Body & Face

Privacy Policy

BEAUTY CENTER IN CORFU

Privacy Policy

“bodyandface.gr” treats your privacy and the processing of your personal data with respect, paying great attention and importance to the lawful processing, security and protection of your information.

 

To achieve this goal, this privacy notice is fully governed and complies with all the requirements of the national and European regulatory framework, including the 679/16 General Data Protection Regulation, of the European Parliament and of the Council, such as this hereinafter referred to as the “Regulation” or “GDPR”.

This Policy applies to the websites of  “bodyandface.gr” and its subdomains and its purpose is to inform you about the collection and processing of personal data that takes place during your interaction with it, as – indicatively and not restrictive – when browsing, communicating, shopping from the specially designed environment.

We would like to ask you to carefully read the terms of this Policy, always being at your disposal for any issue related to your personal data that may arise.

About us

bodyandface.gr, hereinafter referred to as “company” maintains the above mentioned online store (e-shop) bodyandface.gr and one  physical store in Corfu which host major brands from the field of high jewelry.

Our main concern is to feel safe every time you visit our e-shop or make your purchases through it, therefore we want to be completely clear and transparent about the personal data we collect, when and why we process them, if we pass them on to third parties, as well as what your rights are and how to exercise them.

 

Terms

In order to offer you a comfortable and secure shopping experience, below we simplify some legal terms introduced by the privacy regulatory framework:

Processor: the natural or legal person, public authority, service or other entity that determines the purposes and manner of processing personal data.

Personal Data: Any information relating to an identified or identifiable natural person (“data subject”).

Processing: Any operation or series of operations performed with or without the use of automated means, on personal data. Indicatively mentioned: collection, registration, storage, change, use, deletion or destruction.

Consent: any indication of will, free, specific, explicit and fully aware, by which the data subject (natural person) expresses agreement, with a statement or with a clear positive action, that his or her’s personal data be processed.

Regulation: GDPR, 679/16, GCC

Read more about the terminology on article 4 of GDPR (https://eur-lex.europa.eu/legalcontent/EL/TXT/HTML/?uri=CELEX:32016R0679&from=EL)

 

Processing Principles

bodyandface.gr, based in Corfu, Nikou Lefterioti 18,  Postal Code 49100  Greece, applies with respect the following principles in the processing and collection of your data, as required by the Regulation so that it becomes transparent, lawful and legitimate:

  • Legitimacy, objectivity, transparency
  • Limitation of purpose
  • Data minimization
  • Data accuracy
  • Limit storage period
  • Integrity and confidentiality

You can read more in detail about the principles governing the processing of your personal data in Article 5 of the Regulation

https://eur-lex.europa.eu/legal-content/EL/TXT/HTML/?uri=CELEX:32016R0679&from=EL#d1e1796-1-1

 

Cookies Policy

Cookies are small files that are stored on your device (computer / mobile / tablet, etc.) when you browse a website by the browser (browser) and are divided into many categories depending on their use for the For the purpose of this policy, we will divide them into two categories, the technically necessary or functional and the optional.

Technically necessary or functional are the cookies that the browser actually stores on the device so that it can access a website, such cookies are the preferred language, font size and other display preferences.

Necessary Cookies 

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

 

Cookie

Duration

Description

_GRECAPTCHA

5 months 27 days

This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.

cookielawinfo-checkbox-advertisement

1 year

Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the “Advertisement” category .

cookielawinfo-checkbox-analytics

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Analytics”.

cookielawinfo-checkbox-functional

11 months

The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category “Functional”.

cookielawinfo-checkbox-necessary

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category “Necessary”.

cookielawinfo-checkbox-others

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Other.

cookielawinfo-checkbox-performance

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Performance”.

viewed_cookie_policy

11 months

The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional Cookies

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

 

Cookie

Duration

Description

__fb_chat_plugin

never

This cookie is used to track the user’s interaction with facebook chat widget.

mailchimp_landing_site

1 month

The cookie is set by MailChimp to record which page the user first visited.

messaging_plugin_https:// bodyandface.gr/_102045592308431

never

This cookie is used by Facebook to enable its chat widget functionalities.

Performance Cookies

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

 

Analytical Cookies

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

 

Cookie

Duration

Description

_ga

2 years

The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.

_gat_gtag_UA_78234573_50

1 minute

Set by Google to distinguish users.

