[Last update 06.09.2018]
In this context, if you have any questions or observations, please contact us via e-mail at firstname.lastname@example.org
The present Policy complies with the provisions of articles 13 and 14 of the General Data Protection Regulation (EU), and fulfills our obligation to notify and inform our users and customers regarding the personal data we process.
“BIG LITTLE ONES PRIVATE COMPANY” declares that the processing of the personal data of its users and customers is governed by the present Policy and the regulations of the provisions of the national and European law on the personal data protection, including those of the General Data Protection Regulation (EU) 2016/679 (GDPR) and makes a commitment that the present Policy and every practice pertinent to it will always be revised and adapted to the requirements of the respective law on personal data protection.
Specifically, we declare that:
- We process the personal data of our users and customers solely for the purposes for which they are collected and which are mentioned below or in any other way notified to our users and customers.
- We take any necessary measure, so that we can ensure that their processing will always be made in a lawful, fair and transparent way.
- We process the minimum data necessary for the above purposes and keep them for the time required for our business purposes or until the withdrawal of the consent of our users and customers.
ΙΙΙ. DATA CONTROLLER
The role of the Data Controller is undertaken by the private company under the company name “BIG LITTLE ONES PRIVATE COMPANY – SALE OF CHILDREN’S CLOTHING & HOME ACCESSORIES”, with headquarters in Vari, Attica (7, Panos street), TIN 800923670 /Public Finance Department of Glyfada (tel.: +30 210 8996210), which our users and customers can contact for any issue that may arise, regarding the processing of their personal data, via an e-mail at email@example.com.
ΙV. PERSONAL DATA
Which personal data we process
Our Company processes the following personal data of its users and customers:
- Full name and surname
- Mailing information – address
- Fixed and/or mobile phone number
- E-mail address
- TIN – Public Finance Department – Profession (in case a commercial invoice is requested)
- Date of birth
- Credit card number and expiry date, as well as the three-digit security code (in the case you choose to make payments via credit card). Your credit card data are temporarily collected during the transaction, without being saved; they are deleted from the company’s storage volumes. The users are directly redirected to a secure banking environment through the SSL protocol procedures.
- Bank account number (in case of a refund).
Moreover, during your visit to our website and e-shop, data are automatically collected (using cookies, google analytics and other technical methods), such as:
- The IP address (internet protocol address)
- Data regarding your internet browsing or in relation to the internet browser you use or in relation to your browsing on our website (website from which you visited us, date and duration of your visit to our website, type and configuration of the browser you use, operational system).
The aforementioned data collected are the minimum data required and are solely used for the purposes for which you provide them to us, i.e., where applicable, in order for us to manage your registration as a customer, to fulfil and implement the sales contract between us (e.g. sale, invoicing, delivery, complaints management), to respond to the requests you have submitted to us, for marketing purposes (e.g. sending information material), for the processing of a contest in which you have participated (e.g. announcement of the winners, notification of the winners, delivery of the gift).
How we collect your personal data
Your personal data are collected either directly by you, or using automated technical means, every time you:
- visit our website,
- use our services (product sales) via our e-shop, even in the case of a failed or incomplete order,
- register in the customer registration form,
- register in our form for the receipt of information material (newsletters) and other advertising – promotional activities,
- electronically complete the contact forms and, in general, the forms for the sales support (form for withdrawal from a sale, return of a product, etc.), as well as
- when you contact us via e-mail or by telephone for any reason.
Each time you enter the website www.biglittleones.gr or visit our e-shop, which is available via the above website, we collect your data, regarding the way you use our website (using Cookies), such as:
- Data (technical information) so that we can identify you once you sign in to our website (e.g. IP address, browser used, etc.).
- Geolocation data, e.g. wi-fi access point.
- Data on the pages you visited during your stay on our website.
- Data on your preferences, such as the language selected, the font, the page layout or the colours.
- Data on the products you selected (e.g. which products you added in your basket), even if your order was not completed.
- Number of visitors to our website, our e-shop, visit rate of each page of our website (anonymous traffic statistics).
- Traffic sources (i.e., which website guided you to our website).
