Privacy Policy

INTRODUCTION

Flowersmarianna.gr (“Company” or “us”) wants to inform you about how we collect personal data from and about you through our online store that operates on our website flowersmarianna.gr.gr, through our physicists stores or otherwise in person as well as by making telephone purchase orders or by e-mail (collectively the “Services of the Company”), and how we use and disclose such personal data.

Flowersmarianna.gr provides this Privacy Information (hereinafter referred to as the “Privacy Policy” or “Information” or “Information”) in accordance with EU General Regulation 679/2016 on the protection of personal data (the “Regulation”) and the applicable national legal framework, underlining its commitment to protecting your personal data.

In this Privacy Policy you will find all relevant information that applies to the use of the personal data of our users and customers, regardless of
the channel or medium (online or in person) of flowersmarianna.gr which you use for your transactions with us.

  1. WHO IS THE MANUFACTURER AND WHO IS COVERED BY THIS POLICY

The business Tzouvaltzis Georgios tou Fotis, florist, based at 28 Serres Venizelou, controller of your personal data that we collect through the Services of the business in accordance with the General Regulation EU 2016/679 and the applicable legislation.

You can contact the Company at the email address info@flowersmarianna.gr.

This Policy, as well as our Cookies Policy, applies to all users, including those who use the Company Services without being registered or subscribers and those who are registered or are subscribers to the Company Service, as well as for those who place orders by phone or email or make purchases at the Company’s physical stores or otherwise in person.

The Services of the Company are addressed to the general public, are not addressed to children and do not collect conscious personal data from children under 16 years of age.

Β. WHAT KIND OF PERSONAL DATA WE COLLECT ABOUT YOUR PERSON

The Company collects (1) transaction and registration data, during the execution of a transaction, during your registration or during your registration in a Service of the Company, (2) public data and publications that you disclose through the Services of the Company, (3) data that you have allowed on social media to communicate to the Company, (4) activity data when you access and interact with a Company service. Specifically, the Company collects the following types of data from and for you:

  • Transaction and registration data, ie the information you submit in order to execute a transaction with the Company and / or to subscribe to a Company Service, for example to make a purchase either online or in a physical store, to create an account, post comments, receive a newsletter, or enter a contest. Registration information may include, for example, first name, last name, email address, gender, country, zip code and date of birth.
  • Public data and posts that consist of comments or content that you post on the Company Services and your personal data that accompanies such posts or content, which may include your nickname, username, comments, likes, status , profile information and photo. Public information and posts are always public, which means they are available to everyone and can appear in search results on external search engines.
  • Data from social media. If you access or sign in to a Company Service through a social media service or link to a Company service in a social media service, the data we collect may also include your username and / or username associated with This social media service, the information or content that you have allowed the social media service to share with us, as well as your profile picture, email address or friend lists, and personal information that you have published in relation to the specific social media service. By accessing the Company Services through social media services or by linking a Company Service to social media services, you authorize the Company to collect, store and use the relevant personal data and content in accordance with this Policy.
  • Activity data. When you access and interact with the Company Services, we may collect specific information about these visits. For example, to allow you to connect to the Company Services, our servers receive and record information about your computer, device, and browser, including, where appropriate, your IP address, browser type, and other information. software or hardware. If you access the Company’s services from a mobile or other device, we may collect a unique device ID assigned to that device, geolocation data, or other transaction data for that device. We may also collect cookies and other tracking technologies (such as browser cookies, pixels, beacons and Adobe Flash technology commonly referred to as “Flash cookies”). These technologies can be used to collect and store information about your use of the Company Services, such as the pages you have visited, the video and other content you have viewed, the search queries you have submit the ads you have seen .. See our for more information. Cookies Policy.
  • Information from other sources. We may supplement the information we collect with information from other sources, such as publicly available information about your online and offline activity through social media services and commercially available sources.

