1. Who will use your Personal Data
The mobile application Gruppo Cucine AR will use your personal data in its capacity as a Data Controller.
You can contact us online at firstname.lastname@example.org.
If you have any questions regarding the processing of your Personal Data, if you would like to use any of your rights or have a complaint regarding your Personal Data, you can contact our Data Protection Officer either by phone or by post mail to the address of the "company" with the indication of the Data Protection Officer or by email at email@example.com
2. What personal data do we use
The "company" collects and keeps exclusively the personal data that you disclose to it by entering the requested personal information in the respective fields and / or your answers in the context of specific actions that it carries out and you can voluntarily participate and are the minimum necessary for proper operation of the application and the services it provides.
In the context of the obligation to safeguard and protect the information of its customers and associates, the "company" undertakes to protect and use in an appropriate manner the personal data collected either online from this application or through communication / cooperation with any third party.
The company collects only the personal data provided voluntarily by the application users, so that we can satisfy their respective requests, so that we can provide them with information about our products and services, by sending information material (mail, newsletter, etc.) and to serve them in the best way. Where additional, optional information is sought, you will be notified at the time of collection.
This personal data falls into the following categories:
a) Identity data: include name, surname, title, etc. If you contact us via social media, the username of the social media may also be included.
b) Contact details: include shipping address, delivery address, email address and telephone numbers.
c) Transaction data: include payment details from you and other details about the products you have supplied from us.
d) Technical data: includes your internet connection address (IP address), your browser, your location, your operating system and other information about the device you are using to access the application.
3. Collection and purpose of personal data processing
The collection of personal data takes place only if you voluntarily choose to provide it, for example, in person or by email or if you register as a customer of the "company" products and services or if you participate in various actions / competitions on social media and / or as users of the Gruppo Cucine AR application.
The use of the products and services provided by the application including the provision of online ordering services of our products and services, presupposes the possibility of communication with you. Therefore, it is necessary during your registration to state the true personal data that will be requested from you.
By registering for the services provided by the application you also consent to the storage and use of your personal data, in accordance with this Statement.
The purpose of the collection, use and processing of your personal data is:
(a) the provision of the services and products you request through the application, for the download of which their use and / or processing is required, e.g. Online orders, and the consequent implementation of contractual obligations, in the context of execution, delivery and pricing of orders under the best conditions and in the most efficient way,
(b) the provision of personalized services and the facilitation of the ordering process, with the aim of facilitating the user and / or ensuring that the content on the website is presented in the most efficient way for you and your computer. The legal basis for the processing of personal data for this purpose is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR)
(c) in addition, but only with your voluntary consent which is the legal basis for processing in accordance with Article 6 (1)
d) of the GDPR regulation: the promotion of the products and services provided by the "company", especially through the application and our website (www.gruppocucine.gr), and the receipt of advertising information material (direct marketing) by the "Company".
Your data may in any case be processed, even without your consent, for compliance with laws, regulations, EU law (Article 6 (1) (c) of the GDPR), for obtaining statistics regarding the use of the application and its proper operation (article 6 paragraph 1 (f) of the Regulation), and the securing or defending of legal claims in the interest of the Company.
Personal data is entered into the Company's IT system in full compliance with data protection legislation, including security and confidentiality profiles, and is based on principles of good practice, legality and transparency regarding processing.
The data are stored for as long as is absolutely necessary to achieve the purposes for which they were collected. In any case, the criterion used to determine this period is based on compliance with the deadlines set by law and the principles of data minimization, storage limitation and rational file management.
All your data will be processed in printed or automated media, ensuring in each case the appropriate level of security and confidentiality.
Your personal data is not used for purposes other than those described in the Declaration, unless we obtain your prior permission, or unless otherwise required or permitted by law.
The "company" collects "sensitive" personal data only when you voluntarily provide us with such data or when such data is required or their collection is permitted by law.
We advise you to refrain from providing sensitive data, unless required to do so for the purpose of providing personal data or if you hereby consent to the use of this data.
The "company" may ask you to provide certain personal data to send informational messages about products and services and / or related offers and announcements. It may also ask your permission for certain uses of your personal data and you may either consent to or deny such uses. If you want specific services or communications, such as a newsletter, you will be able to unsubscribe from the relevant recipient list at any time by following the instructions in each communication. If you decide to unsubscribe from a service or communication, we will try to delete your data as soon as possible, although we may need some time and / or information before we can process your request.
4. Persons who have access to Personal Data and Transmission of Personal Data
The Data is processed by electronic and manual means in accordance with the procedures and practices related to the aforementioned purposes and is accessible by the staff of the Processor who is authorized to process the Personal Data and the supervisors and in particular the employees belonging to the following categories: technical staff, IT staff and administrative staff, product managers, and other staff members who have to process the data in order to perform their duties.
