PERSONAL DATA PROTECTION POLICY & DECLARATION OF CONFORMITY ON PERSONAL DATA PROTECTION
Growing economic and scientific collaborations as well as mutual provision for data processing services result in the exchange of personal data, a trend reinforced by the increasing use of modern telecommunications media. For these reasons, it is necessary to process the data carefully.
This policy is subject to change from time to time, so please check this page to be notified of any changes.
For this reason, we want to keep you informed of how we collect, use and share information about you. The collection, use and disclosure of your information is based on your consent or in accordance with applicable law.
For these reasons, it is necessary to process the data carefully.
The online store of the Company handles personal data with special care and always in accordance with EU Regulation 2016/679, the applicable National Law and applicable law.
For the purposes of this Directive, the following definitions shall apply:
Data Subject: any natural person whose personal data are processed by or on behalf of the Company
Personal Data: any information relating to a specified or identifiable natural person relating to his or her physical, physiological, psychological, emotional or economic status, cultural or social identity.
Processing: processing of personal data («processing»), any work or series of tasks performed on personal data, such as the collection, registration, storage, modification, analysis, use, association, commitment ( lock), deletion or destruction.
Criteria of legality
Personal data may be processed if at least one of the following applies:
the subject has given his consent
processing is necessary for the performance of a contract to which the subject is a party
processing is necessary to comply with a legal obligation.
Principles applicable to processing
We are allowed to process your personal data in order to provide personalized services, based on the law (Article 6 (1b) of Regulation (EU) 2016/679) and the relevant National Implementing Law. Your personal data is not used for purposes other than those described in the Declaration, unless we obtain your prior permission, or unless otherwise required or permitted by law.
Personal data should be processed in a manner compatible with the purpose for which it was collected.
The principle of proportionality applies to the processing of personal data. Among other things, it creates the obligation not to collect personal data for no reason.
The personal data used should be accurate and up to date.
Personal data used that is no longer accurate and complete should be corrected or deleted.
Except in cases where there is a legal obligation to keep them for a longer period of time, personal data should not be kept for longer than is necessary for the purposes for which they were collected or processed.
The processing of personal data should be done in accordance with the principles of good faith. This means that data subjects can rely on the fact that processors will show due diligence in all data processing matters.
Individuals whose personal data has been processed should be informed accordingly upon request. In particular, they have the right to be informed about the purposes for which their data are processed, the type of data to which they relate, as well as the identity of the recipients of the data. Where necessary, data subjects also have the right to request the correction, non-transmission or deletion of their data.
The above rights can be restricted only if this restriction is provided by law. This is especially true when conducting scientific research.
In particular, personal data is protected against unauthorized disclosure and any unlawful processing. The measures implemented should ensure a level of security commensurate with the nature of the data to be protected and the risks that may arise from its processing.
The Company is responsible for the implementation and compliance with EU Regulation 2016/679 and the applicable National Law.
The employees of the Company who deal with the processing of personal data are accordingly informed.
Why and how we process your data
The data are processed for the following purposes:
to process the requests you submit with the «Form», to enter your order on the site and provide information through it. The legal basis for the processing of personal data for this purpose is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation) and the performance of the contract to which you are a party to the data ·
to manage adverse reaction reports submitted through the Website or Forms. The legal basis for processing for these purposes is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation), as well as the pursuit of any public interest (Article 9 (2) (i)) of the GDPR Regulation) and legal obligations;
As you visit our online store, we will track the products you have seen and use it to show you which products you have seen recently.
The location, IP address and browser type will be used for purposes such as estimating taxes and shipping costs.
We will ask you to enter your address so that we can, for example, estimate the shipping cost before placing an order and have the order shipped to you!
When you purchase from us, we will ask you to provide information such as your name, billing address, shipping address, email address, phone number, credit card / payment details, and optional account information such as username and password. We will use this information for purposes such as:
Send us information about your account and your order
Respond to your requests, including returns and complaints
For payment procedures and fraud prevention
To set up your account in our store
To comply with our legal obligations, such as the calculation of taxes
To improve the offers of our store
To send you marketing messages if you choose to receive
If you create an account, we will save your name, address, email and phone number, which will be used to replenish the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it and we are not legally obligated to continue to maintain it. For example, we will store order information for tax and accounting purposes. This includes name, email address and billing and shipping addresses.
We will also save comments or reviews if you choose to leave them.
Who in our team has access?
Our team members have access to your data we collect. For example, System Administrators and Store Administrators have access to order information such as what was ordered, when the order was placed and where it will be shipped. In customer details, such as name, email, shipping address and billing information.
