For the purposes of the present, the following clarifications are stated:
ZUGER MICHAEL of BEAT as the legal owner and administrator of the present Website "https://amz-eshop.com", is defined according to the Law as "the Data Controller" and therefore, among other things, collects, stores, uses and processes personal data when the Data Subject visits, registers or uses in any way the websites of the present Website.
As the protection of personal data is extremely important for the Website and its Business - Property, this document sets out the obligations, how we use, disclose and protect the data we receive, as well as how to resolve any kind of issues.
1.1 "Data Protection Legislation" means any law relating to the processing of personal data, privacy and security, including, without limitation, Regulation (EU) 2016/679 "on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)" ("GDPR"), Directive 2002/58/EC "on privacy and electronic communications", as amended by Directive 2002/58/EC "on privacy and electronic communications", as incorporated, valid and applicable in the Greek legal order and as amended from time to time, or other applicable or replacing international or national laws or rules concerning the protection of personal data, currently by Law 4624/2019 "Personal Data Protection Authority, measures implementing Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and incorporation into the Greek legal order of the European Union".
1.2 "Controller", "processor", "data subject", "personal data" and "processing" shall have the meaning given to them by the applicable Data Protection Legislation.
1. 3 "Personal Data" means all personal data, as defined under the applicable Data Protection Legislation, which is or may be disclosed to the Processor or made available to the Processor for the purposes and in the context of the communication in question, and/or which the Processor (and/or its respective service provider or subcontractor) collects, stores or otherwise processes on behalf of the Website, as a processor in the context of the respective communication and cooperation.
1.4 "Services" or "Products" are defined as those listed on the Website and offered for use or sale.
1.5 "Website" is defined as the address "https://www.amz-eshop.com" which is the website - online store and which offers online sales of the products listed therein, as provided for by the relevant legal provisions.
1.6 "Processing" of Personal Data is any operation or series of operations carried out, with or without the use of automated means, on personal data or on sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, association or combination, restriction, erasure or destruction.
2. Purpose of Processing and Duration
2. 1 The Data Controller shall, before supplying data to the Processor, which fall within the scope of the relevant Data Protection legislation and for which the Data Controller is primarily responsible and/or accountable under the relevant Data Protection legislation (the "Data Controller's Personal Data") under or in connection with the Terms and Conditions hereof or any Agreement, must have obtained from the Data Subject the consent required for the transfer. The same shall apply where the Processor collects and processes in general personal data received directly from the data subject on behalf of the Controller.
2.2 The Website processes Personal Data for the purpose of providing the offered services and selling products. Subsequently, it uses Personal Data only when it is strictly necessary and to the extent required for the fulfilment of its obligations, in accordance with the terms and conditions imposed by the Law.
2.3 The processing operations last for the period of time required to complete the services offered.
2.4 Personal Data are always protected, with the character of Confidential Protected Information.
3. Obligation to grant Personal Data
The mandatory or optional nature of the provision of Data is indicated by an asterisk (*) next to the requested personal data of a mandatory nature.
If you refuse to provide the data marked as mandatory on the Website, it will be impossible to achieve the main purpose for which the Data is collected, and/or to provide the other services available on the Website.
The provision of additional Data on the Website, in addition to those marked as mandatory, is optional and does not entail any consequences in relation to the main purposes of the Data collection, since their provision serves exclusively to optimize the quality of the services provided by us.
4. Data collection
We take care to collect only the absolutely necessary Personal Data, which is necessary for the purpose of lawful processing. This Data includes the following:
a. Data that you provide us when you register and create an account on the Website and specifically data such as e-mail address and password/login password (as mandatory) and name, surname, postal address, telephone number, billing information (VAT number, etc.).This data is only required for the purposes of our website.
b. Data relating to the payment method for the transactions you make with us.
c. Data that you provide to us when you subscribe to our newsletter or any of our informative material.
d. Data about your browsing in order to continually improve your experience and transaction with us. Of course, you always have the option not to share such data with us.
e. Data relating to traffic data on our website.
g. Data relating to technical information about your internet connection and browser, including the country and phone code where your computer is located, the web pages that appear during your visit, the ads you choose to view and your search terms.
h. Data relating to your social media username, only if you interact with us through these channels to respond to your questions or comments.