The "company" does not transmit personal data to third parties.
In some cases, the "company" may share your personal data with various companies or service providers that work with it, in order to respond to your requests or to natural or legal persons entrusted with the execution of the processing, provided that we will notify you in advance and receive your prior consent. People who have access to the data are required to maintain the confidentiality of that data.
The Data may also be communicated to countries outside the European Union ("Third Countries"): (a) institutions, authorities, public bodies for institutional purposes, (b) professionals, independent consultants - whether working individually or collectively - and others third parties and providers that provide the Data Processing Operator with commercial, professional or technical services required for the operation of the application (eg provision of IT services and Cloud Computing) for the purposes mentioned above and for the support of the Company in the provision of and (c) to third parties in the event of mergers, acquisitions, transfers of undertakings or their subsidiaries, audits or other extraordinary operations.
The mentioned recipients receive only the necessary data for their respective functions and duly undertake their processing only for the purposes mentioned above and in accordance with the data protection laws. The Data may also be disclosed to other legal recipients specified from time to time by applicable laws. With the exception of the above, the Data will not be disclosed to third parties, natural or legal persons, who do not perform commercial, professional or technical duties for the Controller and will not be disseminated. The recipients of the data will process them, as the case may be, as Data Processors, Processors or persons authorized to process the personal data for the purposes stated above and in accordance with applicable data protection legislation.
With regard to data transfers outside the EU, even in countries whose laws do not guarantee the same level of protection of personal data privacy as provided by EU law, the Data Controller informs that the transfer will in any case take place in accordance with methods authorized by the GDPR, such as user consent, standard contractual clauses approved by the European Commission, selecting parties participating in international free movement programs or implemented in countries considered safe by the European Commission.
5. Your rights regarding Personal Data
If you wish, you can request at any time to be informed about your personal data held by the "company", their recipients, the purpose of keeping and processing them as well as their modification, correction or deletion, by sending a relevant electronic message to the address firstname.lastname@example.org from the email address you have stated. You also have the right to review the personal data we hold and in general to exercise any right provided by law for the protection of personal data.
The personal data that you disclose to us through the application either during your registration or at a later stage, are collected and used and processed in accordance with the applicable provisions on personal data protection. and specifically, in accordance with the provisions of Law 2472/1997 and Law 3471/2006, as in force but also of the new European General Data Protection Regulation (EU) 2016/679 as well as of Directive 95/46 / EC, on protection of personal data.
You maintain, at your request, in accordance with the provisions of Articles 15 - 22 of the GDPR:
Right to information about the personal data we hold about you.
Right to correct your personal data.
Right to fill in your personal data, provided that this data is necessary for the purposes of processing your data.
Right to delete your personal data. Some data will only be deleted after a specified retention period, for example because in certain cases we are required by law to retain the data, or because the data is required to meet our contractual obligations to you.
Right to seize your personal data: in certain cases provided by law, we will seize your data if you request it. Further processing of blocked data is done only to a very limited extent.
Right to withdraw your consent, which can be done at any time.
Right to object to the processing of your data.
You may at any time object to the processing of your personal data in the future, if we process your data on the basis of one of the legal justifications provided for in Article 6 §§ 1e) and 1f) of Regulation (EU) 2016/679. If you object, we will stop processing your data, provided there are no legitimate grounds for further processing. The processing of your data for advertising purposes is not a legitimate reason.
6. Security of Personal Data
The "company" applies specific technical and organizational security procedures in order to protect personal data and information from loss, misuse, alteration or destruction. Our partners who support us in the operation of the application and the digital infrastructure, also comply with these provisions. The company has ensured the compliance of the cooperating companies in the GDPR policy and is not responsible for any wrongdoing they do on personal data.
7. How we store data and for how long
According to Article 5 (1) (c) of the GDPR Regulation, the computers and software used by the Company are set up in such a way as to minimize the use of personal data and identification data. This data is processed only to the extent necessary to achieve the objectives set out in this Policy and will be stored for as long as is strictly necessary to achieve the specific objectives pursued. In any case, the criterion used to determine the storage period is based on compliance with the deadlines allowed by law and the principles of data minimization, storage limitation or rational management of our files.
8. Resolving complaints, grievances
According to the General Regulation of Personal Data, the "company" undertakes to resolve complaints or grievances regarding the collection or use of personal data.
In case you consider that the protection of your personal data is affected in any way, you can appeal to the Personal Data Protection Authority, 1-3 Kifissias, t.k. 115 23, Athens, www.dpa.gr
9. Revisions of the Declaration
The "company" reserves the right to modify or periodically revise this Statement, at its sole discretion. In the event of any changes, the "company" will record the date of modification or revision in this Statement and the updated Statement will be valid for you from that date. We encourage you to periodically review this Statement to see if there are any changes to the way we handle your personal data.