GENERAL PRIVACY AND PERSONAL DATA PROTECTION POLICY OF "Frida Lingerie"

GENERAL PRIVACY AND PERSONAL DATA PROTECTION POLICY OF "Frida Linguerie" FOR CUSTOMERS, POTENTIAL CUSTOMERS

INTRODUCTION

The sole proprietorship Akrivi Papadopoulou (distinctive title "Frida Lingerie"), hereinafter the "Company", as Data Controller, has the obligation to protect your personal data. For this reason, our aim is for you to feel safe when we process your personal data as we understand and respect the importance of your privacy.

This Privacy and Personal Data Protection Policy (hereinafter "this Policy") explains how we process (eg collect, use, share, etc.) your personal data. Your personal data will be processed in accordance with this Policy, as well as with the applicable legislative and regulatory framework.

For the purposes of this Policy, subjects of personal data are understood to be the customers and potential customers of the Company.

1 WHO ARE WE?

The company responsible for processing your personal data is:

Name: Akrivis Papadopoulou

VAT number: 105225229

Address: 22 28th of October, Pyrgos Ilias

Email Address: This email address is being protected from spambots. You need JavaScript enabled to view it.

WHY DO WE PROCESS YOUR PERSONAL DATA AND WHAT IS OUR LEGAL BASIS FOR THIS?

We process your personal data for the following reasons:

The processing of customer-related data is described by the following actions:

a) For the sale of our products
b) To communicate with you about our services and products

The processing of your personal data for the purposes described in a) and b) is necessary for the performance of the contract with you or for taking measures following your request prior to the conclusion of the contract. The Data Protection Regulation, Article 6, paragraph 1 (b) is defined as the legal basis.

c) To be able to communicate with the public.
d) For promotional activities of the company and other types of communication.
e) To be able to send you advertising material of our company and offers according to your preferences and interests.

The processing of your personal data for the above purposes, referred to in c), d) and e) is considered necessary to serve our legal interest, to promote our products and services to you, as well as to inform you about events which are made in our stores. The Data Protection Regulation, Article 6, Paragraph 1 (f) is defined as the legal basis.

Where permitted by law, we will send you promotional material electronically if you have consented to it.

f) For research, statistics and analyses, with the aim of improving products, services and technologies.

The processing of your personal information is considered necessary for our legitimate interest to continuously improve our products and services, as well as your consumer experience when you buy from us. The Data Protection Regulation, Article 6, Paragraph 1 (f) is defined as the legal basis.

g) For the handling of requests that you will submit to our Company

The processing of your personal data is necessary for the performance of the contractual relationship between us. The Data Protection Regulation, Article 6, Paragraph 1 (b) is defined as the legal basis.

The processing may also be considered necessary to serve our legitimate interest to comply with our obligations arising from the applicable regulatory and regulatory framework or to decide on the claim for payment of guarantees or to improve the quality of our products and services. The Data Protection Regulation, Article 6, Paragraph 1 (c) and (f) is defined as the legal basis.

In the event that the handling of requests requires the processing of your medical history information, we process such sensitive personal data if consent has been given or if it is deemed necessary to establish, exercise and support our legal claims. The Data Protection Regulation, Article 9, Paragraph 2 (a) and (f) is defined as the legal basis.

h) For tax purposes

WHAT TYPES OF YOUR PERSONAL DATA DO WE PROCESS?

Our Company only processes your personal data for the specific purposes mentioned above under 2, and this only applies to personal data that is considered necessary. The categories of personal data that we may process are listed below:

a) Usual personal data such as:

Basic contact details (e.g. your name and address, telephone, email address and VAT number - where required -).

Geolocation information.

Credit Card Details in relation to our online services.

Contest entries and results

Information you provide to us when you submit a complaint

HOW DO WE COLLECT YOUR PERSONAL DATA?

The process of collecting personal data is done directly by you. However, our Company may also collect personal data from other sources, which may be:

Online sources, e.g. social media.

From our affiliates

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

We may share your personal data with:

Suppliers providing administrative and support services etc.

Auditors and other external partners - consultants who provide services to Us, such as providers of IT systems, telecommunications, financial institutions, consulting companies, audit - accounting services, seminar organizers, medical service providers, video surveillance service providers, legal service providers, etc.

Public authorities, such as tax, police, judicial and audit authorities, insurance organizations etc.

Social media platforms like Facebook, Linkedin and Instagram etc.

