Privacy Policy – Athenet

Athenet is a company that deals with the provision of Network services. Company’s website is https://www.athenet.gr.

With this policy the company “Vasileios Bouloukos (hereinafter the “Company” or “we” or “us” or “our”), which is located in Acharne, (Karatasou 8, P.O. Box 13676) , determines and discloses the terms by which, acting as the “Data Controller” as defined by law, it collects, stores, uses and generally processes your personal data, which it collects when you visit, register or use the Company’s websites (hereinafter the “Websites”) and its mobile applications (hereinafter the “Apps”) and when you interact with its physical stores.

This Privacy Policy also describes how we use, share and protect your personal data, the choices you have regarding your personal data, and how you can contact us. This Privacy Policy complies with the terms of European Regulation 679/2016 and any other relevant applicable legislation.

If you have any questions regarding this Privacy Policy, but also any issue related to the processing of your Data and the exercise of your rights, you can contact us at the email address athenetgr@gmail.gr

What is Personal Data?

The term “personal data” refers to information of natural persons, such as name, postal address, e-mail address, contact telephone number, etc., which identifies or can identify you, hereinafter referred to as “Personal Data or Data”.

What is the Processing of Personal Data?

Any operation or set of operations which is performed, whether or not by automated means, on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, erasure or destruction.

Is the provision of your Personal Data mandatory?

The provision of the Data to the Company may be necessary to achieve the purposes specified in this Privacy Policy or may be optional.

The mandatory or optional nature of the Data assignment is indicated by an asterisk (*) next to the personal data of mandatory nature.

If you refuse to provide the data marked as mandatory on the Sites, it will be impossible to achieve the main purpose for which the data is collected, and it may, for example, make it impossible for the Company to fulfill the sales contract or provide the other services available on its Sites.

The provision of additional Data to the Company, in addition to those marked as mandatory, is optional and does not entail any consequences in relation to the main purposes of Data collection, since their provision serves exclusively to optimize the quality of the services provided by us.

What Personal Data do we collect from you?

We take care to collect only the strictly necessary Personal Data that is appropriate and clear for the purpose for which it is intended. This Data includes the following:

α. Data that you provide to us when you register and create a user account on the Company’s Websites or Apps, via the internet or your mobile phone or through your personal contact with our stores or our sales representatives and specific data such as e-mail address (e-mail)* and password/login password (as mandatory) and name, surname, postal address, telephone number (as optional):

β. Data and information that you provide to us through transactions between us (purchases, orders, etc.) and communication between us (through our physical stores, our online store, our salespeople, telephone, email or any other means). For example, we collect notes from our conversations with you, details of any complaints or comments you make, details of purchases you have made, products added to or removed from your basket, your wish list, voucher redemptions, which of our websites you visit and how and when you contact us.

γ. Data relating to the payment method for the transactions you make with us.

δ. Data you provide us when you subscribe to our newsletter.

ε. Data on the products and services you usually prefer to choose. In order to recommend products or services of your interest and to further enhance your shopping experience with us. Of course, you always have the option not to share such information with us.

Traffic data of our website.

ζ. Information collected from the use of cookies in your browser. Learn more about how we use cookies here.

η. To provide the best possible website experience, we collect technical information about your internet connection and browser, as well as the country and phone code where your computer is located, the web pages that appear during your visit, the ads you click on and any search terms you enter.

θ. Your social media username, if you interact with us through these channels to help us respond to your comments, questions or feedback.

ι. Educational data, such as studies, skills, knowledge of foreign languages, professional experience (only if you are responding to a job advertisement)

How do we use your Personal Data?

Where applicable, we use your Data:

To complete orders for products and services: The Company processes your Data in order to fulfil its contractual relationship, to process the order of products and/or services, to provide customer service, to comply with legal obligations, to oppose, raise or exercise legal claims. If we do not collect your Data when you complete the order (through our physical stores, face-to-face or telephone service from our sales staff or through our online store, we will not be able to process your order and comply with our legal obligations. Please note that it may be necessary to transfer your Data to third parties for the delivery of the product or service you have ordered (For information on how we make personal data available to third parties, see conditions 9, 10, 11 and 12 below).

In addition, we may retain your Data for a reasonable period of time in order to fulfil our contractual obligations, such as product returns, as required by relevant legislation.

