Privacy Policy

Update on E processing of Personal Data

The company with the name "CHRISTOPOULOU TH. & SIA EE" , (hereinafter Company ) located in Patras, at 355 Akrotiriou Street and 1 Krestainon Street, with TIN. 800982472, with ARGEMI: 146269616000, considers the protection of your personal data to be of primary importance. In this context and as Head of Processing, the Company determines the purposes and how to process them according to Regulation (EU) 2016/679 of 27 April 2016 "On the protection of individuals with regard to the processing of personal data, on the free movement of such data" (General Regulation on Data Protection) (hereinafter "GKPD" the GDPR ) and generally applicable legislation.

Below, we provide you with useful information regarding: What data do we process, for what purpose and on what legal basis - How long do we store your data - Who are the recipients of your data - What are your rights and how can you exercise them - What are our legitimate interests - What applies for your consent when necessary-


THE Company Based on the legal framework for data protection, the focus of which is the General Data Protection Regulation (GDPR), is the Data Controller you provide to us. We consider the management of your personal data a very serious matter and that is why we make every effort to fully comply with all the rules of their processing, as they arise from Greek and European law.

We collect some information about the visitors of our website and the final buyers of our products / services which (information) can lead to the direct or indirect identification of a person. According to the current legal framework, this information constitutes personal data, you as visitors or buyers.

2. Principles of Personal Data Processing

THE Company undertakes to process your data in a fair and transparent manner, always in accordance with the applicable legal framework, as reflected primarily in the General Data Protection Regulation (GDPR), following the following basic principles established by the Regulation:

- We collect and process your data only for specified, explicit and legitimate purposes

- We collect and process only the data that is necessary for the purposes we set

- We make every effort to ensure that your data is accurate, giving you, as the case may be, the possibility of correction / deletion

- We retain your data for a period of time which is required for the purposes we set

- We make every effort to protect the security of your data from unauthorized or illegal processing and accidental loss, destruction or damage.

As part of the data protection we process, we implement a number of appropriate technical and organizational measures, adopt internal security policies, properly train our staff, who are committed to maintaining confidentiality and confidentiality, while utilizing a range of technologies that ensure the security of your data. As required by the principles of information security and data protection, technical and organizational security measures are regularly monitored and, if necessary, updated and adapted to new best practices.

  1. Categories of Personal Data collected

THE Company collects and processes the Personal Data necessary for the service of specific purposes related to the fulfillment of its legal, regulatory and contractual obligations and in order to provide you with its products and services. Necessary the Company clarifies that depending on the relationship it maintains with each of you, the range of data it collects also varies.

In particular, the Company collects and processes:

a. Identification Data: e.g. first name, last name, patronymic, first name, date of birth, police ID / passport / diploma number, TIN,

b. Contact Information: e.g. address, email / mail address, telephone (work, home, mobile) / fax numbers

c. Payment Details: e.g. bank accounts, debit / credit and other bank cards

d. Warranty Data: data necessary for the management of the guarantee contract (eg [if applicable] type of damage, documents necessary for the control of coverage, other relevant documents of reported damage)

e. Cancellation Data: data necessary for the management of the requirements of the contract of sale, such as its cancellation or legal requests that arise during its execution.

f. Other Data : IP address, date and time of connection to the website.

4. How to Collect Your Personal Data

THE Company collects Personal Data concerning its customers through the process of ordering a product. Upon submission of the relevant Order Request by the interested party, the declared data are registered in a special card, which is kept in the central electronic database maintained by the Company , and the printed orders are kept in the secretariat of our physical store.

THE Company collects Personal Data during your communication with it either through the Contact Form available on the site, or by subscribing to the Newsletter, or during personal meetings (eg visit to our physical store). In this case, your consent is required and will be requested with positive action, before sending your message, before subscribing to the newsletter or before expressing interest in one of our products or services.

THE Company automatically collects your IP address when you visit its website, even if we cannot identify you as a page.

  1. Purpose of Personal Data Collection:

The purposes for which the above personal data are processed are the following:

A. Her information Company for the intention of the applicant (data subject) to draw up a sales contract.

B. The provision to the subject of the data reminders and instructions regarding its services Company and the rights and obligations of the parties at the pre-contractual stage prior to the drawing up of the contract of sale.

C. The conclusion and management of the contract of sale throughout its validity or even after its completion, the communication and information of the subject, in the context of the execution of the contract.

D. Its compliance Company with obligations imposed by the applicable legal and regulatory framework, including indicatively of the fight against terrorism, compliance with court decisions and response to requests from public authorities (including those outside the country of residence of the subject).

E. The analysis and management of other business risks, the management of complaints and comments, in the context of compliance Company with a legal obligation, as well as customer satisfaction research.

F. The establishment and exercise of its legal rights Company to defend its legitimate interests in accordance with its internal policies and procedures, including those relating to the pricing of its products and services, data and application hosting, data analysis, file management and internal control procedures; framework of satisfaction of its legal interests Company .

