Our company respects the personal data of its customers and in general of those who do business with it. This Privacy Policy concerns the Personal Data Protection Policy that we follow as a company, regarding the conditions for the collection, storage and use of personal data that we maintain for our natural persons, customers, employees and partners, in accordance with what is defined by the General Regulation on Personal Data Protection (GDPR) 679/2016 and the Greek Law 4624/2019 on measures to implement the European GDPR.
The terms of this Policy may be updated - modified. For this reason, it is legitimate for you to be regularly informed about its content.
With this Privacy Policy, we inform you about the method and purpose of collecting, processing and storing your personal data, the time it is kept and your rights over it. We collect, process and store your personal data, either during your visit to our company's headquarters, or during your telephone communication with us, or through the contact form on our company's website www.dagazian.gr.
- What is Personal Data?
"Personal Data" is any information that identifies the subject of the data, i.e. any natural person, private individual and professional. As an example, we mention that personal data are the following: first name, last name, postal address, e-mail address, contact phone number, VAT number, AMKA, etc. - What constitutes processing of Personal Data?
Processing of Personal Data is the collection, registration, organization, storage, adaptation, alteration, retrieval, information search, use, transmission to third parties, dissemination, association, combination, limitation, deletion and destruction of Personal Data of natural persons. - What Personal Data do we collect?
We collect and process your personal data below:
A) Contact and personal information: name, phone numbers, e-mail address, postal code, billing address for the order and product shipment, e-mail address, login password, IP number of Internet connection during the session communication, etc.
B) Website Usage: how you use our website and whether you open or forward our communications.
C) Sales and Service Information: information related to purchases, customer identity, service provision and the purchase and shipment of our products, including complaints and claims.
We only collect the above data if our customers voluntarily provide it to us. - In what ways do we collect your personal data?
Our company may collect your personal data in the following, indicatively mentioned, ways:
• Visit to the headquarters and branches of our company,
• Member registration on the Website www.dagazian.gr.
• Send a contact form,
• Telephone communications with the Company,
• Buy products and services,
• Communication with a representative of the Company by e-mail, telephone or correspondence,
• Registration in the Company's newsletter,
• Cookies that are stored on your computer or mobile device when you visit our Website websites.
Regarding the Sale of Products and Provision of Services
The personal data of the customer and/or user of our website will be stored and accessible for the execution of the contract and the provision of the services he has chosen, in an efficient manner, so that the competent authorities and any strictly authorized partner can perform or check the progress of each project.
About Product Purchases
Our company collects data during online ordering through the shopping cart available on our website. This data concerns personal data, such as shipping information, customer-buyer information, as well as the products or services chosen by the visitor or User of our website. This data is used for the secure completion of the transaction and the possibility of informing the User, in the context of the execution of the contract.
We do not collect payment-related data, such as the bank account number, the credit or debit card number. If the user selects "payment by card", the necessary payment card details must be entered on the secure website of the cooperating bank to which they will be automatically redirected to complete the payment (redirect).
Regarding purchases by contacting our representative by phone on 2310 288055, we inform you that we must collect your above personal data, i.e. name, address, postal code, city, country and contact phone number, in order to be able to we then ship the ordered product to you and contact you if required. Therefore, the submission of the order implies your automatic consent to the collection, processing and storage of your personal data, exclusively for the above purpose and in accordance with the conditions stated in this Privacy Policy.
Regarding the given consent, the representative of our company will mention-remind you, during your telephone communication with us. - For what reasons and for what purposes do we collect, process and store your Personal Data?
The personal data you provide to us, in any of the above ways, are used by us, upon your consent, exclusively and only for reasons related to your transactions with us, i.e. to satisfy your requests and to provide you with the services you choose under the best conditions and in the most efficient way. our communication with you and the promotion and advertising of our products.
We collect only the personal data that is necessary for the above purposes, so that we are able to ensure your personalized service, the consistent delivery of the products you order, the secure payment of your order and timely information about various offers and facilities that from time to time we provide our customers, through your subscription to our website newsletter, by which you give us your consent to send newsletter, offers and updates, by e-mail about related products and services, including personalized/personalized offers , discounts etc..
If and where additional information is required, you will be informed at the time of data collection and you will be asked for consent again. - Who do we share your Personal Data with?
We share and disclose the information we collect from you, exclusively and only in the context of the above processing purposes, to the absolutely necessary and authorized by us staff of the company and its partners, accounting firm, partner accountant or partner accounting firm, data processing system support providers of those etc., who are committed to confidentiality, confidentiality and privacy. For example, the company may entrust the processing of your personal data as defined herein to a specialized company for this purpose.