Our team members have access to this information in order to fulfill your order and provide every possible support.
What we share with others
In order to process your order, we will share your data such as name, address, phone number with courier companies to send your order.
To process your orders, we will share your data such as name, address, email with the PayPal service with which online payments are made.
All online payments we accept are made through PayPal. As the payment is processed, some of your data will be sent to PayPal, such as the total value of the order and the shipping address of your order.
See more in PayPal usage agreements.
In addition, but only with your voluntary consent which is the legal basis for processing in accordance with Article 6 (1) (a) of the GDPR:
to receive promotional material (direct marketing) from us.
By selecting the appropriate boxes you agree to the processing of your data for these purposes.
Your data may in any case be processed, even without your consent, for compliance with laws, regulations, EU law (Article 6 (1) (c) of the GDPR), for obtaining statistics on the use of the Website and its proper functioning (Rule 6 (1) (f) of the Rules of Procedure).
Personal data is entered into the Company’s IT system in full compliance with data protection legislation, including security and confidentiality profiles, and is based on principles of good practice, legality and transparency regarding processing.
The data are stored for as long as it is absolutely necessary to achieve the purposes for which they were collected. In any case, the criterion used to determine this period is based on compliance with the deadlines set by law and the principles of data minimization, storage limitation and rational file management.
All your data will be processed in printed or automated media, ensuring in each case the appropriate level of security and confidentiality.
The procedures for the processing of personal data of third parties upon agreement, are defined as follows:
The Company bears no responsibility for personal data of third parties which the customer submits to the Company.
Our customers are responsible for ensuring the express consent of third parties, whose data they provide to us. In the event that the third party is deemed unable to ensure a satisfactory level of security of the personal data of the third parties, the Company will terminate the cooperation and will not bear any responsibility for the data of third parties that may have been processed.
Access to Personal Data and Rights
If you wish, you can request at any time to be informed about your personal data held by the Company, their recipients, the purpose of their maintenance and processing as well as their modification, correction or deletion, by sending a relevant e-mail to www.albuspreadesign.com from the email address you provided, attaching a copy of your police ID. You also have the right to review the personal data we hold and in general to exercise any right provided by law for the protection of personal data.
The personal data that you disclose to the Company through www.albumspreadesign.com or through your personal presence on our site, either during your registration or at a later stage, are collected and used and processed in accordance with the applicable provisions on personal data protection character. and specifically, in accordance with the provisions of Law 2472/1997 and Law 3471/2006, as in force but also of the new European General Data Protection Regulation (EU) 2016/679 as well as of Directive 95/46 / EC, on protection of personal data.
You reserve the following rights in detail:
Right to be informed about your personal data: Upon your request, we will provide you with information about the personal data we hold about you.
Right to correct and supplement your personal data: If you notify us, we will correct any inaccurate personal data concerning you. We will fill in incomplete data if you notify us, provided that this data is necessary for the purposes of processing your data.
Right to delete your personal data: Upon your request, we will delete the personal data we hold about you. However, certain data will only be deleted after a specified retention period, for example because in some cases we are required by law to retain the data, or because the data is required to meet our contractual obligations to you.
Right to freeze your personal data: In certain cases provided by law, we will freeze your data if you request it. Further processing of blocked data is done only to a very limited extent.
Right to withdraw your consent: You can revoke your consent to the processing of your personal data in the future at any time. The legality of the processing of your data remains unaffected by this action, to the point of revoking your consent.
Your right to object to the processing of your data: You may at any time object to the processing of your personal data in the future if we process your data on the basis of one of the legal justifications provided for in Article 6 (1e or 1f). ) of Regulation (EU) 2016/679. If you object, we will stop processing your data, provided there are no legitimate grounds for further processing. Processing your data for advertising purposes is not a legitimate reason.
Security of Personal Data
The Company applies specific technical and organizational security procedures in order to protect personal data and information from loss, misuse, alteration or destruction. Our partners who support us in the operation of this website also comply with these provisions. In particular, we have a vertical Server, our own powerful order management technology. In general, the Company makes every reasonable effort to keep the personal data collected only for the period for which it is needed for the purpose for which it was collected or until their deletion is requested (if this occurs earlier), except if it continues to comply with them as provided in the current legislation.
Revisions of the Declaration
The Company reserves the right to modify or periodically revise this Statement, at its sole discretion. In the event of any changes, the Company will record the date of modification or revision in this Statement and the updated Statement will be valid for you from that date. We encourage you to periodically review this Statement to determine if there are any changes to the way we handle your personal data.
This is a Declaration of Conformity with the provisions of EU Regulation 2016/679 and the applicable National Law.