G. Its commercial promotion Company , which will be able to send sms, emails and call the data subject by phone (provided he / she gives his / her consent) to inform him / her about new products and offers.

It is expressly stated that the subject is entitled not to give his consent for the purpose of such processing (commercial promotion), regardless of any consent for any other of the above processing purposes.

The provision of personal data by the subject to Company is necessary for the conclusion and subsequent execution of the contract of sale. The subject is not obliged to provide them, but is informed that the non-provision of personal data that is absolutely necessary for the conclusion or execution of the contract, respectively, may mean that the contract cannot be concluded or performed in any of the aspects (eg refusal to issue VAT, implies inability to issue an invoice).

  1. Legal Basis of Processing

According to the applicable legislation for the protection of personal data, the legal bases on which the data are processed are, as the case may be, the following:

- Article 6 par.

- Article 6 (1) (b) of the GIP, since the processing is necessary for the execution of the contract of sale, of which the customer as data subject is a contracting party,

- Article 6 (1) f of the GCC, ie the service of the purposes of its legal interests Company for its effective operation, as these legitimate interests are described in the purposes above

  1. Transfer of Personal Data & Categories of recipients

THE Company may transmit the data (absolutely necessary each time) to other organizations if this is necessary for the execution of your contract, such as in case the product you ordered will be sent to you through a courier company. It will transmit the data, also to the State as well as to Judicial and Prosecutorial Authorities, when required by law. In addition, it will transmit the data to its affiliates Company providers in the legal operation of the contract of sale, lawyers, accountants, bailiffs. It is mentioned that the relevant transmission to public bodies is a legal obligation Company according to article 6 par. 1 c of GKPD.

8. Manner and Duration of Personal Data Retention

Your data is stored in the company's system and we take care of their safe keeping. The management of the server is carried out with the appropriate methods, exclusively and only by strictly limited staff of the Company itself, without the mediation of third parties.

As a general rule, we retain your data exclusively for a period of time, which is necessary for the respective processing purpose. There are clearly certain storage periods for each data category and it depends on our relationship (eg the execution of the sales contract, if you are a member of our website), your wishes (eg if you requested their deletion), the existence of a legal obligation (eg tax information). The rules for determining the retention period arise from ensuring the rules for data protection, the principle of limiting the storage period, the best practices of the space and the preservation of the smooth operation of the Company.

However, in addition to the parameters set by the same Company, there are conditions set by the competent authorities that must be taken into account. For example, if you have purchased one of our products, we retain the relevant tax information, as required by law, for a period of at least five years. Please note that even if you request the deletion of your data, we may retain some of it solely for the purpose of establishing legal obligations or for establishing, exercising and upholding legal claims.

  1. Subject Rights and How to Exercise

Based on the General Regulation for Data Protection you have a number of rights in relation to the processing of your data by the Company. Specifically, as to Company , you have the:

  • Right of access, ie to submit a request to be informed if we are processing data and, if so, what it is, and some other information, such as e.g. the purpose of processing, the recipients etc ..
  • Right of correction, ie to request the correction or completion of your data.
  • Right to delete, ie to request, under certain conditions, the deletion of your data.
  • Right to restrict processing, ie to ensure, under certain conditions, the limitation of the processing of your data by us.
  • Right of objection, ie to oppose at any time the processing of your data based on our legitimate interest (commercial promotion).
  • Right to data portability, ie to request the data you have provided to us in a structured, commonly used and machine-readable format, if this is deemed technically feasible under the provisions of the GDPR.
  • Finally, in the event of a data breach, which may jeopardize your rights and freedoms and if it does not fall within one of the exceptions provided for in the GDPR, we have an obligation to notify you without undue delay.

Compliance with the legal framework for data processing and, in this context, the exercise of your rights, is a priority for the Company. For this reason, we have the right to request the provision of additional information, which is necessary to confirm your identity before exercising your rights. In principle, we are obliged to respond to your request immediately and within one month at the latest. If necessary, taking into account the complexity of your request and the number of pending requests, this deadline may be extended by another two months. In any case, we will inform you as soon as possible and, in any case within one month from the submission of your request, about its development and the reason for the possible delay of its satisfaction. In case your requests are manifestly unfounded or excessive, especially due to their repetitive nature, the Company may either impose a reasonable fee, taking into account the administrative costs for providing the information or the announcement or execution of the requested action, or refuse to follow up on your request. In case you consider that we do not comply with the legislation on personal data protection, you have the right to file a complaint to the competent supervisory authority (in Greece the Personal Data Protection Authority). For any questions or issues you may have regarding the protection of your data by us, please do not hesitate to contact us at .

