Home " <a

PERSONAL DATA PROTECTION POLICY

1. Introduction 

This privacy policy includes the ways in which "KATSANTONIS IOANNIS" processes information that can be used to directly or indirectly identify an individual ("Personal Data") collected through the use of the "KATSANTONIS IOANNIS" website and its contact form or its order form. In any case, "KATSANTONIS IOANNIS" reserves the right to change the terms of protection of personal data after informing visitors/users and within the existing or potential legal framework. If a visitor/user does not agree with the terms of protection of personal data provided in this section, he/she must not use the services of the yiayiapies.com. You can browse our online store without providing any personal information. Your personal information will only be requested when you want to contact "KATSANTONIS IOANNIS" or place an order.

Our website is in compliance with the General Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data ("GDPR Regulation"), which is a directly binding legislative act. The GDPR Regulation creates some new rights for natural persons and enhances some of the rights that already existed under Directive 95/46/EC. Directive 95/46/EC will be repealed on May 25, 2018, when the GDPR Regulation comes into force. In addition, our website is in full compliance with Law 4624/2019 (Government Gazette A 137/29-8-2019), which was enacted in Greece for the protection of personal data.

In the text of this policy, "User" means the person who uses the services of the website of "KATSANTONIS IOANNIS", "Visitor" means the person who visits our website (www.yiayiapies.com), as "Customer" the persons who contract with "KATSANTONIS IOANNIS" for the purchase of its products.

Any processing of personal data carried out by "KATSANTONIS IOANNIS" is carried out in such a way as to ensure its confidentiality. All information is stored securely and access to it is allowed only to authorized personnel. KATSANTONIS IOANNIS implements and develops the necessary technical and organizational measures to protect the Personal Data of Users, Visitors and Customers (all of them understood as "Subjects" of personal data) from unauthorized or unlawful processing and use, as well as against possible loss, destruction, damage, theft or unauthorized access.

2. Collection and Use of Personal Data

2.1. The legitimate basis for the use of your personal data

"KATSANTONIS IOANNIS" collects only those personal data that are necessary in order to satisfy your requests. Whenever additional, optional information is sought, you will be informed of this at the time of collection of such data, and your prior consent to the processing will be required. The current legal framework allows us to process personal data only if we have a lawful basis for doing so. Therefore, when we process your personal data, we rely on one of the following processing situations:

Providing consent: We may occasionally ask for your consent in order to process some of your personal data. We will only process your data in this way if you expressly agree to this (Article 6(1a) of the GDPR Regulation).

Contract performance: Where the processing of your personal data is necessary for the fulfilment of our obligations arising from the contract concluded between us (Article 6(1b) of the GDPR Regulation).

Legal obligation: This is in cases where we are required to process your personal data in order to comply with a legal obligation, such as, but not limited to: a) to keep records for tax purposes, b) to provide information to a public body, c) to comply with the requirements of a legislative or regulatory provision or a court order (Article 6(1c) of the GDPR Regulation).

Protecting your vital interests: This is in cases where the processing of your personal data is necessary to protect your vital interests (Article 6(1d) of the GDPR).

Performance of a task carried out in the public interest or in the exercise of official authority: This is the case where the processing of your personal data is necessary for the performance of a task carried out in the public interest (Article 6(1)(e) of the GDPR).

Legitimate interest: We may process your personal data in cases where such processing is in the legitimate interest of our company in the performance of a lawful activity, in order to ensure the continuity of that activity. Such processing will, of course, not go beyond your interests, freedoms and fundamental rights (Article 6(1f) of the GDPR Regulation).

KATSANTONIS IOANNIS does not process your personal data, such as personal data concerning a person's race, nationality, political opinions, trade union membership, religious beliefs, philosophical beliefs, physical or mental health, sexual life and orientation, data relating to criminal convictions and criminal acts. The following sections cover the specificities of each of the aforementioned groups from which personal data are collected.

2.2. Collection of Subject Data

"KATSANTONIS IOANNIS" collects the personal data of the Subjects through the Customer Service Call Centre, its External Partners, as well as through its website. The following sections cover the Subjects whose personal data are collected. "KATSANTONIS IOANNIS" may collect and process personal data about Users through the contact form, Website Visitors, Customers through the order form and its External Partners. Where required by the applicable legal framework, we will request your explicit consent for the processing of your personal data as collected by "KATSANTONIS IOANNIS".

Your personal data processed by "KATSANTONIS IOANNIS" are the following:

  • Personal Data of Users: Full name, landline phone number, mobile phone number, home address, IP address, email address.
  • Visitor Personal Data: IP address, cookies
  • Customer Personal Data: Full name, home address, billing address, passport number, passport number, landline phone number, mobile phone number and email address.

