ensure that the processing of personal data is always carried out in accordance with the obligations set by the legal framework, both by our company and by third parties who process personal data on behalf of our company.
Please take a moment to read this Privacy Policy and become informed about the way in which our company, under the name “PETROS SYMEONIDIS PRIVATE SECURITY SERVICES PROVISION COMPANY O.E.” based in Korydallos, Attica, 6 Delfon Street and Grigoriou Lambraki Street, tel. 210 3007750, email address info@entopizo.gr (hereinafter the “Company” or “we” or “us”), acting as Data Controller, collects, stores, uses and generally processes your personal data when you visit, register or use the Company’s websites (hereinafter the “Websites”) and its mobile applications (hereinafter the “Apps”), as well as when you transact with its physical stores. This Privacy Policy also describes how we use, share and protect your personal data, the choices you have regarding your personal data, and how you can contact us.
For any questions regarding this Privacy Policy, as well as any issue related to the processing of your Data and the exercise of your rights, you can contact the Company's Data Protection Officer (DPO) at the email address info@entopizo.gr.
1. A few words about the Company's Websites: entopizo.gr is the Company's website, where the Company's online store for displaying and selling products is located. Additionally, through the website gps.entopizo.gr you can access the device tracking service provided by the Company,
•find a job at the Company through the “Career Opportunities”
•send information/advertising material (newsletter)
2. What is personal data: The term “personal data” refers to information about natural persons, such as name, postal address, email address, contact telephone number, etc., which identify or can identify you, hereinafter “Personal Data or Data”.
3. What is Personal Data Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. Is the provision of your Data mandatory: The provision of the Data to the Company may be necessary to achieve the purposes specified in this Privacy Policy or may be optional. The mandatory or optional nature of the provision of Data is indicated by an asterisk (*) next to the mandatory personal data. If you refuse to provide the information marked as mandatory on the Websites, it will be impossible to achieve the main purpose of collecting the specific Data, and it may, for example, become impossible for the Company to fulfill the sales contract or provide the other services available on the Websites. Providing additional Data to the Company, beyond those marked as mandatory, is optional and does not have any consequences regarding the main purposes of data collection, but their provision serves to optimize the quality of the services provided.
• Data when creating a user account on the Websites or Apps – Mandatory: e-mail address*, login password* – Optional: first name, last name, gender, date of birth, postal address, telephone number.
• Data from your transactions with us, whether through our physical stores or through our online store – For example, we collect notes from our conversations with you, details of any complaints or comments you make, details of purchases you have made, products added to or removed from your cart, list of products you wish to purchase (wish list), coupon redemptions, websites you visit and how and when you contact us.
• Shopping interests and preferences, which help us recommend specific products and services that are of interest to you – For example, which products you show us a preference for so that you can receive a personalized offer from us. We will only ask for and use the Data we have collected to recommend products or services of interest to you and to further improve your shopping experience with us. Of course, it is always your choice whether to share such information with us.
• Traffic data of our website or other websites that you have visited before us
• Information collected from the use of cookies in your browser. Learn more about how cookies are used in the corresponding link.
• Copies of documents you provide to prove your age or identity, when required by law (such as a copy of a police or student ID). – For example, these copies may include details of your full name, address, date of birth and a facial image (photo). If you provide a passport, the data will also include your place of birth, gender and nationality.
• Payment information.
• Your comments and product reviews.
• Your image may be captured on CCTV when you visit one of our physical stores
• To provide the best possible website experience, we collect technical information about your internet connection and browser, as well as the country and telephone code where your computer is located, the websites you visit, the advertisements you click on and any search terms you enter. Find out more about this.
• Your social media username, if you interact with us through these channels, to help us respond to your comments, questions or feedback.
• Educational information, such as education, skills, language skills, professional experience (only in cases where you are applying for a job)
CHILDREN
We comply with the law and do not allow children to register on our Websites and Apps when they are under 16 years of age. We will request parental consent for children participating in the Company’s experiences and events.