_gid

1 day

Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website’s performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

 

Advertisement Cookies

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

 

Optional include statistics and advertising cookies which are commonly used for web analytics and promotional purposes.

bodyandface.gr makes use of the technically necessary or functional Cookies but also other technologies by collecting information related to your activity during the visit of our online store, the browser that you used and your device, so that the website memorizes the actions and your preferences for a period of time and be able to provide you with a more user friendly service.

We use a cookie control system that allows you to accept, if you wish, the use of optional cookies and choose which of them you want to be installed on your device. In addition, your browser allows you to remove or reject cookies on your device through the browsing settings.

 

Device information: We may collect device information when you visit bodyandface.gr. If you are a registered user we may collect information about the device, useful for the provision of specialized services, such as:

Operating system and hardware version, browser type and IP address, how you went to our page, length of stay & pages displayed.

We are using Google Analytics on our service and when you are visiting our websites, we might receive certain information about you, as described below. We shall not send any e-mail advertising messages without your explicit consent. However, we might send you e-mail messages regarding your former contact with us about a service we provide or in case you will be requesting information from us about the performance of our service/contract.

 

What data we collect and why

We use the information we collect with your consent in order to perform our obligations from our contract, our obligations towards you, or to identify you during our contact, or to register you to our newsletter.

In the following table we analyze what personal data we collect, for what purpose and with what necessary legal basis:

Type of Personal Data

Purpose of Processing

Legal Basis

 

Name, surname and contact details

 

Delivery of products,
Send track order progress details

 

 

Execution of a Purchase Agreement

 

 

 

Name, surname and contact details

 

 

Contact, Information,
Promotions

 

 

Consent

 

Device information, web browser

 

Improve website experience and set default options

 

 

 

Legal interests of a company

 

Device information (such as number of visits, IP address, geography, location, website usage duration)

 

 

 

Statistical reasons and improvement of our website

 

 

 

Consent

     

 

It should be noted that any of the data marked as optional on our site, are posted at your choice, in order to be able to provide you with better services. Any personally identifiable information you choose to post on our sites or on the bodyandface.gr service, such as posting comments on our blog page (if this service is available), will be available to others. If you remove information that you have posted on bodyandface.gr websites, copies may remain visible on saved and archived pages of bodyandface.gr websites or if other users have copied or saved this information.
For more details on the legal bases you can refer to Articles 6 and 9 of the Rules of Procedure: https://eur-lex.europa.eu/legal-content/EL/TXT/HTML/?uri=CELEX:32016R0679&from=EL#d1e1887-1-1

How we process your data

The information we collect through bodyandface.gr can be stored and processed in Europe. If you are in the European Union or in the European Economic Area, we would like to inform you that we will not transfer information, included your personal data, to any country outside the EU or the European Economic Area. 

When processing your personal data we take care, applying strict security procedures to avoid accidental damage, destruction, disclosure to third parties without your consent or unauthorized access to them.

The computers with which we process your personal data are stored, have limited access and are fully updated with the necessary antivirus programs and firewalls to prevent any loss of information. If the data is to be transmitted to a third party, we require it to adopt similar measures to protect the personal data concerning you.

Access to personal data is provided only to persons who need the information to perform their duties under this policy. We may ask you to cooperate with our security checks before disclosing information to you.

 

Who do we share your data with:

In order to comply with the legal obligations arising from the contract between us for the sale of our products, we share your personal data with the following recipients:

  • Branches and branches or different entities of bodyandface.gr
  • Companies that will receive and execute your order such as payment service providers and shipping and delivery companies.
  • Professional service providers, such as messaging companies (sms)
  • Companies approved by you, such as social networking sites.

 

Period of retention of your personal data:

After using the e-shop:

We retain your personal information for as long as you maintain an active customer account at bodyandface.gr. The above data may remain available to us even after the expiration of your account, always based on the principle of proportionality and on the basis of the “absolute necessity of knowledge” for any compliance with legal or regulatory requirements, dispute resolution, or prevention fraud and abuse.

After using the contact form:

If you use the contact form of our website, we will retain the information you provide to us for as long as necessary but not more than two (2) years from the satisfaction of your request.

Job seeker communication

If you contact us in order to work in an entity of bodyandface.gr, we will keep your information for as long as it takes until the selection of a candidate and until the statute of limitations for legal claims of any kind.

Protection of minors

Our store is aimed at adult customers and therefore no processing of personal data of minors takes place. However, if minor users voluntarily visit our site, the site is not responsible. In any case, the services provided through the website can only be done by using a credit, debit card or Paypal account, in which case it is presumed that any purchase made by any minor is made under the supervision of a parent or guardian or trustee and with his / her consent.

