The preservation of the Consumer’s Personal Data is our absolute priority. The management and protection of personal data is governed by the terms of this convention and the relevant provisions of both Greek and Community and international law on the protection of individuals from the processing of personal data, as well as the Resolutions of the Authority for the Protection of Personal Data, which we respect and abide Any future modification to the above regulatory framework, will be the subject of this Convention. In order to offer you the best and most qualitative services, we collect personal information upon your explicit consent and after you have been fully aware of your rights as provided in the provisions of GDPR Regulation 679/2016 and this interpretative Greek Law on the Protection of Personal Data data. Our primary concern is the provision of high standard services with respect for the rights, fundamental freedoms, privacy and privacy of the users of our website, so we take all the necessary and necessary measures under the law, adopting modern technological processes, advanced technical equipment, and software.
Visitors and users of the website services during their tour on websites may be required voluntarily to provide information and data relating to them in order to subscribe to services, make orders for products or services, receive updates, and enjoy the services offered on the youherbit.com website. Personal data is collected by us only if you subscribe to our services as members and you are limited to the full name, email address, address (street, city, postal code), contact phone number and invoice numbers (VAT ID). At the same time, we ask for some information, such as a mobile phone number (if necessary, to contact you directly). You expressly agree to the collection and processing of the above personal data, without which we can’t offer you our services and you can revoke or modify it at any time (Article 7 of EU Regulation 679/2016). We retain the right to change the terms of protection of personal data without notice, in accordance with the applicable regulatory framework. Please, as you periodically check these terms for any changes, as your continued involvement in our services implies acceptance of any possible modifications.
Personal data includes all information regarding the subject of the data, with the exceptions provided for in the law. Personal data (Simple and Sensitive), pursuant to Article 4 (1) of the EU Data Protection Regulation 679/2016, is: any information about identifying or identifiable natural person (“data subject”) an identifiable natural person is one whose identity can be ascertained, directly or indirectly, in particular by reference to an identifier such as a name, an identity number, location data, online identity identifier, or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. The simple personal data is all non-sensitive. The processing of visitors ‘and users’ personal data is any act or set of operations carried out with or without the use of automated means, personal data or personal data sets such as collection, registration, organization, structure, storage, adaptation or alteration, retrieval, search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, erasure or destruction (in accordance with Article 4 (2) of the Regulation 679/2016 EU). The processing of user data by our Company is private. Our Company takes appropriate organizational and technical measures to protect the data of users and protect them from accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access and any other form of unfair treatment.
The Company, acting in accordance with the principles of legality, objectivity, accuracy, transparency, integrity and confidentiality, purpose limitation, minimizing and limiting the storage period, processes the data of the users that it acquires with legal (Article 5 of EU Regulation 679/2016), solely subject to the consent of the data subject user. The Company declares that it lawfully processes the data of the users it collects in a manner that is legitimate and lawfully, for defined, explicit and legitimate purposes and which are subject to fair and lawful processing in view of these purposes.
Aims that justify processing are inter alia the execution of the users’ orders of this website, the requested information of the users through a newsletter and the generally more efficient provision to them of the offered services of the Company.
The processing is limited to the absolutely necessary measure by collecting no more data than is required for processing purposes each time and is accurate and, if necessary, updated and kept in a form that allows identification of the subject only during the period required for the purposes of collecting and processing them (Articles 5, b, c and e, Regulation 679/2016 EU). Our Company archives contracts with the users – users of this website, within the institutional frameworks and with a view to the smooth handling of the orders. Users can access them if specifically requested.
Unique, limitative cases listed in the law (No. 6 (1) of Regulation 679/2016 EU), in which our Company may process the simple data of the users without their consent, are the following:
a) Processing is necessary for the performance of a contract to which the data subject is a party or for action to be taken at the request of the data subject prior to the conclusion of a contract.
b) Processing is necessary to comply with a legal obligation of the controller.
c) Processing is necessary to safeguard the vital interest of the subject or other natural people if it is physically or legally incapable of giving his consent.
d) Processing is necessary for the performance of a task carried out in the public interest or in the exercise of the public authority entrusted to the controller
e) Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party unless such interest overrides the interest or the fundamental rights and freedoms of the data subject who require the protection of personal data, the subject of the data is a child.