To create a User Account: The Company processes your Data in order to provide you with account functions and to facilitate the purchase of products and/or services.
For Contact: The Company uses your Data to respond to requests/questions you submit, refund requests and/or any complaints. The information you share with us enables us to manage your requests and respond to you in the best possible way. We may also keep a record of your queries/requests to us in order to better respond to any future communication. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests to provide you with the best possible service and to be able to improve our services based on your personal experience.
For sending newsletter/offers: With your consent, we will use your Personal Data, preferences and transaction details to inform you by e-mail, internet, telephone and/or social media about relevant products and services, including personalised/personalised offers etc. Of course you have the possibility to withdraw this consent at any time.
For Web push notifications:Depending on your browsing, you can receive, with your prior consent, notifications about our offers, news, your wish list and your shopping cart. Of course you can withdraw this consent at any time.
For participation in a loyalty program: The Company may process your Data for the purposes of your participation in a loyalty program, i.e. both the processing of your participation application and the collection and redemption of points and the enjoyment of customer benefits in general, as they will be detailed in the terms of participation of the loyalty program. So we are able to offer you personalised offers that interest you. Of course, you are free to choose whether to take advantage of them.
To develop and improve the products and services we provide to you. We do this based on our legitimate business interests.
Because we want to offer you offers and proposals that are more relevant to your interests and needs.
To ensure that you are always shown the most interesting content on our Sites or Apps, we will use the Data you have provided to us by giving us your consent to receive Apps notifications or – for our Sites – your consent to the placement of cookies on your device. For example, we may display a list of products you have recently looked at or offer you recommendations based on your shopping history and any other Data you have shared with us.
To send you survey and evaluation requests so that we can improve our services. These messages will not include advertising content and will not require prior consent when sent by email or text message (SMS). We have a legitimate interest in doing so, as this helps our products or services to be more relevant to you. Of course, you are free to refuse to receive these requests from us at any time by updating your preferences in your online account.
To protect your account from fraud and other illegal activities: This includes using your Data to maintain, update and protect your account. We also monitor your browsing activity with us to identify and quickly resolve any problems and protect the integrity of our website. All of the above is part of our legitimate interest. For example, we check your password when you log in and use automated IP address tracking to detect possible false logins from unexpected locations.
To process payments and prevent fraudulent transactions: We do this based on our legitimate business interests. This also helps to protect our customers from fraud.
In order to comply with our contractual obligations to you or pursuant to statutory provisions or in execution of court orders.
To send you communications required by law or necessary to inform you of changes to the services we provide to you. For example, updates to these privacy notices, product recall notices and legally required information about your orders. These service messages will not include advertising content and will not require prior consent when sent by email or text message (SMS). If we do not use your personal data for these purposes, we cannot comply with our legal obligations.

Finally, we inform you that the processing of your Data is carried out either by the Company’s specially authorized personnel, or through computer systems and electronic devices by the Company and exceptionally by third parties, who, having been contractually bound to confidentiality and protection of your Data, carry out tasks necessary to achieve the purposes strictly related to the use of our Sites, its services and the sale of products through our Sites. You will find information on this below in terms 9 and 10 “Who are the recipients of your Data? How your Data is shared”.

What is the lawful basis for the processing of your Data by the Company?

data protection legislation which sets out various reasons why a company may collect and process your personal data, including the terms of our contractual relationship
your consent, where required. For example, when you choose to receive newsletters. When collecting your personal data, we will always tell you what data is necessary in relation to a particular service.
the Company’s obligations arising from the law (e.g. tax legislation, legislation on e-commerce, etc.)
the legitimate interest of our Company. In certain cases, we collect your Data in a way that is reasonably expected as part of the operation of our business and that does not substantially affect your rights, freedom or interests.

Who are the recipients of your Data?

Access to your Data is available to the Company’s absolutely necessary personnel, who are bound by confidentiality obligations, as well as to our partner companies or third party service providers, who process your Data as Processors on our behalf and in accordance with our instructions.

How is your Data shared?

