The protection of your personal data is important to us!
- A few words about the Company’s Websites
www.donna.com.gr is the website of the Company, where the online store of exhibition and sale of products of the store where you can buy products is located
What is personal data
The term “personal data” refers to information of individuals, such as name, postal address, e-mail address, contact telephone, etc., which identify or may identify you, hereinafter referred to as “Personal Data or Data”.
What is Personal Data Processing
Any operation or sequence of operations performed with or without the use of automated means, on personal data or on personal data sets such as collection, registration, organization, structure, storage, adaptation or modification, retrieval , the search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
It is mandatory to provide your Data
The mandatory or optional nature of the Data assignment is indicated by an asterisk (*) next to the personal data of a mandatory nature.
If you refuse to provide the information that is mandatory on the Website, it will be impossible to achieve the main purpose of the collection of this Data, and it may, for example, make it impossible for the Store to fulfill the contract of sale.
The provision of additional Data to the Store, in addition to those that are marked as mandatory, is optional and does not affect the main purposes of data collection, but their provision serves to optimize the quality of services provided.
What Data do we collect?
We take care to collect only your absolutely necessary Data, which are appropriate and clear for the intended purpose. This Data includes the following:
Data when creating a user account on the Website
– Required: e-mail address *, password (login password) *
Optional: name, surname, sheet, date of birth, postal address, telephone number.
Details of your transactions with us, either through our physical store or through our online store
For example, details about any complaints or comments you make, details about purchases you made, products added to or removed from your cart, wish list, coupon redemptions, websites you visit and how and when you contact us.
Shopping interests and preferences, which help us to suggest you specific products and services that interest you
We will request and use only the Data we have collected to suggest products or services of interest to you and to further improve your shopping experience with us. Of course, it is always your choice if you share such information with us.
Traffic details of our website or other websites you have browsed before
Copies of the documents you provide to prove your age or identity when required by law (such as a copy of a police or student ID).
– For example these copies may include details of your full name, address, date of birth and picture of your face (photo). If you provide a passport, the details will also include your place of birth, gender and nationality.
Your reviews and product reviews.
Your image can be recorded on CCTV when you visit our physical store
To provide the best possible website experience, we collect technical information about your internet connection and browser, as well as the country and phone code where your computer is located, the web pages that appear during your visit, and the ads that click and enter any search terms. Learn more about it.
Your social media username, if you interact with us through these channels, to help us respond to your comments, questions or comments.
How we use your Data
We want to offer you the best possible shopping experience. To achieve this it is necessary to obtain a complete picture of you, combining the Data we have collected. We then use your Data to offer you offers for products and services that you may be interested in.
Legislation for the protection of personal data allows us to do the above in the context of our legitimate interest and the need to understand our customers in order to provide them with a high level of service.
Of course, if you ever want to change the way we use your Data, you will find details in sections 14 & 15 “What are your rights” and “How you can exercise your rights” below.
Remember, if you choose not to share the Data with us or to refuse certain communication rights, we may not be able to provide some of the services you have requested. For example, if you asked us to let you know when a product is available again, we may not be able to help you if you have withdrawn your general consent to receive updates from us.
Finally, we inform you that the processing of your Data is carried out either by the specially authorized staff of the Store, or through computer systems and electronic devices by the Store and exceptionally by third parties, who, having contractually committed to the confidentiality and protection of Your data performs tasks that are necessary to achieve the goals that are strictly related to the use of our Websites, its services and the sale of products through our Websites. Information on this can be found below in section 9 “Who are the recipients of your Data? How your Data is communicated “.
