1. What personal data we collect
OpenShop Foundation processes, in accordance with Regulation 2016/679 of the European Parliament and the applicable national law L.4624/2019, the personal data you provide to OpenShop Foundation regarding the purchase of goods, the use and purchase of services (e.g. when ordering products from the online store, sending a newsletter or handling a claim through call centre claim). We do not collect personal data that discloses racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic data, biometric data processed solely to identify a person, health data and any other sensitive data established by the current legislation on data protection. We collect contact information and other personal data that you provide to us when you communicate with us through a variety of methods (e.g., when you send an email or message via the contact form, when you make a phone call or attend a conference call, when you create a Partner account or have a business transaction with us).
2. For what legitimate purposes can we use your personal information
We may use your personal information for the following purposes:
- Provision of services and technical support.
- To inform our partners about our products and services.
- To manage and improve our products and services.
- To improve the quality of our products and services.
- Carrying out promotions and communication with our partners.
- For internal purposes and solely for the purposes of service, fraud and abuse prevention or other public security-related purposes.
3. How do we keep your personal data secure
We have taken the necessary technical and organizational measures to prevent unauthorised access or disclosure and to ensure the proper use of your personal data. In the collection, processing and storage or transmission of sensitive data such as financial information, we use access control mechanisms and security procedures and encryption technologies to protect personal data from unauthorized access, use or disclosure. OpenShop Foundation retains data for as long as required or permitted by law and as long as the data continues to have a legitimate business purpose.
4. How we share your personal data
OpenShop Foundation discloses personal data solely for the purposes of implementing sales and service contracts, and only to affiliated companies that have been assigned a part of the contract, such as suppliers of products and services, authorised representatives, shipping companies and other partners. In these cases, the OpenShop Foundation remains responsible for the processing of personal data, defines the details of the processing and concludes a specific data processing contract with the partnering companies that meet the specifications and requirements set out in the applicable legal framework protection of personal data. Your personal data is treated with complete confidentiality. Employees who process personal data are bound by a confidentiality clause or are subject to an appropriate regulatory obligation of confidentiality.
5. Your rights in relation to your personal data
Every individual working with OpenShop Foundation enjoys the following rights to control and manage their personal data:
- You have a right to know what kind of personal data we hold.
- You have the right to request the correction of your personal data we hold.
- You have the right to request the deletion of your personal data we hold.
If you want to exercise your rights regarding your personal data or if you have any question, please contact us via the contact form or email firstname.lastname@example.org.
6. Protection of personal data related to children
OpenShop Foundation does not consciously collect personal data from children, as defined by local law. Our products, services and all our promotions are aimed at legal entities and individuals with valid and active professional VAT ID who have reached the age of 18 years.
8. Authority for Personal Data Protection
If you have questions about the legal framework on the protection of personal data or if you believe that your rights may be violated, you may contact the Data Protection Authority, Kifissias Avenue 1, Athens 11523, phone 2106475600 or at www.dpa.gr.