•Product orders: The Company processes your Data in order to fulfill its contractual relationship, to process the order of products and/or services, to provide customer service, to comply with legal obligations, to defend, raise or exercise legal claims. If we do not collect your Data at the time of order completion either from our physical stores or from our online store, we will not be able to process your order and comply with our legal obligations. Your Data may need to be transferred to third parties for the supply or delivery of the product or service you have ordered. In addition, we may retain your Data for a reasonable period of time in order to fulfill our contractual obligations, such as product returns, as required by relevant legislation.
•Creation of a User Account: The Company processes your Data in order to provide you with account functions and to facilitate the conclusion of the purchase of products and/or services.
•Communication: The Company uses your Data to respond to the requests/questions you submit, to refund requests and/or to complaints. The information you share with us enables us to manage your requests and respond to you in the best possible way. We may also maintain a record of your questions/requests to us in order to better respond to any future communication. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests in order to provide you with the best possible service and to be able to improve our services based on your personal experience.
•Sometimes, we will need to share your Data with a third party providing a service (such as courier delivery or a technician visiting your home): Without you sharing your personal data, we would not be able to fulfill your request. Below is more information on how we share personal data with third parties.
•Job Search: The Company processes your Data to assess your qualifications and abilities for the position you applied for or for another position within the Company as well as for the purposes of communicating with you in connection with this purpose. To share information about our products, services and events, as well as for other promotional purposes
•Sending newsletter/offers: With your consent, we will use your personal data, preferences and transaction details to inform you via email, web, telephone and/or social media about relevant products and services, including personalized/personalized offers, discounts, etc. Of course you have the ability to withdraw this consent at any time.
•Participation in Competitions: The Company processes your Data, in case you agree to participate in competitions it conducts, in order to notify you if you are the winner of the competition and to deliver your gift to you. For the operation, improvement and maintenance of our business activity, products and services
•Development and improvement of systems and services for the products we provide to you: We do this based on our legitimate business interests.
•We want to offer you offers and suggestions that are more relevant to your interests: To help us build a better and more comprehensive understanding of you as a customer, we combine your personal data collected throughout our relationship, for example your purchase history in both our physical stores and our online store. To this end, we also combine Data that we collect directly from you with Data that we receive from third parties to whom you have given your consent to transfer this data to us. For example, by combining this data, this will help us customize your experience and decide what inspiration or content to share with you. We also use anonymous data from customer purchase history to identify trends in different regions of the country. This can then guide which products we display in specific stores.
•To show you the most interesting content on our Websites or Apps, we will use the Data we hold about your favorite products: This is based on your consent to receive App notifications or – for our Websites – your consent to place cookies on your device. For example, we may show you a list of products you have recently viewed or offer you recommendations based on your purchase history and any other Data you have shared with us.
•To send you research and evaluation requests so that we can improve our services: These messages will not contain advertising content and do not require prior consent when sent by email or text message (SMS). We have a legitimate interest in doing so, as this helps our products or services to be more relevant to you. Of course, you are free to refuse to receive these requests from us at any time by updating your preferences in your online account. To protect the rights, property or safety of ourselves or others •Protecting your account from fraud and other illegal activities: This includes using your Data to maintain, update and protect your account. We also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our website. All of the above is part of our legitimate interest. For example, we check your password when you log in and use automated IP address tracking to identify potential fraudulent logins from unexpected locations.
•Operating CCTV Systems: In order to protect our customers, premises, property and partners from crime, we operate CCTV systems in our stores that record images for security. We do this based on our legitimate business interests. If we detect any criminal activity or suspected criminal activity through the use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this Data for the purposes of preventing or detecting illegal acts. Our aim is to protect our customers, employees and partners from criminal activity.