5. Use of Personal Data
Where appropriate, we use your Data:
●To fulfil our contractual obligation and to provide the products sold. In addition, we may retain your Data for a reasonable period of time in order to fulfil further contractual obligations, such as product returns etc., in accordance with the provisions of the relevant legislation.
●To create a User Account: The Website processes your Data in order to provide you with account functions and to facilitate the purchase of products.
●For communication purposes: The Website uses your Data to respond to any requests/questions you may submit, product return requests and/or any complaints. The information you share with us enables us to manage your requests and respond to you in the best possible way. We may also keep a record of your queries/requests to us in order to better respond to any future communication. The above is based on our contractual obligations to you, our general legal obligations and our legitimate interests to provide the best possible service and to be able to improve our services based on your personalised personal experience.
●For sending the newsletter/offers: With your consent, we use your Personal Data, preferences and transaction data to inform you via e-mail, internet, telephone and/or social media about relevant products and services, including personalized/personalized offers, etc. Please note that you may withdraw this consent at any time.
●To develop and improve the products and services we provide to you. The above is based on our legitimate business interests.
●To protect your user account from fraud and generally illegal activities: This includes using your Data to maintain, update and protect your account. We also monitor browsing activity to identify and resolve any problems and to protect the functionality of our website. All of the above are part of our legitimate interests.
●To process payments and prevent fraudulent transactions: The above is also based on our legitimate business interests and our obligation to protect our customers from fraud.
●To comply with our contractual obligations to consumers, or pursuant to statutory provisions or in execution of court orders.
●To contact you about issues required by law or necessary to inform you of changes to the services we provide to you. For example, updates about privacy notices, product recall notices and legally required information about your orders. These service messages will not include promotional content and therefore do not require prior consent when sent by email or text message (SMS).
Finally, we inform you that the processing of your Data is carried out either by the specifically authorised staff of the Website, or through computer systems and electronic devices by the Website and, exceptionally, by third parties who, being contractually bound to respect confidentiality and protect your Data, carry out processing operations necessary to achieve the purposes strictly related to the use of our Websites, their services and the sale of products and/or services through.
6. Lawful Processing Base
The lawful basis for processing your personal data is:
●Data protection legislation which sets out various reasons why a Website may collect and process your personal data, including the terms of our contractual relationship.
●Your consent, where required, which includes the terms and conditions of our relationship with you, including those that may apply to our contractual relationship, such as the terms of which we may use your personal data, such as the terms of our contractual relationship with you. For example, when you opt-in to receive newsletters. When collecting your personal data, we will always inform you which data is necessary in relation to a particular service.
●The obligations of the Website arising from the law (e.g. tax legislation, e-commerce legislation, etc.)
●the legitimate interest of our Website. In certain circumstances, we collect your Data in a way that is reasonably expected as part of the operation of our business and that does not substantially affect your rights, freedom or interests.
7. Recipients of Data
Access to your Data is available to the strictly necessary staff of the Website and its administrator, who are bound by confidentiality obligations.
8. Data sharing
Data sharing from the Website:
The Website shares your Data with:
●Third party service providers that process personal data on behalf of the Website, for example (but not limited to) for credit card and payment processing, hosting, management and maintenance of our data, sending emails, research and analysis, managing promotions, and managing services and data. When we use third-party service providers, we enter into agreements that require them to implement appropriate technical and organizational measures to protect your personal data.
●Other third parties, to the extent necessary for the purposes of.
●other third parties to whom you yourself have given your consent.
Disclosure of Data by you:
●When you use social media elements on the Website, you can create a profile that includes information such as username, profile picture and address. You can also share content with your friends or the general public, including information about your interaction with the Site. We encourage you to use the tools we provide to manage social media sharing on the Site to control the information made available through its social media elements.
9. Policy with Third Party Data Processors
●We only provide the information needed to perform their specific services.
●Third parties can only use your Data for the precise purposes we specify in our contract with them.
●We work closely with them to ensure that your privacy is respected and protected at all times.
●If we stop using their services, any of the data they hold will be deleted or made anonymous.
To improve your user experience on the Website, we use the following companies who will process your Personal Data as part of their contracts with us:
● Facebook ● Google ● YouTube.
● Instagram ● LinkedIn.
10. Data Security
The Processors processing on our behalf have agreed and committed to:
● To maintain confidentiality,
● Not to send your Data to third parties without the permission of the Website,
●To take appropriate security measures to ensure that your Data is not disclosed to third parties without your consent,
●To comply with the legal framework for the protection of personal data and in particular Regulation 979/2016/EU (otherwise known as GDPR).