Below you will find details on how we use your Data and why:
Product orders: The Store processes your Data in order to fulfill its contractual relationship, to process the order of products and / or services, to issue and send you electronically your tax documents (e-invoicing) to the electronic address (e-mail) that you yourself have stated during your registration in its online store, to provide customer service, to comply with legal obligations, to oppose, raise or enforce legal requirements.If we do not collect your Data when completing the order either from our physical stores or from our online store, we will not be able to process your order and comply with our legal obligations.Your Data may need to be transferred to third parties for the supply or delivery of the product or service you have ordered, as well as the implementation of the electronic invoicing process by our Store, in accordance with the provisions of applicable law. In addition, we may retain your Data for a reasonable period of time in order to meet our contractual obligations, such as product returns, as required by law.
Creating a User Account: The Store processes your Data in order to provide you with the account functions and to facilitate the purchase of products and / or services.
Contact: The Store uses your Data to respond to your requests / inquiries, refund requests and / or complaints. The information you share with us, enables us to manage your requests and respond to you in the best possible way. We may also maintain a record of your inquiries / requests to us in order to better respond to any future communication.We do this based on our contractual obligations to you, our legal obligations and our legitimate interests in order to provide you with the best possible service and to be able to improve our services based on your personal experience.
Sometimes, we will need to share your Data with a third party that provides a service (such as courier delivery). Without sharing your personal information, we would not be able to satisfy your request. Here is more information about how we share personal data with third parties.
Sending a newsletter / offers: With your consent, we will use your personal data, preferences and transaction details to inform you via e-mail, internet, telephone and / or social media about products and services, including personalized / personalized offers, discounts, etc. Of course you have the option to revoke this consent at any time.
For the operation, improvement and maintenance of the business activity of our products
We want to offer you offers and suggestions that are more relevant to your interests. To help us form a better and more general understanding of you as a customer, we combine your personal data gathered throughout our relationship, for example your shopping history in both our physical stores and our online store.To this end, we also combine the Data we collect directly from you with Data we receive from third parties to whom you have given your consent to transfer this data to us. For example, combining this data will help us tailor your experience and decide what inspiration or content to share with you.
To show you the most interesting content on the Websites, we will use the Data we hold about your favorite products. This is done based on your consent – for our Website – your consent to place cookies on your device. For example, we may display a list of recently viewed products or offer recommendations based on your shopping history and any other data you may have shared with us.
To send you research and evaluation requests so we can improve our services. These messages will not contain promotional content and do not require prior consent when sent by email or text message (SMS). We have a legitimate interest in doing so, as this helps make our products or services more relevant to you. Of course, you are free to refuse to receive these requests from us at any time by updating your preferences to your online account.
For the protection of rights, assets or security, ours or those of others
Protect your account from fraud and other illegal activities: This includes using your Data to maintain, update and protect your account. We also monitor browsing activity with us to quickly identify and resolve any issues and protect the integrity of our website. All of the above are part of our legitimate interest. For example, we check your password when you log in and use automated IP address tracking to detect potential false logins from unexpected locations.
Operation of CCTV Systems: In order to protect our customers, premises, assets and associates from crime, we operate CCTV systems in our stores that capture images for security. We do this based on our legitimate business interests. If we detect any criminal activity or alleged criminal activity through the use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this Data for the purpose of preventing or detecting illegal acts. Our goal is to protect our customers, employees and associates from criminal activities.
Processing payments and preventing fraudulent transactions: We do this based on our legitimate business interests. This also helps protect our customers from fraud.
For our compliance with our obligations arising from the law
In order to comply with our contractual or legal obligations to exchange data with law enforcement. For example, following a court decision to exchange data with judicial services.
To send you communications required by law or necessary to inform you of changes in the services we provide. For example, updates on these privacy notices, product recall notices, and legally required information about your orders. These service messages will not contain promotional content and do not require prior consent when sent by email or text message (SMS). If we do not use your personal data for these purposes, we will not be able to comply with our legal obligations.
For what purpose do we process your Data?