Furthermore, processing of data by our Company is also permitted when: the user, after being informed of the type of data, the purpose and extent of the processing, the recipients or the categories of recipients has consented or the processing is necessary for the performance of the contract, in which the user is a party, or for taking measures at the pre-contractual stage, at the request of the subscriber even without the consent of the user (Article 5, paragraph 2 of Law 4771/2006).
The design and choice of technical means and information systems, as well as the equipment to provide our users with the services of our Company, are based on the processing of as few personal data as possible. The authorized storage and processing of the above are indicative of the user’s information, the processing of his order, the provision of requested services and any action under the user’s contract with our Company. The sensitive personal data of the users, as described in the law, are not collected by the Company in any way. By way of exception to this rule, the Company may collect and process sensitive personal data under the strict, strictly statutory conditions (Article 9 (2) of Regulation 679/2016 EU).
Consent of the data subject is any indication of will, free, specific, explicit and in full knowledge of the data, subject indicating that he agrees, by a declaration or with a clear positive action, that the personal data concern.
This information shall include, at least for the purpose of the processing, the data or categories of data concerned by the processing, recipients or categories of recipients of the personal data, as well as the name, name, and address of the controller and any his representative. Consent can be revoked at any time, with no retroactive effect (Article 7 (1) to (4) of EU Regulation 679/2016). The document type is not required to consent to edit simple user data, so consent can also be given electronically in any convenient way.
Users of this website at the data collection stage are informed appropriately and clearly about the purpose of the processing and the recipients of their data. Users enjoy the statutory rights to their personal data, among other things they have the right to information, access to their data and objections in the specific provisions of the law (Articles 12-15 of EU Regulation 679/2016). Specifically, the data subject has the right to require the controller without undue delay to correct inaccurate personal data concerning him/her and to request the deletion of such data (Articles 16-17 of Regulation 679/2016 EU). Users also have the right to transfer their data to another processor without objection from our Company (Articles 18-20 of Regulation 679/2016 EU). To exercise these rights, you can contact with us at email@example.com.
Credit card details are not stored in our company’s storage media during the transaction but are posted directly to a secure environment of the partner bank payment service that has undertaken the routing of the cards.
Our company has the right to retain personal data collected or processed for a minimum amount of time. All failed and incomplete orders are deleted after 30 days, while successful orders are kept for 24 months. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Our Company respects the Secure Sockets Layer (SSL) protocol, which is today the global standard on the Internet for the certification of websites to network users and for the encryption of data between network users and web servers. An encrypted SSL communication requires all information sent between a client and a server to be encrypted by the sender software and decrypted by the receiving software, thereby protecting personal information when transferred. Furthermore, all information sent under the SSL protocol is protected by a mechanism that automatically verifies whether the data has been changed during transport.
a) The absolutely necessary cookies: The necessary cookies are essential for the proper functioning of the website, and allow users to browse and use the functions of this website in a busy way (eg session cookies). These cookies do not detect and store your individual identity while being deleted when you leave the site. Without these cookies, it is not possible to operate the website effectively. Additionally, without these cookies, features such as logging into a user-created account, online product purchases, and online payments are impossible.
b) Performance cookies returns are related to collecting information about user behavior when navigating the site and storing information on usage and performance statistics, etc. The purpose of these cookies is to collect information that improves the site and browses it.
c) Usability cookies store usage details of this website that appear on a subsequent visit to it, thus facilitating the user. This data is not available when the third party visits the user.
The Services of our site may include links to third party websites in the future that our users may be transferred to. We inform you that we are not responsible for the privacy practices of such third-party websites. We urge our users/visitors to read the data protection statements/policies of any third party website to which they are linked from our site.
Visitors-users of the youherbit.com web site when providing their information in the context of their transactions with the store, member registration and any other case, are informed, consented and accepts the processing of their personal data for the needs of smooth processing the transaction and the proper provision of the services of this site.
The voluntary registration by our users of our online store of personal data entitles our Company to process these data in order to execute the orders and provide the requested services to the users. Visitors to the youherbit.com website with this listing provide their legal consent to the processing of their personal data provided by the Company under the law.