We do not collect:

  • Financial information from a payment service provider: in some cases, we may use an offline payment service to enable you to purchase a product or make payments (“Payment Service”). If you wish to purchase a product or make a payment through a Payment Service, you will be directed to a Payment Service website. Any information you provide to a Payment Service will be subject to the Payment Service’s privacy policy and not to this Policy. We have no control over and are not responsible for any use, by the Payment Service, of information collected through any Payment Service.
  • Sensitive information: we ask that you do not send or disclose sensitive personal information (such as social security numbers, information about racial or ethnic origin, political views, religion or other beliefs, health, criminal background or involvement in trade unions) in or through the Services of the Company or otherwise.

Connected services

Finally, the Company Services may also link to websites, including social networking sites, managed by non-affiliated companies, and may provide advertisements or offer content, functionality, games, newsletters, contests, or applications being developed and maintained. from unrelated companies. The Company is not responsible for the privacy practices of unrelated companies and as soon as you leave the Company Services or click on an advertisement you should check the applicable policy of the other service.

  1. HOW WE USE YOUR PERSONAL DATA

We use the personal data we collect from and in relation to your person:

  • To provide you with the Services of the Company.
  • To measure, analyze and improve these Services of the Company.
  • To enhance your experience through the Company Services (both online and offline) by providing content that you may find relevant and interesting.
  • To allow you to comment on content and participate in online games, contests or rewards programs;
    To provide you with customer service and answer your questions.
  • To protect the rights of the Company and others. For example, there may be cases in which the Company may use your personal data, including cases where the Company considers, in good faith, that such processing is necessary for: (i) the protection, enforcement or defense of the legal rights, security or property of the Company or its employees, agents, contractors, licensors and suppliers (including the implementation of our agreements and terms of use); (ii) the protection of the security, confidentiality and security of the users of the Company Services or the citizens, (iii) the protection of the Company, as well as other involved third parties, such as the Company ‘s suppliers, from fraud or for risk management purposes.
  • For the purpose of complying with applicable laws or legal procedures and / or responding to requests from the appropriate governmental authorities.
  • To complete a corporate transaction such as a proposed or actual reorganization, merger, sale, joint venture, divestiture, transfer or other disposal of all or part of the business, assets or stocks of the business (including any bankruptcy or similar proceedings). For example, if the Company participates in a merger or transfer of all or a substantial part of its activities, the Company may disclose and transfer your personal data to the party or parties involved in the transaction as part of that transaction;
    To enable social transaction – if you sign in or link a social media service account to the Company Services, we may share your username, photo and likes, as well as your activities and comments with other users of the Company Services and with your friends related to your social media service. We may also share the same personal data with your social networking service provider.
  • Subject to your prior consent, we may send you (via email, sms, telephone, chat and social media) offers, promotions, promotional materials and other commercial announcements about the Company Services. This includes the Company’s newsletter
  • Subject to your prior consent, to analyze your behaviors, habits and consumption trends and to send you commercial announcements tailored to your interests and needs through the communication methods mentioned in point j) above (hereinafter “Profile Training”). ).

We may use anonymous data or information that no longer identifies you personally, even indirectly (eg statistics) for any purpose or we disclose it to third parties.

  1. ON WHICH LEGAL BASIS WE PROCESS YOUR PERSONAL DATA

The processing of your personal data for the purposes of:

  • Section 3 (a) to (f) of this Policy is necessary for the provision of the requested services and is therefore mandatory because otherwise the services could not be provided.
  • Section 3 (g) of this Policy is required under applicable law and is therefore also mandatory.
  • Section 3, point h) of this Policy is executed based on the legitimate interest of the Company and its counterparties to conduct such financial activities. This interest is well balanced with your own interest, as the data processing takes place within the strictly necessary limits of such economic activities. This data processing activity is optional and you may object at any time as described in Section 11 of this Policy.

Instead, the processing of your personal data for the other purposes:

  • In Section 3, point (i) is at your discretion, but without your consent it is impossible to link a social media service account to the Company Service, which means that you will need to connect to the Company Service using a different mechanism.
  • Section 3, points (j) and (k) is at your discretion, but without your consent it is impossible for the Company and / or third parties to provide you with general commercial announcements of the Company and services / products or announcements of third parties with based on your interests and needs and provide you with services under the same name.

You may revoke your consent to the processing of your personal data for the purposes of Section 3 (i) to (k) at any time by sending a notice to the e-mail address described in Section 11 below.