3. Data transmission

KATSANTONIS IOANNIS does not disclose your personal data to third parties outside the European Union in countries where there is no appropriate data protection regime. However, in the event that such a data transfer would need to take place, KATSANTONIS IOANNIS will take every possible measure to ensure that your data is treated securely as it would be within the EU/EEA and in accordance with this Policy and applicable law. In addition, "KATSANTONIS IOANNIS" will update the current Policy to cover cross-border data transfers and related privacy safeguards for Users of its platform.

4. Data retention period

KATSANTONIS IOANNIS will not retain the data of the Subjects beyond the time necessary to fulfil the purposes for which they have been collected or as required by the applicable legal framework. In case of conclusion of a sales contract with "KATSANTONIS IOANNIS", the latter shall keep the personal data of its customer until the completion of the general statute of limitations for claims, i.e. for a period of up to twenty (20) years from the termination of the relevant contracts in any way. If until the expiry of the above mentioned period, legal actions are in progress with "KATSANTONIS IOANNIS" that directly or indirectly concern the Customer, the above mentioned data retention period will be extended until the issuance of an irrevocable court decision. In some cases, specific personal information may be kept beyond this period, due to possible legal obligations, legitimate interests of "KATSANTONIS Ioannis", etc. Such cases are, indicatively, those related to any branch of law (tax, civil, criminal, etc.). In the event that the transactional relationship is not established, the personal data of the User or Customer will be kept for a period of up to five (5) years from the date of collection. In case a shorter or longer data retention period is provided by law, the above data retention period will be reduced or increased accordingly. KATSANTONIS IOANNIS may collect, record and process the data of the Visitors of its website. We may record your IP address and use cookies.

5. Use of the Website

In accordance with the specific provisions of Article 8 of the Regulation, minors under the age of fifteen (15) years are prohibited to disclose to "KATSANTONIS IOANNIS" through its website their personal data without the prior consent of their guardian. We ask these persons not to submit information to us. In case the Users of the website fall into the above category and continue to disclose their personal data to us through our website, it will be considered by "KATSANTONIS IOANNIS" that these persons have received the prior consent of their guardian.

6. The Rights of Subjects

The new GDPR Regulation gives you the following rights, regarding the processing of your personal data:

Right of Access: You can request access to your personal data. This gives you the opportunity to receive a copy of your personal data held by "KATSANTONIS IOANNIS".

Right to rectification: You can request the correction of your personal data. This enables you to correct any incomplete or inaccurate data that "KATSANTONIS IOANNIS" has about you. In this case, we will need to verify the accuracy of the new data you provide.

Right of Deletion: You can request the deletion of your personal data. This gives you the opportunity to request that we delete or remove personal data where there is no reason for us to continue to process it.

Right to restriction of processing: You can request restriction of the processing of your personal data.

Right of Rejection: You may object to the processing of your personal data at any time, in cases where the processing of your data is based on the performance of a task carried out in the public interest or in the exercise of official authority (case e of paragraph 1 of Article 6(1) of the Regulation), or if the processing serves the legitimate interests of "KATSANTONIS IOANNIS" or a third party (case f of paragraph 1 of Article 6(1) of the Regulation).

Right of Portability: You can request the transfer of your personal data to you or to third parties. We will provide you or the third party you have chosen with your personal data in a commonly used, electronically readable format. Please note, this right only applies to automated information that you originally provided us with your consent to use or whenever we have used that information to perform a contract with you.

Right to withdraw consent: You can withdraw your consent at any time, in cases where you have already given your consent to the processing of your personal data. However, this will not affect the lawfulness of any processing that took place before you withdrew your consent. If you withdraw your consent, "KATSANTONIS IOANNIS" may not be able to offer you certain of its products or services. You will be informed of this at the time of your request.

Non-automatic decision-making:  Automatic decision-making occurs when an electronic system uses personal data to make a decision without human intervention. In this case, you have the right not to submit to decisions taken solely through automated processing, including profiling, which produces legal effects concerning you or which significantly affect you in a similar way, unless you provide us with your consent, or it is necessary for the conclusion or performance of a contract between you or otherwise permitted by law. You also have the right to challenge decisions made about you through the above procedure.

KATSANTONIS IOANNIS respects the rights you have to your personal data and facilitates you in exercising them. You can address in writing any request, question or complaint regarding your personal data by contacting us by phone at 2310****** or by email at info@yiayiapies.com.

In any case, if you feel that the protection of your personal data has been violated in any way, you have the right to submit a written complaint to the Hellenic Data Protection Authority (1-3 Kifissias Street, P.O. Box 11523, Athens) or electronically (www.dpa.gr).