PRIVACY POLICY

We take your privacy seriously and want to be transparent about how we process your personal data. For this reason, we maintain a policy that defines how your personal data is processed and protected. We respect your privacy rights and recognize the importance of protecting your information. Whenever you provide us with your personal information, we will use it in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws, and for the purposes set out in this policy, in the registration forms you completed, and in all relevant terms of use and conditions.

1. Who collects your personal data?

The Greek company Kissart is the controller of the personal data you provide to us and is responsible for the security of your data under data protection law.

2. Why do we use your personal data?

We use your personal data:

• to manage your online purchase, i.e. to process your orders and returns through our electronic services and to send you notifications about delivery status or in case of any problems during the delivery of your items.
• to process your payments.
• to handle complaints about our products.
• to offer you different payment alternatives.
• to identify you and verify that you are over 16 years old.
• to improve your shopping experience and our services.
• to send promotional emails about new products, special offers, our news or other information that we think may be useful to you, using the email addresses you have provided to us.

3. What personal data do we collect?

Contact details:

• Name
• Last Name
• Address
• Email address
• Phone number
• Postal code

Account information:

• Name
• Last Name
• Address
• Email address
• Phone number
• Postal code
• Date of birth
• Gender
• City
• Country
• Username

Payment information and history

Order information

Purchase history

Delivery history

Activity log information

IP address

4. What is the legal basis for processing your data?

We process your personal data because it is necessary for:

• the execution of the goods sales contract
• our compliance with our legal obligations
• the pursuit of our legitimate interests

In general, we rely on your consent as a legal basis only for processing related to sending direct marketing messages via email. You have the right to withdraw your consent at any time. Where your consent is the only legal basis for processing, we will stop processing your data after its withdrawal.

5. How long do we keep your data?

We do not keep your data longer than necessary for the purposes specified in this Policy. Different retention periods apply to different types of data, however the maximum period we keep your personal data is 10 years.

6. Who has access to your personal data?

In order to provide you with certain services, we need to share your personal data with some of our partners. These include delivery, payment and marketing service providers. We will never transfer, sell, rent or exchange our customers' data to other organizations for marketing purposes. We may share your data with government organizations, regulatory bodies, law enforcement agencies, courts, banking institutions and insurers in cases where we are obliged to do so:

• to comply with our legal obligations.
• to exercise our legal rights.
• for the prevention, detection, investigation of crimes or prosecution of offenders.
• for the protection of our employees and customers.

7. Do we transfer your data outside the European Union?

In order to provide you with our products and services, it is sometimes necessary to transfer your data outside the European Union. This usually happens when our service provider partners are located outside the European Union or if you are outside the Union. These transfers are subject to special rules under data protection laws. If this happens, we ensure that the transfer will comply with data protection legislation and that all your personal data will be secure.

8. How do we protect your data?

We implement appropriate technical and organizational measures to ensure that your personal data is always protected and secure. Our security measures include data encryption, regular cyber security assessments from all service providers who may handle your personal data, security controls that protect our entire technological infrastructure from external attack and unauthorized access, and internal policies that define how to ensure the protection of your data and the training of our employees.

9. What are your rights?

Right of access:

You have the right to request information about the personal data we process at any time. You can contact us and we are willing to disclose your personal data to you via email.

Right of correction:

You have the right to request the correction of your personal data if it is incorrect.

Right of erasure ("right to be forgotten"):

You have the right to request the deletion of your personal data processed by our company at any time, unless there is a pending order that has not yet been shipped or you have any outstanding balance with us.

Right to restrict processing:

You have the right to request that we restrict processing when there is a specific reason for this (e.g. if you object to our legitimate interest or if your personal data is incorrect or if you think the processing is unlawful or if we no longer need it).

Right to data portability:

Whenever our company processes your personal data, you have the right to receive a copy of it in a structured, commonly used and machine-readable format, and to request that it be transferred to another party. This only includes the personal data that you have provided to us yourself.

Right to object to processing based on legitimate interest:

You have the right to object to the processing of your personal data based on our legitimate interest. We will not continue to process your personal data unless we can demonstrate legitimate grounds for processing that override your interests and rights or we have legal claims.

Right to object to direct marketing:

You have the right to object to direct marketing, including profiling done for direct commercial purposes. You have the option to opt out of direct marketing.

10. How can you exercise your rights?

If you wish to exercise any of the above rights, please contact us using our contact details or visit your personal account where you can change your data or unsubscribe. If you believe our company is processing your personal data incorrectly, please contact us.

11. Do we use cookies?

Our website uses cookies to collect information. The information includes details about browsing and purchasing behavior. More information is provided in the Cookies Policy.

12. Can we modify the privacy policy?

We reserve the right to update or change the Privacy Policy at any time. You should periodically check this Policy. The latest version of the Privacy Policy is always available on our website. We will notify you of any material changes to the Privacy Policy, for example if they concern the purpose for which we use your personal data, the identity of the data controller or your rights.

Contact Information

If you have any questions about how we use your personal data that were not answered here or if you want to exercise your rights regarding your personal data, send us an email at [email protected].