  1. WHAT ARE THE MEANS OF PROCESSING YOUR PERSONAL DATA

Your personal data may be processed in hard copy, by automated or electronic means, as well as by non-automatic means, including mail or e-mail, telephone (eg automated telephone calls, sms, mms), faxes and any other medium (eg websites, mobile applications) and protected by appropriate security measures, taking into account the latest technology, implementation costs and the nature, scope, context and purpose of processing as well as and the different probabilities and severity of the risk to the rights and freedoms of individuals. Specifically, the Company uses appropriate administrative, technical measures, personnel measures, and physical measures aimed at protecting the personal data in its possession from loss, theft and unauthorized use, disclosure or modification.

  1. WHO GET ACCESS TO YOUR PERSONAL DATA

The Company may disclose your personal data for the purposes of Section 3 above to the following categories of recipients located within the European Union or outside the European Union in accordance with and within the limits of the provisions of Section 7 below:

  1. Third party service providers who are in charge of processing activities and, where required by applicable law, are duly appointed as processors
    (eg cloud service providers, service providers that serve or support the Company Services and therefore, for example and without restriction, Banks, companies that provide
    technology and IT services, payment services, partners and providers of supply, transport and delivery services, service providers related to the service
    clients, partners and service providers related to marketing and advertising, experts, consultants and lawyers-companies resulting from possible mergers,
    splits or other conversions. Data processors appointed by the Company include providers of IT, payment and
    related to marketing and advertising, e.g. measuring visitor and customer satisfaction, statistical analysis, re-targeting, analysis for personalized promotions.
    In particular with regard to debit or credit card payment services within the European Union, this Consent shall include the information set out in Community
    Directive ……… PSD2 (EU 2015/2366) and may include, for the purposes of “strict customer authentication”, the intersection of two or more elements or information or unique
    physical characteristics that distinguish you, for the best safeguarding of your transactions from criminal activities. You can request from the Company a complete list of
    processing data assigned by the Company to the address referred to in Section 11 of this Policy and
  2. To the competent authorities for the purposes of compliance with applicable laws.
  3. TRANSPORTATION OF YOUR PERSONAL DATA ABROAD

Some of the processors listed in section 6 are located outside the European Economic Area, so your personal data may be transferred to countries both inside and outside the EEA, and in particular to the United States. Some providers in America are certified in the Privacy Shield, which certification can be checked at the following link:
https://www.privacyshield.gov/welcome. The European Commission recognizes that some countries outside the EEA provide an adequate level of data protection in line with EEA standards. The full list of these countries is available at http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm. For transfers from the EEA to countries that are not considered safe by the European Commission, we have established appropriate and appropriate safeguards aimed at protecting your personal data and transferring your personal data in accordance with applicable data protection laws, such as standard contractual clauses approved by the European Commission in accordance with Rules 45 and 46 of the Rules of Procedure and the contents of which can be found at the following link: https://ec.europa.eu/info/law/law-topic/data-protection/data -transfers-outside-eu / model-contracts-transfer-personal-data-third-countries_en

You also have the right to request a copy of the above measures and further information regarding your personal data by contacting the Company at the address listed in Section 11 of this Policy.

  1. WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL DATA

You can exercise the following rights at any time:

  1. The right of access which means that you have the right to receive confirmation as to the existence of your personal data and to be informed of their content and origin; and
    to access them
  2. The right of correction which means that you have the right to verify the accuracy and completeness of your personal data and to request the correction, the completion of incomplete with the purposes of
    editing, updating or modifying them
  3. The right to forget which means that you have the right to request the deletion of your personal data without undue delay, if there is a legal reason according to the Regulation, ie:
  4. Your personal data is no longer necessary in relation to the purposes for which the Company has collected or processed
  5. You revoke the consent you have given for the processing of your personal data and the Company has no other legal basis for the processing of them

iii. Have you objected to the processing in accordance with the Regulations and there are no compelling and legal reasons for the processing or are you opposed to processing for the purposes of direct commercial purposes?
Promotion, including Profile Training

