Our company website is designed to comply with the following national and international legislation regarding data protection and users’ privacy:
EU Data Protection Directive 1995 (DPD)
EU General Data Protection Regulation 2018 (GDPR)
Compliance of this website with the aforementioned legislation means that this website complies with the data protection and user privacy laws established in other countries and territories.
If you are unsure whether this site complies with your country’s data protection and privacy laws, you should contact your data protection officer (details can be found below) for clarification.
Personal information collected by this site and why we collect it
Our company website collects and uses personal information for the following reasons:
Track site visits
Like most websites, our company website uses Google Analytics (GA) to track user interaction.
We use this data to determine the number of people who use our site, to better understand how they find and use our web pages, and to see their journey through the site.
Although GA records data such as your geographical location, device, web browser, and operating system, none of this information identifies you personally.
GAs also record your computer’s IP address, which could be used for your personal identification, but Google does not give us access to it.
We believe that Google is a third party data processor.
Disabling cookies in the internet browser will prevent GA from tracking any part of your visit to pages of this website.
Contact and data submission forms
If you choose, contact us using the contact form on the page
Contact us or an email link like this, none of the data you provide will be stored on this site or transferred / processed by any third party data processor.
Instead, the data will be classified in an e-mail and sent to us via the SMTP (Simple Mail Transfer Protocol).
SMTP servers are protected by TLS (sometimes known as SSL), which means that e-mail content is encrypted using 256-bit SHA-2 encryption before it is sent over the Internet.
Email content is decrypted by local computers and devices.
“Recognizing the importance of the security of electronic payments, EveryPay is a licensed Payment Institution by the Bank of Greece (decision no. 280/3 / 23-7-2018 Government Gazette B 3010 / 25-7-2018), and manages data securely card payment transactions, in accordance with the regulatory framework of the card security management standard.
Everypay is certified according to the PCIDSS security standard. All Everypay services are provided through secure connections with 256 bit SSL certificates. EveryPay also supports the ability to use 3D Secure, an additional security feature for VISA & MasterCard.
The Payer will then have to enter his personal secret code, in order to successfully complete the transaction “
How we store your personal information:
For your browsing on the website of our company, the entry of your personal data is required, only in case you wish to contact us through the contact form through which you inform us of your contact details or as a customer of our online store.
Your personal information about your orders is stored as follows:
Maintaining inactive accounts / 1 year
Retention of pending orders / 2 months
Retention of incorrect orders / 2 weeks
Retention of canceled orders / 1 week
Retention of completed orders / 1 year
After these years, the data are automatically deleted from the database of our active online store.
Server information for this site:
This website is hosted by Onesmart Promotion on the Amazon / Digital Ocean Cloud network with technologies found in world-class datacenters.
Some of the most notable data center security features are:
Information Security Standard ISO 27001
PCI DSS Information Security Standard
All traffic (file transfer) between this site and your browser is encrypted and served via HTTPS only
The third party data processors we use:
We use a number of third parties to process our personal data. These have been carefully selected and all comply with the legislation set out in Section 2.0. Both of these third parties are domiciled in the US and are compatible with the EU-U.S Privacy Shield.
We will report any illegal data breach of this website or any third party data processing database to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that the personal data stored in an identifiable form has been stolen .
We will not explicitly notify our customers or users of the site of these changes.
Instead, we encourage you to periodically check this page for any policy changes.
Specific policy changes and updates are listed in the change log below.
Current Version 1.2 – 24.5.2018 (Change of privacy, European Legislation)