Disclosure of Data by our Company

The Company shares your Data with:

Third party service providers that process personal data on behalf of the Company, for example (but not limited to) for credit card and payment processing, transfers and deliveries, hosting, management and maintenance of our data, email distribution, research and analysis, management of promotions, as well as management of certain services and data. When we use third party service providers, we enter into agreements that require them to implement appropriate technical and organisational measures to protect your personal data.
Other third parties, to the extent necessary for the following purposes: (i) compliance at the request of an organ of the Greek State, a court decision or applicable law, (ii) prevent unlawful uses of our Sites and Apps or violations of our Sites and Apps Terms of Use and our policies, (iii) our own protection from third party claims; and (iv) contributing to the prevention or investigation of fraud (e.g. counterfeiting).
other third parties to whom you yourself have given your consent.

Disclosure of Data by you

When you use certain social media elements on our Sites or Apps, you may create a public profile that includes information such as username, profile picture and city. You can also share content with your friends or the general public, including information about your interaction with the Company. We encourage you to use the tools we provide to manage sharing on the Company’s social media to control the information you make available through the Company’s social media elements.

What is our policy with third party Processors processing your Data in accordance with the above:

We only provide the information they need to perform their specific services.
They can only use your Data for the precise purposes we specify in our contract with them.
We work closely with them to ensure that your privacy is respected and protected at all times.
If we stop using their services, any of the data they hold will be deleted or made anonymous.

To improve your customer experience on our Sites and Apps, we use the following companies, who will process your Personal Data as part of their contracts with us:

Facebook	Google	YouTube
Instagram	Twitter	LinkedIn
ACS	Hotjar

If you wish to receive more information about the disclosure of your Data to third parties please contact us by email athenetgr@gmail.gr

How do we ensure that Processors respect your Data?

The Processors processing on our behalf have agreed and contractually bound themselves to the Company:

maintain confidentiality,
not to send your Data to third parties without the Company’s permission,
take appropriate security measures,
comply with the legal framework for the protection of personal data and in particular Regulation 979/2016/EU (also known as GDPR).

Data transfer

The personal data we collect (or process) as part of our Sites and Apps will be stored within the European Union. However, some of the recipients of the Data with whom the Company shares your Personal Data may be located in countries other than the one where the original collection of your Personal Data took place. The laws in those countries may not provide the same level of data protection as the country that originally provided your Personal Data. However, when we transfer your Personal Data to recipients in other countries, including the United States, we are committed to protecting your Personal Data as described in this Privacy Policy and in accordance with applicable law.

We take steps to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside the European Economic Area or Switzerland that do not ensure an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries is adequately protected in accordance with data protection rules. These include signing the Contractual Clauses, certifying that the recipient has adopted the European binding rules or complies with the EU-US and Swiss-US Privacy Shield.

For how long do we keep your Data?

We retain your Personal Data for as long as necessary to fulfil the purposes set out in this Privacy Policy (unless a longer retention period is required by applicable law). Generally this means that we will keep your Personal Data for as long as you have an account with our Company. With respect to your Personal Data related to product purchases, we retain this data for a longer period of time in order to comply with our legal obligations (such as tax and trade legislation and for warranty purposes where applicable). At the end of this retention period, your data will be completely or anonymously deleted, for example by aggregation with other data, so that it can be used in an unidentifiable way for statistical analysis and business planning.

Some examples of customer data retention periods:

Orders

When you place an order, we will retain the personal data you provide for five years so that we can comply with our legal and contractual obligations.

Guarantees

If your order included a guarantee, the relevant Personal Data will be kept until the end of the guarantee period.

Newsletter

Your declaration of consent for sending a newsletter is kept for as long as you receive a newsletter from the Company and in any case not more than six months after its discontinuation.

Is your Data safe?

We are committed to safeguarding your Personal Data.

Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to ensure the security and protection of your Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum safety.

The www.nb.org website uses the TLS 1.2 protocol for secure online commercial transactions. This encrypts all the Data you provide, including your credit card number, name and address, so that it cannot be decrypted or altered during transmission over the Internet.

In addition, the data used to identify you as an account user are two: the Username and the Personal Secret Security Code (Password). Each time you enter your details, you are granted access to your personal account. This process is achieved safely through encryption during their transfer to the internet and the Company’s servers. In the same way, you are given the opportunity to change your Personal Security Password as often as you wish. After entering the desired code, the new code is encoded and stored in the Company’s systems. For this reason, the only person who knows your password is you, and you are solely responsible for maintaining the secrecy of the password from third parties.