However, we do not store in our Cookie data information about you, which could lead to your identification. We only store the unique session ID, which helps us recover the profile and user preferences on your next visit to our website. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, you must keep in mind that Cookies are necessary for the proper and undisturbed operation of our website and, in the case you choose to refuse them, you may not be able to use all our services.
Use of third-party Cookies
In addition, we may conclude contracts with third-party ad networks or platforms, including those that operate as social networks, such as Facebook, LinkedIn and Pinterest, which collect IP addresses and other information using cookies, web server logs and web beacons on our website and our e-mail, on websites and e-mails of third parties and on our advertisements on third-party websites. These providers use this information in order to create a profile about you and provide advertisements related to products and services adapted to your interests (including companies that are not connected to us). This process helps us manage and follow the effectiveness of our promotional actions.
Each time you visit our website, a notification regarding cookies will inform you about their use. They will be used only in the case you accept them or continue browsing. You may change the settings regarding cookies at any time, accept or reject these cookies, as well as be exempted from the aforementioned advertisement tools and marketing technologies. However, you must keep in mind that cookies are necessary for the proper and undisturbed operation of our website and their rejection or the adjustment of the preferences might disable certain operations of the present website.
Use of the SSL(Secure Sockets Layer) Protocol
Our website uses the SSL protocol for secure OnLine commercial transactions. Thus, all your personal data, such as your credit card number, your name and address, are encrypted, so that they may not be able to be read or modified during their electronic transfer via the web. The SSL protocol is currently the standard used globally on the internet for website certification and for the encryption of data between web users and web servers. An encrypted SSL communication requires that all information sent between a customer and a server is encrypted by the software sending the information and decrypted by the software receiving the information, thus protecting personal information upon their transmission. Moreover, all information sent using the SSL protocol shall be protected by a mechanism that automatically verifies whether the data have been altered upon transmission.
In the case you provide third-party personal data to us, such as, for example, in the case of a gift delivery to a third party or a payment using a credit or debit card owned by a person different than you who made the order, you guarantee that you have informed the said third parties for the purposes and the way we will process their personal data.
- PURPOSES / LEGAL BASIS OF PERSONAL DATA PROCESSING
We process your personal data for the following legitimate purposes:
|Registration as user / customer
The processing of the data you provide is necessary so that you can register as a user and we can manage your registration.
|User and customer consent|
|Provision of our services
Our main purpose for the processing of your personal data is the distance selling of our products through our e-shop. This indicatively includes:
· the drafting and implementation of a sales contract
· the payment and delivery of the products
· the communication for the handling of the order
· the communication for the general information regarding our products and your orders.
· the compliance of our Company with its legal liabilities (e.g. archiving for accounting and tax purposes)
|Implementation of a sales contract
This includes the processing of your data in the context of the communication between us (e.g. through the communication form, our call centre or via e-mail)
|Pursuit of the legitimate interest to respond to your requests / questions.
Implementation of a sales contract, when the communication is related to your order
|Advertising – Promotional activities
Provided that you have given your consent, we collect and process your personal data for the promotion of our products and services.
· sending newsletters and promotional – advertising messages regarding our products, our website, our company, our actions and commercial activities, offers, contests, etc.
· collecting and processing personal data using Cookies, google analytics, etc.
|User and customer consent
At any time, you may stop receiving updates by us, either using the respective deletion link at the end of the newsletter, or via the respective field in your account, or sending an e-mail at firstname.lastname@example.org
|Improving our services
We collect and process your personal data, so that we may collect useful information that will help us provide better services to you and improve our products. This includes the collection and processing of personal data using Cookies, google analytics, etc.
|User and customer consent
|Assistance of the public authorities when required by law
This includes the assistance of the public authorities in cases of investigation and eradication of criminal offences, etc., as well as our compliance with our tax liabilities and, in general, our liabilities to the public authorities.
|Compliance with a legal liability|
“BIG LITTLE ONES PRIVATE COMPANY” can further process your personal data solely, a) if the purpose of the further processing is compatible with the purpose of the initial collection of your personal data and b) if you give your consent for further processing for a purpose that is new and not compatible with the purpose of the initial collection of your personal data.
