Kindly read carefully the present document:
“Personal data” is every information that concerns natural persons.
“Process of personal data” means every action concerning personal data, such as collection, registration, storage, amendment, restoring of information, use, distribution of any means, restricition, deletion or destruction.
“Controller of personal data” is the natural person or legal entity, public authority or service, that, jointly or separately define the purpose and means of processing the personal data.
“Processor of personal data” is the natural person or legal entity, public authority or service that processes personal data on behalf of the controller.
The data are collected and processed only when absolutely necessary.
When we collect personal data? Which data do we collect?
The visitor/user can visit our website without revealing his/her identity and without providing any personal data without his/her concern. However, the visitor/user, in order to being able to place orders and maybe become recipient of an e-mail (for example newsletter) that our Company sends, so that he/she can be informed about issues that concern him/herself and the company and his/hers purchases, and also to have future benefits from our Company, he/she expressly consents through the completion of the relevant form when he/she subscribes at our e-shop services, and he/she also consents to the grant of the information below (name and surname, address, e-mail adress, phone number) to our Company in order to become a client. Communication can also be through telephone call at our Company’s phone number. We receive your personal data only if you choose to provide them. In some cases, it is possible to already have provided your personal data to our company at the past (if for example you have cooperated with us again in order to provide our services). With the submission of your personal data, you also consent to the use of your data according to the present causes. Your personal data are not used for other purposes, except for your permission to, or if this is required or allowed by law. The IP addresses (=the number that is given to your computer every time you have access to the internet and allows to the computers and the servers to be recognised and communicate with each other) from which it looks that visitors come from can be recorded for security reasons of the technology of information and diagnosis of the systems. Phone calls can be recorded for security reasons of the technology of information.
Legal base for the use of your personal data
Our company collects solely personal data in order to execute your instructions, i.e. to provide the requested services of KOHO COSMETICS. If additional information is required, you shall be notified upon the collection of the data.
GDPR allows us to process personal data, when the following occur separately (or jointly):
- Performance of a contract. This occurs when the process of your personal data is essential for the fulfilment of our obligations concerning the contract.
- Legal obligation. This occurs when we are obliged to process your personal data in order to comply with a legal obligation, such as preserving archives for tax purposes or providing information to a public entity or legal authority.
- Your consent. You can withdraw your consent at any time, by telephone +30 697 231 3216 or through a request in writing to our company or through e-mail at: firstname.lastname@example.org.
Our company collects personal data for the performance of the contract or to carry out means upon your request before the signing of the contract, or in order to comply with a legal obligation or for the purposes of our vested interests or when you have provided your consent or for the preservation of your vital interests, or for the fulfilment of duty for public interest or for the exercise of right and obligations arising from security law or for legal claims or when required by the Courts of Law.
Rights of the subject of the data – visitor/client
The subject of the data (visitor/client) is able to access their personal data that have been collected and are being processed by our Company, along with the right of notification, upon relevant request by phone +30 697 231 3216 or through e-mail to: email@example.com This is referred to as ‘’Subject’s request for Access’’. Access to your personal data is free of charge. Before carrying out your request and in order to have transparence through the transactions, we may ask for verification of your ID and sufficient information for your transaction with us in order to identify you. If the data we have that concern you are not accurate, you can request us to correct any inaccuracies concerning your personal data. You can modify, correct, provide additional information concerning your personal data that are being processed by our Company and for this purpose you can submit a relevant request by phone at +30 697 231 3216 or through e-mail at: firstname.lastname@example.org. You also have the right to decline the processing of your personal data by us (right of decline) if we do not have the right to use it, or request that it is deleted from our archives (right of deletion) or to request to limits its use in specific cases (right of limited process). For exercising all the above mentioned rights, you can submit a relevant request by phone at +30 697 231 3216 or through e-mail at: email@example.com. Upon review of the relevant request, the Company will proceed to carrying it out within a month, provided that it is legal and valid.
The subject of the data has the right to revoke the present consent to process the personal data by submitting a relevant request by phone at +30 697 231 3216 or through e-mail at: firstname.lastname@example.org.
Disclosure and transfer of Personal Data
Our Company may disclose personal data in order to respond to any request by the Courts, government authorities, legal authorities or wherever it is required or advised to comply with the legislation in force, court decisions, or regulation and instructions of the courts or court authorities. Disclosure of personal data may be required by reviews concerning the protection of personal data and the security and/or inquisition or response to a complaint or security threat.
Data Security, Data Breaches, Storage, Time of retention and integrity
Our Company applies reasonable security policies and procedures in order to protect personal data and information from non-authorized loss, bad use, change or destruction. Our Company is committed to protect personal data and information that the clients/visitors provide. For this purpose, it has received all the appropriate measures of technical security, storage and process of personal data of visitors/clients. The personal data collected, is stored in transporters of limited access that are controlled with access codes and our Company uses special technology and procedures to enhance the protection of this information against loss or bad use, along with protecting it from non-authorized access, disclosure, amendment or destruction. Nevertheless, even though our Company makes every possible effort to protect the above mentioned files, it cannot guarantee that the above mentioned technology and will never be violated and by any means. Despite our efforts, total security against all treats cannot be guaranteed. In case of loss or violation of personal data, we have a specialized team that deals with these incidents in order for everything to be restored, to retain the casualties to a minimum and comply with our legal obligations. We make every possible effort so that the access to the personal data is limited to those who are required to have access to it. The persons that have access to the data have a confidentiality obligation. Consequently, if you become aware of any Illegal, unlawful use of personal data, that are connected in any way to our Company, you undertake the obligation to notify us immediately. Otherwise, you shall be held liable against our Company.
Moreover, we make every possible effort to keep the personal data we collect only for the time period we need these data to fulfil the purpose for which they were collected or for the compliance with the request of the individual or until their deletion is requested by the subject.
Retention of personal data
We keep your personal data for 5 years. Tax information is retained according to the deadlines are determined by tax law.
If you have any questions, comments or complaints concerning the management or the protection of your personal data by us or if you wish to modify your personal data or exercise any of your rights as a subject of data, kindly submit a relevant request by phone at +30 697 231 3216 or through e-mail at: email@example.com.
The controller is: KIRIAKOS APOSTOLAKIS and you can contact them by phone at +30 697 231 3216. The Visitor/Client reserves the right to file a complaint before the Hellenic Data Protection Authority (HDPA)(Kifisias 1-3 Street, Postal Code 115 23, Athens, +30 210 6475600, firstname.lastname@example.org).