These measures shall be reviewed and amended when necessary.

What are your rights?

You have the right to access your Personal Data.

This means that you have the right to be informed by us if we process your Data. If we process your Data, you can request to be informed about the purpose of the processing, the type of your Data we hold, to whom we give them, how long we store them, whether automated decision-making is carried out, but also about your other rights, such as rectification, deletion of data, restriction of processing and filing a complaint with the Personal Data Protection Authority.

You have the right to correct inaccurate personal data.

If you find that there is an error in your Data, you can submit a request to us to correct it (e.g. correction of your name or update of a change of address).

You have the right to erasure/right to be forgotten.

You can ask us to delete your data if it is no longer necessary for the above mentioned processing purposes or you wish to withdraw your data in case this is the only legitimate basis.

You have the right to portability of your Data.

You may request to receive the Data you have provided in a readable form or request us to transfer it to another controller.

You have the right to restrict processing.

You can ask us to restrict the processing of your Data for as long as your objections to the processing are pending.

You have the right to object and withdraw consent to the processing of your Data.

You may object to the processing of your Data and we will stop processing your Data, unless there are other compelling and legitimate reasons that override your right. If you have given your consent to the collection, processing and use of your personal data, you may withdraw your consent at any time with future effect:

Selecting not to receive Marketing Communications.

You can opt out of receiving marketing communications by changing your email and sms subscriptions by clicking the unsubscribe link or by following the instructions included in the message.

Alternatively you can contact us using the contact details we give you in clause 17 below.

Where we rely on our legitimate interest : In cases where we process your personal data based on our legitimate interest, you can ask us to stop for reasons related to your personal situation. We must then do so if we do not believe we have a legitimate compelling reason to continue to process your Personal Data.

How can you exercise your rights?

To exercise your rights you can submit a request to us at athenetgr@gmail.gr the title “Exercise of Rights” and we will examine it and reply as soon as possible.

Exception:

if you wish to correct your Data in your user account, you can log in to it and make any correction/change without having to submit a Request.
if you wish to withdraw your consent for sending a newsletter you can do so by selecting the link “To unsubscribe from the “newsletter mailing list” click here” at the bottom of each newsletter.
if you do not wish to receive web push notifications from the Company you can disable the option from your browser setting.

Identity check

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Policy. If you have authorised a third party to make a request on your behalf, we will ask them to prove that they have your permission to act for this purpose.

When do we respond to your Requests?

We will respond to your Requests free of charge without delay, and in any case within (1) one (1) month of receiving your request. However, if your Request is complex or there are a large number of Requests, we will inform you within the month if we need to obtain an extension of another (2) two months within which we will respond to you.

What is the applicable law when we process your Data?

The applicable law is Greek law, as formulated in accordance with the General Data Protection Regulation 2016/679/EU, and in general the applicable national and European legislative and regulatory framework for the protection of personal data.

Any dispute arising from or relating to the protection of your Personal Data shall be subject to mediation in accordance with the Mediation Regulation of the European Organisation for Mediation and Arbitration (EMCDDA). In the event that the dispute or part of it is not resolved through mediation, the dispute or the unresolved part of it is resolved exclusively, finally and irrevocably by an arbitral tribunal, which is appointed and conducts the arbitration in accordance with the EODID Arbitration Rules.

Where can you appeal if we breach the applicable law on the protection of your Personal Data?

You have the right to lodge a complaint with the Personal Data Protection Authority (postal address 1-3 Kifissia Street, P.K. 115 23, Athens, tel. 210. 6475600, e-mail address (e-mail) contact@dpa.gr), if you believe that the processing of your Personal Data violates the applicable national and regulatory framework for the protection of personal data.

How will you be notified of any changes to this Policy?

We update this Privacy Policy whenever necessary. If there are significant changes to our Privacy Policy or the way we use your Personal Data, we will post an update to this Privacy Policy on our website before the changes take effect and will notify you by any appropriate means.

We encourage you to periodically read this Policy to know how your Data is protected. This privacy policy was last modified on 24/09 June 2020.

Πολιτική Απορρήτου