- RECIPIENTS OF YOUR PERSONAL DATA
For the fulfillment of the purposes mentioned above, specifically designated employees of our company have access to your data. Moreover, for the fulfillment of the above purposes, your personal data may be disclosed to the following categories of recipients:
- Cooperating companies related to the transfer and delivery of the products
- Professional service operators, e.g. marketing services, advertising services and website support, optimisation and hosting companies
- Service providers regarding the procedure for payment of our products
- Social media in the case you choose to connect your social media account to our website
- Auditors and professional advisors (e.g. lawyers, accountants)
- Suppliers of ours for any of your requests regarding their products
Please be informed that your data may need to be disclosed to the Cyber Crime Prosecution Unit, Consumer Protection services and/or anti-fraud services in cases of malicious use. If the disclosure of your personal data is required, we will notify you in order to receive your consent, except for the cases otherwise required by law or by any judicial decision.
Besides to the above, our Company will not disclose your personal data to others in any way without your prior consent.
- SECURITY MEASURES
Our Company has adopted procedures and sufficient technical and organisational security measures in order to protect your personal data against any unauthorised access or disclosure, loss or misuse, modification or destruction. Indicatively, we use the SSL protocol, as mentioned above, firewalls, antispam, antimalware and antivirus, while we implement protection policies as regards the physical access to the personal data of our users and customers.
VII. FOR HOW LONG PERSONAL DATA REMAIN STORED
Our Company stores your personal data for as long as required by the purposes of each processing.
More specifically, for the management of your registration as a user on our website, we will process your data for as long as you remain a registered user, i.e., until you decide to delete your account. This is also the case for sending newsletters.
In the case you purchase any of our products, your data will remain stored for as long as necessary for the implementation of the purchase contract, including any returns, complaints or claims related to this purchase and for our compliance with our legal tax liabilities.
In the case of your participation to any promotional actions / contests, etc., your data will be stored for the period during which legal guarantee claims may arise, so that the ex-post replacement of the relevant products or their exchange with others in case of a defect is possible.
In the case of communication between us, following a submission of a request / question from you, we will process your data for the time needed in order for us to respond to your request / question.
In addition to the above, we would like to inform you that we keep your data duly stored and protected for as long as any liability may arise by the processing of your data pursuant to the applicable law. Once the limitation period for any claim passes, we will delete the said personal data.
VIIΙ. USER – CUSTOMER RIGHTS
The awareness of your rights in respect with the processing of your personal data by our Company is very important for us. Thus, please be informed that you have the following rights:
- The right to be informed on the way we use your personal data.
- The right to access, i.e., you may ask for a copy of the personal data we keep for you.
- The right to rectification, i.e., you may request us to rectify your personal data that may be incomplete or inaccurate.
- The right to erasure (right to be “forgotten”), i.e., under certain circumstances you may request that we delete your personal data (except for the case there is a legal reason prohibiting it)
- The right to restriction of processing of your personal data.
- The right to data portability, i.e., you may request a copy of your personal data in a common file form and disclose them to another company.
- The right to objection to the processing of your personal data, e.g., for purposes of direct commercial promotion.
- The right to be excused from the force of resolutions based on an automated processing, including profiling, which would lead to legal effects related to you or significantly affect you in any other way of similarly significant extent.
- The right to lodge a complaint with the competent supervisory data protection authority.
In case you have any questions relevant to the processing of your personal data or you wish to modify your personal data or to practice any of your rights mentioned above, you may contact us at email@example.com. You are kindly requested to be as specific as possible in your questions – requests, so that we may be able to respond to them properly.
You will not need to pay a fee to access your personal data or to exercise any of your rights, unless your request is unfounded, repetitive or extravagant. Please be informed that we may request some additional information in order to verify your identity when you request to access your rights or to exercise any other right of yours; this is a security measure so that your personal data are not disclosed to third parties. We will take any measure possible to immediately respond to any of your requests, in any case within one (1) month from the submission of your request; in case we need more time due to the complexity or the number of requests, we will let you know.
- ACCEPTANCE OF THE PRESENT POLICY
In case you choose not to accept the terms of the present Policy as regards your personal data, or in the case you withdraw your acceptance, then, if need be, you may not be able to use some of our products or services, for which the provision of consent for the processing of your Personal Data is obligatory, or the contractual relationship between us may not be able to begin or continue.
Χ. PERIODIC CHANGES