•Processing payments and preventing fraudulent transactions: We do this based on our legitimate business interests. This also helps to protect our customers from fraud. To comply with our obligations arising from the law
•To comply with our contractual or legal obligations to share data with law enforcement: For example, following a court order to share data with judicial agencies.
•To send you communications required by law or necessary to inform you of changes to the services we provide to you: For example, updates to these privacy notices, product recall notices and legally required information about your orders. These service messages will not include promotional content and do not require prior consent when sent by email or text message (SMS). If we do not use your personal data for these purposes, we cannot comply with our legal obligations.
7. For what purpose do we process your Data? We collect your Data for the purposes of the products and/or services provided by our Company and in particular for: a) managing the sale of our products and/or services, e.g. communicating and informing you about the availability of products and the progress of your order, executing your order, shipping the products, managing your debts to the Company, making returns and providing guarantees. b) complying with the obligations imposed by the applicable legislation, e.g. tax legislation, e-commerce directive, c) checking, improving and adapting to your preferences and choices regarding our products and/or services, d) sending, by electronic or traditional means, administrative, technological, organizational and/or commercial information about the Company's products and/or services. e) conducting customer satisfaction surveys, promoting our products and/or services, sending newsletters about our products and/or services. f) evaluating applications and CVs for the purpose of recruitment to our Company.
8. What is the lawful basis for the Company to process your Data?
•Data protection legislation sets out various reasons why a company may collect and process your personal data, including: the terms of our contractual relationship
•your consent, where required. For example when you opt-in to receive a newsletter. When collecting your personal data, we will always inform you which data is necessary in relation to a particular service.
•the Company’s obligations arising from the law (e.g. tax law, e-commerce law, etc.)
•the legitimate interest of our Company. In certain cases, we collect your Data in a way that is reasonably expected as part of the operation of our business and that does not substantially affect your rights, freedom or interests. For example: – We will use your purchase history to send you or make available personalized offers. – We also combine the purchase history of many customers to identify trends and ensure that we can keep up with market demand or develop new products/services.
9. Who are the recipients of your Data – How is your Data shared? Access to your Data is available only to the Company’s strictly necessary personnel, who are bound by confidentiality, and to our collaborating companies or third-party service providers, who process your Data as Processors on our behalf and in accordance with our instructions. Data Sharing by the Company The Company shares your Data with:
•Companies of the Company's group for the purposes and within the framework of the terms mentioned above in section 7 of this Privacy Policy •Stores and/or commercial enterprises that cooperate with the Company for the sale of their products/services
•Third party service providers that process personal data on behalf of the Company, for example (indicatively mentioned) for the processing of credit cards and payments, transportation and deliveries, hosting, management and maintenance of our data, email distribution, research and analysis, management of brand and product promotions, Google, Facebook, as well as the management of certain services and elements. When we use third party service providers we enter into agreements that oblige them to implement appropriate technical and organizational measures to protect your personal data.
•Other third parties, to the extent necessary for the following purposes: (i) comply with a government request, court order or applicable law, (ii) prevent unlawful uses of our Sites and Apps or violations of our Sites and Apps Terms of Use and our policies, (iii) protect ourselves from third-party claims, and (iv) help prevent or investigate fraud (e.g., counterfeiting)
•To other third parties when you have given your consent Sharing by you •When you use certain social media features on our Sites or Apps, you may create a public profile that includes information such as your username, profile picture and city. You may also share content with your friends or the general public, including information about your interaction with the Company. We encourage you to use the tools we provide to manage your sharing on the Company’s social media to control the information you make available through the Company’s social media features. The following is our policy towards those with whom we share your Data in accordance with the above:
•We only provide the information they need to perform their specific services.
•They can only use your Data for the precise purposes we specify in our contract with them.
•We work closely with them to ensure that your privacy is respected and protected at all times.