What are your rights and how can you exercise them 

Your rights are the following. You can read more about your rights with details here.

  1. A) right to information: the involved party can be informed through the existing Personal Data Protection Policy and the Terms of Service about the collection, usage and processing of data by us.
  2. B) right to access: the involved party has the right to access the data we collect concerning his/her person, for as long as we store them. We face your access requests according to the GDPR (a month after your request has been made).
    C) right to correction: Our company permits the users correction, alteration, limitation of processing, addition or deletion of data and information given to our Company
    D) right to deletion: see above (C)
    E) right to limitation of processing: see above (C)
    F) right to portability
    G) right to objection and
    H) right to not subject your data to automated decision making, including alterations.

You have also the right to complain to the Hellenic Data Protection Authority (http://www.dpa.gr/), in case you sense that there is a problem concerning the way you handle your data.

Right to withdraw Consent

In the case of processing of your personal data which takes place with your consent, you reserve the right at any time to revoke it with future validity, without prejudice to the legality of the processing that took place before the revocation.

 

The exercise of the above rights can be done either by email at: or by phone at the contact number of our website. You can also send us a written letter to the address: Corfu, Nikou Lefterioti 18, Postal Code 49100  Greece.

 

Our store respects your rights and undertakes to respond to the above requests to exercise your rights, within one month of receipt, if further time is required the aforementioned deadline can be extended to 2 months.

 

Submitting an access request is free, however, depending on the personal information you request, we may charge an amount to cover the cost of providing the details of the information we have. We will inform you of the possibility of such charges upon receipt of your access request and we will await your confirmation of the completion of the process and payment of this amount.

 

For questions regarding the processing and security of your personal data or for a complaint of possible data breach you can contact our Company by email at: or by phone at the contact number of our website. You can also send us a written letter to the address: Corfu, Nikou Lefterioti 18,   Postal Code 49100  Greece.

Disclaimer of responsibility

While we attach great importance to the protection of your personal data and take reasonable steps to protect it from cyberattacks and other harmful actions, every user of the site acknowledges that the nature of the internet is such that sending information poses inherent security problems. bodyandface.gr cannot guarantee the security of data which does not fall under its control.

 

bodyandface.gr does not collect electronic financial data such as credit / debit card when submitting your order, instead transactions take place in a different environment belonging to a banking institution and for your information regarding the manner and Your data security should refer to your relevant data protection and privacy policy.

 

In addition, we point out that we can not guarantee the security of data, information, etc. which are circulated via e-mail (e-mail) and therefore we draw the attention of users so as not to send information and payment details via e-mail (e-mail).

 

In case of disclosure of financial data, such as in the case of telephone order, you provide us with your explicit consent to use them, exclusively for the repayment of this transaction, data which our company is not going to store.

 

According to the GDPR, with your explicit consent we may forward messages to any registrant to our newsletter or to our marketing correspondence list. We only collect a specific amount of data about your person, as it is described in detail in the relevant section above. Any emails we forward are realized so via an email marketing software service provider (EMS). An EMS provider is a third party software/application service company, which allows businesses to forward multiple emails to a specific list of users.

 

Our forwarded email marketing messages may contain links with search possibilities or relevant server technologies, in order to track the registrants activity to these marketing emails. Wherever they are used, these marketing messages may record a number of data, such us dates, addresses, IP addresses, clicks, forwards, geographical and demographical data. These data, within their limits, will show the registrant’s activity regarding this email campaign.

 

These forwarded emails are in accordance with the GDPR. We offer you an easy method to withdraw your consent (deletion) or to manage your preferences/ the information we store for you anytime. See inside the marketing emails for instructions concerning the deletion or the handling of your preferences. You may also cancel your subscription from all Moosend lists by following this link after contacting the provider of EMS.

 

We store the following data about your person in the EMS system: 

 

Email address
Name
Duration and date of subscription

Contact the Supervisory Authority

Staying at your disposal in order to jointly resolve any issues related to the use of your information, you always have the right to contact the competent supervisory authority in order to report a violation of your rights or a complaint.

Competent supervisory authority is the Personal Data Protection Authority, which is located at 1-3 Kifissias Street, in Athens, PC 11523, tel. 2106475600 and by e-mail address  

Update of this Policy

The Company may at any time and without notice, modify this Policy, an updated version of which will be available for reading posted at https://www.bodyandface.gr.

Users should check this page regularly to see if they agree to any changes to the terms herein.

bodyandface.gr can inform users of any changes by using the contact details, via email or text message (sms).

REGISTER