Οι πληροφορίες αυτές διανέμονται μόνο εντός της Ευρωπαϊκής Ένωσης (Ε.Ε.).
The company will disclose personal data only if this is deemed necessary to complete the transaction and/or when required by applicable law. Our company agrees with all its corporate partners that they will limit the purposes for which your personal data can be disclosed and processed, in accordance with the above and will provide adequate protection of your personal data.
The business may store your personal data in the cloud. This means that your personal data may be processed by a cloud service provider on behalf of the business and your personal data may be stored in different locations around the world. The Company uses organizational and contractual measures to protect personal data and to impose similar, but in no way less restrictive, requirements on our cloud service providers, including requirements regarding the exclusive processing of your personal data for the purposes stated herein .
While browsing the Company Website, you may encounter links to other websites for convenience and informational purposes. These websites may operate independently of the business and have their own notices, statements and privacy policies. We recommend that you read them to understand how your personal data is processed in relation to the specific sites, as we are not responsible for the content of sites owned or operated by another company, nor for the use or the privacy practices of those sites. - How long do we store your Personal Data?
We store your personal data for as long as is required to serve the above processing purposes, for which we have your consent and as required by the relevant legislation.
All personal data of our private client candidates and our employee and partner candidates (e.g. resumes, etc.), which are included in paper documents, electronic media and/or databases (computerization), are deleted within two (2) months, if have not been included in sales documents or (co)operation contracts. All relevant forms are destroyed in a mechanical shredder. - We keep your data safe
We take appropriate organizational and technical measures, physical and electronic, so that your personal data held by us is safe and protected from physical and electronic risk of unfair processing, unauthorized access and disclosure, accidental or unlawful destruction, loss, alteration, leakage and theft.
In the event of a breach of your personal data, we will follow the provisions of the GDPR regarding information and notification of the breach.
Security is achieved by the following methods:
Identification
Two fields are used to identify the User: the Login ID (e-mail or username) and the Personal Secret Security Code (password), which each time they are entered provide access to their account with absolute security. The User is the only one who has access to his information through the above secret code and is solely responsible for maintaining its secrecy and concealing it from third parties. In case of its loss or leakage, you should notify the company immediately, otherwise the company is not responsible for its use by an unauthorized person. The company recommends, for security reasons, that the User changes his password at regular intervals and avoids the use of easily detectable codes (e.g. date of birth or telephone number).
Securing the Privacy of the Transfer of Your Personal Data
To ensure the confidentiality of the data transfer, the SSL encryption protocol with an RSA key of 2048 bits (e 65537) is used. In addition, all the backup systems we use have additional encryption (AES-256) before transmission to an approved cloud provider via an SSL connection as an additional data security measure. The backup providers we currently use to store data are:
a) infrastructure of Hetzner Online GmbH (https://www.hetzner.com) and
b) infrastructure of the company Google LLC® (https://drive.google.com/).
Controlled Access
All our websites / eshops are installed in Data Center infrastructures that have ISO 27001 security specifications and meet GDPR requirements for data protection. Access to the Company's systems (servers) is controlled by a firewall, which allows the use of specific services by users while prohibiting, at the same time, access to systems and databases with confidential Company data and information. The web hosting providers we use today are:
a) IPS IKE infrastructure (https://www.ipsnet.gr)
b) infrastructure of Hetzner Online GmbH (https://www.hetzner.com) and
c) Pointer company infrastructure (https://www.pointer.gr)
Encryption
Using special software, the company's electronic system first decrypts the information it receives before processing it. The company's systems send information following the same encryption process. Anywhere on the Website you enter personal data (password, email, addresses, telephone numbers, credit card number, etc.) there is SSL encryption with an RSA 2048 bits key (e 65537). In addition, all passwords are encrypted (MD5 encryption) and kept in a password-protected, encrypted database. The disclosure of passwords is not possible neither in our Company nor in the manufacturing company of our software (IPS). The above allows us to set a new temporary password, only in the event that this is required by the user.
Confidentiality of Transactions
Privacy is a matter of course for us. The basic principles that govern traditional transactions also apply in the case of electronic transactions with the company. All information transmitted by the User is confidential and the company has taken all the necessary measures to keep it secure and to be used only to the extent necessary to fulfill the contract and provide the services.
The User, in order to ensure the security of his data, should himself not proceed with any disclosure of these, nor the details of access to them, to third parties.