•If we stop using their services, any data you hold will be deleted or made anonymous. To improve your customer experience on our Websites and Apps, we use the following companies, who will process your Personal Data as part of their contracts with us:
Google, Twitter, Instagram, Facebook, YouTube, Yahoo, Bitrix24, Skroutz, BestPrice, WordPress, Epsilonet and ACS courier
For more information about sharing your Data with third parties please contact our Company’s Data Protection Officer.
10. How do we ensure that Processors respect your Data?
The Processors performing the processing on our behalf have agreed and contractually committed to the Company:
•to maintain confidentiality,
•not to send your Data to third parties without the Company's permission,
•to take appropriate security measures,
•to comply with the legal framework for the protection of natural persons with regard to the processing of personal data and for the free movement of such data (General Data Protection Regulation 679/2016/EU (hereinafter referred to as GDPR), as applicable from time to time, to the extent and in the manner appropriate to each, within the framework of our cooperation.
11. International Data Transfer:
The personal data we collect (or process) in the context of our Websites and Apps will be stored in Greece. However, some of the recipients of the Data with whom the Company shares your Personal Data may be located in countries other than the one in which the initial collection of your Personal Data took place. The legislation in such countries may not provide the same level of data protection as the country that originally provided your Personal Data. However, when we transfer your Personal Data to recipients in other countries, including the United States, we are committed to protecting your Personal Data as described in this Privacy Policy and in accordance with applicable law. We take steps to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside the European Economic Area or Switzerland that do not ensure an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries is adequately protected in accordance with data protection rules. These include signing Contractual Clauses, certifying that the recipient has adopted the European Binding Corporate Rules or adheres to the EU-US and Swiss-US Privacy Shield.
12. How long do we retain your Data? We retain your Personal Data for as long as necessary to fulfill the purposes set out in this Privacy Policy (unless a longer retention period is required by applicable law). Generally, this means that we will retain your Personal Data for as long as you have an account with our Company. In relation to your Personal Data relating to product purchases, we retain this data for a longer period in order to comply with our legal obligations (such as tax and commercial legislation and for warranty purposes). At the end of this retention period, your data will be deleted in full or anonymized, for example by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and business planning. Some examples of customer data retention periods:
•Orders: When you place an order, we will retain the personal data you provided for five years, so that we can comply with our legal and contractual obligations. In the case of certain products, such as electrical goods, we will retain the data for 10 years.
•Warranties: If your order included a warranty, the relevant personal data will be retained until the end of the warranty period.
•Newsletter: Your declaration of consent to receive a newsletter is kept for as long as the Company sends you a newsletter and in any case no longer than six months after it has stopped being sent.
13. Is your Data secure? We are committed to safeguarding your Personal Data. Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to secure and protect your Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security. The entopizo.gr website uses the TLS protocol for secure online commercial transactions. In this way, all the Data you provide, including your credit card number, name and address, are encrypted so that they cannot be decrypted or changed during their transfer to the Internet. In addition, the information used to identify you as an account user is two: the Username and the Personal Secret Security Code. Each time you enter your details, you are granted access to your personal account. This process is achieved securely through encryption during their transfer to the internet and the Company's servers. According to the same standards, you are given the opportunity to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired code, the new code is encoded and stored in the Company's systems. For this reason, the only one who knows your code is you and you are solely responsible for maintaining the confidentiality of the code from third parties. These measures are reviewed and modified when deemed necessary.