We collect your Data for the purposes of the products provided by our Store and especially for:
a) the management of the sale of our products, e.g. your communication and information about the availability of products and the progress of your order, the issuance and sending of your tax documents in electronic form (e-invoicing), the execution of your order, the sending of products, the management of your debts to the Store, making returns and providing guarantees.
b) your service based on the current government measures (eg click inside, click away),
c) compliance with the obligations imposed by the current legislation e.g. tax legislation, e-commerce directive,
d) controlling, improving and adapting to your preferences and choices about our products,
e) the sending, by electronic or traditional means, of administrative, technological, organizational and / or commercial information for products of the Store,
f) the research of our customers’ satisfaction, the promotion of our products, the sending of newsletters for our products.
What is the legal basis for the processing of your Data by the Company?
Data protection legislation defines a number of reasons why a company may collect and process your personal data, including: the terms of our contractual relationship, your consent, where required for example when you choose to receive a newsletter . When collecting your personal data, we will always inform you what data is necessary in relation to a specific service, the obligations of the Store arising from the law (eg tax legislation, e-commerce legislation, etc.) the legal interest of our Store. In certain cases, we collect your Data in a way that is reasonably expected as part of the operation of our business and that does not substantially affect your rights, freedoms or interests. For example:
– We will use your shopping history to send you or make personalized offers.
– We also combine the customer history of multiple customers to identify trends and ensure that we can keep up with market demand or develop new products / services.
Who are the recipients of your Data – How is your Data communicated?
Access to your Data is the absolutely necessary staff of the Store, which is committed to maintaining confidentiality and our partner companies or third party service providers, who process your Data as Executors of the Processing on our behalf and in accordance with our orders.
Data Disclosure by the Company
The Company shares your Data with:
Stores and / or commercial companies that cooperate with our Store to sell their products through our Store
Third party service providers that process personal data on behalf of the Company, for example (indicatively mentioned) for the processing of credit cards and payments, the electronic issuance and sending of your tax documents (e-invoicing), transfers and deliveries, hosting, management and maintenance of our data, email distribution, research and analysis, management of brand and product promotions, Google, Facebook, as well as management of certain services and data. When we use third party service providers we enter into agreements that oblige them to implement appropriate technical and organizational measures to protect your personal data.
To other third parties when you yourself have given your consent
Notification from you
When you use certain social media items on our Website, you may create a public profile that includes information such as username, profile picture and city. You can also share content with your friends or the general public, including information about how you interact with the Store. We encourage you to use the tools we provide to manage the Store’s social media sharing in order to control the information you make available through the Store’s social media components.
The following is the policy we apply to those with whom we share your Data in accordance with the above:
We provide only the information needed to perform their specific services.
They may use your Data only for the exact purposes set forth in our contract with them.
We work closely with them to ensure that your privacy is respected and protected at all times.
If we stop using their services, any of the data you hold will be deleted or made anonymous.
For more information regarding the disclosure of your Data to third parties please contact us.
How do we ensure that Editors respect your Data?
The Executors on our behalf have agreed and committed contractually with the Company:
to maintain confidentiality,
not to send your Data to third parties without the permission of the Store,
take appropriate security measures,
comply with the legal framework for the protection of personal data and in particular Regulation 979/2016 / EU (otherwise GDPR).
International Data Transfer
We take steps to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside the European Economic Area or Switzerland that do not provide an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries enjoys adequate protection in accordance with data protection rules. These include signing the Contract Clauses, certifying that the recipient has adopted European binding rules or complying with the EU-US and Switzerland-US Privacy Shield.
How long do we keep your Data?
Some examples of customer data retention periods:
When you place an order, we will retain the personal information you provided to us for five years so that we can comply with our legal and contractual obligations. In the case of some products, such as electrical items, we will keep the data for 10 years.
If your order included a warranty, the relevant personal data will be retained until the end of the warranty period.
Your statement of consent for sending a newsletter is kept for as long as a newsletter is sent to you by the Company and in any case not more than six months from the cessation of sending it.
Is your Data secure?