The above security is provided by us in relation to payments made by card (debit, prepaid or debit), which are made through the corresponding banking service. We take all the necessary measures for your safe transactions with our company, while we do not store or control your card data. - You have the following rights over your personal data that we process and store:
a) Access to your personal data.
You can find out the categories of data that we process, the purposes of their processing, the recipients of the data, the period of time of their storage, the criteria for their storage, the existence of the right to correct or delete the data or limit their processing or the right to object and objection to their processing, information on the origin of the data and the existence of automated decision-making, including profiling,
b) The correction of incorrect/inaccurate data and the completion of incomplete data concerning you,
c) Limiting the processing of your personal data,
d) The deletion of your personal data, provided that the data is not kept for a specific legal and stated purpose,
e) The portability of your data. You have the right to receive or request the transfer of your data, in a machine-readable format, from our company to another controller and
f) The withdrawal of your consent to the processing of your personal data. The withdrawal will only concern the future and will not affect the lawfulness of their processing until the moment of withdrawal of your consent.
To exercise the above rights, you can contact the email account: [email protected], stating your full details and the reason for your contact. After studying the relevant request and identifying the sender, our company will proceed within a reasonable period of time to satisfy it, provided that the request is legal and reliable.
You also always retain the right to submit a complaint/complaint about any right or request you have to the Personal Data Protection Authority (address: Kifissias 1-3, P.K. 11523, Athens, tel/no 2106475600, e-mail: contact @dpa.gr). - How can we improve the Services provided to you?
In addition, our company collects information when you visit us online, as well as through the electronic messages we may exchange, about how the User uses the services, such as the type of content viewed or the frequency and duration of their activities . Furthermore, the company collects information from or about the type of devices (e.g. smart phones, laptops, etc.) and browsers, through which the User gains access to the services, depending on the rights he has assigned. The Company may correlate the information it collects from the User's various devices, as this contributes to the consistency of the Services provided. The collection of this data allows us to personalize your online experience, to improve the performance, usability and effectiveness of the Website and to evaluate the effectiveness of the marketing activities of our services.
In particular, login information is collected, such as:
• the name of your mobile operator or Internet Service Provider (ISP);
• the language and time zone of the browser,
• the geographic location of the access device, but also the type of browser (Google Chrome, Safari, etc.)
• the IP address of the electronic device through which you access the Website. The IP address is a number assigned to your electronic device every time you access the internet and for information security and system diagnostics purposes, this data is collected when you visit the Website. - The use and operation of Cookies
Our company uses cookies. Cookies are small text files (txt) that identify the user, which are stored on the hard drive of the User's computer during his visit to the website in order to facilitate his access, the smooth operation of the website's services and the collecting data to improve the content of the Website and the overall browsing experience of the User. Cookies do not cause damage to the Users' computers and the files stored on them, to which they have access. They may include the type of browser (browser) the user uses, the type of computer, its operating system, internet service providers and other such information. Cookies cannot independently identify the User. Detailed information on the Cookies Policy can be found at Cookies Policy
When visiting the Website, a warning box (Javascript layer) will appear which will require your consent to the collection of cookies. If you do not provide your consent, your computer or electronic device will not be tracked for activities related to the promotion of services, however, another type of cookies, which are referred to as user-input cookies, are not excluded because they may be required in order to ensure the necessary functionality. - Change of Data
You can correct your incorrect/inaccurate personal data and complete any missing data concerning you. In addition, you can request the restriction of the processing of your personal data, the deletion of your personal data, as long as this data is not kept for a specific legal and stated purpose and the portability of your data, i.e. you are entitled to receive or request the transfer of your data, in machine-readable form, from our company to another controller.
To exercise the above rights, you can contact the email account: [email protected], stating your full details and the reason for your contact. After studying the relevant request and identifying the sender, our company will proceed within a reasonable period of time to satisfy it, provided that the request is legal and reliable. - Withdrawal of Consent
You further have the right to withdraw your consent to the processing of your personal data. The withdrawal will only concern the future and will not affect the lawfulness of their processing until the moment of withdrawal of your consent. You can withdraw your consent, as above, by contacting the email account: [email protected], stating your full details and the reason for your contact. - Submitting a Complaint
In case of non-compliance of our company with any of your above requests or in general with the principles and provisions of the GDPR, you always reserve the right to submit a complaint/complaint for any right or your request to the Personal Data Protection Authority (address : Kifisias 1-3, P.O. 11523, Athens, tel. 2106475600, e-mail: [email protected]).
EN 
EL