14. What are your rights? You have the right to access your personal data. This means that you have the right to be informed by us if we are processing your Data. If we process your Data, you can request to be informed about the purpose of the processing, the type of your Data we keep, to whom we provide it, how long we store it, whether automated decision-making is carried out, as well as about your other rights, such as correction, deletion of data, restriction of processing and filing a complaint with the Personal Data Protection Authority. You have the right to correct inaccurate personal data. If you find that there is an error in your Data, you can submit a request to us to correct it (e.g. name correction or address change update). You have the right to erasure/right to be forgotten. You can ask us to delete your data if it is no longer necessary for the above-mentioned processing purposes or you wish to withdraw your consent in the event that this is the only lawful basis. You have the right to portability of your Data. You can ask us to receive the Data you have provided in a human-readable format or ask us to transmit it to another controller. You have the right to restrict processing. You can ask us to restrict the processing of your Data for the time being while your objections to the processing are pending. You have the right to object and withdraw consent to the processing of your Data. You can object to the processing of your Data and we will stop processing your Data, unless there are other compelling and legitimate reasons that override your right. If you have given your consent to the collection, processing and use of your personal data, you can withdraw your consent at any time with future effect. Opting out of Marketing Communications. You can opt out of receiving marketing communications from the Company by modifying your preferences in your user account (my profile) on our Websites. You can also opt out of receiving marketing communications by changing your email and SMS subscriptions by clicking the unsubscribe link or by following the instructions included in the message. Alternatively, you can contact us using the contact details in the “Questions and Comments” section below. Where we are relying on our legitimate interest. In cases where we process your personal data based on our legitimate interest, you can ask us to stop for reasons relating to your personal situation. We must then do so unless we believe that we have a compelling legitimate reason to continue to process your Personal Data.
15. How can you exercise your rights? To exercise your rights, you can submit a relevant request to the Data Protection Officer at the Company's postal address (Delfon 6 & Gr. Lambraki – Korydallos – PC 18121) or at its electronic address (info@entopizo.gr) entitled “Exercise of Rights” and we will take care to examine it and respond to you as soon as possible.
Exceptionally:
•if you wish to correct your Data in your user account, you can log in to it and make any correction/change without the need to submit a Request.
•if you wish to withdraw your consent to sending a newsletter, you can do so by selecting the link “To delete from the “newsletter mailing list” click here” located at the bottom of each newsletter.
•if you do not wish to receive web push notifications from the Company you can disable the option from your browser settings. Identity Verification: To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you submit based on this Privacy Policy. If you have authorized a third party to submit a request on your behalf, we will ask them to prove that they have your permission to act for this purpose.
16. When do we respond to your Requests? We respond to your Requests free of charge without delay, and in any case within (1) one month from the time we receive your request. However, if your Request is complex or there is a large number of your Requests, we will inform you within the month if we need to obtain an extension of another (2) two months within which to respond to you. If your Requests are manifestly unfounded or excessive, in particular due to their repetitive nature, the Company may impose the payment of a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action or refuse to act on the Request.
17. What is the applicable law when we process your Data? The Applicable Law is Greek Law, as formulated in accordance with the General Regulation for the Protection of Personal Data 2016/679/EU, and in general the applicable national and European legislative and regulatory framework for the protection of personal data. The competent courts for any disputes arising related to your Data are the Courts of Athens.
18. Where can you appeal if we violate the applicable law for the protection of your Personal Data? You have the right to file a complaint with the Hellenic Data Protection Authority (HDPA) (postal address Kifisias 1-3, P.C. 115 23, Athens, tel. 2106475600, e-mail address (e-mail) contact@dpa.gr), if you consider that the processing of your Personal Data violates the applicable national and regulatory legal framework for the protection of personal data.
19. How will you be informed of any amendments to this Policy? We update this Privacy Policy whenever necessary. If there are significant changes to the Privacy Policy or to the way in which we use your Personal Data, we will publish on our website the update of this Policy, before the changes come into force and we will notify you by any appropriate means. We encourage you to read this Policy periodically to be aware of how your Data is protected. This Privacy Policy was last amended on 26 August 2020.
20. Questions and Comments? We hope that this Privacy Policy has helped you understand how we handle your Personal Data and your rights to control its handling by our Company. If you have any questions that have not been covered, or comments and concerns that you may have regarding our Privacy Policy, please contact our Data Protection Officer who will be happy to assist you:
•Email to the email address: info@entopizo.gr or admin@entopizo.gr
•Letter to the Data Protection Officer at 6 Delfon & Gr. Lambraki, Korydallos Attica, Greece.