We are committed to safeguarding your Personal Data.
Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to secure and protect your Data from any form of accidental or improper processing. We use the most modern and advanced methods, to ensure maximum safety.
The website www.donna.com.gr uses the TLS protocol, for secure online commercial transactions. This encrypts all the Data you provide, including your credit card number, name and address, so that it can not be decrypted or changed when you transfer it over the Internet.
Additionally, the information used to identify you as an account user is twofold: the Password and the Personal Security Code (Password). Each time you enter your details, you are given access to your personal account. This process is achieved securely through encryption during their transfer to the Internet and the servers of the Store. By the same token, you are allowed to change your Personal Security Password as often as you wish. After entering the desired code, the new code is coded and stored in the systems of the Store. For this reason, you are the only one who knows your password and you are solely responsible for maintaining the confidentiality of the password by third parties.
These measures shall be reviewed and amended as necessary.
What are your rights?
You have the right to access your personal data.
This means that you have the right to be informed by us if we process your Data. If we process your Data you can ask to be informed about the purpose of processing, the type of your Data we hold, to whom we give it, how long we store it, if automated decisions are made, but also about your other rights, such as correction, deletion of data, restriction of processing and submission of a complaint to the Personal Data Protection Authority.
You have the right to correct inaccurate personal data.
If you find that your Data is incorrect, you can ask us to correct it (eg name correction or change of address notification).
You have the right to delete / forget.
You can ask us to delete your data if it is no longer necessary for the above mentioned processing purposes or you wish to revoke your consent in case this is the only legal basis.
You have the right to portability of your Data.
You can ask us to receive in readable form the Data you have provided or ask us to pass it on to another processor.
You have the right to restrict processing.
You can ask us to restrict the processing of your Data for as long as your processing objections are pending.
You have the right to object and withdraw your consent to the processing of your Data.
You may object to the processing of your Data and we will stop processing your Data if there are no other compelling and legitimate reasons prevailing over your right. If you have given your consent to the collection, processing and use of your personal data, you may revoke your consent at any time with future validity.
In case we rely on our legitimate interest.
In cases where we process your personal data based on our legitimate interest, you can ask us to stop for reasons related to your personal situation. We must then do so if we do not believe we have a legitimate compelling reason to continue processing your Personal Data.
How can you exercise your rights?
In order to exercise your rights you can submit a relevant request to the Data Protection Officer at the Company’s postal address or at its e-mail address (email@example.com) entitled “Exercise of Right” and we will take care to examine it and answer you as soon as possible.
If you wish to correct your Data in your user account, you can log in to it and make any correction / change without the need to submit a Request.
When do we respond to your requests?
We respond to your requests free of charge without delay, and in any case within (1) one month from the time we receive your request. However, if your Request is complex or there is a large number of your Requests we will inform you within the month if we need to receive an extension of another (2) two months within which we will respond to you.
If your Requests are manifestly unfounded or excessive, in particular due to their recurring nature, the Company may impose a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action, or refusing to follow up on the Request. .
What is the applicable law when we process your Data?
Applicable Law is the Greek Law, as formulated in accordance with the General Regulation for the Protection of Personal Data 2016/679 / EU, and in general the current national and European legislative and regulatory framework for the protection of personal data.
The competent courts for any disputes arising related to your Data are the Courts of Athens.
Where can you go if we violate the applicable law for the protection of your Personal Data?
You have the right to submit a complaint to the Personal Data Protection Authority (postal address 1-3 Kifissias, PC 115 23, Athens, tel. 210. 6475600, e-mail address firstname.lastname@example.org ), if you consider that the processing of your Personal Data violates the applicable national and regulatory framework law for the protection of personal data.
How will you be notified of any changes to this Policy?
We encourage you to read this Policy from time to time to know how your Data is protected.
Questions and Comments?
Email to the email address: email@example.com or
Letter to the Data Protection Officer at our address.