In the event that we entrust a third party with the processing of personal data on our behalf, or this delegation will be made in writing, we will choose a processor that will provide sufficient guarantees in relation to the technical and organizational security measures that will govern the relevant processing, we will oblige the processor to act on our behalf and in accordance with our instructions and orders and to comply with the relevant legislation on the processing of personal data. In addition, we will require, among other things, third parties who will process data on our behalf to undertake in writing that they will take the above measures.

When required by law, we may disclose personal data to third parties, such as to any person (natural or legal) or Authority, including, but not limited to, Judicial, Police, Tax Authorities, financial institutions, etc.

Personal customer data may also be disclosed in the event of a corporate restructuring, sale, assignment of Company assets, or merger.

Finally, personal data may also be disclosed if it is necessary to protect the vital interests of employees, to protect our legitimate interests (unless this would affect the rights and freedoms or interests of the customer) or at our discretion in order to to comply with the applicable legislative and regulatory framework.

6 CAN WE TRANSFER PERSONAL DATA OUTSIDE THE EEA?

In some cases, we may transfer personal data to countries outside the EU/EEA - e.g. when we use IT service providers in such countries.

Such transfers will only be made for the specific purposes mentioned above in section 2 always ensuring that there are appropriate safeguards for such transfer, as defined below:

a) The country/countries or the company/companies has/have been judged by the Commission of the European Union to have an adequate level of protection of personal data
b) The country/countries has/have not been deemed by the Commission of the European Union to have an adequate level of personal data protection. In these cases we will provide appropriate guarantees for the transfer through the use of the "Standard Contractual Agreements for the transfer of personal data to third countries", as published by the Commission of the European Union (Standard Contractual Clauses), or any other contractual agreement that has been approved by the competent authorities (eg the "Privacy Shield" Agreement signed between the USA and the EU).

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

We retain your personal information only for as long as is deemed necessary for the purposes for which the data was collected or for the purposes for which it was last processed. As a general rule, the Company stores its customers' data for ten (10) years from its collection.

The only exceptions to the time period mentioned above are in cases where:

the law requires us to keep your personal data for a longer period of time, or to delete it sooner, or
we may have a legitimate interest in bringing, proving or defending legal claims related to our aforementioned services, or
this is required for accounting, tax or audit purposes or
this is required to protect your own legitimate interest (e.g. in case of recall campaigns, etc.) or
you exercise your right to have your personal data deleted (where applicable) and we do not need to hold it in relation to any of the reasons permitted or required by law.

WHAT WILL HAPPEN IF YOU DO NOT PROVIDE US WITH YOUR PERSONAL DATA?

We process your personal data in order to fulfill the purposes mentioned above in section 2 and mainly to enter into or perform a contract with you and/or to comply with our contractual and legal rights and obligations arising from the relationship between us.

Therefore, if you do not provide certain information, we may not be able to enter into or maintain the contract between us.

WHAT ARE OUR SECURITY MEASURES?

We maintain appropriate technical and organizational measures to protect against unauthorized unlawful processing of personal data and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction or damage to personal data and continuously conduct security process renewal procedures based on latest technological developments. . These measures have been designed taking into account our IT infrastructure, the potential impact on your privacy, and the associated costs, as well as in accordance with applicable market standards and practices.

WHAT ARE YOUR RIGHTS?

In general, you have the following rights:

You have the right to request access and correction or deletion of your personal data.

You also have the right to object to the processing of your personal data and to restrict the processing of your personal data.

If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of the processing carried out before it.

You have the right to receive your personal data in a structured, widely used and machine-readable format (data portability).

There may be conditions or limitations on these rights. Therefore, it is not certain for example that you have the right to data portability in the specific case - this depends on the specific circumstances - of the processing activity. Also, if for example you request to delete your personal data, we may not be able to provide the services you request.

WHO CAN YOU CONTACT IF YOU HAVE QUESTIONS OR REQUESTS?

For any questions, requests, or complaints regarding the application of this Policy or for the exercise of your rights, as described in this Policy, you can contact our company for issues related to the protection of personal data:

By e-mail at: This email address is being protected from spambots. You need JavaScript enabled to view it.

By mail to the address: 28 October, P.O. 27100, Pyrgos Ilias

You can also contact the competent supervisory authority, the Greek Personal Data Protection Authority (PADPH) on the website www.dra.gr.

LEGAL INFORMATION

The terms of this Policy supplement and do not replace any other existing terms under the applicable data protection legal framework. In the event of a contradiction between what is mentioned in this Policy and the conditions set by the current legal framework on data protection, the latter will prevail.

The Company may modify this Policy at any time. Whenever this happens, we will notify you of any changes that have been made and then ask you to re-read the most recent version of our Policy and confirm that you accept it. You may also periodically check this Policy to be informed of any changes.

Shopping Cart