  1. Your data has been illegally processed
  2. Your data must be deleted in accordance with the relevant legal obligation of the Company
  3. The right to ask the Company to restrict the processing of your personal data in case there is a legal reason according to the Regulation, ie:
  4. Question the accuracy of the personal data until we have taken the necessary steps to correct or verify its accuracy,
  5. Editing is illegal, but you do not want us to delete your personal information,

iii. We no longer need your personal data for processing purposes, but you need it to create, enforce or defend legal claims, or

  1. You have objected to the processing for reasons of legitimate interest pending verification as to whether the Company has compelling legitimate reasons to continue the processing.
  2. The right of objection which means that you can object to the processing of your personal data, if the request is lawful, including the processing
    of your personal data for direct marketing or Profile Training, if any.
  3. The right of portability, which means that you have the right to receive an electronic copy of your personal data, if you wish to transfer your personal data that you have provided to us,
    either to yourself or to another provider when your personal data is processed automatically and the processing or (i) is based on your consent either (ii) is necessary for
    execution of Company Services, and
  4. The right to lodge a complaint with the competent data protection supervisory authority, ie. the Hellenic Authority for the Protection of Personal Data (www.dpa.gr).

You can send your request to the address listed in Section 11 below. Include your email address, name, address, and phone number in your request, and clearly specify the information you want to access, change, update, remove, or delete.

We remind you that even after your account is canceled, or if you ask us to delete your personal information, copies of certain information from your account may remain visible in some cases where, for example, you have shared information on social media. or in other services or, for example, when the maintenance of such copies is necessary for the purposes of complying with legal obligations or for the purposes of legal defense. Due to the nature of caching technology, your account may not be immediately inaccessible to others. We may also retain backup information about your account on our servers for a period of time after your cancellation or deletion request, in order to comply with applicable law.

We also give you many options regarding the use and disclosure of your personal data for marketing purposes. You can revoke your consent regarding:

  • Receiving electronic announcements from us. If you no longer wish to receive marketing-related emails from us, you may opt out of receiving marketing-related emails either by unsubscribing from our newsletter or simply changing your preferences. in your user profile settings if you are a registered user or through the consent management tool available on our site if you are not a registered user. You can also send a request to the address listed in Section 11 of the Policy. In any case, the Company may continue to send you administrative announcements regarding the provision of the Company’s Services.
  • Sharing your personal information with business associates for their own marketing purposes. If you prefer not to disclose your personal information to business associates on an ongoing basis for their immediate marketing purposes, you may opt out of this disclosure or simply change your preferences in your user profile settings if you are a registered user. , either through the consent management tool available on our website, if you are not a registered user, or by sending a request to the address of Section 11 of the Policy.

In all the above cases, we may contact you and ask for more information, which is necessary for the proper processing of your request.

  1. FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA

We will retain your personal data only for the period necessary to fulfill the purposes for which the data was collected as described in this Policy. In any case, the following retention periods will apply to the processing of your personal data for the purposes set out below:

The data collected for the purposes referred to in Section 3, points a) to h) of this Policy are retained during the provision of the Company’s Services, plus the limitation period in accordance with applicable law, after the expiration of the Company Services. The data collected for the purposes of Section 3, point i) of this Policy is retained for the period of time required to connect to the Company Services through a social network.

The data collected for the purposes of Section 3, point j) and k), ie for marketing and Profile Training purposes will be kept by the Company from the moment you provide your consent until the moment you withdraw your consent. Upon revocation of your consent, your personal data will no longer be used for the above purposes, however they may continue to be held by the Company, in particular as required to protect the Company’s interests associated with possible liability in connection with such processing. , unless further relevant clarifications are provided by the competent supervisory authority.

At the end of the retention period, your personal data will be canceled, anonymized or destroyed.

  1. UPDATES IN THIS POLICY

The Company may amend or update this Policy for any reason (including, but not limited to, changes in applicable law and interpretations, decisions, opinions and mandates relating to that applicable law.)

See the Effective Date at the top of this Policy to see when it was last revised. Any changes to this Policy will be notified in advance by posting the revised Policy on the Company’s website, flowersmarianna.gr.

  1. CONTACT US

If you have any questions regarding this information, please contact us at the following e-mail address info@flowersmarianna.gr.