11. Data transfer
We take steps to comply with applicable legal requirements for transferring Personal Data to recipients in countries outside the European Economic Area or Switzerland that do not ensure an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries enjoys adequate protection under data protection rules. These include signing the Contractual Clauses, certifying that the recipient has adopted the European Binding Rules or complying with the EU-US and Switzerland-US Privacy Shield.
12. Data Retention Time
At the end of the retention period, your data will be completely deleted or made anonymous (for example by aggregation with other data) so that it can be used in an unidentifiable way for statistical analysis and business planning.
13. Data Security
We are committed to safeguarding your Personal Data.
Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to ensure the security and protection of your Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.
Our website uses the most up-to-date and secure protocols in order to safeguard online commercial transactions. This encrypts all Data you provide, including your name and address, so that it cannot be decrypted or altered during transmission over the Internet.
In addition, the data used to identify you as an account user are two: the Username and the Personal Secret Security Code (Password). Each time you enter your details, you are granted access to your personal account. This process is achieved securely through encryption during their transfer to the internet and servers. Following the same standards, you are given the opportunity to change your Personal Secret Password as often as you wish. After entering the desired password, the new password is encrypted and stored in the Website's systems. For this reason, the only person who knows your password is you, and you are solely responsible for maintaining the secrecy of the password from third parties.
These measures are reviewed and modified when necessary.
14. Your Rights
You have the right to access your Personal Data.
This means that you have the right to be informed by us if we process your Data. If we process your Data, you can request to be informed about the purpose of the processing, the type of your Data we hold, who we share it with, how long we store it, and your other rights, such as rectification, erasure, restriction of processing and filing a complaint with the Data Protection Authority.
You have the right to rectify inaccurate personal data.
If you find that there is an error in your Data, you can submit a request for us to correct it (e.g. correction of your name or update of a change of address).
You have the right to erasure/right to be forgotten.
You can ask us to delete your Data if it is no longer necessary for the processing purposes listed above or you wish to withdraw your consent, where consent is the only lawful basis for processing.
You have the right to portability of your Data.
You may request to receive in a readable form the Data you have provided or request us to transfer it to another controller.
You have the right to restrict processing.
You can ask us to restrict the processing of your Data for as long as your objections to the processing are pending.
You have the right to object to and withdraw consent to the processing of your Data.
You may object to the processing of your Data and we will stop processing your Data unless there are other compelling and legitimate reasons that override your right. If you have consented to the collection, processing and use of your Personal Data, you may withdraw your consent at any time, with future effect.
15. Exercising Your Rights
To exercise your rights, you may submit a request to us at email@example.com with the title "Exercise of Rights" and we will review it and respond to you as soon as possible.
Exceptionally, if you wish to correct your Data in your user account, you can log in to it and make any correction/change without having to submit a Request.
16. Response to a Request
We will respond to your Requests free of charge, without delay, and in any case within (1) one (1) month from the date we receive your request. However, if your Request is complex or there are a large number of Requests, we will let you know within one month if we need to obtain an extension of another (2) two months, within which we will respond to you.
17. Applicable Law
Applicable Law is Greek Law, as formulated in accordance with the General Data Protection Regulation 2016/679/EU, Law 4624/2019 and in general the applicable national and European legislative and regulatory framework for the protection of personal data.
Any dispute arising from or relating to the protection of your Personal Data shall be subject to mediation in accordance with the Mediation Regulation of the European Organization for Mediation and Arbitration (EMCDDA). In the event that the dispute or part thereof is not resolved through mediation, the dispute or the unresolved part thereof shall be resolved exclusively, finally and irrevocably by an arbitral tribunal, appointed and conducting the arbitration in accordance with the ECHR Arbitration Rules.
In any case of dispute of the above, the competent courts shall be the competent courts of the city of Athens.
18. Recourse in case of violation of rights by the Website
You have the right to lodge a complaint with the Personal Data Protection Authority (postal address 1-3 Kifissia Street, P.K. 115 23, Athens, tel. +30 210 6475600, e-mail address dpa.gr, e-mail address firstname.lastname@example.org), if you consider that the processing of your Personal Data violates the applicable national regulatory framework for the protection of personal data.
*As this text has been translated in English from Greek, in case of doubt, please advise the website's original greek version that prevail at all times.