10. Social Media

THE Company has official accounts on the following social media: Facebook, Twitter , Instagram

With the help of each of the above platforms we collect and process some of your data (such as the username you use and your photo). The purpose of the processing of all the data we collect about you, whether anonymous or not, is to provide information about our content or to communicate with you, responding to the messages you send us. The legal basis for processing is your consent. Provide your consent by liking our pages and you can revoke it just as easily, in exactly the same way (unlike). Your consent implies acceptance of our data protection policy, which is set out in a visible and easily accessible place on each page. If you do not agree with our policy, you must revoke your consent appropriately (unlike). Based on the above (and a decision of the EU Court), the Company is considered jointly responsible for processing your data together with the social networking platform. In order to ensure more complete protection of the rights of people who visit our pages on social media, we strictly comply with our obligations regarding the protection of personal data. In particular, the management of social media is part of our internal privacy policy. In this context, we implement a number of appropriate technical and organizational measures, such as restricting access to media management, to ensure the secure processing of data. As required by the principles of information security and data protection, technical and organizational security measures are regularly monitored and, if necessary, updated and adapted to new best practices. Important Note: We are not responsible for the manner or means by which each of the above platforms processes your data. Find out about the policy of these media from the respective links of Facebook, Twitter, Instagram.

Comments on social media

THE Company encourages users to comment on the posts and / or pages they maintain on social media, in an open dialogue with respect for different points of view. THE Company has no general obligation to control the content submitted by the users of these media, however it makes efforts to ensure a secure online environment. Therefore, its managers Company have the right to remove any kind of content deemed to violate the terms of use of the website, such as content that is abusive, obscene, pornographic, threatening, advertising or infringing on intellectual property rights or contains a false statement about the user, while maintaining the possibility of excluding users who submit it. In case you consider user content hosted on its pages Company on social media offends or otherwise violates our terms of use, please contact its administrators immediately.

  1. Cookies

Cookies are pieces of information in the form of very small text, stored in the browser you use on your PC on your Smartphone & tablet (Chrome, Mozilla Firefox etc), helping the most efficient operation of our site. Cookies do not in any way cause harm to users' computers or to the files stored on them. The information stored in cookies is used for identification & optimization purposes, and is categorized as follows:

Required Cookies: They allow the execution of basic functions of the site for the provision of the internet service that the user has requested, such as the addition of products to the cart, the electronic payment and the storage of products in the wish-list. Without these absolutely necessary Cookies, the smooth operation of the online store is immediately affected, but also your personal browsing experience is degraded since basic functions of e-commerce are under-functioning.

Functionality cookies: These cookies "memorize" your preferences when you browse our site, so we can recommend the right products based on your needs. With these cookies you enjoy a personalized version of our online store so you can find what you are looking for much easier. We do not collect cookies in this category, unless you specifically provide us with your consent, and at any time you have the opportunity to change the selection settings (to withdraw your consent).

Cookies Statistics: Statistical cookies or analytics cookies are a subset of functionality cookies and enable us to evaluate the effectiveness of the various functions of our site in order to continuously improve the experience we offer you. We do not collect cookies in this category, unless you specifically provide us with your consent, and at any time you have the opportunity to change the selection settings (to withdraw your consent).

Promotion Cookies: Promotion cookies are used to promote ads that are more relevant to the user and his interests. They are also used to send targeted advertising aimed at reducing bulk, unwanted and pointless advertising messages. We do not collect cookies in this category, unless you specifically provide us with your consent, and at any time you have the opportunity to change the selection settings (to withdraw your consent).

In addition, we must clarify that cookies are often collected by every web browser you use (web browser, eg Google Chrome, Mozilla Firefox, etc.) and contain anonymous information, which concerns the websites you visit and the devices you use. Continuing to use it our website without changing the default settings, you agree to the use of the cookies of each web browser and we advise you to carefully read the privacy policy of each browser.

  1. Minors

Our content and services are aimed solely at people over the age of 18 and we do not knowingly collect any information about people under this age limit. If you are under 18 years old, you are not allowed to submit your information to us in any way. As it is not technically possible to effectively control your age in all cases, we undertake, in the event that the submission of personal data concerning minors is reported and verified, to delete all relevant information immediately. This deletion is without prejudice to the need to comply with the data in case of establishment, exercise or support of our legal claims, or the provision of consent by a guardian.

  1. Changes in policy and information

Effective protection of your personal data requires the systematic monitoring of our policies and procedures. At the same time, our desire to provide better services means that we are constantly striving to improve our practices and adopt new ones, always with respect to your personal data. Therefore, this Privacy Policy is subject to change at any time without notice. Guided by the principle of transparency, we are committed to informing you of any significant changes in our policy. In any case, however, you should check our policy at regular intervals, as the use of our services implies your acceptance of it.

14. Contact:

If you have any questions about our Policy or the way we process your data in general, we have designated Ms. Christopoulou Cleopatra as the Subjects and you can contact us by email: or by phone at 2610.520140, or at the address Patra, 355 Akrotiriou & Krestainon 1.

In any case, you have the right to complain to the Greek supervisory authority "Personal Data Protection Authority" (